MALICIOUS
110
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF document contains multiple heuristics indicating a lure for game hacks and free currency, specifically targeting Roblox players. The primary URL, http://enigmagenerator.com/app/431946152/roblox-game-hack, is directly linked to a 'free generator / game hack' lure. While no scripts were explicitly extracted, the PDF structure and embedded URLs strongly suggest a phishing or malware distribution attempt, likely initiated via spearphishing attachment.
Machine Learning
- Nyx PDF Classifier malicious score 0.8721
Heuristics 5
-
PDF links to a 'free generator / game hack' redirector critical PDF_GAME_HACK_REDIRECT_LUREPDF's clickable action targets a redirector of the form /app/<id>/<slug>-game-hack — the landing-page shape of a large SEO 'free spins / generator / game hack' lure family that funnels victims through rotating disposable hosts to a malware/scam payload. The multi-link variants also trip ML/link-farm rules; this catches the single-link variants that otherwise score clean. CRITICAL on its own: the /app/<id>/<slug>-game-hack path shape is unambiguous scam infra, and the host rotates so a host-list match can't be relied on.
-
Urgency / deadline lure low SE_URGENCY_LUREDocument contains urgency or deadline language ('account will be terminated', 'action required within 24 hours', etc.) — useful context, but low-signal without other findings
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://enigmagenerator.com/app/431946152/roblox-game-hack PDF link annotation
- http://kruiz21.ru/images/free-robux-on-roblox-youtube.pdfIn PDF document text
- http://gops.pruszczgdanski.pl/images/free-robux-with-developer-tools-2021.pdfIn PDF document text
- http://schrichte.de/images/gun-hack-roblox-pastebin.pdfIn PDF document text
- http://ltdirect.co.uk/images/h2-account-stealing-hack-roblox.pdfIn PDF document text
- http://salantiskis.lt/images/free-robux-no-verification-at-all.pdfIn PDF document text
- https://datavoiz.com/images/roblox-hack-genwrator.pdfIn PDF document text
- https://reggieslockandkey.com/images/cheat-codes-for-roblox-mad-city-cash.pdfIn PDF document text
- http://w-i-r.de/images/ads-for-free-robux.pdfIn PDF document text
- http://www.sanjosedeminas.gob.ec/images/free-roblox-money-for-robux.pdfIn PDF document text
- https://www.hbproducts.dk/images/how-do-you-get-free-robux-ad.pdfIn PDF document text
- http://uctovnictvosnv.sk/images/free-dress-roblox.pdfIn PDF document text
- https://www.academiaanticorrupcion.org/images/roblox-join-players-that-arent-freind-hack.pdfIn PDF document text
- http://www.gongoff.com/images/roblox-cheat-apk-mod.pdfIn PDF document text
- http://www.inservis.cl/images/roblox-thinknoodles-free-fall.pdfIn PDF document text
- http://almacargo.com/images/one-app-rewards-robux-hack.pdfIn PDF document text
- http://www.boutique-nature.fr/images/how-to-get-free-shirts-on-roblox-2021.pdfIn PDF document text
- http://shootawayproduction.com/images/hack-coin-roblox.pdfIn PDF document text
- https://www.ausecus.com/images/robux-bandit-hack.pdfIn PDF document text
- https://www.coriglianocalabro.it/images/redeem-robux-free.pdfIn PDF document text
- https://sectorpravdy.com/images/cheats-for-retail-tycoon-roblox.pdfIn PDF document text
- http://force-seniorklub.dk/images/how-to-get-free-roblox-items-usuing-android.pdfIn PDF document text
- http://thomas-hartl.at/images/for-free-robux-on-roblox-com-free4mobile24-com.pdfIn PDF document text
- http://junktiquecollector.com/images/roblox-cheat-codes-ipad.pdfIn PDF document text
- http://ims-77.fr/images/roblox-im-freaking-out-hack.pdfIn PDF document text
- http://palogar.es/images/simon-says-hacks-roblox-2021.pdfIn PDF document text
- https://www.saisystem.it/images/roblox-retail-tycoon-116-infinite-money-hack.pdfIn PDF document text
- http://sscclc.edu.ec/images/roblox-free-robux-exploit.pdfIn PDF document text
- http://magistrinfo.ru/images/beyond-roblox-trigon-hack.pdfIn PDF document text
- http://rainbowbuddha.academy/images/obby-gives-you-free-robux-no-password-required-2021-link.pdfIn PDF document text
- http://stroygrad-spb.com/images/how-to-get-free-hacks-for-roblox.pdfIn PDF document text
- https://pemadamapi.net/images/roblox-free-stuff-catalog.pdfIn PDF document text
- http://xn--apartementos-smfora-cala-ratjada-4vc.de/images/robux-hack-only-today.pdfIn PDF document text
- http://logisticgroup.co/images/blox-world-free-robux.pdfIn PDF document text
- http://androidthai.in.th/images/roblox-cheat-engine-robux-hacks-2021.pdfIn PDF document text
- http://www.jureclomas.com.ar/images/free-robux-on-ipad-2021.pdfIn PDF document text
- http://hydroconseil.com/images/get-free-free-robux.pdfIn PDF document text
- https://cdu-lengerich.de/images/free-robux-cheats-2021.pdfIn PDF document text
- http://www.kalaaliaraq.dk/images/roblox-money-hack-exe.pdfIn PDF document text
- https://www.saisystem.it/images/get-real-free-robux.pdfIn PDF document text
- http://centuriatus.com/images/roblox-cheat-engine-speed-hack-2021.pdfIn PDF document text
- http://smart-pro.co.uk/images/roblox-hack-naval-warfe.pdfIn PDF document text
- http://poltekkeskhjogja.ac.id/images/how-to-make-hack-models-in-roblox.pdfIn PDF document text
- http://dmoraitis.gr/images/roblox-download-100-free.pdfIn PDF document text
- http://demenagementlandry.com/images/robux-hack-script-in-inspect-code.pdfIn PDF document text
- https://waterpark.by:443/images/roblox-play-roblox-for-free.pdfIn PDF document text
- https://www.ausecus.com/images/roblox-redwood-prison-free-gamepass.pdfIn PDF document text
- http://alexandrion.com/images/roblox-hack-sans-verification-humaine.pdfIn PDF document text
- https://www.acoustiguard.com/images/free-roblox-gift-cards-discord.pdfIn PDF document text
- https://www.ferienhausdirektkroatien.de/images/free-robux-no-survey-no-download-2021-no-human-verification.pdfIn PDF document text
+13 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00007075.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x7075 | 26376 bytes |
SHA-256: 027e5aea2a2a7c40a32fd14250b5c45c39d4af8793c46c5b636ad1c4af678afb |
|||
font_01_sfnt_off0000abe0.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xABE0 | 18724 bytes |
SHA-256: 9799a594eaf2013e15879aab425d4f3c044ea2c74cebbb45b973e0108786f19d |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.