MALICIOUS
72
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The file is identified as malicious by ClamAV with a specific phishing signature related to Roblox. It contains an embedded URI pointing to a site offering a 'Bit Slicer Roblox Infinity Jump Hack', which is a common lure for phishing or malware distribution. The presence of numerous other PDF files related to Roblox cheats and hacks further supports the phishing and malware distribution intent.
Machine Learning
- Nyx PDF Classifier suspicious score 0.3043
Heuristics 4
-
ClamAV: Pdf.Phishing.Roblox062100-9873116-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Roblox062100-9873116-0
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/bit-slicer-roblox-infinity-jump-hack
- http://musical-arts.de/images/free-roblox-accounts-made-50-days-old.pdf
- https://yarburservices.ru/images/roblox-robux-hack-tool-no-survey.pdf
- https://estalagemmonteverde.com.br/images/hack-no-problem-with-download-roblox.pdf
- http://arch-centr.ru/images/roblox-nike-free-auttaucollant.pdf
- http://asiashop-france.fr/images/broken-bones-roblox-cheats.pdf
- http://malichy.pl/images/cheat-codes-for-tuber-simulator-roblox.pdf
- https://reggieslockandkey.com/images/free-reedeem-codes-roblox.pdf
- https://gestionpatrimonial.net/images/www-free-robux-partycom.pdf
- http://businessfit.com/images/roblox-plane-free.pdf
- http://technologicalsc.com/images/roblox-murder-mystery-2-hack-exploit.pdf
- http://lanoblaie.fr/images/roblox-hack-strucid.pdf
- http://ferienwohnung-walker.de/images/free-robux-icu.pdf
- http://www.drent.se/images/hacked-my-instagram-roblox-id.pdf
- https://www.hbproducts.dk/images/free-robux-t.pdf
- http://linde-erbach.de/images/roblox-alone-hack-script.pdf
- http://www.lascalamilanowallcovering.it/images/roblox-hack-account-real.pdf
- https://bapalaye.org/images/free-roblox-stuff-2021.pdf
- http://www.gadanie.lv/images/roblox-health-hack-cheat-engine.pdf
- https://www.stkdb.cz/images/cheat-roblox-2021-btools.pdf
- http://www.prylfabriken.se/images/how-to-get-free-hair-roblox.pdf
- https://arcasict.nl/images/how-to-hack-roblox-prison-life-v2-02.pdf
- http://soma.com.ua/images/hacking-roblox-zombie.pdf
- http://www.cosver.nl/images/roblox-robux-hackercom.pdf
- http://evro-okna.net/images/robux-hack-download-app.pdf
- http://daksz.hu/images/cheats-for-rake-classic-edition-roblox.pdf
- http://cadcam.no/images/best-free-roblox-schirts.pdf
- http://centuriatus.com/images/roblox-how-to-hack-gravity-with-cheat-engine.pdf
- https://newenglandafs.com/images/turtle-roblox-hack.pdf
- https://www.fhccu.com/images/make-your-own-roblox-shirt-free.pdf
- http://www.arredifunebri.com/images/free-robux-computer-only.pdf
- http://en.wikipedia.org/wiki/MIT_License
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00037c4f.bin153d255e296d945efc27c22233d33655fb751e0b358961440589778c15fec8bd |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x37C4F | 24188 bytes |
font_01_sfnt_off0003b248.binc18a86325dd8dd1d452a1cdca468ab63d995768214d15deac43a1facc14137fc |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x3B248 | 19020 bytes |
Open this report in the interactive analyzer, or submit your own file for analysis.