SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF document was flagged as suspicious by an ML classifier. The file presents a deceptive download button. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.7795
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/free-10-dollar-roblox-card PDF link annotation
- http://webstan.be/images/roblox-hack-phantom-forces-cheat-engine.pdfIn PDF document text
- https://www.elevage-chiot.fr/images/how-to-get-free-robux-no-youtube.pdfIn PDF document text
- http://lcs-schlieben.de/images/robux-hack-pc-2021.pdfIn PDF document text
- http://sdservicesrl.it/images/how-to-get-robux-for-free-on-laptop-youtube.pdfIn PDF document text
- https://icefuture.ru/images/free-roblox-gift-codes-2021.pdfIn PDF document text
- https://raduzhnyj.od.ua/images/bloxy-world-roblox-free-robux.pdfIn PDF document text
- https://www.saisystem.it/images/roblox-free-robux-give-away-lve.pdfIn PDF document text
- https://septik-montag.ru/images/robux-hack-2021-december.pdfIn PDF document text
- http://ines.co.rs/images/robux-free-wn.pdfIn PDF document text
- http://www.eurosan1.ba/images/roblox-free-10-robux.pdfIn PDF document text
- http://getthelook-bkk.com/images/how-to-get-all-items-in-roblox-for-free.pdfIn PDF document text
- http://www.maakherumusic.net/images/inappropriate-roblox-hacks.pdfIn PDF document text
- http://unifieo.br/images/roblox-free-printables.pdfIn PDF document text
- https://pa-waingapu.go.id/images/free-roblox-robux-accounts-2021.pdfIn PDF document text
- https://www.cosmosdawn.net/images/how-to-get-a-mythic-for-free-in-assasin-roblox.pdfIn PDF document text
- http://sandra-masemann.de/images/roblox-hack-mobile-download.pdfIn PDF document text
- http://panaceafamilymedicine.com/images/free-roblox-royale-high-outfits.pdfIn PDF document text
- https://sitam.co.in/images/how-to-hack-mad-paintball-on-roblox.pdfIn PDF document text
- http://telecomworld.pl/images/free-codes-royale-high-roblox.pdfIn PDF document text
- http://www.awakeningtruth.org/images/roblox-shinobi-life-hack-2021.pdfIn PDF document text
- http://global-tech-security.be/images/roblox-redeem-code-hack.pdfIn PDF document text
- http://fmbompastor.com.br/images/italwhts-the-best-free-horror-games-on-roblox.pdfIn PDF document text
- http://pdapanache.com/images/how-to-get-robux-on-roblox-for-free-easy.pdfIn PDF document text
- http://pia2000.net/images/free-obc-roblox-2021.pdfIn PDF document text
- http://www.anies.eu/images/i-succ-for-free-robux.pdfIn PDF document text
- http://www.remiauclair.fr/images/free-summer-grl-roblox-skins.pdfIn PDF document text
- http://www.nielsen2u.dk/images/free-redeemable-robux-codes.pdfIn PDF document text
- http://abletrustcare.com/images/free-accessory-bear-face-mask-in-roblox.pdfIn PDF document text
- https://cintasoeste.com.ar/images/how-to-hack-roblox-without-cheat-engine.pdfIn PDF document text
- http://www.exikom.com.ua/images/how-to-get-never-ending-robux-no-hack.pdfIn PDF document text
- http://www.eurosan1.ba/images/how-to-get-robux-fast-2021-no-hacks.pdfIn PDF document text
- http://adues.org/images/how-to-get-free-robux-ipad-mini.pdfIn PDF document text
- https://www.seeingindependence.org/images/get-anything-free-catalog-roblox.pdfIn PDF document text
- http://technologicalsc.com/images/how-do-you-get-robux-for-free-roblox-youtube.pdfIn PDF document text
- https://technospektr.com.ua/images/how-to-sell-a-free-shirt-roblox.pdfIn PDF document text
- https://www.audev.com/images/how-to-get-back-your-hacked-roblox-account.pdfIn PDF document text
- http://beer-holzhaus.ch/images/free-straight-face-roblox.pdfIn PDF document text
- http://www.eurologistiki.gr/images/robux-generator-free-no-password-no-verification.pdfIn PDF document text
- http://www.hotelcimone.it/images/roblox-robux-hack-ohne-handynummer.pdfIn PDF document text
- http://fsgtoday.com/images/free-robux-real-feb-24-2021.pdfIn PDF document text
- http://echosvoix.ch/images/free-robux-codes-2021-october.pdfIn PDF document text
- http://neltalen.nl/images/cb-roblox-hacks.pdfIn PDF document text
- http://infoagronomia.com.ar/images/nike-roblox-free.pdfIn PDF document text
- https://www.audev.com/images/free-roblox-2021-unlimited-codes-for-kids.pdfIn PDF document text
- http://www.marambio.com.ar/images/free-unused-roblox-card-codes-2021.pdfIn PDF document text
- http://www.oberberger.it/images/how-do-u-hack-a-roblox-account.pdfIn PDF document text
- http://aimp-market.ru/images/robux-gift-card-number-free.pdfIn PDF document text
- https://www.cosmosdawn.net/images/free-onligames-like-roblox.pdfIn PDF document text
- https://www.elevage-chiot.fr/images/how-to-get-free-robux-no-In PDF document text
+17 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off0000827c.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x827C | 25960 bytes |
SHA-256: e76225a85485976f0242d1b6264471f85554dace91b6eb10b8d20bd85ad7bb45 |
|||
font_01_sfnt_off0000be07.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xBE07 | 18028 bytes |
SHA-256: 7d461442cbe7237563cc6a1cf24872264b13005e8f9d4e2e5bc971aa4c99cf09 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.