PDF static analysis report

Static analysis result for SHA-256 df2d9942f9002acc…

CLEAN

PDF

65.0 KB Created: 2021-04-05 20:33:19 +07:00 Authoring application: wkhtmltopdf 0.12.6 (via Qt 4.8.7) First seen: 2021-09-16
MD5: f9e8eae0438ba0c67a83ae18dd2a5d14 SHA-1: ddc3d199c0da65fe207e2e9e5b5235234fc33554 SHA-256: df2d9942f9002acc2c5f79617af3e798bef0a2c270e585d1babbfc11ecfb781d
12 Risk Score

Machine Learning

  • Nyx PDF Classifier suspicious score 0.4394

Heuristics 3

  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://gaminggenerator.org/app/431946152/free-roblox-no-sign-in PDF link annotation
    • https://studentcareerinfo.com/images/games-on-roblox-where-you-can-get-free-items.pdfIn PDF document text
    • http://ghegamethu.vn/images/roblox-rust-free.pdfIn PDF document text
    • https://gafaseo.com/images/free-robux-hack-no-inspect-and-element.pdfIn PDF document text
    • http://www.adravietnam.org/images/bird-simulator-hack-roblox.pdfIn PDF document text
    • http://www.oberberger.it/images/how-to-get-free-robux-2021-easy.pdfIn PDF document text
    • https://www.romedia.gr/images/how-to-get-free-robux-2021-kazok.pdfIn PDF document text
    • https://www.cfdcnv.com/images/how-to-hack-roblox-game-money.pdfIn PDF document text
    • http://www.isovca.com/images/free-robux-on-phone-2021.pdfIn PDF document text
    • http://panaceafamilymedicine.com/images/apk-hack-de-roblox.pdfIn PDF document text
    • http://lcs-schlieben.de/images/roblox-cheats-for-money-xbox-one.pdfIn PDF document text
    • http://zarinnameh.ir/images/hack-apps-for-roblox-video.pdfIn PDF document text
    • http://iluvlocalplaces.com/images/ban-roblox-pour-avoir-hacker-des-robux.pdfIn PDF document text
    • http://svp-steinmaur.ch/images/roblox-anti-cheat-speed.pdfIn PDF document text
    • https://cdu-lengerich.de/images/how-to-get-free-cash-in-roblox-jailbreak.pdfIn PDF document text
    • http://feuerwehr-rheinau.de/images/snippet-hacks-roblox.pdfIn PDF document text
    • http://businessfit.com/images/downloading-roblox-link-free-like-no-money-needed.pdfIn PDF document text
    • http://consultinggirona.es/images/roblox-free-bc-account-2021.pdfIn PDF document text
    • http://www.evaplast.by/images/free-robux-codes-2021-march.pdfIn PDF document text
    • http://ff-obertraun.at/images/free-roblox-cards-for-100.pdfIn PDF document text
    • http://www.remiauclair.fr/images/roblox-jailbreak-free-moneycom.pdfIn PDF document text
    • http://fotoclub3b.it/images/free-350-robux.pdfIn PDF document text
    • http://elllanorestaurants.com/images/free-roblox-accounts-that-work-with-robux.pdfIn PDF document text
    • http://www.compusiteinc.com/images/bloxburd-free-robux.pdfIn PDF document text
    • https://www.cosmosdawn.net/images/roblox-how-to-get-free-clothes-on-phone.pdfIn PDF document text
    • http://www.oberberger.it/images/free-hat-roblox-catalog.pdfIn PDF document text
    • http://instrumenttut.by/images/roblox-free-online-no.pdfIn PDF document text
    • http://selectionspdf.fr/images/project-alpha-roblox-hack-download.pdfIn PDF document text
    • http://interpretation-dessins-enfants.net/images/how-to-get-free-catalog-items-on-roblox-2021.pdfIn PDF document text
    • http://www.eaapiaria.es/images/get-everything-free-roblox-console-pastebin.pdfIn PDF document text
    • https://amatq.ca/images/irobux-fun-robux-hack.pdfIn PDF document text
    • http://kcpb51.ru/images/how-to-hack-someones-roblox-account-on-phone.pdfIn PDF document text
    • http://www.torvet11.dk/images/free-video-files-for-roblox.pdfIn PDF document text
    • http://lv-siegen.de/images/adventure-by-cheat-codes-roblox.pdfIn PDF document text
    • http://www.torvet11.dk/images/free-fortnite-robux-hack.pdfIn PDF document text
    • http://lechia-sedziszow.pl/images/hack-roblox-weight-lifting.pdfIn PDF document text
    • https://www.cpnf.ch/images/sharkblox-trash-gang-shirt-free-roblox.pdfIn PDF document text
    • https://amatq.ca/images/inject-hack-roblox-in-game-code.pdfIn PDF document text
    • http://daksz.hu/images/roblox-jailbreak-cheat-engine-hack.pdfIn PDF document text
    • http://www.cosver.nl/images/roblox-free-girl-clothes.pdfIn PDF document text
    • https://www.tartineartisanal.com/images/free-robux-for-roblox-pc.pdfIn PDF document text
    • http://www.nielsen2u.dk/images/free-roblox-promo-codes-for-robux-2021.pdfIn PDF document text
    • https://www.appartamenticroazia24.com/images/free-robux-android-2021.pdfIn PDF document text
    • http://facingachild.org/images/roblox-skin-free.pdfIn PDF document text
    • http://bc97.de/images/critical-strike-hack-roblox.pdfIn PDF document text
    • http://www.occquimica.com.br/images/cheat-engine-64-roblox-robux.pdfIn PDF document text
    • http://www.fanciullovito.it/images/hacks-for-pet-ranch-roblox.pdfIn PDF document text
    • https://www.bmta.co.uk/images/synapse-x-free-download-roblox.pdfIn PDF document text
    • http://www.mikramarine.gr/images/free-roblox-gift-cards-2021.pdfIn PDF document text
    • https://bapalaye.org/images/cheat-codes-for-roblox-candy-war-tycoon.pdfIn PDF document text
    +9 more URL(s)

Extracted artifacts 3

Files carved from inside the sample during analysis.

FilenameKindSourceSize
stream_003_off00008382.bin decompressed-pdf-stream PDF FlateDecoded stream at offset 0x8382 27508 bytes
SHA-256: 09dc7c929095e58a15c2d03af7e924d87be427855f4a8813128082c2eb2e3476
font_01_sfnt_off0000c173.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xC173 11440 bytes
SHA-256: 154d59d1680f2d1e38ccb783d6997f344290d121007e51df331726de4128c12e
font_02_sfnt_off0000dc93.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xDC93 17748 bytes
SHA-256: 0f8d4aa42ed950b112d0418b790014bc0db7c71de17339100e7e1e8b8bd0f0dd