SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF document was flagged as suspicious by an ML classifier. The file presents a deceptive download button. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.6193
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/roblox-witch-hat-free PDF link annotation
- http://fmbompastor.com.br/images/free-roblox-accounts-with-robux-2021.pdfIn PDF document text
- http://dottgagliardi.com/images/roblox-admin-system-hack.pdfIn PDF document text
- http://www.ntc.edu.za/images/jailbreak-roblox-hack-2021.pdfIn PDF document text
- http://kids-academy.pl/images/how-to-get-free-faces-on-roblox-mobile.pdfIn PDF document text
- http://racunari.in.rs/images/how-to-hack-roblox-accounts-with-bruteforce.pdfIn PDF document text
- https://www.dachytarasowe.eu/images/hack-para-roblox-jailbreak-coat-y-muchos-mas.pdfIn PDF document text
- http://www.pcclawyers.com.au/images/how-to-hack-roblox-with-artmoney.pdfIn PDF document text
- https://www.laarsenco.nl/images/how-to-get-free-robux-2021.pdfIn PDF document text
- https://www.saisystem.it/images/pastebin-how-to-get-free-robux.pdfIn PDF document text
- http://bned-leader.co.uk/images/how-to-hack-a-account-in-roblox.pdfIn PDF document text
- http://kulturhusbabberich.nl/images/www-free-robux-me.pdfIn PDF document text
- http://www.nielsen2u.dk/images/free-robux-no-human-verification-2021-or-survey-or-offers.pdfIn PDF document text
- http://palogar.es/images/robux-hack-ultimate-pro.pdfIn PDF document text
- http://businessfit.com/images/cydia-roblox-hack.pdfIn PDF document text
- https://www.ferienhausdirektkroatien.de/images/roblox-free-items-2021-december.pdfIn PDF document text
- http://altc.de/images/free-roblox-robux-hack-generator-no-survey-2021.pdfIn PDF document text
- http://hospitalsalamanca.cl/images/hack-mod-menu-roblox-2021.pdfIn PDF document text
- https://www.tsdb.com.au/images/roblox-free-level-6-exploit-2021.pdfIn PDF document text
- https://letturatarghe.it/images/how-to-create-your-own-robux-hack.pdfIn PDF document text
- https://www.cosmosdawn.net/images/roblox-pokemon-brick-bronze-hack-download.pdfIn PDF document text
- http://firstaidacademy.be/images/free-robux-codes-october-2021.pdfIn PDF document text
- http://ns1.radiofacil.net/images/how-to-hack-roblox-with-inspect-element-2021.pdfIn PDF document text
- http://agritrade-ukraine.com/images/how-to-get-free-robux-in-roblox-by-inspect-2021.pdfIn PDF document text
- http://karldall.dk/images/i-love-free-robux.pdfIn PDF document text
- https://www.hotschool.com.au/images/free-rape-script-for-roblox.pdfIn PDF document text
- https://wandersuechtig.de/images/my-roblox-girlfriend-cheated-on-me.pdfIn PDF document text
- http://wireprod.net/images/hack-admin-sword-roblox.pdfIn PDF document text
- https://www.porthos.it/images/how-do-you-hack-roblox-adopt-me.pdfIn PDF document text
- http://domaizdereva24.ru/images/free-account-giveaway-roblox-2021.pdfIn PDF document text
- http://www.mikramarine.gr/images/best-free-items-on-roblox-2021.pdfIn PDF document text
- http://thomas-hartl.at/images/scam-free-robux.pdfIn PDF document text
- http://emilac.com/images/free-robux-no-survey-2021-working-august.pdfIn PDF document text
- https://www.academiaanticorrupcion.org/images/roblox-execute-script-hack.pdfIn PDF document text
- https://www.laarsenco.nl/images/how-to-hack-roblox-passwords-on-mobile.pdfIn PDF document text
- http://traveltrucks.com.au/images/how-to-get-free-wings-on-roblox.pdfIn PDF document text
- http://homequeen.de/images/roblox-script-button-for-hacks-fake.pdfIn PDF document text
- http://www.rezbb.sk/images/reddit-free-robux.pdfIn PDF document text
- http://gops.pruszczgdanski.pl/images/counter-blox-roblox-offensive-hacks-wall-hacks.pdfIn PDF document text
- https://domoticaaplicada.com/images/the-easiest-way-to-get-free-robux.pdfIn PDF document text
- http://www.friendshiptransport.net/images/roblox-cool-free-girl-looks.pdfIn PDF document text
- http://echosvoix.ch/images/how-to-use-cheat-engine-on-roblox-without-shutdown-2021.pdfIn PDF document text
- http://icomsolutions.com.au/images/mobile-roblox-hack-download.pdfIn PDF document text
- https://gomsa.nl/images/roblox-hack-cheat-engine-2021.pdfIn PDF document text
- http://gvtssp.org/images/hack-to-get-unlimited-robux-free.pdfIn PDF document text
- http://aadvanderklaauw.nl/images/roblox-best-robux-hack.pdfIn PDF document text
- http://huananhai.net/images/bloxburg-on-roblox-free-play.pdfIn PDF document text
- http://condit-pack.com/images/cheat-roblox-musculation.pdfIn PDF document text
- http://butkimloai.com/images/roblox-free-no-login.pdfIn PDF document text
- https://www.air-shop.cz/images/roblox-admin-hacks-2021.pdfIn PDF document text
+21 more URL(s)
Extracted artifacts 3
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00008289.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x8289 | 26576 bytes |
SHA-256: 1d20847e9ed90b769b1b0edfcbfa77432b2ee6affec701bdea2c0f977b5464dc |
|||
font_01_sfnt_off0000bd7d.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xBD7D | 2896 bytes |
SHA-256: 90d77d065f93150ee652ed3ce79924b5ebfcae47abf79a24366adbef9fa21c4a |
|||
font_02_sfnt_off0000c77c.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xC77C | 18136 bytes |
SHA-256: 7eb8f7ae0bf73626c86846589e20889134158e3507b14e05c8ce9d034d4dc69e |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.