SUSPICIOUS
50
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF document was flagged as suspicious by an ML classifier. It uses an urgency-based lure. The file presents a deceptive download button. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.7795
Heuristics 4
-
Urgency / deadline lure low SE_URGENCY_LUREDocument contains urgency or deadline language ('account will be terminated', 'action required within 24 hours', etc.) — useful context, but low-signal without other findings
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/cheats-for-blodody-mary-roblox PDF link annotation
- https://www.nema.go.ke/images/free-robux-for-kids-no-human-verification.pdfIn PDF document text
- http://lv-siegen.de/images/roblox-studio-cheat-sheets.pdfIn PDF document text
- http://chocolats-boccardi-carcassonne.com/images/infinite-jump-roblox-jump-hack.pdfIn PDF document text
- http://lcs-schlieben.de/images/free-robux-pastebin-30.pdfIn PDF document text
- http://www.pro-futuro.eu/images/how-to-get-free-robux-fast-and-easy-2021.pdfIn PDF document text
- https://www.shin.ge/images/noclip-roblox-hack-download-2021.pdfIn PDF document text
- http://www.zdravazena.sk/images/how-to-change-your-robux-name-for-free.pdfIn PDF document text
- https://bancroftandsons.com/images/roblox-hack-ghost.pdfIn PDF document text
- http://ottawavalleykitchens.ca/images/free-robux-hack-generator-no-app-download.pdfIn PDF document text
- http://cleanteclogistics.com/images/robux-hack-trackid-sp006.pdfIn PDF document text
- https://meltonschool.org/images/best-free-girls-roblox-outfits.pdfIn PDF document text
- http://verenacrow.at/images/how-to-get-free-in-catalog-roblox.pdfIn PDF document text
- https://amatq.ca/images/esp-cheat-engine-roblox.pdfIn PDF document text
- https://lobergetart.se/images/how-to-get-free-clothes-on-roblox-without-bc.pdfIn PDF document text
- http://sbm-nn.ru/images/free-and-easy-robux.pdfIn PDF document text
- http://agrao.in/images/how-to-earn-free-robux-online.pdfIn PDF document text
- https://www.albisser.ch/images/gg-roblox-hack.pdfIn PDF document text
- https://esl.ipb.ac.id/images/hacking-in-roblox-colour-cubes.pdfIn PDF document text
- https://corbo.ru/images/roblox-fly-hack-code.pdfIn PDF document text
- http://musical-arts.de/images/free-roblox-hacks-for-good.pdfIn PDF document text
- http://bullyinformate.org/images/hack-para-jailbreak-roblox-2021-dinero-infinito.pdfIn PDF document text
- https://www.stkdb.cz/images/free-robux-builders-club.pdfIn PDF document text
- https://europainstitut.hu/images/free-model-games-roblox.pdfIn PDF document text
- http://www.beged.at/images/roblox-anime-cross-hack.pdfIn PDF document text
- http://salantiskis.lt/images/robux-maniac-hack-for-free-pin.pdfIn PDF document text
- http://www.drent.se/images/roblox-lua-hack.pdfIn PDF document text
- http://www.prylfabriken.se/images/is-bloxburg-roblox-free.pdfIn PDF document text
- https://osk-sibir.ru/images/is-free-robux-real.pdfIn PDF document text
- https://www.utalii.ac.ke/images/free-robux-generator-for-roblx.pdfIn PDF document text
- http://www.occquimica.com.br/images/5-free-robux-games.pdfIn PDF document text
- http://roberto-gac.org/images/https-hack-de-robux-roblox-robux.pdfIn PDF document text
- http://eooe.gr/images/how-to-hack-jailbreak-roblox-ios.pdfIn PDF document text
- http://ims-77.fr/images/como-hackear-cuentas-de-roblox-2021.pdfIn PDF document text
- http://www.marambio.com.ar/images/roblox-high-school-money-hack-2021.pdfIn PDF document text
- http://www.jureclomas.com.ar/images/codes-roblox-free-items.pdfIn PDF document text
- http://zarinnameh.ir/images/rblx-gg-roblox-free-robux.pdfIn PDF document text
- https://www.yewtreealpacas.co.uk/images/game-pass-roblox-free.pdfIn PDF document text
- http://uptodate.az/images/username-and-password-roblox-generator-hack.pdfIn PDF document text
- https://aniruddhasadm.com/images/haxteamcf-free-robux-generator.pdfIn PDF document text
- http://rumler.pl/images/roblox-robux-hack-generator-no-survey-2021.pdfIn PDF document text
- http://spstrading-th.com/images/hacking-dungeon-quest-roblox-2021.pdfIn PDF document text
- https://gomsa.nl/images/street-fighting-simulator-infinity-stat-hack-roblox.pdfIn PDF document text
- http://xn----ttbgfkcjc5fd.xn--p1ai/images/roblox-hack-more-robux.pdfIn PDF document text
- http://www.exikom.com.ua/images/roblox-plaza-hack.pdfIn PDF document text
- http://saip.ws/images/bleu-roblox-hack-free.pdfIn PDF document text
- https://enpav.it/images/free-robux-pastebin-hack.pdfIn PDF document text
- https://www.udivadlahotel.cz/images/hack-counter-blox-roblox-offensive-2021.pdfIn PDF document text
- http://safwafurniture.com/images/hacking-my-brothers-roblox-acaawaant.pdfIn PDF document text
- https://freerobux.cyouIn PDF document text
+12 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00008021.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x8021 | 25064 bytes |
SHA-256: 7479781da6feba90fbd74784077c048940ecf3da4563721f5f6553897fc6dc63 |
|||
font_01_sfnt_off0000ba82.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xBA82 | 18420 bytes |
SHA-256: 696f3cd9c3b6922b686a6f342c750139e0dbfd2e34e38242e5d854af8ba2b1b8 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.