SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF document contains numerous links related to Roblox exploits and free Robux, suggesting a lure for users interested in these topics. The ML classifier flagged the PDF as malicious, and the presence of external URIs further supports a malicious intent. Although no scripts were directly extracted, the document's structure and embedded URLs indicate it's designed to redirect users to potentially harmful websites.
Machine Learning
- Nyx PDF Classifier malicious score 0.6193
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/3-roblox-games-that-give-free-robux PDF link annotation
- https://www.sitiwebjoomla.it/images/roblox-how-to-make-ranks-in-groups-for-free.pdfIn PDF document text
- http://cristalysoptic.com/images/roblox-hacks-developer-console.pdfIn PDF document text
- http://www.inservis.cl/images/how-to-hack-people-on-roblox-2021.pdfIn PDF document text
- http://brandyourbody.com/images/hack-de-robux-gratis.pdfIn PDF document text
- http://nosocomium.rv.ua/images/boku-no-roblox-quirk-hacks.pdfIn PDF document text
- http://shahriyarclimb.com/images/denis-free-robux-app.pdfIn PDF document text
- http://kruiz21.ru/images/yt-how-download-script-hack-roblox-jailbreak-2021.pdfIn PDF document text
- http://optsuvenir.by/images/robux-for-free-quick-and-easy.pdfIn PDF document text
- http://axia-verlag.at/images/roblox-free-boy-clothes.pdfIn PDF document text
- http://stomatolog-choszczno.pl/images/how-to-hack-admin-commands-on-roblox-android.pdfIn PDF document text
- http://portal.crfsp.org.br/images/how-to-get-roblox-admin-with-cheat-engine.pdfIn PDF document text
- http://nouveaupavillon.fr/images/get-free-robux-without-downloading-anything.pdfIn PDF document text
- http://www.eurologistiki.gr/images/esp-aimbot-wall-hacks-roblox-first-person-shooter-gui.pdfIn PDF document text
- http://www.bestyears.co.uk/images/fun-robux-hack.pdfIn PDF document text
- http://nevesomost.by/images/how-to-get-hacks-for-jaiil-brake-in-roblox.pdfIn PDF document text
- http://beer-holzhaus.ch/images/roblox-donegon-quest-level-hack.pdfIn PDF document text
- http://www.maakherumusic.net/images/free-roblox-game-card.pdfIn PDF document text
- http://www.fluidtech.hu/images/dont-take-damage-hack-roblox.pdfIn PDF document text
- http://www.bripi.pl/images/how-to-hack-money-in-gta-5-roblox.pdfIn PDF document text
- https://www.utalii.ac.ke/images/roblox-shower-simulator-cheats.pdfIn PDF document text
- http://yogaschooldecypres.be/images/make-a-free-roblox-account.pdfIn PDF document text
- http://consultinggirona.es/images/hacks-to-get-robux-2021.pdfIn PDF document text
- http://damvallei.be/images/roblox-music-id-break-free.pdfIn PDF document text
- https://www.albisser.ch/images/free-roblox-account-2021.pdfIn PDF document text
- https://www.shin.ge/images/play-roblox-online-for-free-no-download.pdfIn PDF document text
- http://smoothjazzclub.net/images/hacker-de-robux-para-roblox.pdfIn PDF document text
- http://centuriatus.com/images/roblox-cheat-engine-speed-hack-2021.pdfIn PDF document text
- http://echosvoix.ch/images/how-to-user-cheat-buddy-roblox.pdfIn PDF document text
- http://mydevice.com.au/images/robux-free-codes-2021.pdfIn PDF document text
- https://pa-waingapu.go.id/images/rhow-to-get-free-robux.pdfIn PDF document text
- https://socialvalue.gr/images/roblox-hack-in-2021-in-all-games.pdfIn PDF document text
- http://bullyinformate.org/images/cheat-codes-in-work-out-simulator-in-roblox.pdfIn PDF document text
- http://w-i-r.de/images/broken-bones-iv-roblox-hack.pdfIn PDF document text
- https://www.albisser.ch/images/hack-robux-infinitos-roblox.pdfIn PDF document text
- http://wattkit.com/images/brand-new-free-robux.pdfIn PDF document text
- https://gabrieliassociati.com/images/infinite-robux-hack.pdfIn PDF document text
- http://addair.co.uk/images/hack-explosin-roblox-pizza-place.pdfIn PDF document text
- http://axiapublishers.com/images/pastebin-com-free-robux-promocode.pdfIn PDF document text
- http://learningarabic.co.uk/images/flame-gg-free-robux-https-flame-gg-zeph.pdfIn PDF document text
- http://lakomat.by/images/free-robux-obby-no-scam.pdfIn PDF document text
- http://lechia-sedziszow.pl/images/cheat-bar-codes-for-roblox.pdfIn PDF document text
- https://www.milewood.co.uk/images/hackcom-for-roblox.pdfIn PDF document text
- http://www.centromedicoaurora.it/images/now-to-get-free-robux.pdfIn PDF document text
- https://www.sitiwebjoomla.it/images/free-stuff-in-roblox-2021.pdfIn PDF document text
- https://ghpa.ru/images/add-something-to-inventory-for-free-roblox.pdfIn PDF document text
- https://www.abrapppe.org.br/images/how-to-get-free-robux-on-ios-2021.pdfIn PDF document text
- http://kruiz21.ru/images/no-verify-free-robux.pdfIn PDF document text
- http://standart-lab.ru/images/roblox-fly-hack-november-2021.pdfIn PDF document text
- http://www.agri-tech.com.au/images/free-robux-no-human-verification-no-survey-2021.pdfIn PDF document text
+8 more URL(s)
Extracted artifacts 3
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off0000819f.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x819F | 24540 bytes |
SHA-256: ccd6fe41cd7d00cc54282572dd87a7d134641d8fc4e664c4a335ca92d5eadaac |
|||
font_01_sfnt_off0000b9ee.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xB9EE | 3884 bytes |
SHA-256: 40b61f8938bd710dc29dc58ba3fde91c245a6a69596ec569b4d27c769ca417cf |
|||
font_02_sfnt_off0000c695.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xC695 | 18676 bytes |
SHA-256: cf89c5773435c6f35bf62e05772002afb15c347340565c459652bd4aea1e047f |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.