SUSPICIOUS
50
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF document was flagged as suspicious by an ML classifier. It uses an urgency-based lure. The file presents a deceptive download button. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.7795
Heuristics 4
-
Urgency / deadline lure low SE_URGENCY_LUREDocument contains urgency or deadline language ('account will be terminated', 'action required within 24 hours', etc.) — useful context, but low-signal without other findings
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/free-roblox-accounts-2021-pastebin PDF link annotation
- https://www.manisoft.ir/images/clothes-for-free-online-roblox.pdfIn PDF document text
- http://salantiskis.lt/images/robux-cheats-2021.pdfIn PDF document text
- https://www.audipec.com.br/images/free-robux-no-human-verification-not-fake.pdfIn PDF document text
- https://letturatarghe.it/images/roblox-jojo-project-cheat.pdfIn PDF document text
- https://www.abrapppe.org.br/images/what-are-some-cheat-codes-for-destruction-simulator-roblox-codes.pdfIn PDF document text
- https://willifox.com/images/robux-hack-on-phone.pdfIn PDF document text
- http://bodyguardsecurityservices.com.au/images/hacking-simulator-game-roblox.pdfIn PDF document text
- http://www.adravietnam.org/images/how-to-hack-in-roblox-walk-through-walls.pdfIn PDF document text
- http://www.likto.eu/images/hack-para-roblox-phantom-forces.pdfIn PDF document text
- https://www.academiaanticorrupcion.org/images/free-roblox-clothes-mobile.pdfIn PDF document text
- http://sfsbm.org/images/free-robux-for-real-without-email-needed.pdfIn PDF document text
- https://ghpa.ru/images/roblox-dungeon-quest-free-account.pdfIn PDF document text
- http://vipservice-bg.com/images/games-to-play-free-no-membership-on-roblox.pdfIn PDF document text
- https://accord.kiev.ua/images/how-to-hack-assassin-boxes-roblox-2021.pdfIn PDF document text
- http://zarinnameh.ir/images/roblox-synapse-strucid-2021-august-hack.pdfIn PDF document text
- http://gops.pruszczgdanski.pl/images/i-got-hacked-but-i-want-my-account-back-roblox.pdfIn PDF document text
- https://reggieslockandkey.com/images/wwe-roblox-hack.pdfIn PDF document text
- http://www.htc.edu.au/images/cheat-roblox-nate.pdfIn PDF document text
- https://www.arquetopia.org/images/free-robux-no-human-verify.pdfIn PDF document text
- http://reisebild.eu/images/how-to-hack-accounts-on-roblox-for-free.pdfIn PDF document text
- https://eleganceautospa.ca/images/roblox-skywars-fly-hack-2021.pdfIn PDF document text
- http://www.barsa.it/images/11-4-2021-roblox-hack.pdfIn PDF document text
- http://jackson-pr.com/images/f-free-robux.pdfIn PDF document text
- http://altc.de/images/roblox-rtd-awakening-cheats.pdfIn PDF document text
- http://prohsa.com/images/how-to-draw-roblox-hacker.pdfIn PDF document text
- http://www.actae.gr/images/how-to-hack-in-roblox-on-ipad.pdfIn PDF document text
- http://dottgagliardi.com/images/roblox-eat-or-diy-game-hack.pdfIn PDF document text
- http://learningarabic.co.uk/images/how-to-get-free-accessories-on-roblox-2021.pdfIn PDF document text
- http://sbm-nn.ru/images/roblox-free-r-obux.pdfIn PDF document text
- http://hemmet-strand.dk/images/adopt-me-hack-roblox.pdfIn PDF document text
- http://egorplitka.ru/images/how-to-hack-a-roblox-account-easy-2021.pdfIn PDF document text
- http://safwafurniture.com/images/free-script-injector-roblox.pdfIn PDF document text
- http://www.cosver.nl/images/roblox-f3x-hack.pdfIn PDF document text
- https://www.tsdb.com.au/images/roblox-tycoon-money-hack-2021.pdfIn PDF document text
- https://www.coriglianocalabro.it/images/how-to-hack-into-any-roblox-account-2021.pdfIn PDF document text
- http://schrichte.de/images/hacks-for-roblox-bee-swarm-simulator.pdfIn PDF document text
- http://nosocomium.rv.ua/images/join-group-and-get-free-robux.pdfIn PDF document text
- http://beagles-of-harmony.de/images/hacks-code-to-run-in-roblox.pdfIn PDF document text
- http://indotec.fr/images/free-robux-without-password.pdfIn PDF document text
- https://www.najeebqasmi.com/images/roblox-hack-exploit-windows-10.pdfIn PDF document text
- http://amtabor2.at/images/roblox-super-jump-hack-cheat-engine.pdfIn PDF document text
- http://bned-leader.co.uk/images/roblox-free-robux-free-hack.pdfIn PDF document text
- http://columbuscigar.com/images/roblox-whatever-floats-your-boat-level-hack.pdfIn PDF document text
- http://finettifrs.it/images/hacks-para-roblox-sin-ijectores.pdfIn PDF document text
- http://daksz.hu/images/how-to-get-robux-free-quik.pdfIn PDF document text
- http://www.gadanie.lv/images/free-gifts-roblox.pdfIn PDF document text
- http://dermaceutic.co.uk/images/meep-city-roblox-hack.pdfIn PDF document text
- http://www.lascalamilanowallcovering.it/images/roblox-exploit-cheat-engine.pdfIn PDF document text
- https://www.udivadlahotel.cz/images/hhttp-free-robuxwin.pdfIn PDF document text
+12 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00007fa3.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x7FA3 | 24864 bytes |
SHA-256: 9c0a0d09a19fd7ab200e297dfe82fc8f460151745f60b8839f01eda26c6a3b4b |
|||
font_01_sfnt_off0000b836.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xB836 | 18820 bytes |
SHA-256: 3ac1a6e0f41dd467b97cd140a2901298e76c852f62dc3f3cad455717fedd06b9 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.