SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF document was flagged as suspicious by an ML classifier. The file presents a deceptive download button. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.6193
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/pastebin-free-robux-hack-no-wait PDF link annotation
- http://immo360grad.com/images/roblox-murder-mystery-2-hack-script.pdfIn PDF document text
- http://j-cook.pro/images/icepprof-roblox-hacks.pdfIn PDF document text
- http://gaeconsultores.cl/images/free-models-with-viruses-roblox.pdfIn PDF document text
- http://www.exikom.com.ua/images/how-to-sell-at-shirt-for-free-on-roblox.pdfIn PDF document text
- https://consorziocsa-asicaivano.it/images/roblox-free-hoodie-template.pdfIn PDF document text
- http://shahriyarclimb.com/images/free-robux-download.pdfIn PDF document text
- https://www.devries-group.de/images/free-robux-for-watcing.pdfIn PDF document text
- http://daksz.hu/images/roblox-hack-commands-list.pdfIn PDF document text
- http://centuriatus.com/images/redeem-roblox-cards-free-codes-2021.pdfIn PDF document text
- http://musical-arts.de/images/robux-free-youtube-aspire.pdfIn PDF document text
- http://adenmarks.se/images/download-cerberus-roblox-hack.pdfIn PDF document text
- http://malichy.pl/images/how-to-hack-into-somebodys-roblox-account.pdfIn PDF document text
- http://www.eurosan1.ba/images/pet-simulator-roblox-hack.pdfIn PDF document text
- https://billiekawende.com/images/freepsy-roblox.pdfIn PDF document text
- https://consorziocsa-asicaivano.it/images/how-to-get-free-robuxs-proof.pdfIn PDF document text
- http://jijel.info/images/how-to-go-300-free-diamonds-on-roblox-royale-high.pdfIn PDF document text
- http://wcasrock.org/images/how-to-get-free-robux-card-codes.pdfIn PDF document text
- http://ehma.com/images/free-robux-no-human-verification-or-survey-ipad.pdfIn PDF document text
- https://www.wildpark-johannismuehle.de/images/withdraw-robux-at-http-free-robux-space.pdfIn PDF document text
- https://studentcareerinfo.com/images/free-ranked-roblox.pdfIn PDF document text
- http://safari-crimea.com/images/cheat-engine-executor-roblox.pdfIn PDF document text
- https://www.cosmosdawn.net/images/stickmasterluke-free-robux-game-link.pdfIn PDF document text
- http://www.friendshiptransport.net/images/roblox-free-items-pastebin.pdfIn PDF document text
- https://studentcareerinfo.com/images/robux-generator-free-no-password.pdfIn PDF document text
- http://www.hawler.in/images/best-free-roblox-hacks.pdfIn PDF document text
- http://nevesomost.by/images/roblox-hacked-client-kill-people.pdfIn PDF document text
- https://asesoriamss.com/images/roblox-cheat-engine-tablre-and-bypass.pdfIn PDF document text
- http://hoqueijmj.eu/images/how-to-get-free-roblox-codes-2021.pdfIn PDF document text
- http://www.bestyears.co.uk/images/how-to-cheat-roblox-mining-simulator.pdfIn PDF document text
- https://servotecnica.com/images/roblox-best-free-exploit-march-2021.pdfIn PDF document text
- http://acktivities.com/images/cranberry-roblox-hack.pdfIn PDF document text
- https://ambarevleri.com/images/roblox-hole-in-the-wall-hack.pdfIn PDF document text
- http://www.lionel-seppoloni.fr/images/roblox-speed-hack-2021-booga-booga.pdfIn PDF document text
- http://lanoblaie.fr/images/how-do-you-earn-robux-in-roblox-for-free.pdfIn PDF document text
- http://legs11.co.za/images/roblox-cheats-deutsch.pdfIn PDF document text
- https://sitam.co.in/images/can-we-play-roblox-for-free.pdfIn PDF document text
- http://www.visiblefilm.com/images/como-conseguir-hacks-en-roblox.pdfIn PDF document text
- http://www.imperialaccountingfl.com/images/free-robux-robux-robux-free.pdfIn PDF document text
- http://parsbaft.com/images/roblox-jaiilbreak-cheats.pdfIn PDF document text
- http://www.elis-strechy.cz/images/how-to-hack-someones-roblox-account-2021.pdfIn PDF document text
- https://wandersuechtig.de/images/how-to-get-free-robux-legit-not-patched.pdfIn PDF document text
- http://nevesomost.by/images/roblox-parkour-tag-hack.pdfIn PDF document text
- https://sitam.co.in/images/free-candy-van-roblox.pdfIn PDF document text
- https://consorziocsa-asicaivano.it/images/free-roblox-accounts-2021-december.pdfIn PDF document text
- https://servotecnica.com/images/online-hack-robux.pdfIn PDF document text
- https://www.osoc.com/images/roblox-lego-hack.pdfIn PDF document text
- http://www.art-concept.gr/images/free-roblox-acccom.pdfIn PDF document text
- http://hydroconseil.com/images/roblox-on-ps4-free.pdfIn PDF document text
- http://ff-obertraun.at/images/how-to-hack-roblox-points.pdfIn PDF document text
+12 more URL(s)
Extracted artifacts 3
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00008296.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x8296 | 24412 bytes |
SHA-256: 27f146c3af15ad6015e06ab187f75ed7fbcb77ee55f4b8eb6b9d1e4dd68ee31a |
|||
font_01_sfnt_off0000ba8d.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xBA8D | 2844 bytes |
SHA-256: baad2f3f6808f4af03fa9398e38c580c8d846f7f773a947d8cc1f39b2753d31a |
|||
font_02_sfnt_off0000c44e.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xC44E | 18712 bytes |
SHA-256: e9457937afe2e72197fcb90fb47d04a9d770fa8fb982d0bbd7bed1738c291caf |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.