Malicious PDF — malware analysis report

Heuristics 5

• Clipboard command execution lure high SE_CLIPBOARD_COMMAND_LURE
  Document tells the user to copy or paste clipboard content into Run, PowerShell, cmd, or another shell-like execution context
• LOLBin token sequence in document text high SE_LOLBIN_RUN_COMMAND
  Extracted document text contains a Windows script/execution tool name (PowerShell, mshta, cmd, rundll32, regsvr32, …) within 220 characters of a dangerous flag, command verb, or URL. This is a visible 'run this' instruction in HTML/PDF/RTF lure bodies, or — in macro-laden Office files — the macro's own string-pool entries appearing adjacent in extracted text.
• Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
  Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://gaminggenerator.org/app/431946152/free-robux-patch PDF link annotation

  • http://garrisonjazz.com/images/how-do-you-hack-roblox-robux.pdfIn PDF document text
  • http://www.drent.se/images/free-walking-animation-for-roblox.pdfIn PDF document text
  • http://www.cuniv-naama.dz/images/cheat-boku-no-roblox.pdfIn PDF document text
  • http://www.copoint.co.uk/images/free-accounts-for-work-scam-roblox.pdfIn PDF document text
  • http://kids-academy.pl/images/wall-hack-csgo-roblox.pdfIn PDF document text
  • https://www.hbproducts.dk/images/how-to-speed-hack-on-roblox-with-out-shutdown.pdfIn PDF document text
  • http://bressanassessoria.com.br/images/free-robux-generator-2.pdfIn PDF document text
  • http://gbp-trabkiwielkie.pl/images/roblox-redeem-codes-2021-free.pdfIn PDF document text
  • http://bolsaycapital.com/images/free-dominus-roblox-catalog.pdfIn PDF document text
  • http://internetdeputy.com/images/roblox-pitch-black-shirt-free.pdfIn PDF document text
  • http://www.evaplast.by/images/blakberry-hack-roblox.pdfIn PDF document text
  • http://finalstand.org/images/how-to-hack-accounts-on-roblox-with-cmd.pdfIn PDF document text
  • https://www.manmed.info:443/images/free-robux-no-human-verification-generator.pdfIn PDF document text
  • https://www.cnte.org.br/images/roblox-cheats-cbro.pdfIn macro / runtime command snippet
  • https://www.ukrtrans.biz/images/roblox-noclip-jailbreak-hack.pdfIn macro / runtime command snippet
  • http://bilhetim.com.br/images/jj-hacks-roblox.pdfIn PDF document text
  • http://horsa18.ru/images/free-dumb-roblox-accounts.pdfIn PDF document text
  • http://www.marambio.com.ar/images/how-to-annoy-roblox-server-hack.pdfIn PDF document text
  • https://jdlgroup.ca/images/pet-simulator-roblox-hack.pdfIn PDF document text
  • https://www.dierenartsberghman.be/images/roblox-free-builders-club-hack-2021.pdfIn PDF document text
  • https://www.fenews.co.uk/images/how-to-get-free-clothes-on-roblox-without-bc-2021.pdfIn PDF document text
  • http://alexanderautos.co/images/free-robux-gift-card-codes-unused-2021.pdfIn PDF document text
  • http://www.evaplast.by/images/free-gift-cars-for-roblox.pdfIn PDF document text
  • https://www.devries-group.de/images/roblox-com-cheats-for-tix.pdfIn PDF document text
  • http://fotoflas.gr/images/how-to-get-a-roblox-hack.pdfIn PDF document text
  • http://nalmpantistractors.gr/images/free-auto-key-presser-for-roblox.pdfIn PDF document text
  • http://magistrinfo.ru/images/free-robux-promo-codes-2021-not-used.pdfIn PDF document text
  • http://pia2000.net/images/roblox-invisible-hack-download.pdfIn PDF document text
  • http://mycounty.com.ua/images/free-robux-generator-op.pdfIn PDF document text
  • https://www.udivadlahotel.cz/images/how-to-get-free-robux-using-cmd.pdfIn PDF document text
  • http://learningarabic.co.uk/images/can-i-hack-roblox.pdfIn PDF document text
  • http://www.htc.edu.au/images/ww-robux-hack-me.pdfIn PDF document text
  • http://www.eurosan1.ba/images/hack-roblox-espaol-elements.pdfIn PDF document text
  • http://www.pacoestrada.it/images/how-to-get-50-robux-free-2021.pdfIn PDF document text
  • http://ff-klaffenbach.de/images/how-to-get-roblox-for-free-on-xbox-one.pdfIn PDF document text
  • https://www.tsdb.com.au/images/skater-hacks-roblox.pdfIn PDF document text
  • https://www.dierenartsberghman.be/images/wearedevs-roblox-hack.pdfIn PDF document text
  • https://newenglandafs.com/images/roblox-account-hacker-apk.pdfIn PDF document text
  • https://www.audipec.com.br/images/free-pins-for-robux.pdfIn PDF document text
  • http://behsanroshd.com/images/how-to-get-robux-for-free-no-scam.pdfIn PDF document text
  • https://gabrieliassociati.com/images/free-bc-roblox-2021.pdfIn PDF document text
  • http://reggieslockandkey.com/images/free-candy-van-roblox-script.pdfIn PDF document text
  • https://www.flexcable.com/images/roblox-jailbreak-hack-noclip-zip-file-download.pdfIn PDF document text
  • http://kids-academy.pl/images/free-roblox-friends.pdfIn PDF document text
  • http://hemmet-strand.dk/images/free-robux-without-password-or-email.pdfIn PDF document text
  • http://wireprod.net/images/free-roblox-codes-hack.pdfIn PDF document text
  • http://iluvlocalplaces.com/images/how-to-get-btools-in-roblox-2021-no-hack.pdfIn PDF document text
  • http://cdescolapios.org/images/cheat-engine-roblox-infinite-health.pdfIn PDF document text
  • http://caraless.com/images/roblox-police-car-free.pdfIn PDF document text

  +9 more URL(s)

Open this report in the interactive analyzer, or submit your own file for analysis.