MALICIOUS
72
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1203 Exploitation for Client Execution
This PDF document was flagged as malicious by ClamAV. The file presents a deceptive download button. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier clean score 0.2355
Heuristics 4
-
ClamAV: Pdf.Phishing.Roblox062100-9873116-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Roblox062100-9873116-0
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/como-recuperar-mi-cuenta-de-roblox-hackeada PDF link annotation
- http://www.homesweethome.pl/images/roblox-how-to-get-unlimited-free-robux-and-obc.pdfIn PDF document text
- http://a1scan3d.com/images/free-roblox-accounts-2021-real.pdfIn PDF document text
- http://apcupschennai.com/images/free-robux-cydia.pdfIn PDF document text
- http://vipservice-bg.com/images/hack-para-trollear-roblox.pdfIn PDF document text
- http://fradiomas.com/images/roblox-cheat-dungeon-quest-fr.pdfIn PDF document text
- http://cekmekoygundem.com/images/is-roblox-free-on-ipad.pdfIn PDF document text
- https://gryps.de/images/how-to-get-stuffes-for-free-in-roblox.pdfIn PDF document text
- https://cintasoeste.com.ar/images/free-roblox-jailbreak-scipts.pdfIn PDF document text
- http://hydroconseil.net/images/roblox-jailbreak-hacks-for-cheat-engine.pdfIn PDF document text
- https://www.colditex.com/images/roblox-robux-and-ticket-hackexe.pdfIn PDF document text
- https://www.olboys.it/images/free-roblox-myth-avatar.pdfIn PDF document text
- http://stackideas.com/images/how-to-get-free-robux-using-inspect-element-2021.pdfIn PDF document text
- http://www.fanciullovito.it/images/free-robux-today-domino.pdfIn PDF document text
- https://www.ncscolour.no/images/simple-hacks-for-roblox.pdfIn PDF document text
- https://europe-upkl.eu/images/free-maps-roblox.pdfIn PDF document text
- https://www.dachytarasowe.eu/images/best-game-to-hack-on-in-roblox.pdfIn PDF document text
- http://korporacjaroma.pl/images/como-ser-un-hacker-en-roblox-impact-y-sin-virus.pdfIn PDF document text
- http://solidcommunication.ch/images/how-to-cheat-on-roblox-twisted-murderer.pdfIn PDF document text
- http://www.pcclawyers.com.au/images/hack-roblox-lumber-tycoon-2-money.pdfIn PDF document text
- http://ivpr.net/images/roblox-apk-download-free-robux.pdfIn PDF document text
- http://en.wikipedia.org/wiki/MIT_LicenseIn PDF document text
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00037a3b.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x37A3B | 26604 bytes |
SHA-256: 70595d8a099d1426a94087148989368e2b1211e2bbe16bee3c269d742d4d8677 |
|||
font_01_sfnt_off0003b4cc.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x3B4CC | 19052 bytes |
SHA-256: d895a975adb847dd98ed3d169bb925a6c9e829d93218d63e78326012df5a6f47 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.