MALICIOUS
72
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The file is identified as malicious by ClamAV with a specific phishing signature related to Roblox. The document body and extracted URLs promote free Roblox gift cards and robux, a common lure for phishing and scam operations. While no scripts were explicitly extracted, the PDF structure and embedded URLs suggest a phishing attack designed to redirect users to malicious websites.
Machine Learning
- Nyx PDF Classifier suspicious score 0.2748
Heuristics 4
-
ClamAV: Pdf.Phishing.Roblox062100-9873116-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Roblox062100-9873116-0
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/free-free-roblox-gift-cards PDF link annotation
- http://gestibrok.com/images/roblox-free-robux-generator-no-survey-or-human-verification.pdfIn PDF document text
- http://techmobil.pl/images/robux-theres-no-way-of-getting-free-robux.pdfIn PDF document text
- http://www.apocalissedigesucristo.com/images/free-robux-apps-that-dont-use-adgates.pdfIn PDF document text
- http://www.apocalissedigesucristo.com/images/roblox-robux-giver-hack-download.pdfIn PDF document text
- https://waterpark.by:443/images/hack-free-codes-roblox.pdfIn PDF document text
- https://inscastellar.cat/images/cheat-engine-fly-hack-roblox.pdfIn PDF document text
- http://jaeger-bauplanung.de/images/free-hacking-for-roblox.pdfIn PDF document text
- https://www.ncscolour.no/images/how-to-get-free-animations-on-roblox-2021.pdfIn PDF document text
- http://www.compusiteinc.com/images/roblox-com-free-for-mobile.pdfIn PDF document text
- http://webstan.be/images/robux-free-offers-video.pdfIn PDF document text
- http://unc-europe.com/images/how-to-get-free-robux-on-roblox-ctrl-s.pdfIn PDF document text
- http://aeroclub-kaernten.at/images/hack-to-get-free-robux-easy.pdfIn PDF document text
- http://www.beantownlimo.com/images/free-robux-by-oints.pdfIn PDF document text
- http://petarda.hu/images/how-to-cheat-piano-on-roblox.pdfIn PDF document text
- http://egorplitka.ru/images/roblox-magic-simolator-hack-script.pdfIn PDF document text
- http://ims-77.fr/images/robux-free-co.pdfIn PDF document text
- http://ohsawamacrobiotics.com/images/dragon-ball-n-roblox-hack.pdfIn PDF document text
- https://ogm-goettingen.de/images/hack-roblox-pizza-place.pdfIn PDF document text
- http://www.hawler.in/images/how-to-get-free-robux-on-ipad-2021-easy.pdfIn PDF document text
- http://www.sapaengineering.kz/images/console-hack-roblox.pdfIn PDF document text
- https://corbo.ru/images/how-to-make-a-shirt-in-roblox-for-free.pdfIn PDF document text
- https://wandpiraten.de/images/how-to-make-t-shirts-free-on-roblox.pdfIn PDF document text
- http://sealysports.com/images/774-hack-roblox.pdfIn PDF document text
- http://leigraphics.com/images/hack-to-find-youtubers-roblox.pdfIn PDF document text
- http://nevesomost.by/images/commen-hacker-booga-clasic-sur-roblox-pc-2021.pdfIn PDF document text
- http://www.agri-tech.com.au/images/roblox-how-to-hack-accounts-no-download.pdfIn PDF document text
- http://fradiomas.com/images/how-to-see-roblox-shirts-for-free.pdfIn PDF document text
- http://hk-kan.org/images/roblox-cheats-how-to-get-free-stuff.pdfIn PDF document text
- http://panaceafamilymedicine.com/images/100-percent-free-robux.pdfIn PDF document text
- http://www.friendshiptransport.net/images/roblox-glitch-site-free-robux.pdfIn PDF document text
- https://rincondelentrenador.com/images/best-hacks-for-counter-blox-roblox-offensive.pdfIn PDF document text
- http://iluvlocalplaces.com/images/como-hackear-cualqiuer-juego-de-roblox.pdfIn PDF document text
- http://shiny-nn.ru/images/free-roblox-maps.pdfIn PDF document text
- http://armatrutz.de/images/hack-para-robux.pdfIn PDF document text
- http://gestibrok.com/images/horizon-alpha-money-hack-may-2021-roblox.pdfIn PDF document text
- http://ctr74.net/images/how-to-get-free-robux-on-roblox-no-hack.pdfIn PDF document text
- https://bancroftandsons.com/images/copy-and-paste-for-free-robux.pdfIn PDF document text
- https://www.dierenartsberghman.be/images/password-cracker-roblox-download-free.pdfIn PDF document text
- http://bkd1.balikpapan.go.id/images/roblox-hacker-outfit.pdfIn PDF document text
- http://www.centromedicoaurora.it/images/free-roblox-jpg.pdfIn PDF document text
- https://wandersuechtig.de/images/free-robux-card-number-enter-code.pdfIn PDF document text
- http://force-seniorklub.dk/images/tai-roblox-hack.pdfIn PDF document text
- https://gastroration.ru/images/free-robux-finish-obby-no-password.pdfIn PDF document text
- http://gops.pruszczgdanski.pl/images/202100-robux-hack.pdfIn PDF document text
- http://kim-kinder-im-mittelpunkt.de/images/free-ninja-animation-roblox-robuxian.pdfIn PDF document text
- http://force-seniorklub.dk/images/how-to-get-free-robux-in-one-clip.pdfIn PDF document text
- http://santeh-40.ru/images/hackear-cuentas-de-roblox-2021.pdfIn PDF document text
- http://jugendfeuerwehr-scheinfeld.de/images/free-robux-codes-not-clickbait.pdfIn PDF document text
- https://bancroftandsons.com/images/how-to-get-free-clothes-on-roblox-no-builders-club.pdfIn PDF document text
+2 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00039087.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x39087 | 24356 bytes |
SHA-256: 7b3bcaf71cd049f392e905b03d33ab642b50db270e8cb18fdc7d09990e1c68cf |
|||
font_01_sfnt_off0003c779.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x3C779 | 18160 bytes |
SHA-256: 5d50598f63f8705820ba2c92f04372b8d9a344d328ac62c365fd2b60ce4a4735 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.