SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF document was flagged as suspicious by an ML classifier. The file presents a deceptive download button. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.9434
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/best-free-survival-games-on-roblox PDF link annotation
- https://accord.kiev.ua/images/g-eazy-freid-rice-roblox-id.pdfIn PDF document text
- http://www.vktzunami.cz/images/free-steam-codes-no-survey-robux.pdfIn PDF document text
- https://www.abrapppe.org.br/images/roblox-cheat-with-fake-paypal-checkout.pdfIn PDF document text
- http://www.tamogatoweb.hu/images/how-to-hack-to-get-robux-on-roblox.pdfIn PDF document text
- https://www.lavigny.ch/images/get-free-robux-on-roblox-2021-november.pdfIn PDF document text
- http://www.eurologistiki.gr/images/how-to-hack-someones-roblox-account-2021.pdfIn PDF document text
- http://www.vktzunami.cz/images/hacks-para-db-rage-roblox.pdfIn PDF document text
- http://uctovnictvosnv.sk/images/how-to-get-money-for-free-on-roblox.pdfIn PDF document text
- https://www.cnte.org.br/images/roblox-codes-cheats.pdfIn PDF document text
- https://www.seeingindependence.org/images/how-to-hack-roblox-accounts-2021.pdfIn PDF document text
- https://www.abrapppe.org.br/images/hack-de-dinero-para-jailbreak-roblox-noviembre.pdfIn PDF document text
- http://pa-tanjungselor.go.id/images/roblox-hack-de-robux-version-2335202112.pdfIn PDF document text
- http://portal.crfsp.org.br/images/roblox-dinosaur-simulator-hack-2021.pdfIn PDF document text
- https://verdensbarn.no/images/how-do-you-hack-roblox-to-have-sex.pdfIn PDF document text
- http://bkd1.balikpapan.go.id/images/how-to-get-free-robux-without-paying-any-money.pdfIn PDF document text
- https://www.lomrad.go.th/images/roblox-cheat-exploit-juillet-2021-for-car-crusher-2-free.pdfIn PDF document text
- http://aeroclub-kaernten.at/images/free-roblox-com-passwords.pdfIn PDF document text
- https://www.u-pin-it.com/images/how-to-customize-roblox-avatar-for-free.pdfIn PDF document text
- http://www.ntc.edu.za/images/how-to-hack-in-any-game-on-roblox.pdfIn PDF document text
- http://www.anies.eu/images/roblox-free-items-list.pdfIn PDF document text
- http://ns1.radiofacil.net/images/hack-atravesar-paredes-en-roblox.pdfIn PDF document text
- http://www.lovecraftiana.com.ar/images/free-robux-hack-generator-no-verification.pdfIn PDF document text
- http://cosver.eu/images/roblox-scripts-free.pdfIn PDF document text
- http://hemmet-strand.dk/images/free-robux-fake-name.pdfIn PDF document text
- http://www.torvet11.dk/images/como-hackear-una-cuenta-de-roblox.pdfIn PDF document text
- http://salantiskis.lt/images/roblox-money-hack-apk.pdfIn PDF document text
- https://www.hotschool.com.au/images/get-a-roblox-account-wiyh-robux-free.pdfIn PDF document text
- http://www.occquimica.com.br/images/roblox-recover-hacked-account-no-email.pdfIn PDF document text
- http://www.pcclawyers.com.au/images/free-pdf-colouring-page-of-roblox-characters.pdfIn PDF document text
- http://kruiz21.ru/images/how-to-get-free-builders-club-on-roblox-mobile.pdfIn PDF document text
- https://corbo.ru/images/how-to-get-free-roblox-gear-2021.pdfIn PDF document text
- http://www.jureclomas.com.ar/images/how-to-get-free-robux-on-roblox-on-ipad-2021.pdfIn PDF document text
- http://www.eaapiaria.es/images/roblox-how-to-get-any-gamepass-for-free-2021.pdfIn PDF document text
- http://sscclc.edu.ec/images/roblox-adopt-me-how-to-get-free-bucks.pdfIn PDF document text
- http://www.sapaengineering.kz/images/robux-club-free.pdfIn PDF document text
- http://www.anies.eu/images/hack-account-roblox-with-link.pdfIn PDF document text
- http://www.nielsen2u.dk/images/how-to-get-free-robux-in-roblox-2021-easy.pdfIn PDF document text
- http://www.boic.nl/images/hacks-para-roblox-2021-banear-robux-infinitos.pdfIn PDF document text
- https://estalagemmonteverde.com.br/images/games-that-have-free-robux.pdfIn PDF document text
- https://www.cpnf.ch/images/roblox-script-executor-free-download-2021.pdfIn PDF document text
- http://agrao.in/images/prison-breaker-roblox-hacks.pdfIn PDF document text
- https://www.abrapppe.org.br/images/roblox-lost-hacks.pdfIn PDF document text
- http://www.agri-tech.com.au/images/roblox-how-to-sign-up-on-cheat-buddys-website.pdfIn PDF document text
- http://www.eurosan1.ba/images/roblox-northern-frontier-how-to-hack-pounds.pdfIn PDF document text
- https://technospektr.com.ua/images/cheats-in-wolves-life-3-roblox.pdfIn PDF document text
- https://www.utalii.ac.ke/images/roblox-parkour-hack-2021.pdfIn PDF document text
- http://www.lycee-langevin-wallon.com/images/how-to-get-free-robux-no-survey-2021.pdfIn PDF document text
- https://www.ghknights.org/images/sistem48-hack-roblox.pdfIn PDF document text
- http://www.fluidtech.hu/images/how-to-hack-a-roblox-account-with-hashes.pdfIn PDF document text
+2 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00005a0b.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x5A0B | 23128 bytes |
SHA-256: 24e814931d10de5dbbd66ce35c6c95b45ace43c0fe2d7c2ddf037475cb0119b6 |
|||
font_01_sfnt_off00008e49.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x8E49 | 18500 bytes |
SHA-256: bd4a861ecabc992ad319103a6c104fda96bcf9f6b239418a9c31dcc493b4c6fc |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.