SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF document was flagged as suspicious by an ML classifier. The file presents a deceptive download button. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.6193
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/hacking-peoples-account-on-roblox PDF link annotation
- http://huananhai.net/images/comment-hacker-un-roblox.pdfIn PDF document text
- http://www.copoint.co.uk/images/marshmello-t-shirt-roblox-free.pdfIn PDF document text
- http://www.sabbiadoro.net/images/skyline-hacks-for-roblox.pdfIn PDF document text
- http://aeroclub-kaernten.at/images/sistem48-hack-roblox.pdfIn PDF document text
- https://kldcardio.ru/images/are-there-any-free-sword-on-roblox.pdfIn PDF document text
- http://force-seniorklub.dk/images/hack-work-on-roblox-2021.pdfIn PDF document text
- http://www.lionel-seppoloni.fr/images/how-to-quickly-get-80-robux-free.pdfIn PDF document text
- https://hekl-software.de/images/hacks-for-pet-ranch-roblox.pdfIn PDF document text
- http://www.sapaengineering.kz/images/how-to-hack-roblox-robux-pc.pdfIn PDF document text
- https://www.ausecus.com/images/i-roblox-beeing-hacked.pdfIn PDF document text
- http://www.hotelcomelico.it/images/free-roblox-cards-youtube.pdfIn PDF document text
- https://ballaratcaravans.com.au/images/free-robux-only-working-today.pdfIn PDF document text
- http://www.evaplast.by/images/roblox-cheat-engine-2021.pdfIn PDF document text
- http://www.brtes.com/images/app-hack-online-robux.pdfIn PDF document text
- http://finalstand.org/images/how-to-hack-into-a-lost-roblox-account-2021.pdfIn PDF document text
- https://consorziocsa-asicaivano.it/images/roblox-flood-escape-2-ctrl-tp-hack.pdfIn PDF document text
- http://www.nielsen2u.dk/images/free-roblox-inventory-code.pdfIn PDF document text
- https://www.cpnf.ch/images/free-apps-like-roblox.pdfIn PDF document text
- http://bvmg.nl/images/i-hacked-roblox-account.pdfIn PDF document text
- http://www.web.stc-part.co.th/images/free-robuxes.pdfIn PDF document text
- http://goosesscuba.com/images/roblox-jeff-the-killer-shirt-free.pdfIn PDF document text
- http://apostolosandreaslemesou.com/images/roblox-phantom-forces-cheats-2021.pdfIn PDF document text
- https://www.beaufortcollege.ie/images/robux-hack-joining-groups-2021.pdfIn PDF document text
- http://stpc.it/images/how-to-hack-every-game-in-roblox.pdfIn PDF document text
- https://www.cosmosdawn.net/images/roblox-jailbreak-speed-hack-download.pdfIn PDF document text
- http://www.awakeningtruth.org/images/roblox-events-free-robux.pdfIn PDF document text
- http://fradiomas.com/images/get-robux-easily-free.pdfIn PDF document text
- http://www.conservatoriolecce.it/images/free-robux-kids-hack.pdfIn PDF document text
- http://www.maakherumusic.net/images/how-to-get-free-robux-2021-easy.pdfIn PDF document text
- https://ai-appenzell.ch/images/5-games-that-give-out-free-robux.pdfIn PDF document text
- http://www.lascalamilanowallcovering.it/images/poste-eybens-free-robux.pdfIn PDF document text
- http://bilhetim.com.br/images/roblox-mod-apk-hack.pdfIn PDF document text
- http://www.sapaengineering.kz/images/murder-island-cheat-roblox.pdfIn PDF document text
- https://gabrieliassociati.com/images/admin-free-robux-code.pdfIn PDF document text
- http://lcs-schlieben.de/images/roblox-free-robux-real.pdfIn PDF document text
- https://www.dierenartsberghman.be/images/free-roblox-jump-exploiut.pdfIn PDF document text
- http://seniornetwanganui.org.nz/images/robux-gratis-2021-sin-hacks.pdfIn PDF document text
- http://www.pcclawyers.com.au/images/free-robux-codes-no-download-no-survey.pdfIn PDF document text
- http://paro.net.ua/images/how-to-hack-into-a-group-on-roblox.pdfIn PDF document text
- http://www.mjclautrec.fr/images/roblox-robux-hack-online-generator-tool.pdfIn PDF document text
- http://wireprod.net/images/robux-hack-site.pdfIn PDF document text
- https://www.air-shop.cz/images/roblox-inf-health-hack.pdfIn PDF document text
- https://www.porthos.it/images/afraid-of-old-roblox-account-being-hacked.pdfIn PDF document text
- http://racunari.in.rs/images/comment-hacker-roblox-avec-cheat-engine.pdfIn PDF document text
- https://www.iadh.bi/images/roblox-speed-hack-script.pdfIn PDF document text
- http://echosvoix.ch/images/free-song-codes-for-roblox.pdfIn PDF document text
- http://yochin.org.tw/images/free-robux-generator-no-survey-no-offers.pdfIn PDF document text
- http://massimocarpegna.com/images/free-roblox-accounts-rich-2021.pdfIn PDF document text
- https://www.wildpark-johannismuehle.de/images/jailbreak-hacks-for-roblox-projec-alph.pdfIn PDF document text
+12 more URL(s)
Extracted artifacts 3
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off0000818a.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x818A | 27536 bytes |
SHA-256: d3b5f38cc726cc011f5cda33c47e0f928900d4ac05e9fc23b63bd80721e5e31b |
|||
font_01_sfnt_off0000bf95.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xBF95 | 2832 bytes |
SHA-256: 77ae1c4cffa647a8fd533dfa4102e94364989f9e80b9cd131876e9d1005899a2 |
|||
font_02_sfnt_off0000c946.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xC946 | 18732 bytes |
SHA-256: f38e280bd8e9e376ef74c5e003a68bc0b1f0ba98907b4a4d6ca98ff5921538d9 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.