MALICIOUS
72
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1203 Exploitation for Client Execution
The file is identified as malicious by ClamAV with the signature 'Pdf.Phishing.Roblox062100-9873116-0', indicating a phishing attempt related to the game Roblox. The document body and embedded heuristics suggest a lure to download content, likely a malicious payload, via embedded URLs. The presence of multiple unknown-reputation URLs further supports this phishing and download lure.
Machine Learning
- Nyx PDF Classifier clean score 0.2248
Heuristics 4
-
ClamAV: Pdf.Phishing.Roblox062100-9873116-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Roblox062100-9873116-0
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/red-cropped-top-and-ripped-jeans-roblox-outfit-free
- http://abst-brandschutztechnik.at/images/how-to-get-free-robux-on-chromebook-2021.pdf
- https://photographygroupofbunbury.com/images/free-items-on-roblox-mobile.pdf
- https://inspiration-modellbau.de/images/lego-hacking-roblox-download.pdf
- http://itbits.ie/images/how-to-get-free-tix-on-roblox-high-school.pdf
- http://indotec.fr/images/free-r-free-robux-robux-robux-free.pdf
- http://lichtdrukkerijwijchen.nl/images/roblox-login-hack-robux.pdf
- http://linde-erbach.de/images/roblox-hack-2021-robux.pdf
- http://aeroclub-kaernten.at/images/how-to-hack-roblox-2021-june.pdf
- https://corbo.ru/images/best-free-hack-for-roblox.pdf
- http://www.gearestauri.it/images/does-cheat-engine-works-on-roblox.pdf
- http://laboraltoledo.com/images/free-christmas-clothes-roblox-2021.pdf
- http://xn--hrtetechnik-steinbach-51b.de/images/roblox-free-giveaway.pdf
- http://avocatultau.eu/images/list-of-free-roblox-items.pdf
- https://aniruddhasadm.com/images/roblox-console-hack.pdf
- https://abouttimetech.com/images/point-prizes-free-robux.pdf
- http://kaleasm.org/images/how-to-hack-mad-city-roblox-easy.pdf
- http://leigraphics.com/images/free-robux-roblox-http-catchsatoshi-online-robux-roblox.pdf
- http://sbm-nn.ru/images/roblox-with-cheat-engine.pdf
- http://dos.most.gov.la/images/free-robux-no-information.pdf
- http://fradiomas.com/images/free-roblox-hair-id.pdf
- http://www.das-kinderzimmer.net/images/free-robux-copy-and-paste-hack.pdf
- https://www.olboys.it/images/free-robux-mr-robux.pdf
- http://www.thecoffeebaron.co.za/images/free-roblox-scripts-for-studio.pdf
- http://optsuvenir.by/images/fly-hack-in-eny-roblox-game-phone.pdf
- https://gzog.pl/images/how-to-hack-one-punch-man-roblox.pdf
- http://per-bittner.de/images/como-ser-hacker-sin-descargar-nada-en-roblox.pdf
- http://asiashop-france.fr/images/roblox-jump-hack-script.pdf
- http://eddegrootassurantien.nl/images/how-to-report-cheats-on-roblox.pdf
- http://ofiserco.es/images/how-to-get-furniture-for-free-on-roblox-highschool.pdf
- http://adues.org/images/roblox-bypass-cheat-engine-2021.pdf
- http://en.wikipedia.org/wiki/MIT_License
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00037557.bin9cf0e2fc8a03ce55da6589799624afbc7c67bf7ede4cfece4d30d29441ad2ec7 |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x37557 | 22720 bytes |
font_01_sfnt_off0003a724.bina261028630dcd62ed06e5a7d745ce5bc2d5080ae917cd15fa7b6904dbad6ee58 |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x3A724 | 18804 bytes |
Open this report in the interactive analyzer, or submit your own file for analysis.