MALICIOUS
122
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1204.002 Malicious Link
T1059.007 JavaScript
The PDF document employs social engineering tactics by impersonating the Chase brand and luring the user with a "free audio uploader for Roblox" offer. It directs the user to a suspicious URL, which is a common method for distributing malware or conducting credential phishing. The ML classifier also flagged this PDF as malicious, supporting the assessment of a malicious intent.
Machine Learning
- Nyx PDF Classifier malicious score 0.7795
Heuristics 5
-
Browser extension / update installation lure high SE_BROWSER_INSTALL_LUREDocument tells the user to install a browser extension, plugin, viewer, or browser update to view content — a common social-engineering path for credential theft and malware installation
-
Brand-impersonation credential phishing lure high SE_BRAND_CREDENTIAL_PHISHDocument impersonates a well-known consumer brand and uses account-security / verification language ('unusual activity', 'account on hold', 'verify your account') to steer the reader to a credential-harvesting link. Corroborated by: call-to-action link host does not match the impersonated brand: http://gaminggenerator.org/app/431946152/free-audio-uploader-for-roblox.
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/free-audio-uploader-for-roblox PDF link annotation
- http://bilhetim.com.br/images/javascript-hack-roblox.pdfIn PDF document text
- https://laconce.com/images/jump-hack-roblox-cheat-engine-2021.pdfIn PDF document text
- http://www.kalaaliaraq.dk/images/codes-to-get-free-robux-may.pdfIn PDF document text
- http://www.mjclautrec.fr/images/double-jump-roblox-hack.pdfIn PDF document text
- http://standart-lab.ru/images/roblox-legendary-football-speed-hack.pdfIn PDF document text
- https://cdu-lengerich.de/images/how-to-hack-gear-in-the-roblox-catalog.pdfIn PDF document text
- https://www.fenews.co.uk/images/how-to-get-a-free-gear-in-roblox.pdfIn PDF document text
- http://texnes-plus.gr/images/hack-roblox-android.pdfIn PDF document text
- https://sitam.co.in/images/jailbreak-roblox-cheat-codes.pdfIn PDF document text
- https://wandersuechtig.de/images/hack-roblox-account-kali-linux.pdfIn PDF document text
- http://firesafetyservices.biz/images/free-sonic-costume-roblox.pdfIn PDF document text
- https://bgescc.com/images/roblox-background-2021-its-free.pdfIn PDF document text
- http://goosesscuba.com/images/how-to-do-a-roblox-hack.pdfIn PDF document text
- http://standart-lab.ru/images/free-roblox-generator-no-human-verification.pdfIn PDF document text
- http://alexanderautos.co/images/hacks-for-games-roblox.pdfIn PDF document text
- https://ghpa.ru/images/roblox-free-generator-no-verification.pdfIn PDF document text
- https://www.dierenartsberghman.be/images/free-roblox-hbe.pdfIn PDF document text
- https://www.gvandenakker.nl/images/how-to-hack-in-roblox-2021.pdfIn PDF document text
- http://finalstand.org/images/free-roblox-gift-card-codes-2021-generator.pdfIn PDF document text
- http://ims-77.fr/images/roblox-mobile-cheats.pdfIn PDF document text
- http://stitchingart.com/images/roblox-free-gui-op.pdfIn PDF document text
- http://nikabio.com/images/how-do-you-get-free-robux-on-roblox-ipad.pdfIn PDF document text
- http://optsuvenir.by/images/roblox-online-robux-hack.pdfIn PDF document text
- http://geometraperiotto.it/images/are-the-free-robux-fake.pdfIn PDF document text
- http://www.cosver.nl/images/free-robux-obby-real.pdfIn PDF document text
- http://sbm-nn.ru/images/hack-roblox-cheat-engine-64.pdfIn PDF document text
- http://berntfoto.dk/images/free-download-roblox-for-kids-on-laptop.pdfIn PDF document text
- http://www.conservatoriolecce.it/images/roblox-yin-vs-yang-ninja-assassin-hack.pdfIn PDF document text
- http://aeroclub-kaernten.at/images/hacker-roblox-portable.pdfIn PDF document text
- http://riccardodurso.it/images/shotgun-willy-cheat-codes-roblox-id.pdfIn PDF document text
- http://karolinaherrera.com/images/roblox-my-boyfriend-cheated-on-me.pdfIn PDF document text
- http://kermas.eu/images/roblox-free-avtar-makers.pdfIn PDF document text
- https://www.saisystem.it/images/beyond-roblox-hack.pdfIn PDF document text
- http://ozonizarint.com/images/is-there-any-way-to-get-robux-for-free.pdfIn PDF document text
- http://yogaschooldecypres.be/images/roblox-hand-hack.pdfIn PDF document text
- http://www.malonmalon.com.ar/images/how-do-you-get-free-robux-with-cheat-engine.pdfIn PDF document text
- https://www.mvp.co.nz/images/mapa-de-free-fire-roblox.pdfIn PDF document text
- http://iluvlocalplaces.com/images/how-to-hack-robux-in-1-min.pdfIn PDF document text
- https://www.air-shop.cz/images/free-roblox-codes-for-robux-2021.pdfIn PDF document text
- http://elllanorestaurants.com/images/lazyblox-com-free-robux-generator.pdfIn PDF document text
- http://schottlandfieber.de/images/free-robux-reedem.pdfIn PDF document text
- https://www.academiaanticorrupcion.org/images/hack-nuevo-para-roblox-2021-editar-servidor.pdfIn PDF document text
- http://bassacctaxservices.com/images/free-anime-roblox-clothes.pdfIn PDF document text
- http://legs11.co.za/images/how-to-get-free-roblox-robux-on-roblox.pdfIn PDF document text
- http://cristalysoptic.com/images/hack-t-shirt-roblox.pdfIn PDF document text
- http://techmobil.pl/images/how-to-get-free-shirts-on-roblox-2021-without-bc.pdfIn PDF document text
- http://ecoleduchat-grenoble.fr/images/robux-hack-no-verification-or-survey-or-id.pdfIn PDF document text
- https://lesegais.ru/images/roblox-games-with-free-radio.pdfIn PDF document text
- http://itbits.ie/images/free-robux-rixty-2021.pdfIn PDF document text
+10 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00008172.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x8172 | 26792 bytes |
SHA-256: 6ecd58e2d2a07a2fddfa7abb2e87f99651be20efeed48981b949d6e64d8547e6 |
|||
font_01_sfnt_off0000bdcc.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xBDCC | 18204 bytes |
SHA-256: a73f965175d17aad846c858e5be8b1d7b2a7f20f19abc6cd3fe332cf5fa2642b |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.