SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1204.002 Malicious Link
The PDF document contains a prominent link to 'gaminggenerator.org' which is presented as a guide for using Cheat Engine on Roblox. The presence of the 'ML_NYX_PDF_MALICIOUS' heuristic firing and the embedded URL strongly suggest a malicious intent to trick users into visiting a potentially harmful site. The document body, though heavily obfuscated, contains text related to Roblox and cheat engines, reinforcing the lure.
Machine Learning
- Nyx PDF Classifier malicious score 0.7795
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/how-to-use-cheat-engine-6.2-on-roblox-for-robux PDF link annotation
- https://jdlgroup.ca/images/roblox-how-to-hack-peoples-badges.pdfIn PDF document text
- http://kancelaria-legnica.eu/images/how-to-hack-the-underground-in-roblox.pdfIn PDF document text
- http://www.agri-tech.com.au/images/how-to-sell-items-for-free-on-roblox.pdfIn PDF document text
- http://agritrade-ukraine.com/images/cool-free-roblox-charecters-uu.pdfIn PDF document text
- http://solidkom.ch/images/cheat-for-dinosour-simulator-on-roblox.pdfIn PDF document text
- http://greenoase.be/images/free-robux-videos-for-robux.pdfIn PDF document text
- http://depelem.fr/images/roblox-destroy-hack.pdfIn PDF document text
- http://kfz-service-etp.de/images/how-to-hack-the-roblox-birthday-system.pdfIn PDF document text
- http://amtabor2.at/images/como-evitar-que-un-hacker-te-hackee-en-roblox.pdfIn PDF document text
- http://homequeen.de/images/roblox-games-that-you-can-play-for-free.pdfIn PDF document text
- https://letturatarghe.it/images/roblox-how-to-get-gamepasses-for-free.pdfIn PDF document text
- https://lita-lb.org/images/youtube-how-to-get-free-robux-hack.pdfIn PDF document text
- http://schrichte.de/images/domino-crown-roblox-free.pdfIn PDF document text
- https://kunstmalen.ch/images/free-roblox-dday-models.pdfIn PDF document text
- https://consorziocsa-asicaivano.it/images/project-pokemon-hacked-roblox.pdfIn PDF document text
- http://www.remiauclair.fr/images/hack-vehicle-tycoon-roblox-codes.pdfIn PDF document text
- https://www.hotel-forsthaus.com/images/lazyblocks-com-free-robux-generator.pdfIn PDF document text
- http://mycounty.com.ua/images/ninja-legends-roblox-op-hack-script.pdfIn PDF document text
- http://loriginedupain.org/images/how-to-hack-a-roblox-server-2021.pdfIn PDF document text
- https://rietenwinkel.nl/images/free-robux-without-survey-2021.pdfIn PDF document text
- https://pemadamapi.net/images/free-robux-generator-com.pdfIn PDF document text
- http://schottlandfieber.de/images/roblox-mad-city-cheats.pdfIn PDF document text
- https://pa-waingapu.go.id/images/best-free-items-on-roblox.pdfIn PDF document text
- http://www.lovecraftiana.com.ar/images/hack-roblox-lumber-tycoon-2-fly.pdfIn PDF document text
- http://sscclc.edu.ec/images/how-to-hack-someone-in-roblox-2021.pdfIn PDF document text
- https://inscastellar.cat/images/cheat-roblox-jailbreak-money-give.pdfIn PDF document text
- http://lillysonthelake.com/images/quel-touche-faire-pour-avoir-le-free-code-dans-roblox.pdfIn PDF document text
- http://kontaktadig.se/images/free-robux-no-human-verification-no-survey-pc.pdfIn PDF document text
- http://agrupamentoescolas-alfredo-da-silva.com/images/how-to-get-free-glasses-on-roblox.pdfIn PDF document text
- http://www.e-lysis.com/images/how-to-delete-a-hack-in-roblox.pdfIn PDF document text
- https://www.inova-cuisine.fr/images/roblox-free-online-jail-break.pdfIn PDF document text
- https://vtvvaals.nl/images/free-roblox-premium-generator.pdfIn PDF document text
- http://pia2000.net/images/acually-working-robux-hack.pdfIn PDF document text
- http://www.torvet11.dk/images/free-robux-games-2021.pdfIn PDF document text
- http://paro.net.ua/images/paint-hack-roblox.pdfIn PDF document text
- https://shimony.net/images/cocaine-roblox-hack.pdfIn PDF document text
- https://technospektr.com.ua/images/roblox-robux-hack-generato.pdfIn PDF document text
- http://mittlenberg.ch/images/hack-to-get-20210-robux-2021.pdfIn PDF document text
- http://www.actae.gr/images/pastebin-how-to-get-free-robux.pdfIn PDF document text
- https://camillesplace.org/images/redeem-promo-codes-for-free-robux.pdfIn PDF document text
- https://fkg.usu.ac.id/images/cute-free-outfits-roblox-girl.pdfIn PDF document text
- http://hydroconseil.net/images/como-parecer-hacker-en-roblox.pdfIn PDF document text
- http://zarinnameh.ir/images/free-rewards-robux-webs.pdfIn PDF document text
- http://ff-obertraun.at/images/hack-a-roblox-game.pdfIn PDF document text
- http://www.maakherumusic.net/images/changelog--free-codes-https-devforumrobloxcom-t-infinityrpgc.pdfIn PDF document text
- https://www.air-shop.cz/images/youtube-free-roblox-account.pdfIn PDF document text
- http://elize-photography.co.za/images/cheat-roblox-madcity-money.pdfIn PDF document text
- https://www.academiaanticorrupcion.org/images/rocashcom-earn-free-robux-by-watching-videos-and-completing-surveys.pdfIn PDF document text
- http://ecoleduchat-grenoble.fr/images/codes-to-get-free-money-on-roblox-rocitizens.pdfIn PDF document text
+19 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00008725.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x8725 | 28144 bytes |
SHA-256: 263fe85056826b440297cd3a5bee67a20d6aeb5ddee39373bf7aa0a573e4407e |
|||
font_01_sfnt_off0000c794.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xC794 | 19288 bytes |
SHA-256: accabfd898d5b5b80d45ed2d558116020f3726a75e6029f16191bcabfc6ccfb9 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.