SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF document contains numerous links and text related to obtaining free Robux, a common lure for scams. The ML classifier strongly flagged this PDF as malicious, and an external URI was detected pointing to a suspicious domain. While no scripts were explicitly extracted, the presence of embedded URLs and the overall theme suggest a phishing or scam attempt, likely delivered as a spearphishing attachment.
Machine Learning
- Nyx PDF Classifier malicious score 0.9725
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/how-to-get-free-robux-on-roblox-2021-youtube PDF link annotation
- https://meltonschool.org/images/how-to-hack-roblox-boys-and-girls-hangout.pdf%0AIn PDF document text
- http://www.zdravazena.sk/images/roblox-cool-free-girl-looks.pdf%0AIn PDF document text
- http://bibliotheque-perrigny-les-dijon.fr/images/how-to-make-your-own-game-whith-free-robux-2021.pdf%0AIn PDF document text
- https://www.hbproducts.dk/images/rbl-gg-free-robux.pdf%0AIn PDF document text
- http://portal.crfsp.org.br/images/how-to-hack-in-somebodys-roblox-account-2021.pdf%0AIn PDF document text
- https://www.utalii.ac.ke/images/free-robux-may-2021.pdf%0AIn PDF document text
- http://caraless.com/images/free-roblox-packs.pdf%0AIn PDF document text
- https://bancroftandsons.com/images/roblox-robeats-hack.pdf%0AIn PDF document text
- https://www.ergolight.at/images/roblox-cheatsobc-for-free.pdf%0AIn PDF document text
- http://www.controverseinterapie.it/images/hack-for-roblox-no-human-verification-2021.pdf%0AIn PDF document text
- https://www.hotschool.com.au/images/hack-for-hoops-beta-roblox.pdf%0AIn PDF document text
- https://accord.kiev.ua/images/how-to-get-your-roblox-password-back-from-a-hacker.pdf%0AIn PDF document text
- http://www.sapaengineering.kz/images/easiest-character-to-make-an-roblox-account-for-free.pdf%0AIn PDF document text
- https://www.cnte.org.br/images/who-hacked-my-main-group-chat-roblox.pdf%0AIn PDF document text
- http://kruiz21.ru/images/100-real-free-robux.pdf%0AIn PDF document text
- https://socialvalue.gr/images/robux-free-url.pdf%0AIn PDF document text
- http://www.web.stc-part.co.th/images/how-to-hack-into-anyones-roblox-account-2021.pdf%0AIn PDF document text
- http://www.lovecraftiana.com.ar/images/how-to-get-robux-for-free-on-laptop.pdf%0AIn PDF document text
- http://www.evaplast.by/images/how-do-you-get-free-robux-on-roblox-on-ipad.pdf%0AIn PDF document text
- https://www.porthos.it/images/free-roblox-exploits-like-synapse.pdf%0AIn PDF document text
- http://www.mikramarine.gr/images/free-roblox-bloxburg-builders.pdf%0AIn PDF document text
- http://www.vktzunami.cz/images/how-to-get-money-on-roblox-with-cheat-engine.pdf%0AIn PDF document text
- https://gomsa.nl/images/cops-and-robbers-roblox-cheat.pdf%0AIn PDF document text
- http://www.nielsen2u.dk/images/roblox-free-download-building.pdf%0AIn PDF document text
- http://www.brtes.com/images/how-to-change-your-roblox-username-for-free-2021.pdf%0AIn PDF document text
- http://www.vktzunami.cz/images/2021-roblox-hacks.pdf%0AIn PDF document text
- https://www.cpnf.ch/images/free-robux-codes-2021-december.pdf%0AIn PDF document text
- http://www.hawler.in/images/roblox-hack-super-power-training-simulator.pdf%0AIn PDF document text
- https://www.iadh.bi/images/free-face-roblox-girl.pdf%0AIn PDF document text
- http://www.zdravazena.sk/images/roblox-noclip-cheat-engine-download.pdf%0AIn PDF document text
- http://en.wikipedia.org/wiki/MIT_LicenseIn PDF document text
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off000033dc.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x33DC | 19328 bytes |
SHA-256: 1477667e620bc495c42cd72d9905be37814afc23f19cac55d50d04003d5c407a |
|||
font_01_sfnt_off00005c86.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x5C86 | 18316 bytes |
SHA-256: 1a161a47b8d3bba3d33c4a07465bb3a3ea27fe0eb8aeb1c60aefefa18e625ba8 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.