MALICIOUS
82
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1204.002 Malicious File
This PDF document was flagged as malicious by an ML classifier. It uses a fake browser/software-install lure. The file presents a deceptive download button. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.6397
Heuristics 4
-
Browser extension / update installation lure high SE_BROWSER_INSTALL_LUREDocument tells the user to install a browser extension, plugin, viewer, or browser update to view content — a common social-engineering path for credential theft and malware installation
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/free-robux-roblox-rom PDF link annotation
- https://www.najeebqasmi.com/images/hacken-on-roblox.pdfIn PDF document text
- https://www.porthos.it/images/roblox-booga-booga-mojo-update-hack.pdfIn PDF document text
- http://jasperfirstumc.com/images/free-robux-code-2021-roblox.pdfIn PDF document text
- http://kids-academy.pl/images/any-free-roblox-exploits-2021-reddit.pdfIn PDF document text
- http://www.lycee-langevin-wallon.com/images/hack-roblox-generator-no-survey-2021.pdfIn PDF document text
- http://jointworkstudio.com/images/how-to-get-free-skins-on-counter-blox-roblox-offensive.pdfIn PDF document text
- http://cekmekoygundem.com/images/free-robux-obby-made-by-stickmasterluke.pdfIn PDF document text
- http://badboybiteaway.de/images/cheat-roblox-kick-players.pdfIn PDF document text
- http://cadcam.no/images/roblox-hack-movil.pdfIn PDF document text
- http://kishplus.ir/images/how-to-hack-rpg-world-roblox.pdfIn PDF document text
- http://onlinemusicsolutions.com.au/images/roblox-how-to-get-free-gear-2021.pdfIn PDF document text
- http://www.fanciullovito.it/images/free-premote-group-on-roblox.pdfIn PDF document text
- https://tokunfome.com.br/images/roblox-free-robux-clothes.pdfIn PDF document text
- http://tegeler-segler.de/images/roblox-hack-account-app.pdfIn PDF document text
- http://www.nielsen2u.dk/images/apocalypse-rising-hacks-roblox-crash.pdfIn PDF document text
- http://svp-steinmaur.ch/images/awesome-roblox-hacks.pdfIn PDF document text
- http://aviaprofsoyuz.info/images/how-to-hack-on-roblox-assain.pdfIn PDF document text
- https://ballaratcaravans.com.au/images/hack-para-roblox-youtube.pdfIn PDF document text
- http://hindicenter.com/images/how-to-hack-roblox-robux-no-download.pdfIn PDF document text
- http://gestibrok.com/images/comment-avoir-le-free-skin-de-strucid-roblox.pdfIn PDF document text
- https://gomsa.nl/images/free-roblox-graphics.pdfIn PDF document text
- https://www.appartamenticroazia24.com/images/free-accounts-for-roblox-2021.pdfIn PDF document text
- http://beagles-of-harmony.de/images/roblox-hack-without-downloading-games.pdfIn PDF document text
- http://www.hawler.in/images/how-to-hack-in-roblox-ninja-legends.pdfIn PDF document text
- https://technospektr.com.ua/images/how-to-sell-a-free-shirt-roblox.pdfIn PDF document text
- http://gops.pruszczgdanski.pl/images/roblox-robux-hack-no-servey-or-human-vervcation.pdfIn PDF document text
- https://www.fhccu.com/images/roblox-jump-hack-check-cashed.pdfIn PDF document text
- http://famoirs.co.uk/images/free-robux-no-human-verification-android-2021.pdfIn PDF document text
- http://www.eurosan1.ba/images/roblox-pokemon-brick-bronze-hack.pdfIn PDF document text
- http://www.sanjosedeminas.gob.ec/images/free-robux-generator-no-nothing.pdfIn PDF document text
- https://verdensbarn.no/images/how-do-you-hack-roblox-to-have-sex.pdfIn PDF document text
- http://seniorenverband-brh-nds.de/images/how-to-get-free-robux-without-personal-info.pdfIn PDF document text
- https://www.milewood.co.uk/images/roblox-app-free-download.pdfIn PDF document text
- http://76remont-kvartir.ru/images/free-noclip-hack-roblox.pdfIn PDF document text
- https://estalagemmonteverde.com.br/images/roblox-cash-hack-script-pastebin-2021.pdfIn PDF document text
- https://kimolos-link.gr/images/best-free-catalog-items-in-roblox.pdfIn PDF document text
- http://www.fluidtech.hu/images/how-to-make-a-roblox-hack-injector.pdfIn PDF document text
- http://www.eurologistiki.gr/images/how-to-get-on-bloxburg-for-free-on-roblox-tablet.pdfIn PDF document text
- http://www.les2alpes-location.com/images/how-to-get-robux-for-free-sites.pdfIn PDF document text
- http://centuriatus.com/images/hacks-of-roblox-2021-espanol.pdfIn PDF document text
- https://pemadamapi.net/images/claim-free-robux-pastebin.pdfIn PDF document text
- https://centraltravel.com/images/btools-script-roblox-hack.pdfIn PDF document text
- https://www.tartineartisanal.com/images/tiny-tanks-cheats-roblox.pdfIn PDF document text
- http://stomatolog-choszczno.pl/images/roblox-royale-high-cheats-2021.pdfIn PDF document text
- https://www.air-shop.cz/images/hack-prison-life-roblox-noviembre2021.pdfIn PDF document text
- http://www.rezbb.sk/images/free-robux-2021-website.pdfIn PDF document text
- https://esl.ipb.ac.id/images/strucid-roblox-hacks-aimbot.pdfIn PDF document text
- http://abqwinair.com/images/cheat-codes-for-roblox-assassin.pdfIn PDF document text
- http://agrao.in/images/hellowen-roblox-shirt-free.pdfIn PDF document text
+13 more URL(s)
Extracted artifacts 3
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off0000805e.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x805E | 26404 bytes |
SHA-256: 3d02cdc0b2abfda6d4163a097d01923036365537f89714f65aaa951893134a13 |
|||
font_01_sfnt_off0000baca.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xBACA | 2832 bytes |
SHA-256: 77ae1c4cffa647a8fd533dfa4102e94364989f9e80b9cd131876e9d1005899a2 |
|||
font_02_sfnt_off0000c47a.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xC47A | 17580 bytes |
SHA-256: 3af8379f4afd87f915b945efd818ef250ffe8f432ca6405840a1e5bd122639cc |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.