SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1203 Exploitation for Client Execution
The PDF document contains numerous URLs related to Roblox hacks and generators, suggesting a lure to download potentially malicious content. The ML classifier also flagged this PDF as malicious with a high probability. The presence of external URIs and the overall theme indicate an attempt to trick users into executing further malicious code, likely through a downloaded payload.
Machine Learning
- Nyx PDF Classifier malicious score 0.9725
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/army-tycoon-hack-roblox PDF link annotation
- https://verdensbarn.no/images/roblox-guest-0-hack.pdfIn PDF document text
- https://www.foodsafety.cz/images/games-cheat-engine-works-roblox.pdfIn PDF document text
- https://www.cpnf.ch/images/free-roblox-hacks-for-jailbreak-2021.pdfIn PDF document text
- http://www.sapaengineering.kz/images/hack-roblox-robux-generator.pdfIn PDF document text
- http://www.zdravazena.sk/images/hacking-simulator-roblox.pdfIn PDF document text
- http://www.lycee-langevin-wallon.com/images/youtube-free-robux-legit.pdfIn PDF document text
- http://www.brtes.com/images/roblox-how-to-customize-your-character-for-free.pdfIn PDF document text
- http://legs11.co.za/images/free-robux-without-human-verification-ios.pdfIn PDF document text
- http://www.maakherumusic.net/images/roblox-robux-hack-generator-no-download.pdfIn PDF document text
- https://tokunfome.com.br/images/how-to-get-free-clothes-in-the-catalog-on-roblox.pdfIn PDF document text
- https://technospektr.com.ua/images/10-000-robux-for-free.pdfIn PDF document text
- https://www.saisystem.it/images/vdeos-de-los-mejores-hackers-que-hackean-cuentas-en-roblox.pdfIn PDF document text
- http://www.evaplast.by/images/cheat-codes-for-tower-battle-simulater-in-roblox.pdfIn PDF document text
- http://kids-academy.pl/images/comment-cheater-sur-roblox.pdfIn PDF document text
- http://www.remiauclair.fr/images/roblox-speed-hack-download-2021.pdfIn PDF document text
- http://parkinsononline.com/images/free-ship-code-roblox.pdfIn PDF document text
- https://gzog.pl/images/wild-and-free-serena-ryder-id-code-roblox.pdfIn PDF document text
- http://www.eaapiaria.es/images/how-to-get-free-robux-clothes.pdfIn PDF document text
- https://www.iadh.bi/images/i-dont-feel-so-good-sim-hack-roblox.pdfIn PDF document text
- https://socialvalue.gr/images/how-do-you-get-free-skins-in-roblox.pdfIn PDF document text
- http://poltekkeskhjogja.ac.id/images/how-to-hack-roblox-games-2021.pdfIn PDF document text
- https://tokunfome.com.br/images/free-shirts-on-roblox-2021.pdfIn PDF document text
- http://zarinnameh.ir/images/how-to-hack-roblox-group-ranks.pdfIn PDF document text
- https://www.stkdb.cz/images/roblox-cheat-codes-no-phone.pdfIn PDF document text
- https://www.abrapppe.org.br/images/roblox-hacks-download-pc.pdfIn PDF document text
- https://www.wildpark-johannismuehle.de/images/roblox-hack-exploit-jailbreak-gui-hack-working.pdfIn PDF document text
- https://meltonschool.org/images/free-roblox-hair-not-model.pdfIn PDF document text
- https://www.saisystem.it/images/how-hack-in-roblox-with-bad-words.pdfIn PDF document text
- https://www.saisystem.it/images/how-to-get-free-robux-easy-way.pdfIn PDF document text
- http://www.web.stc-part.co.th/images/how-to-get-100-robux-for-free-2021.pdfIn PDF document text
- http://en.wikipedia.org/wiki/MIT_LicenseIn PDF document text
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00003335.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x3335 | 19392 bytes |
SHA-256: ba8d6d100a4a00264eb02a019870c3016f749f5ce5ff47c8c66684d414950909 |
|||
font_01_sfnt_off00005b17.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x5B17 | 18028 bytes |
SHA-256: 361173c891648edc3cd302aa4f53032989d6eef94ed2a96cd140a964a3f628c3 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.