Malicious PDF — malware analysis report

Heuristics 4

• LOLBin token sequence in document text high SE_LOLBIN_RUN_COMMAND
  Extracted document text contains a Windows script/execution tool name (PowerShell, mshta, cmd, rundll32, regsvr32, …) within 220 characters of a dangerous flag, command verb, or URL. This is a visible 'run this' instruction in HTML/PDF/RTF lure bodies, or — in macro-laden Office files — the macro's own string-pool entries appearing adjacent in extracted text.
• Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
  Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://gaminggenerator.org/app/431946152/roblox-crown-free PDF link annotation

  • https://gomsa.nl/images/roblox-social-link-cheat.pdfIn PDF document text
  • http://www.evaplast.by/images/free-robux-500.pdfIn PDF document text
  • https://www.audev.com/images/free-code-card-robux.pdfIn PDF document text
  • http://www.kalaaliaraq.dk/images/cheat-sur-roblox.pdfIn PDF document text
  • http://www.nielsen2u.dk/images/free-robux-hack-on-dell-computer.pdfIn PDF document text
  • https://pa-waingapu.go.id/images/anti-cheat-roblox.pdfIn PDF document text
  • http://www.kalaaliaraq.dk/images/get-free-hero-animation-roblox.pdfIn PDF document text
  • http://echosvoix.ch/images/roblox-valkyrie-free.pdfIn PDF document text
  • http://centuriatus.com/images/logo-roblox-hack.pdfIn PDF document text
  • https://www.milewood.co.uk/images/how-to-hack-dead-winter-roblox-mac-2021.pdfIn PDF document text
  • http://www.hawler.in/images/free-account-on-roblox-with-obc.pdfIn PDF document text
  • http://giolantapepe.gr/images/nocliping-hack-for-prison-life-roblox.pdfIn PDF document text
  • http://www.kalaaliaraq.dk/images/best-roblox-hacking-guis.pdfIn PDF document text
  • https://www.devries-group.de/images/roblox-giveaway-xyz-hack.pdfIn PDF document text
  • https://blagvist.com.ua/images/how-to-use-cheat-engine-63-on-roblox-for-robux.pdfIn PDF document text
  • https://pa-waingapu.go.id/images/money-hack-for-roblox-vehicle-simulator.pdfIn PDF document text
  • http://bit-sky.com/images/roblox-hack-that-works-for-robux.pdfIn PDF document text
  • http://wokbaarlo.nl/images/comment-hacker-roblox-avec-cmd.pdfIn PDF document text
  • http://domaizdereva24.ru/images/dowload-troll-hacks-to-roblox.pdfIn PDF document text
  • https://socialvalue.gr/images/ccv5-roblox-dbfp-hack-tuto-2021.pdfIn macro / runtime command snippet
  • https://tokunfome.com.br/images/free-old-roblox-account-generator-2021.pdfIn macro / runtime command snippet
  • http://haertetechnik-steinbach.de/images/account-in-roblox-free.pdfIn PDF document text
  • http://global-tech-security.be/images/free-10-roblox-gift-cards.pdfIn PDF document text
  • https://www.yewtreealpacas.co.uk/images/free-obc-and-robux-pastebin.pdfIn PDF document text
  • http://homequeen.de/images/passwords-to-hack-roblox.pdfIn PDF document text
  • https://www.arquetopia.org/images/2021-unpatchable-how-to-noclip-hack-on-roblox.pdfIn PDF document text
  • https://fkg.usu.ac.id/images/shirt-roblox-free-shipping.pdfIn PDF document text
  • https://www.foodsafety.cz/images/how-to-hack-robux-on-pc-2021.pdfIn PDF document text
  • http://www.rezbb.sk/images/hack-robux-infinitos-roblox.pdfIn PDF document text
  • https://bancroftandsons.com/images/all-roblox-eggs-2021-hack-pastebin.pdfIn PDF document text
  • http://www.eurosan1.ba/images/how-to-make-t-shirt-in-roblox-for-free.pdfIn PDF document text
  • https://www.fhccu.com/images/how-to-get-the-game-bloxtube-for-free-roblox.pdfIn PDF document text
  • http://www.visiblefilm.com/images/free-costume-roblox-2021.pdfIn PDF document text
  • http://www.lionel-seppoloni.fr/images/how-to-get-free-robux-2021-xbox-one.pdfIn PDF document text
  • https://amatq.ca/images/roblox-robux-hack-generator-no-survey-2021.pdfIn PDF document text
  • https://www.udivadlahotel.cz/images/roblox-cheat-mods.pdfIn PDF document text
  • http://keepcasscountybeautiful.com/images/free-roblox-exploit-software.pdfIn PDF document text
  • https://meltonschool.org/images/dragon-ball-rage-roblox-hack.pdfIn PDF document text
  • http://teknotools.net/images/free-shirt-download-roblox.pdfIn PDF document text
  • http://babbibooth.com/images/how-to-get-free-robux-2021-working.pdfIn PDF document text
  • http://www.eurologistiki.gr/images/site-17-hack-gui-roblox.pdfIn PDF document text
  • http://altc.de/images/roblox-clothes-girl-free.pdfIn PDF document text
  • http://pourvosvacances.com/images/free-roblox-shirt-templates-2021.pdfIn PDF document text
  • http://bullyinformate.org/images/how-to-hack-roblox-admin.pdfIn PDF document text
  • http://safwafurniture.com/images/cheat-engine-robux-hack.pdfIn PDF document text
  • https://raduzhnyj.od.ua/images/xeno-hack-roblox.pdfIn PDF document text
  • https://www.fhccu.com/images/how-to-crack-free-robux-robuxmaniac.pdfIn PDF document text
  • http://stroygrad-spb.com/images/how-to-get-roblox-on-ps4-for-free.pdfIn PDF document text
  • http://androidthai.in.th/images/roblox-how-to-get-free-obc-2021.pdfIn PDF document text

  +17 more URL(s)

Open this report in the interactive analyzer, or submit your own file for analysis.