SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF document was flagged as suspicious by an ML classifier. The file presents a deceptive download button. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.7417
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/roblox-mm2-cheats PDF link annotation
- http://colegioluisamigo.cl/images/bot-group-hack-roblox.pdfIn PDF document text
- http://www.visiblefilm.com/images/roblox-ripull-hacking.pdfIn PDF document text
- https://gomsa.nl/images/roblox-hack-apk-mod.pdfIn PDF document text
- http://moralcenter.or.th/images/free-robux-hack-promo-codes.pdfIn PDF document text
- http://www.sapaengineering.kz/images/live-free-roblox-card.pdfIn PDF document text
- http://rushxpress.de/images/who-is-the-best-hacker-in-roblox.pdfIn PDF document text
- http://www.boic.nl/images/how-to-hack-roblox-for-robux-2021.pdfIn PDF document text
- http://apostolosandreaslemesou.com/images/roblox-booga-booga-mojo-hack-weardevs.pdfIn PDF document text
- https://www.audipec.com.br/images/roblox-com-free.pdfIn PDF document text
- http://www.herbasacra.gr/images/roblox-speed-boats-free.pdfIn PDF document text
- http://www.vktzunami.cz/images/hack-para-roblox-mathdrive-jailbreak.pdfIn PDF document text
- http://zarinnameh.ir/images/how-to-make-free-shirts-on-roblox-with-asset-downloader.pdfIn PDF document text
- http://mydevice.com.au/images/tradelands-roblox-hack.pdfIn PDF document text
- http://halal-center.ru/images/roblox-jailbreak-unlimited-free-money-hack.pdfIn PDF document text
- http://ferienhaus-summt.de/images/outfit-code-free-garcon-roblox.pdfIn PDF document text
- https://www.yewtreealpacas.co.uk/images/como-hackear-cuenta-de-roblox-facil.pdfIn PDF document text
- http://www.gongoff.com/images/roblox-robux-free-codes-2021.pdfIn PDF document text
- http://telecomworld.pl/images/free-robux-admin.pdfIn PDF document text
- http://beagles-of-harmony.de/images/xbox-john-roblox-free.pdfIn PDF document text
- https://pa-waingapu.go.id/images/roblox-vip-hack-fashion.pdfIn PDF document text
- https://esl.ipb.ac.id/images/robux-free-robux-robux-robux-robux-robux-robux-robux.pdfIn PDF document text
- http://www.zdravazena.sk/images/roblox-is-there-a-way-to-get-free-robux.pdfIn PDF document text
- https://verdensbarn.no/images/free-gears-on-roblox.pdfIn PDF document text
- https://www.audev.com/images/avatar-hacker-en-roblox.pdfIn PDF document text
- http://www.rezbb.sk/images/roblox-cheat-2021.pdfIn PDF document text
- http://ghegamethu.vn/images/how-to-get-free-robux-not-clickbait.pdfIn PDF document text
- https://belixconstructions.com.au/images/all-free-robux-promo-codes.pdfIn PDF document text
- https://beejekorf.nl/images/how-to-get-the-green-dragon-wings-roblox-for-free.pdfIn PDF document text
- http://pdapanache.com/images/roblox-game-guide-tips-hacks-cheats-mods-apk-download.pdfIn PDF document text
- http://seniornetwanganui.org.nz/images/how-to-get-stuffes-for-free-in-roblox.pdfIn PDF document text
- http://www.gadanie.lv/images/roblox-cheating-youtube.pdfIn PDF document text
- https://camillesplace.org/images/how-to-get-it-free-robux.pdfIn PDF document text
- http://salantiskis.lt/images/hack-de-game-pass-para-horse-world-roblox.pdfIn PDF document text
- https://ballaratcaravans.com.au/images/apocylopse-rising-roblox-hacks.pdfIn PDF document text
- http://www.mikramarine.gr/images/robux-hack-no-survey-no-verification-2021.pdfIn PDF document text
- http://adues.org/images/adopt-me-roblox-hack-gui-trolling.pdfIn PDF document text
- http://intrasservices.com/images/site-hack-roblox.pdfIn PDF document text
- https://verdensbarn.no/images/roblox-counter-blox-roblox-offensive-hacks-very-op.pdfIn PDF document text
- http://arthakranti.org/images/how-do-i-get-free-robux-on-my-ipad.pdfIn PDF document text
- http://www.adravietnam.org/images/roblox-spiel-free-robux-generator.pdfIn PDF document text
- http://serviio.org/images/prisonbreak16-hack-script-roblox.pdfIn PDF document text
- http://killebergsridsport.se/images/roblox-hack-jhon-doe.pdfIn PDF document text
- https://itv-grabungen.de/images/notoriety-roblox-cheats.pdfIn PDF document text
- https://www.u-pin-it.com/images/roblox-all-free-items-list.pdfIn PDF document text
- http://canadatowers.com/images/daniel-refu10-free-gift-card-roblox.pdfIn PDF document text
- http://www.gadanie.lv/images/roblox-noclip-cheat.pdfIn PDF document text
- http://fotoclub3b.it/images/roblox-hacks-no-virus.pdfIn PDF document text
- http://www.awakeningtruth.org/images/evil-face-roblox-free.pdfIn PDF document text
- http://lepatrimoinedesvallees.fr/images/how-to-get-a-hacked-account-on-roblox.pdfIn PDF document text
+13 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_004_off000086dc.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x86DC | 28436 bytes |
SHA-256: 1cdcef9f4aa2513a67cde0f15aa48a0c68550ce05a2099ae667aef20a22b9d18 |
|||
font_01_sfnt_off0000c683.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xC683 | 18128 bytes |
SHA-256: 884bef3abce96cfcb44f734d82e9cb44766f2e548b8fb54c26bdcb92fac45841 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.