SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF document was flagged as suspicious by an ML classifier. The file presents a deceptive download button. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.7795
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/how-to-get-free-robux-in-notepad PDF link annotation
- http://vagency.us/images/roblox-meep-city-free-games.pdfIn PDF document text
- http://www.centromedicoaurora.it/images/how-to-hack-prison-life-roblox-2021-free.pdfIn PDF document text
- http://www.kalaaliaraq.dk/images/roblox-site-free-robux.pdfIn PDF document text
- http://biccairo.com/images/roblox-change-team-hack.pdfIn PDF document text
- http://erntefest2016.de/images/free-stuff-but-you-have-to-enter-a-code-roblox.pdfIn PDF document text
- https://lobergetart.se/images/roblox-piano-hack-download.pdfIn PDF document text
- http://osteonad.com/images/roblox-phantom-forces-hack-mod-menu.pdfIn PDF document text
- http://uctovnictvosnv.sk/images/how-to-bypass-cheat-engine-on-roblox-2021.pdfIn PDF document text
- http://ernstgloves.co.il/images/roblox-guns-r15-script-hack.pdfIn PDF document text
- https://luminouswisdom.org/images/how-to-get-roblox-hats-for-free.pdfIn PDF document text
- http://bagna.pl/images/free-robux-hack-2021-working.pdfIn PDF document text
- https://amatq.ca/images/hack-script-copy-and-paste-roblox.pdfIn PDF document text
- http://www.controverseinterapie.it/images/free-robux-no-human-verification-no-survey-or-download.pdfIn PDF document text
- https://www.ghknights.org/images/roblox-free-teleporter.pdfIn PDF document text
- http://jenne-technik.de/images/onnet-roblox-hack.pdfIn PDF document text
- http://oddgraphic.com/images/how-do-you-get-free-robux-on-kindle-fire.pdfIn PDF document text
- http://kundentest.de/images/free-robux-and-tix-for-roblox.pdfIn PDF document text
- http://egorplitka.ru/images/free-roblox-toy-codes-november-2021.pdfIn PDF document text
- http://dermaceutic.co.uk/images/robux-hack-2021.pdfIn PDF document text
- https://open-coffee-drimmelen-geertruidenberg.nl/images/can-you-change-your-roblox-name-for-free.pdfIn PDF document text
- https://www.romedia.gr/images/free-robux-generator-no-survey-2021.pdfIn PDF document text
- http://lewishome.net/images/free-robux-reedem-code.pdfIn PDF document text
- http://grugliascogiovani.org/images/robux-hack-apk-2021.pdfIn PDF document text
- https://www.romedia.gr/images/free-robux-codes-2021-october.pdfIn PDF document text
- http://aeroclub-kaernten.at/images/get-roblox-hacks.pdfIn PDF document text
- http://clubpure.org/images/roblox-free-robux-no-verification.pdfIn PDF document text
- http://fsgtoday.com/images/free-robux-hack-forum-by-envix.pdfIn PDF document text
- http://www.htc.edu.au/images/give-free-account-roblox-13-jun-2021.pdfIn PDF document text
- http://news123.it/images/tips-and-hints-to-get-robux-for-free-hack.pdfIn PDF document text
- https://lobergetart.se/images/free-shovocado-roblox.pdfIn PDF document text
- http://sdsdar.org/images/roblox-scripts-download-for-free.pdfIn PDF document text
- http://laboraltoledo.com/images/hack-para-roblox-jailbreak.pdfIn PDF document text
- http://jackson-pr.com/images/how-to-cheat-on-eviction-notice-roblox.pdfIn PDF document text
- http://www.jureclomas.com.ar/images/roblox-robux-free-no-hack.pdfIn PDF document text
- http://galletta.com/images/hack-ants-roblox-acount.pdfIn PDF document text
- http://gamixpaliwa.pl/images/roblox-music-id-young-wild-and-free.pdfIn PDF document text
- https://www.hofe-gmbh.de/images/free-robux-400-code.pdfIn PDF document text
- http://dmoraitis.gr/images/clothes-in-roblox-free.pdfIn PDF document text
- https://consorziocsa-asicaivano.it/images/how-to-get-free-robux-legit-2021.pdfIn PDF document text
- https://www.wildpark-johannismuehle.de/images/roblox-all-gamepasses-free-script.pdfIn PDF document text
- http://www.nielsen2u.dk/images/hack-robux-no-inspect.pdfIn PDF document text
- http://www.isovca.com/images/hacks-para-roblox-descargar-gratis.pdfIn PDF document text
- http://poltekkeskhjogja.ac.id/images/hack-the-robux-2021.pdfIn PDF document text
- http://petarda.hu/images/how-to-hack-lucky-blocks-roblox.pdfIn PDF document text
- https://www.wildpark-johannismuehle.de/images/roblox-pistol-script-hack.pdfIn PDF document text
- http://kruiz21.ru/images/free-roblox-vip-sign-ups.pdfIn PDF document text
- http://peche-madagascar.com/images/life-in-paradise-roblox-hacks.pdfIn PDF document text
- http://www.boutique-nature.fr/images/free-robux-generator-without-doing-anything.pdfIn PDF document text
- http://adues.org/images/roblox-cheat-god-mode.pdfIn PDF document text
+12 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00007f17.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x7F17 | 25896 bytes |
SHA-256: 0c8d1e42263342b79c2ea9372bca1f4033e78f441f30fc5f453ca3bf6ea3f26f |
|||
font_01_sfnt_off0000b9f6.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xB9F6 | 18256 bytes |
SHA-256: d06259492fa679c6a1e7bfdccaa613706a5bf5ca98920553a0ef42991c9ee9e5 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.