MALICIOUS
82
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1059.007 JavaScript
This PDF document was flagged as malicious by an ML classifier. The file routes users through malicious redirector infrastructure and presents a deceptive download button. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.6397
Heuristics 4
-
PDF links to a 'free generator / game hack' redirector high PDF_GAME_HACK_REDIRECT_LUREPDF's clickable action targets a redirector of the form /app/<id>/<slug>-game-hack — the landing-page shape of a large SEO 'free spins / generator / game hack' lure family that funnels victims through rotating disposable hosts to a malware/scam payload. The multi-link variants also trip ML/link-farm rules; this catches the single-link variants that otherwise score clean.
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://enigmagenerator.com/app/431946152/roblox-game-hack PDF link annotation
- http://kita-sunshine.de/images/hack-cheats-for-roblox.pdfIn PDF document text
- http://www.mikramarine.gr/images/free-robux-no-human-verification-or-survey-2021-safe-website.pdfIn PDF document text
- http://www.eurologistiki.gr/images/how-to-install-wearedevs-hack-roblox.pdfIn PDF document text
- http://zercalo.org/images/project-alpha-5-hack-roblox.pdfIn PDF document text
- http://www.mosaikshop.at/images/free-hack-roblox-download.pdfIn PDF document text
- http://pa-tanjungselor.go.id/images/free-robux-very-easy.pdfIn PDF document text
- http://wiesbadener-marktplatz.de/images/hack-initiate-unlimited-free-robux-40m.pdfIn PDF document text
- https://www.osoc.com/images/roblox-hack-hack-de-robux-2021.pdfIn PDF document text
- http://goosesscuba.com/images/free-roblox-script-exector-september-2021.pdfIn PDF document text
- http://bassacctaxservices.com/images/guuud-info-free-robux.pdfIn PDF document text
- http://gamixpaliwa.pl/images/roblox-booga-booga-hack-download-2021.pdfIn PDF document text
- http://onlinemusicsolutions.com.au/images/roblox-mad-city-hack-download.pdfIn PDF document text
- http://sdservicesrl.it/images/how-to-get-free-robux-javascript.pdfIn PDF document text
- https://sectorpravdy.com/images/free-robux-every-month.pdfIn PDF document text
- http://pdapanache.com/images/how-to-hack-any-roblox-account-including-admins.pdfIn PDF document text
- http://www.sanjosedeminas.gob.ec/images/free-roblox-accounts-with-life-time-obc.pdfIn PDF document text
- http://nosocomium.rv.ua/images/roblox-codes-to-get-free-items.pdfIn PDF document text
- http://www.jureclomas.com.ar/images/roblox-cheat-lua-codes.pdfIn PDF document text
- http://energotestcontrol.ru/images/roblox-games-for-free-no-download.pdfIn PDF document text
- https://waterpark.by:443/images/how-to-get-the-guest-body-for-free-in-roblox.pdfIn PDF document text
- http://centuriatus.com/images/free-roblox-card-code-generator-2021.pdfIn PDF document text
- http://shiny-nn.ru/images/dis666-roblox-hack.pdfIn PDF document text
- http://pacatuamigo.com/images/roblox-tycoon-games-free.pdfIn PDF document text
- http://the-specials.ch/images/free-robux-hack-2021-no-human-verification.pdfIn PDF document text
- https://www.u-pin-it.com/images/roblox-mobile-how-to-get-free-robux.pdfIn PDF document text
- http://ltmphoto.com/images/roblox-hacken-und-dafr-free-robux-bekommen.pdfIn PDF document text
- http://tc-kulmbach.de/images/roblox-hack-no-human-verification-2021.pdfIn PDF document text
- http://ilccanada.org/images/roblox-hacks-for-bloxburg.pdfIn PDF document text
- http://www.marambio.com.ar/images/free-robux-real-2021-no-human-verification.pdfIn PDF document text
- http://nevesomost.by/images/como-convertirse-en-hacker-en-roblox.pdfIn PDF document text
- http://ivalor.fr/images/how-to-hack-roblox-pepol-haeds-of.pdfIn PDF document text
- http://www.lycee-langevin-wallon.com/images/how-to-get-free-robux-legitimately.pdfIn PDF document text
- http://rushxpress.de/images/free-robux-on-ipad-no-verification.pdfIn PDF document text
- http://pesok-rk.ru/images/hacked-pokemon-games-roblox.pdfIn PDF document text
- http://unilin21.ru/images/hack-download-roblox-for-free.pdfIn PDF document text
- http://medicalafrica.net/images/horror-elevator-roblox-mega-vip-free-2021.pdfIn PDF document text
- http://www.exikom.com.ua/images/free-roblox-robux-generator-2021-no-human-verification-and-survey.pdfIn PDF document text
- http://prodent.com.ua/images/how-do-i-get-free-hair-on-roblox.pdfIn PDF document text
- https://www.solucionesdigit.com/images/roblox-cheat-engine-table-and-bypass.pdfIn PDF document text
- http://infoagronomia.com.ar/images/download-roblox-windows-7-free.pdfIn PDF document text
- http://www.art-concept.gr/images/how-to-hack-a-roblox-account-still-active.pdfIn PDF document text
- http://www.it-ro.it/images/download-hacks-for-roblox-cheating-in-assasin.pdfIn PDF document text
- http://huebner-baustoffe.de/images/www-hack-clients-robloxde.pdfIn PDF document text
- http://energotestcontrol.ru/images/free-robux-money-adder-apk.pdfIn PDF document text
- http://glll.de/images/when-will-welcome-to-bloxburg-be-free-on-roblox.pdfIn PDF document text
- http://glaubensfragen.org/images/free-expert-scripters-roblox.pdfIn PDF document text
- http://abletrustcare.com/images/como-tener-hacks-en-el-wild-revolvers-roblox.pdfIn PDF document text
- http://www.fanciullovito.it/images/free-robux-ez-points-gg.pdfIn PDF document text
- http://echosvoix.ch/images/free-robux-no-test-or-dowmload.pdfIn PDF document text
+21 more URL(s)
Extracted artifacts 3
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off0000731f.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x731F | 26808 bytes |
SHA-256: e0f01f8aa094bd2236335902b71a73e1970a9daf14a5e3f16fb8ca141f0af7ed |
|||
font_01_sfnt_off0000af5e.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xAF5E | 2832 bytes |
SHA-256: 77ae1c4cffa647a8fd533dfa4102e94364989f9e80b9cd131876e9d1005899a2 |
|||
font_02_sfnt_off0000b90f.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xB90F | 17952 bytes |
SHA-256: 14ee4fb6b986872817bda7de4cb2b9a3e7ab2ca7859077ccfa0afa83428bb03d |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.