MALICIOUS
114
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF document was flagged as malicious by ClamAV and an ML classifier. The file uses an image-based lure. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.7268
Heuristics 4
-
ClamAV: Pdf.Phishing.Roblox062100-9873116-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Roblox062100-9873116-0
-
Image-only document with action trigger (screenshot lure) medium PDF_IMAGE_LUREPDF has 1 image(s), only 0 text block(s), carries a click-outward action, and is only 234 KB — typical shape of a phishing lure where a full-page screenshot hides a clickable button that launches or submits to an attacker URL.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/roblox-jump-hack-bit-slicer PDF link annotation
- https://gastroration.ru/images/roblox-jailbreak-hack-exploit-free-fly-hack-and-teleport.pdfIn PDF document text
- http://www.homesweethome.pl/images/free-enter-pin-in-roblox.pdfIn PDF document text
- http://abqwinair.com/images/roblox-20-torso-free.pdfIn PDF document text
- http://goosesscuba.com/images/free-robux-no-human-verification-and-no-offers.pdfIn PDF document text
- http://msfs-eastafrica.com/images/free-roblox-injector-v3rmillion.pdfIn PDF document text
- http://www.hawler.in/images/roblox-building-hacks.pdfIn PDF document text
- http://www.marambio.com.ar/images/free-robux-hacker-com-2021.pdfIn PDF document text
- http://centuriatus.com/images/how-to-hack-high-school-life-roblox.pdfIn PDF document text
- http://eddieblum.nl/images/roblox-twisted-murderer-hack-nopde-engine.pdfIn PDF document text
- http://a1scan3d.com/images/roblox-gear-cheat.pdfIn PDF document text
- http://haertetechnik-steinbach.de/images/roblox-ninja-legends-hack-to-one-tap-boss.pdfIn PDF document text
- http://bestmaids.co.uk/images/rob-hacker-robux-generator.pdfIn PDF document text
- https://sectorpravdy.com/images/cheaten-bei-roblox.pdfIn PDF document text
- http://fa-deco.com/images/roblox-hacks-for-phone.pdfIn PDF document text
- http://linde-erbach.de/images/free-groups-to-claim-roblox.pdfIn PDF document text
- http://gods-own.org/images/roblox-fight-the-monsters-hack.pdfIn PDF document text
- http://schrichte.de/images/how-to-use-roblox-jailbreak-auto-rob-hack.pdfIn PDF document text
- http://gremihostaleria.cat/images/roblox-cheats-xbox.pdfIn PDF document text
- http://nosocomium.rv.ua/images/roblox-speed-hack-check-cashed.pdfIn PDF document text
- http://traveltrucks.com.au/images/free-roblox-clothes-for-your-avatar.pdfIn PDF document text
- http://uptodate.az/images/free-robux-at-http-get-robux-eu5-net.pdfIn PDF document text
- http://demenagementlandry.com/images/hacks-roblox-transform.pdfIn PDF document text
- http://infoagronomia.com.ar/images/comment-hack-sur-roblox.pdfIn PDF document text
- http://www.gongoff.com/images/how-to-hack-roblox-without-downloading-any-apps.pdfIn PDF document text
- http://cristalysoptic.com/images/did-roblox-get-hacked-in-2021.pdfIn PDF document text
- http://gremihostaleria.cat/images/how-to-hack-roblox-on-ipad-air-2.pdfIn PDF document text
- https://yarburservices.ru/images/roblox-robux-cards-free.pdfIn PDF document text
- http://smart-pro.co.uk/images/roblox-synapse-free-download-2021.pdfIn PDF document text
- https://piscinasmundoacuatico.com/images/free-robux-without-doing-anything.pdfIn PDF document text
- http://piadaandco.it/images/roblox-hacker-kolorowanki-do-druku.pdfIn PDF document text
- http://en.wikipedia.org/wiki/MIT_LicenseIn PDF document text
Extracted artifacts 1
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00037f4f.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x37F4F | 19548 bytes |
SHA-256: 32c13ffaa2f7d452ce6f81898a9dcf6ccadb1c405132e396d71b8a3b308d1f2f |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.