SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1204.002 Malicious Link
The PDF document contains numerous embedded URLs and a heuristic firing for an external URI, all related to 'Roblox cheats' or 'hacks'. The presence of a 'download button' heuristic further suggests a lure to download potentially malicious content. The document body, though partially corrupted, contains text and URLs consistent with a phishing or malware distribution attempt.
Machine Learning
- Nyx PDF Classifier malicious score 0.6193
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/cheats-that-make-you-get-staff-on-roblox-on-computer PDF link annotation
- https://www.porthos.it/images/aplicacion-de-hacks-para-pc-en-roblox.pdfIn PDF document text
- http://only1you.ru/images/hack-of-roblox.pdfIn PDF document text
- http://www.anies.eu/images/how-do-i-get-free-robux-without-human-verification.pdfIn PDF document text
- https://jdlgroup.ca/images/how-to-get-free-robux-on-hp-laptop.pdfIn PDF document text
- http://cosmosdawn.net/images/how-to-hack-your-friends-in-roblox.pdfIn PDF document text
- http://www.compusiteinc.com/images/hack-roblox-com-2021.pdfIn PDF document text
- https://www.seeingindependence.org/images/how-to-hack-roblox-inspect.pdfIn PDF document text
- https://gestionpatrimonial.net/images/money-for-roblox-strucid-free.pdfIn PDF document text
- https://www.audev.com/images/images-of-jhon-do-hacker-roblox.pdfIn PDF document text
- https://arcasict.nl/images/roblox-phantom-forces-aimbot-mod-download-free-2021.pdfIn PDF document text
- http://nitetpl3.com/images/real-roblox-robux-hack.pdfIn PDF document text
- http://www.sanjosedeminas.gob.ec/images/how-do-you-get-free-robux-no-human-verification.pdfIn PDF document text
- http://www.les2alpes-location.com/images/black-clover-roblox-hack-script.pdfIn PDF document text
- https://kinderdam.nl/images/free-hat-avatar-roblox.pdfIn PDF document text
- http://www.ntc.edu.za/images/eli1t3-roblox-free-shirt.pdfIn PDF document text
- http://modlingua.com/images/earn-free-robux-by-watching-videos-and-playing-games.pdfIn PDF document text
- http://sandra-masemann.de/images/hacking-into-denis-daily-account-roblox.pdfIn PDF document text
- http://bolandergroup.com/images/free-clothes-maker-roblox.pdfIn PDF document text
- http://www.cosver.nl/images/how-to-sell-a-free-model-on-roblox-studio.pdfIn PDF document text
- https://www.foodsafety.cz/images/robux-hack-generator-download.pdfIn PDF document text
- http://www.lionel-seppoloni.fr/images/robux-hack-link.pdfIn PDF document text
- https://bgescc.com/images/how-to-get-free-roblox-catalog-items-2021.pdfIn PDF document text
- https://verdensbarn.no/images/roblox-build-a-boat-hack-nopde.pdfIn PDF document text
- http://selectionspdf.fr/images/roblox-free-rthro-packages.pdfIn PDF document text
- https://corbo.ru/images/the-app-that-gives-you-free-robux.pdfIn PDF document text
- http://teknotools.net/images/roblox-parkour-hack-june-2021.pdfIn PDF document text
- https://jdlgroup.ca/images/how-to-sell-a-tshirt-for-free-on-roblox.pdfIn PDF document text
- https://www.iadh.bi/images/pastebin-free-robux-100-working-2021.pdfIn PDF document text
- https://pa-waingapu.go.id/images/how-to-hack-roblox-accounts-2021-console.pdfIn PDF document text
- http://www.maakherumusic.net/images/how-to-get-free-clothes-on-in-roblox.pdfIn PDF document text
- https://masseymotorcars.com/images/free-robux-only-code-hack.pdfIn PDF document text
- http://mostowicz.pl/images/roblox-tips-and-cheats.pdfIn PDF document text
- http://brandyourbody.com/images/roblox-restaurant-tycoon-hack-luac.pdfIn PDF document text
- http://domaizdereva24.ru/images/how-to-speed-hack-in-roblox-jailbreak-2021.pdfIn PDF document text
- http://yogaschooldecypres.be/images/how-to-get-the-game-bloxtube-for-free-roblox.pdfIn PDF document text
- https://consorziocsa-asicaivano.it/images/roblox-night-of-the-werewolf-cheats.pdfIn PDF document text
- http://santeh-40.ru/images/how-hacks-for-trading-pet-simulator-roblox.pdfIn PDF document text
- http://ghegamethu.vn/images/how-to-sell-roblox-items-for-free.pdfIn PDF document text
- http://www.gadanie.lv/images/hacking-my-friends-roblox-account.pdfIn PDF document text
- http://fmbompastor.com.br/images/how-to-change-my-roblox-name-for-free.pdfIn PDF document text
- http://finalstand.org/images/hack-tool-roblox-lumber-tycoon-2.pdfIn PDF document text
- http://www.agri-tech.com.au/images/dayz-2-roblox-hack.pdfIn PDF document text
- http://ivpr.net/images/best-roblox-avatars-free.pdfIn PDF document text
- http://demenagementlandry.com/images/how-to-add-free-robux-to-your-account.pdfIn PDF document text
- http://www.pacoestrada.it/images/ben-10-universal-showdown-cheats-codes-roblox.pdfIn PDF document text
- https://www.brainpads.com/images/how-to-get-admin-commands-on-roblox-without-cheat-engine.pdfIn PDF document text
- http://www.nielsen2u.dk/images/roblox-murder-mystery-2-knife-hack.pdfIn PDF document text
- https://www.albisser.ch/images/free-girl-roblox-clothes.pdfIn PDF document text
- http://www.pro-futuro.eu/images/how-to-get-free-headphones-on-roblox-2021.pdfIn PDF document text
+17 more URL(s)
Extracted artifacts 3
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00008373.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x8373 | 25308 bytes |
SHA-256: a3ffffd005b67476e625d496862d42b2edc5aac3182723de17e7060296890db7 |
|||
font_01_sfnt_off0000bc3d.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xBC3D | 2832 bytes |
SHA-256: 77ae1c4cffa647a8fd533dfa4102e94364989f9e80b9cd131876e9d1005899a2 |
|||
font_02_sfnt_off0000c5ed.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xC5ED | 19132 bytes |
SHA-256: 38e9132d7ccff7a039a07478baa727db62728024c18d28f9edeff04d4fec8bff |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.