PDF static analysis report

Static analysis result for SHA-256 9e8904c341e494de…

CLEAN

PDF

66.8 KB Created: 2021-04-05 18:31:05 +07:00 Authoring application: wkhtmltopdf 0.12.6 (via Qt 4.8.7) First seen: 2021-09-18
MD5: 90dd146aef4bd927c7d06f0c539d826c SHA-1: 20f031586985317855f27ef5c82cbdea17662af8 SHA-256: 9e8904c341e494dec43f7ad97cb0cd0a6a634c4503267c38637b8e22c5220dad
12 Risk Score

Machine Learning

  • Nyx PDF Classifier suspicious score 0.3406

Heuristics 3

  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://gaminggenerator.org/app/431946152/roblox-neueste-version-free-download PDF link annotation
    • http://www.torvet11.dk/images/free-admin-roblox-codes.pdfIn PDF document text
    • https://www.gymun.cz/images/roblox-hack-account-pastebin-2021.pdfIn PDF document text
    • http://legs11.co.za/images/wall-hack-csgo-roblox.pdfIn PDF document text
    • http://www.lovecraftiana.com.ar/images/how-to-hack-on-roblox-jailbreak.pdfIn PDF document text
    • http://abletrustcare.com/images/codes-for-free-knifes-assasin-roblox.pdfIn PDF document text
    • http://briankellyforcongress.com/images/school-campus-free-roblox-uncopylocked.pdfIn PDF document text
    • http://acktivities.com/images/how-to-get-free-robux-in-roblox-june-2021.pdfIn PDF document text
    • https://www.arquetopia.org/images/free-robux-fast.pdfIn PDF document text
    • http://scuttworksdesigns.us/images/how-to-hack-roblox-peoples-accounts.pdfIn PDF document text
    • http://linde-erbach.de/images/free-groups-to-claim-roblox.pdfIn PDF document text
    • http://sealysports.com/images/my-roblox-girlfriend-cheated-on-me.pdfIn PDF document text
    • https://consorziocsa-asicaivano.it/images/free-xbox-packages-on-roblox.pdfIn PDF document text
    • https://pagadder.com/images/nuevos-hacks-de-roblox-2021.pdfIn PDF document text
    • https://open-coffee-drimmelen-geertruidenberg.nl/images/free-robux-no-verification-or-downloads.pdfIn PDF document text
    • http://engelum.com/images/cheat-engine-bypass-roblox-2021.pdfIn PDF document text
    • https://www.cfdcnv.com/images/noob-vs-pro-vs-hacker-roblox.pdfIn PDF document text
    • http://www.malonmalon.com.ar/images/cool-roblox-weapons-cheat-engine.pdfIn PDF document text
    • http://www.sapaengineering.kz/images/free-robux-no-human-verification-2021-generator.pdfIn PDF document text
    • http://beer-holzhaus.ch/images/secure-payment-with-roblox-free.pdfIn PDF document text
    • http://legs11.co.za/images/free-robux-lol.pdfIn PDF document text
    • http://ff-obertraun.at/images/free-robux-websites-no-scam.pdfIn PDF document text
    • https://www.stoehr-sauer.de/images/cheat-engine-table-for-roblox.pdfIn PDF document text
    • http://huananhai.net/images/app-hacked-roblox.pdfIn PDF document text
    • http://www.inservis.cl/images/roblox-vip-server-free-link-vehicle-simulator.pdfIn PDF document text
    • https://technospektr.com.ua/images/hack-roblox-tower-battle.pdfIn PDF document text
    • http://internetdeputy.com/images/cheat-pour-la-money-dans-roblox-phantom-forces.pdfIn PDF document text
    • http://imp.lg.ua/images/free-ninja-pack-roblox.pdfIn PDF document text
    • http://a1scan3d.com/images/how-to-use-hacking-scripts-on-roblox.pdfIn PDF document text
    • http://wireprod.net/images/how-t-get-free-robux-2021-site-youtubecom.pdfIn PDF document text
    • http://www.mosaikshop.at/images/how-to-get-free-robux-hack-today.pdfIn PDF document text
    • http://pa-tanjungselor.go.id/images/roblox-site-free-robux.pdfIn PDF document text
    • https://www.olboys.it/images/free-robux-hack-inspect-element.pdfIn PDF document text
    • http://jkcoaching.nl/images/hack-robar-cuentas-de-roblox-pastebin.pdfIn PDF document text
    • http://solidcommunication.ch/images/how-to-cheat-on-roblox-twisted-murderer.pdfIn PDF document text
    • http://pia2000.net/images/how-can-u-get-free-robux.pdfIn PDF document text
    • http://bned-leader.co.uk/images/2021-free-roblox-accounts.pdfIn PDF document text
    • http://gingerscience.co.in/images/cheat-roblox-abeille.pdfIn PDF document text
    • http://jobsy.com.sg/images/is-roblox-on-xbox-one-free.pdfIn PDF document text
    • https://www.air-shop.cz/images/noclip-hack-download-roblox.pdfIn PDF document text
    • http://bi-bordtennis.dk/images/best-free-script-injector-for-roblox.pdfIn PDF document text
    • http://uptodate.az/images/roblox-fly-script-cheat-engine.pdfIn PDF document text
    • http://www.lrnetwork.es/images/roblox-hacks-for-pet-simulator.pdfIn PDF document text
    • https://meltonschool.org/images/como-tener-cualquier-ropa-gratis-en-roblox-sin-hacks.pdfIn PDF document text
    • http://www.mjclautrec.fr/images/roblox-jailbreak-money-hack-script-2021.pdfIn PDF document text
    • http://learningarabic.co.uk/images/free-robux-giver-online.pdfIn PDF document text
    • http://xn--80adcduozbpo4eve.xn--p1ai/images/roblox-cheats-to-get-2021-robux-2021.pdfIn PDF document text
    • http://www.eurosan1.ba/images/how-to-hack-websites-like-roblox.pdfIn PDF document text
    • https://www.udivadlahotel.cz/images/free-roblox-games-that-you-dont-have-to-sign-in.pdfIn PDF document text
    • http://jwcrownlimo.net/images/free-robux-codes-live-stream-november-22-2021.pdfIn PDF document text
    +17 more URL(s)

Extracted artifacts 3

Files carved from inside the sample during analysis.

FilenameKindSourceSize
stream_003_off0000840c.bin decompressed-pdf-stream PDF FlateDecoded stream at offset 0x840C 28364 bytes
SHA-256: 0b2c0a4226cd682c824ffdd6973888c91fe14eb322a0d3982c5f8e97b762a6a1
font_01_sfnt_off0000c552.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xC552 11440 bytes
SHA-256: 154d59d1680f2d1e38ccb783d6997f344290d121007e51df331726de4128c12e
font_02_sfnt_off0000e072.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xE072 18768 bytes
SHA-256: 059a9d4424a182687f7b009ae9127b91b11b286a840447043ceddbd75552f874