PDF static analysis report

Static analysis result for SHA-256 b509a9ff69af5a0b…

CLEAN

PDF

59.4 KB Created: 2021-04-01 22:05:27 +07:00 Authoring application: wkhtmltopdf 0.12.6 (via Qt 4.8.7) First seen: 2021-09-17
MD5: d2d4d93f7f1824daeb2106f053377be9 SHA-1: 54a0449dc9149b65f25a0659b941f83ff41ef04c SHA-256: b509a9ff69af5a0b896fdec43285d9f7695bf8ba18d8dfa933649e50ba1cd73d
12 Risk Score

Machine Learning

  • Nyx PDF Classifier suspicious score 0.4129

Heuristics 3

  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://gaminggenerator.org/app/431946152/how-to-hack-somebody-on-roblox PDF link annotation
    • https://www.air-shop.cz/images/robux-hack-no-survey-2021.pdfIn PDF document text
    • https://www.sinaloadiario.mx/images/free-games-to-play-roblox.pdfIn PDF document text
    • http://zarinnameh.ir/images/get-your-game-popular-roblox-hack.pdfIn PDF document text
    • http://castillodesaitai.es/images/hack-engine-for-roblox-download.pdfIn PDF document text
    • http://pa-tanjungselor.go.id/images/roblox-hack-no-scam-robloxian.pdfIn PDF document text
    • https://www.beaufortcollege.ie/images/how-to-get-free-robux-youtube-video.pdfIn PDF document text
    • http://www.agri-tech.com.au/images/tutorial-avanzado-de-cheat-engine-para-dragon-ball-range-roblox.pdfIn PDF document text
    • http://nevesomost.by/images/free-punch-animation-roblox.pdfIn PDF document text
    • https://esl.ipb.ac.id/images/tower-defense-hack-roblox.pdfIn PDF document text
    • https://www.eglihotel.gr/images/can-you-use-cheat-engine-to-hack-robux.pdfIn PDF document text
    • https://www.seasleepveurne.be/images/brick-cars-roblox-cheat-codes.pdfIn PDF document text
    • https://www.hotelaziza.com/images/roblox-cubeverse-cheat.pdfIn PDF document text
    • http://iranatis.md/images/how-to-get-free-robux-creag.pdfIn PDF document text
    • https://www.coriglianocalabro.it/images/roblox-roblox-hack-free-robux-generator-uirbx-club.pdfIn PDF document text
    • http://www.nielsen2u.dk/images/roblox-strucid-hit-box-hack-2021-august.pdfIn PDF document text
    • http://www.htc.edu.au/images/free-roblox-gift-card-giveaway.pdfIn PDF document text
    • https://www.abrapppe.org.br/images/hack-de-dinero-para-jailbreak-roblox-noviembre.pdfIn PDF document text
    • http://www.evaplast.by/images/cheat-roblox-menu.pdfIn PDF document text
    • http://www.lycee-langevin-wallon.com/images/free-ninja-animation-pack-roblox.pdfIn PDF document text
    • http://poltekkeskhjogja.ac.id/images/roblox-thomas-wooden-railway-free-demo.pdfIn PDF document text
    • http://www.kalaaliaraq.dk/images/free-robux-no-survey-no-download-2021-no-human-verification.pdfIn PDF document text
    • http://www.agri-tech.com.au/images/assassin-cheat-codes-roblox.pdfIn PDF document text
    • https://jdlgroup.ca/images/vehicle-simulator-roblox-cheat-scripts.pdfIn PDF document text
    • http://cappella-nova.de/images/free-robux-no-human-verification-or-survey-2021-no-download.pdfIn PDF document text
    • http://learningarabic.co.uk/images/get-free-robux-on-roblox-2021-november.pdfIn PDF document text
    • http://www.maakherumusic.net/images/roblox-free-neck-accessories.pdfIn PDF document text
    • http://sscclc.edu.ec/images/pastebin-2021-robux-hack.pdfIn PDF document text
    • http://rjkk.ee/images/boku-no-roblox-infinite-spin-hack.pdfIn PDF document text
    • http://www.torvet11.dk/images/roblox-piano-hack-comment-faire.pdfIn PDF document text
    • http://portal.crfsp.org.br/images/roblox-kids-free-robux.pdfIn PDF document text
    • http://www.fluidtech.hu/images/como-hackear-roblox-con-lucky-patcher.pdfIn PDF document text
    • http://dos.most.gov.la/images/trrbx-site-free-robux.pdfIn PDF document text
    • http://pa-tanjungselor.go.id/images/groups-that-give-free-robux-every-day-2021.pdfIn PDF document text
    • http://www.sapaengineering.kz/images/free-roblox-gift-codes-2021.pdfIn PDF document text
    • http://www.lycee-langevin-wallon.com/images/roblox-how-to-hack-into-accounts.pdfIn PDF document text
    • http://www.mjclautrec.fr/images/free-robux-and-tix-cheat.pdfIn PDF document text
    • http://www.htc.edu.au/images/code-hack-robux-pastebin.pdfIn PDF document text
    • https://www.foodsafety.cz/images/comment-hacker-un-jeu-de-roblox.pdfIn PDF document text
    • https://www.iadh.bi/images/roblox-20-download-free.pdfIn PDF document text
    • http://learningarabic.co.uk/images/roblox-robux-hack-pc-2021.pdfIn PDF document text
    • http://www.gadanie.lv/images/unpatchable-robux-hack-robuxian-code.pdfIn PDF document text
    • http://lax.co.in/images/how-to-get-a-vip-server-in-roblox-for-free.pdfIn PDF document text
    • https://estalagemmonteverde.com.br/images/have-i-been-hacked-on-roblox.pdfIn PDF document text
    • http://www.acces-deschis.ro/images/roblox-ctrl-tp-hack.pdfIn PDF document text
    • http://www.tonlesap.gov.kh/images/free-admin-roblox-commands.pdfIn PDF document text
    • http://emamat.ir/images/roblox-sprinting-simulator-hack-2021.pdfIn PDF document text
    • http://www.kalaaliaraq.dk/images/free-robux-without-having-to-download-a-game.pdfIn PDF document text
    • https://www.acbc.wa.edu.au/images/how-to-get-free-roblox-money-2021.pdfIn PDF document text
    • http://bapaecole.cm/images/roblox-life-hacks.pdfIn PDF document text
    +52 more URL(s)

Extracted artifacts 2

Files carved from inside the sample during analysis.

FilenameKindSourceSize
font_00_sfnt_off00008c8f.bin pdf-font-stream PDF embedded font (sfnt) at offset 0x8C8F 22932 bytes
SHA-256: fbe849e534398437c2e57f92c2e6bc77313ba05d0a7aaee9e0ad5a57caa41348
font_01_sfnt_off0000c005.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xC005 18340 bytes
SHA-256: d3d91d5fb4bbc26fbb68172270f2104976c3a23b7bfacdc8badb1536a2100067