SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF document was flagged as suspicious by an ML classifier. The file presents a deceptive download button. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.7795
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/karinsupersweet-offers-200-000-robux-for-free PDF link annotation
- http://halitbayramoglu.com.tr/images/roblox-hack-tool-free-download-no-survey-no-password.pdfIn PDF document text
- http://iacovoulaw.com/images/nice-roblox-games-to-hack.pdfIn PDF document text
- http://www.drent.se/images/robux-hacks-2021.pdfIn PDF document text
- http://properteez.com/images/how-get-free-robux-glitch.pdfIn PDF document text
- http://santeh-40.ru/images/roblox-promo-code-hacker.pdfIn PDF document text
- https://www.stayon.no/images/all-roblox-gamepass-free.pdfIn PDF document text
- http://www.exikom.com.ua/images/the-roblox-free-bloxburg.pdfIn PDF document text
- http://columbuscigar.com/images/how-to-hack-your-account-back-on-roblox.pdfIn PDF document text
- http://www.mikramarine.gr/images/roblox-lumber-tycoon-2-how-to-get-free-money.pdfIn PDF document text
- https://www.eglihotel.gr/images/roblox-mod-robux-free.pdfIn PDF document text
- http://www.arredifunebri.com/images/how-do-you-get-free-robux-codes.pdfIn PDF document text
- https://zapoj-kharkov.com.ua/images/robux-hack-911.pdfIn PDF document text
- http://jbm-constructions.com/images/free-roblox-account-with-robux-and-password.pdfIn PDF document text
- https://schaefer-rechtsanwaelte.com/images/free-robux-site-youtube.pdfIn PDF document text
- http://www.awakeningtruth.org/images/business-simulator-roblox-cheat.pdfIn PDF document text
- https://www.abrapppe.org.br/images/roblox-alien-simolator-hack-script.pdfIn PDF document text
- https://www.linzgau-kjh.de/images/how-to-free-someone-in-prison-life-roblox.pdfIn PDF document text
- http://www.nielsen2u.dk/images/anak-roblox-hacking-tool.pdfIn PDF document text
- https://www.seeingindependence.org/images/free-robux-game-cards.pdfIn PDF document text
- http://pia2000.net/images/adfly-roblox-hack.pdfIn PDF document text
- http://belagrogen.by/images/advia-roblox-free.pdfIn PDF document text
- http://www.bestyears.co.uk/images/roblox-free-items-website.pdfIn PDF document text
- https://www.academiaanticorrupcion.org/images/free-hacks-for-roblox-counter-blox.pdfIn PDF document text
- http://k2visual.com.br/images/proxy-site-free-robux.pdfIn PDF document text
- http://www.nielsen2u.dk/images/hacked-pants-roblox.pdfIn PDF document text
- http://addair.co.uk/images/free-robux-june.pdfIn PDF document text
- https://semanasantacehegin.com/images/free-roblox-login-name-and-password.pdfIn PDF document text
- http://pacatuamigo.com/images/assassin-roblox-hack-on-the-sky.pdfIn PDF document text
- https://www.stayon.no/images/how-to-hack-roblox-accounts-back.pdfIn PDF document text
- http://briankellyforcongress.com/images/omg-free-robuxnet16.pdfIn PDF document text
- http://techmobil.pl/images/dev-roblox-hacks.pdfIn PDF document text
- http://principessalialaofegypt.com/images/free-roblox-hacks-jailbreak.pdfIn PDF document text
- http://www.jureclomas.com.ar/images/free-superhero-skin-roblox.pdfIn PDF document text
- http://bi-bordtennis.dk/images/roblox-hammer-simulator-free-vir-server.pdfIn PDF document text
- http://www.lycee-langevin-wallon.com/images/obc-for-free-on-roblox.pdfIn PDF document text
- http://beer-holzhaus.ch/images/roblox-c00lkidd-hack.pdfIn PDF document text
- https://www.seeingindependence.org/images/roblox-jump-hack-2021.pdfIn PDF document text
- http://pa-tanjungselor.go.id/images/free-cool-tshirt-roblox.pdfIn PDF document text
- http://www.mikramarine.gr/images/best-roblox-hacked-clients-2021-youtube.pdfIn PDF document text
- http://ns1.radiofacil.net/images/free-vip-server-for-speed-race-game-roblox.pdfIn PDF document text
- http://gamixpaliwa.pl/images/hack-robux-using-google-chrome.pdfIn PDF document text
- http://shootawayproduction.com/images/how-to-hack-items-into-roblox-shirts.pdfIn PDF document text
- http://tegeler-segler.de/images/how-to-hack-level-on-roblox-paintball.pdfIn PDF document text
- http://principessalialaofegypt.com/images/geld-cheat-roblox.pdfIn PDF document text
- http://abletrustcare.com/images/money-cheats-for-roblox-vehicle-simulator.pdfIn PDF document text
- http://jobsy.com.sg/images/como-hackear-robux-facil-y-rapido-2021.pdfIn PDF document text
- http://alexandrion.com/images/freerobux-redeem.pdfIn PDF document text
- https://www.abrapppe.org.br/images/how-to-enable-the-free-models-searcher-in-roblox-studiuo.pdfIn PDF document text
- http://jenne-technik.de/images/marshmello-t-shirt-roblox-free.pdfIn PDF document text
+15 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00008354.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x8354 | 26520 bytes |
SHA-256: 2586839a9b855c62c8a350c9f5579d2b0797dd61318f92065b3df9796fb0b246 |
|||
font_01_sfnt_off0000bf71.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xBF71 | 18848 bytes |
SHA-256: c648736185794c12fe23411ae24dc49a212e5387d6d8d776723fc879fd6551d7 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.