PDF static analysis report

Static analysis result for SHA-256 c403245c6ff7c319…

CLEAN

PDF

67.9 KB Created: 2021-04-05 18:53:11 +07:00 Authoring application: wkhtmltopdf 0.12.6 (via Qt 4.8.7) First seen: 2021-09-17
MD5: 7894dccd0f853055c72a0f7f3f6b6fd9 SHA-1: a682036a54dc854148900ba0ece9007700e6e405 SHA-256: c403245c6ff7c319c2fb3ca17b97ea24a4b01b4d6ad78094d5af66c6e07a481d
20 Risk Score

Machine Learning

  • Nyx PDF Classifier suspicious score 0.2578

Heuristics 4

  • Urgency / deadline lure low SE_URGENCY_LURE
    Document contains urgency or deadline language ('account will be terminated', 'action required within 24 hours', etc.) — useful context, but low-signal without other findings
  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://gaminggenerator.org/app/431946152/roblox-speed-hack-2021-pet-simulator PDF link annotation
    • https://www.fhccu.com/images/how-to-get-free-robux-without-having-to-do-anything.pdfIn PDF document text
    • https://cormixhydro.ru/images/robux-hack-no-verification-legit.pdfIn PDF document text
    • https://gaj.rs/images/how-dto-get-free-robux.pdfIn PDF document text
    • http://www.hotelcomelico.it/images/free-robux-and-tickets-2021.pdfIn PDF document text
    • http://www.sanjosedeminas.gob.ec/images/larva-hack-roblox.pdfIn PDF document text
    • http://autismoalbacete.org/images/get-free-robux-no-download-no-verification.pdfIn PDF document text
    • http://ozonizarint.com/images/free-roblox-promo-codes-2021-may.pdfIn PDF document text
    • https://www.ncscolour.no/images/roblox-money-cheat-codes-xbox-one.pdfIn PDF document text
    • http://jackson-pr.com/images/roblox-paintball-hack.pdfIn PDF document text
    • http://svp-steinmaur.ch/images/how-to-get-free-robux-by-playing-games-on-roblox.pdfIn PDF document text
    • http://www.malonmalon.com.ar/images/roblox-how-to-get-robux-with-cheat-engine-63.pdfIn PDF document text
    • http://aiyta.com/images/free-roblox-cards-by-doing.pdfIn PDF document text
    • http://legs11.co.za/images/roblox-free-robux-site-greenlegocats.pdfIn PDF document text
    • https://www.yewtreealpacas.co.uk/images/roblox-youtube-roblox-locus-hacking-my-sisters-acount.pdfIn PDF document text
    • http://www.fluidtech.hu/images/free-robux-every-month.pdfIn PDF document text
    • http://imp.lg.ua/images/can-i-get-robux-for-free.pdfIn PDF document text
    • http://smoothjazzclub.net/images/roblox-those-who-remain-hack-script.pdfIn PDF document text
    • http://www.zdravazena.sk/images/free-robux-giveaway-2.pdfIn PDF document text
    • https://www.gymun.cz/images/roblox-comment-cheats.pdfIn PDF document text
    • http://mydevice.com.au/images/all-the-hacking-games-on-roblox.pdfIn PDF document text
    • http://www.meslekpatent.com/images/5-roblox-games-that-give-you-free-robux-working.pdfIn PDF document text
    • http://bwharrisalumniusa.org/images/hack-admin-roblox-nante.pdfIn PDF document text
    • http://kontaktadig.se/images/how-to-run-cheat-engine-with-roblox.pdfIn PDF document text
    • http://bijbelreizenisrael.nl/images/roblox-parkour-hack-script.pdfIn PDF document text
    • http://www.gadanie.lv/images/roblox-scripts-hack-dungeon-quest.pdfIn PDF document text
    • http://www.adravietnam.org/images/free-robux-generator-no-human-verification-and-no-survey-2021.pdfIn PDF document text
    • https://sitam.co.in/images/robux-game-link-hack.pdfIn PDF document text
    • http://agrao.in/images/how-to-legitimately-get-free-robux.pdfIn PDF document text
    • http://www.brtes.com/images/wearedevs-roblox-hack.pdfIn PDF document text
    • http://elllanorestaurants.com/images/roblox-free-clothes-group.pdfIn PDF document text
    • http://agrao.in/images/microsoft-free-robux.pdfIn PDF document text
    • http://www.eurologistiki.gr/images/roblox-studio-download-free-for-ipad.pdfIn PDF document text
    • http://www.lovecraftiana.com.ar/images/hexus-roblox-free-download.pdfIn PDF document text
    • https://www.hotel-forsthaus.com/images/sistem48-hack-roblox.pdfIn PDF document text
    • https://gaj.rs/images/free-roblox-exploit-spyro.pdfIn PDF document text
    • http://agroturismoarkaia.com/images/bloxnite-roblox-hack.pdfIn PDF document text
    • http://www.viniperfetti.com/images/hack-dinero-infinito-westrover-island-roblox.pdfIn PDF document text
    • http://www.zdravazena.sk/images/roblox-promo-code-hacker.pdfIn PDF document text
    • http://www.rezbb.sk/images/robux-free-script.pdfIn PDF document text
    • https://gryps.de/images/new-not-center-roblox-hack.pdfIn PDF document text
    • https://gafaseo.com/images/on-roblox-someone-hacked-me-and-lost-all-my-robux.pdfIn PDF document text
    • http://addair.co.uk/images/get-free-robux-game.pdfIn PDF document text
    • http://agroturismoarkaia.com/images/descargar-hacks-en-roblox-2021.pdfIn PDF document text
    • http://www.isril.it/images/how-to-get-free-items-on-roblox-android.pdfIn PDF document text
    • https://hbpbenin.com/images/cheats-for-roblox-saiyan-simulator-2.pdfIn PDF document text
    • https://www.tsdb.com.au/images/where-is-the-hacking-station-roblox.pdfIn PDF document text
    • http://artindex.pro/images/free-scarf-on-roblox.pdfIn PDF document text
    • http://www.elis-strechy.cz/images/how-to-get-free-cars-in-roblox-ultimate-driving.pdfIn PDF document text
    • http://g3galileo.com/images/how-to-get-free-robux-on-roblox-2021-without-waiting.pdfIn PDF document text
    +17 more URL(s)

Extracted artifacts 4

Files carved from inside the sample during analysis.

FilenameKindSourceSize
stream_003_off0000831b.bin decompressed-pdf-stream PDF FlateDecoded stream at offset 0x831B 25548 bytes
SHA-256: 5b7a9bffc8aa80c342deddd8e87658f1be7609b51e7fb69510facc0f2b824fc8
font_01_sfnt_off0000be90.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xBE90 2848 bytes
SHA-256: 4737c2778a085e0cb49e73f3b054b1a71e3f40720d213b4bfda97f95a31bfbf1
font_02_sfnt_off0000c84d.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xC84D 11440 bytes
SHA-256: 154d59d1680f2d1e38ccb783d6997f344290d121007e51df331726de4128c12e
font_03_sfnt_off0000e36e.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xE36E 19084 bytes
SHA-256: 75c012fa7cb70c4dc1190788c4389801790e820070f9fb9557b3e68b6fbc7062