SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF contains numerous links related to 'free Robux' and hacking for the game Roblox, suggesting a lure for users seeking in-game advantages. The ML classifier flagged this PDF as malicious, and the presence of external URIs further supports a suspicious nature. The document body itself contains embedded URLs, reinforcing the phishing or malware download attempt.
Machine Learning
- Nyx PDF Classifier malicious score 0.8653
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/how-to-get-free-robux-yahoo-answers PDF link annotation
- http://lewishome.net/images/free-robux-real-2021-no-human-verification.pdf%0AIn PDF document text
- http://uctovnictvosnv.sk/images/roblox-ro-ghoul-hack-2021.pdf%0AIn PDF document text
- http://www.evaplast.by/images/free-animation-roblox-2021.pdf%0AIn PDF document text
- http://www.copoint.co.uk/images/guuud-info-robux-hack.pdf%0AIn PDF document text
- https://www.saisystem.it/images/hack-atravesar-paredes-roblox-2021-marzo.pdf%0AIn PDF document text
- https://www.albisser.ch/images/roblox-free-robux-obby-link.pdf%0AIn PDF document text
- http://www.inservis.cl/images/hack-roblox-accounts-2021.pdf%0AIn PDF document text
- http://www.fanciullovito.it/images/how-to-prevent-getting-hacked-on-roblox.pdf%0AIn PDF document text
- http://armatrutz.de/images/how-to-hack-roblox-death-zone-glitch.pdf%0AIn PDF document text
- http://ff-obertraun.at/images/skin-for-roblox-free.pdf%0AIn PDF document text
- http://agrao.in/images/roblox-hack-menu-2021.pdf%0AIn PDF document text
- https://pa-waingapu.go.id/images/free-hacking-for-roblox.pdf%0AIn PDF document text
- https://www.millatgears.com/images/roblox-top3k-free-model.pdf%0AIn PDF document text
- http://legs11.co.za/images/roblox-hack-add.pdf%0AIn PDF document text
- http://www.eurosan1.ba/images/how-to-buyt-any-item-for-free-roblox.pdf%0AIn PDF document text
- https://www.seeingindependence.org/images/how-to-get-free-clothes-in-the-catalog-on-roblox.pdf%0AIn PDF document text
- https://sdg-trade.com/images/roblox-hair-extensions-free.pdf%0AIn PDF document text
- http://kancelaria-legnica.eu/images/roblox-hacker-shirt-template.pdf%0AIn PDF document text
- http://www.actae.gr/images/free-robux-instantly-no-human-verification.pdf%0AIn PDF document text
- http://www.agri-tech.com.au/images/roblox-how-to-get-free-items.pdf%0AIn PDF document text
- https://www.mvp.co.nz/images/hack-denisdaily-roblox-account.pdf%0AIn PDF document text
- http://www.sapaengineering.kz/images/free-fast-money-robux.pdf%0AIn PDF document text
- http://www.hawler.in/images/free-boy-shirts-roblox.pdf%0AIn PDF document text
- https://www.foodsafety.cz/images/free-roblox-invitations-loadstrings-full-lua-free-no-virus.pdf%0AIn PDF document text
- https://socialvalue.gr/images/code-robux-free-2021.pdf%0AIn PDF document text
- http://www.gongoff.com/images/free-roblox-accounts-with-robux-august.pdf%0AIn PDF document text
- http://www.torvet11.dk/images/free-roblox-clothes-temp-downlode.pdf%0AIn PDF document text
- http://learningarabic.co.uk/images/well-hack-net-free-unlimited-robux-in-roblox.pdf%0AIn PDF document text
- http://www.remiauclair.fr/images/how-to-hack-roblox-jailbreak-2021.pdf%0AIn PDF document text
- http://baah.ca/images/fallout-plasma-rifle-free-roblox-model.pdf%0AIn PDF document text
- http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
- http://en.wikipedia.org/wiki/MIT_LicenseIn PDF document text
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off000032d8.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x32D8 | 19104 bytes |
SHA-256: 6b0d7bf200a6de28c83f0427298b07d88aa75baad19b3d2ae6ad645df98d00a2 |
|||
font_01_sfnt_off000059cc.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x59CC | 18424 bytes |
SHA-256: 6c40f9f6c7c64489cb749a7cef349b34a0c60651c34157b30ded45988c1e9467 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.