SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1059.007 JavaScript
This PDF document was flagged as suspicious by an ML classifier. The file presents a deceptive download button. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.7795
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/how-to-put-hacks-in-roblox PDF link annotation
- http://www.mikramarine.gr/images/cheats-for-super-power-training-simulator-roblox.pdfIn PDF document text
- http://www.htc.edu.au/images/hack-750-robux.pdfIn PDF document text
- https://www.albisser.ch/images/how-to-hack-sword-fight-on-the-heights-on-roblox.pdfIn PDF document text
- http://halitbayramoglu.com.tr/images/instal-roblox-free-and-easy-download.pdfIn PDF document text
- http://ptts.pl/images/free-roblox-giveaway.pdfIn PDF document text
- http://classicskitours.net/images/hack-app-for-roblox-pet-simulator.pdfIn PDF document text
- http://baah.ca/images/codes-to-get-free-vip-in-roblox.pdfIn PDF document text
- http://arch-centr.ru/images/hack-roblox-robux-code.pdfIn PDF document text
- http://neumann.fr/images/roblox-murder-mystery-2-hack-download.pdfIn PDF document text
- http://sscclc.edu.ec/images/how-to-get-free-robux-20219.pdfIn PDF document text
- https://www.dierenartsberghman.be/images/roblox-free-shirt-templates-download.pdfIn PDF document text
- http://ktn.com.br/images/free-aesthetic-stuff-on-roblox.pdfIn PDF document text
- http://nevesomost.by/images/funny-roblox-avatar-ideas-free.pdfIn PDF document text
- http://prodent.com.ua/images/roblox-plates-of-fate-hack-floating.pdfIn PDF document text
- https://www.foodsafety.cz/images/robux-javascript-hack.pdfIn PDF document text
- http://feuerwehr-rheinau.de/images/easy-hack-to-get-halos-in-royale-high-roblox.pdfIn PDF document text
- http://www.copoint.co.uk/images/dolphin-ss-roblox-free.pdfIn PDF document text
- https://koeltotaal.com/images/red-kine-cheat-roblox.pdfIn PDF document text
- http://www.controverseinterapie.it/images/robux-hack-2021.pdfIn PDF document text
- http://echosvoix.ch/images/va-a-ser-hackeado-roblox-en-2021.pdfIn PDF document text
- http://goldwing-shop.ru/images/roblox-payment-exe-download-free.pdfIn PDF document text
- http://moto98.com/images/how-to-speed-hack-on-roblox-2021.pdfIn PDF document text
- https://www.millatgears.com/images/70-free-robux.pdfIn PDF document text
- http://dos.most.gov.la/images/roblox-aimbot-hack-mac.pdfIn PDF document text
- http://kids-academy.pl/images/roblox-admin-hack-script-2021.pdfIn PDF document text
- http://loszavera.com/images/how-to-get-free-legit-working-robux.pdfIn PDF document text
- https://www.romedia.gr/images/roblox-robux-hack-2021-2021-working-no-password-unpatchable.pdfIn PDF document text
- http://s-punkt-objects.de/images/how-do-u-get-free-robux-on-roblox-2021.pdfIn PDF document text
- http://iedarelief.us/images/hack-exploit-para-roblox.pdfIn PDF document text
- http://apkmaykop.ru/images/how-to-have-free-hair-on-roblox.pdfIn PDF document text
- http://interpretation-dessins-enfants.net/images/working-hacks-for-getting-unlimited-robux.pdfIn PDF document text
- https://www.audev.com/images/appbounty-robux-hack.pdfIn PDF document text
- http://baah.ca/images/free-aimbot-roblox.pdfIn PDF document text
- http://moralcenter.or.th/images/roblox-hack-ingame.pdfIn PDF document text
- http://optsuvenir.by/images/roblox-hack-cheat.pdfIn PDF document text
- http://bwharrisalumniusa.org/images/roblox-coin-flip-hat-hack.pdfIn PDF document text
- http://kermas.eu/images/free-robux-hck.pdfIn PDF document text
- http://sealysports.com/images/assassin-2-hack-roblox-script.pdfIn PDF document text
- http://kundentest.de/images/how-to-get-free-robux-on-amazon-fire-tablet.pdfIn PDF document text
- http://bullyinformate.org/images/roblox-is-it-free.pdfIn PDF document text
- https://www.osoc.com/images/roblox-game-free-items.pdfIn PDF document text
- https://www.sauvonsleclimat.org/images/breaking-point-roblox-hacks.pdfIn PDF document text
- https://ballaratcaravans.com.au/images/free-robux-gift-card-codes-unused-2021.pdfIn PDF document text
- https://www.sitiwebjoomla.it/images/how-to-cheat-in-fashion-frenzy-roblox.pdfIn PDF document text
- https://www.cnte.org.br/images/how-to-cheat-tycoon-roblox.pdfIn PDF document text
- http://www.isril.it/images/roblox-pet-simulator-dominus-huge-hack.pdfIn PDF document text
- https://www.fhccu.com/images/how-to-hack-into-anyones-roblox-account-2021.pdfIn PDF document text
- https://socialvalue.gr/images/rbx-boots-roblox-free-robux.pdfIn PDF document text
- http://cristalysoptic.com/images/roblox-cheat-engine-the-streets.pdfIn PDF document text
+13 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00008262.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x8262 | 25448 bytes |
SHA-256: afd0eb8c2a91df9ff91f6e9f56a688c730c89d0bdba0c4c99c0d04360dcfafbb |
|||
font_01_sfnt_off0000bbf7.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xBBF7 | 18188 bytes |
SHA-256: a5d3fb0811c9f75ce9a7376c7452606b9d6761dd655a279a1bf3462a0693e32f |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.