SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF document was flagged as suspicious by an ML classifier. The file presents a deceptive download button. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.7795
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/free-roblox-game-no-dowload PDF link annotation
- http://energotestcontrol.ru/images/free-roblox-card-codes-no-survey.pdfIn PDF document text
- http://bestwig.de/images/roblox-free-gift-card-codes-2021.pdfIn PDF document text
- http://uptodate.az/images/roblox-outfits-free.pdfIn PDF document text
- http://pa-tanjungselor.go.id/images/free-robux-rex.pdfIn PDF document text
- http://www.fabbrotorino.eu/images/regular-roblox-free-robux.pdfIn PDF document text
- http://www.thecoffeebaron.co.za/images/how-to-get-free-robux-hack-2021-pc.pdfIn PDF document text
- http://reisebild.eu/images/roblox-strucid-script-hacks.pdfIn PDF document text
- http://bibliotheque-perrigny-les-dijon.fr/images/free-black-jacket-roblox.pdfIn PDF document text
- http://xn----7sbq6amdnuk.xn--p1ai/images/roblox-hacker-names-list.pdfIn PDF document text
- http://cleanteclogistics.com/images/easy-way-to-get-free-robux-on-ipad.pdfIn PDF document text
- http://santeh-40.ru/images/roblox-mining-simlator-cheats.pdfIn PDF document text
- http://ivalor.fr/images/how-to-get-the-zombie-animashon-for-free-in-roblox.pdfIn PDF document text
- https://www.lomrad.go.th/images/roblox-cheat-engine-63.pdfIn PDF document text
- http://britishcomics.com/images/get-free-easy-robux-today.pdfIn PDF document text
- http://www.sapaengineering.kz/images/free-robux-for-samsung-s3.pdfIn PDF document text
- http://wattkit.com/images/roblox-swearing-hack.pdfIn PDF document text
- http://bkd1.balikpapan.go.id/images/get-back-my-hacked-account-roblox.pdfIn PDF document text
- https://zabota-kashira.ru/images/assassin-roblox-download-hack.pdfIn PDF document text
- http://ohsawamacrobiotics.com/images/free-member-roblox.pdfIn PDF document text
- http://safeandsecurelocksmith.ca/images/hack-for-elemental-battleground-roblox.pdfIn PDF document text
- http://salon-vyshyvanka.com/images/como-hackear-a-cualquier-jugadores-de-roblox.pdfIn PDF document text
- http://lanoblaie.fr/images/roblox-hacks-no-servays.pdfIn PDF document text
- https://bdsm-centrum.com/images/tiny-tanks-roblox-hack.pdfIn PDF document text
- http://evro-okna.net/images/getting-free-robux-on-a-website.pdfIn PDF document text
- http://britishcomics.com/images/coolest-free-roblox-items.pdfIn PDF document text
- http://ottawavalleykitchens.ca/images/roblox-hacking-bugmenot.pdfIn PDF document text
- http://aeroclub-kaernten.at/images/roblox-survivor-hack.pdfIn PDF document text
- http://energotestcontrol.ru/images/roblox-mining-sim-hack-pastebni-december-2021-pastebin.pdfIn PDF document text
- http://schlossschaenke-andernach.de/images/roblox-best-free-catalog-items.pdfIn PDF document text
- http://amtabor2.at/images/how-to-hack-stats-on-roblox-dbz.pdfIn PDF document text
- http://j-cook.pro/images/robux-gives-roblox-haks-free-roblox.pdfIn PDF document text
- https://beejekorf.nl/images/robux-generator-online-free.pdfIn PDF document text
- http://vgsiemens.nl/images/hacks-to-get-robux-2021.pdfIn PDF document text
- http://gaeconsultores.cl/images/get-tons-of-robux-free.pdfIn PDF document text
- http://www.cosver.nl/images/how-to-hack-elemental-battle-grounds-roblox.pdfIn PDF document text
- http://www.rezbb.sk/images/roblox-admin-hack-free-download.pdfIn PDF document text
- http://www.lycee-langevin-wallon.com/images/roblox-glasses-code-to-get-for-free.pdfIn PDF document text
- https://bancroftandsons.com/images/redline-hack-roblox-mega.pdfIn PDF document text
- http://cankailali.org.np/images/scriptware-roblox-hack.pdfIn PDF document text
- https://grovehilloutfitters.com/images/outfit-roblox-free.pdfIn PDF document text
- http://medimacs.eu/images/how-to-install-hack-on-roblox.pdfIn PDF document text
- http://www.rezbb.sk/images/free-robux-by-roblox-events-claim-gg.pdfIn PDF document text
- https://pemadamapi.net/images/roblox-hack-scripts-for-ipad.pdfIn PDF document text
- http://senfinfo.com/images/roblox-build-tools-hack.pdfIn PDF document text
- https://www.iadh.bi/images/hacks-for-roblox-that-arnt-pachted-2021.pdfIn PDF document text
- http://dorfgaragethalwil.ch/images/codigos-para-hackear-roblox.pdfIn PDF document text
- https://www.academiaanticorrupcion.org/images/free-robux-no-human-verification-or-offers.pdfIn PDF document text
- https://www.lomrad.go.th/images/roblox-free-airport.pdfIn PDF document text
- https://www.udivadlahotel.cz/images/roblox-free-robux-codes-2021.pdfIn PDF document text
+11 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00007f1d.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x7F1D | 26956 bytes |
SHA-256: 75bd9a0ee32d7525b1e63c7ec922fdf255766555da5615bd4cabeb89128dc988 |
|||
font_01_sfnt_off0000bc35.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xBC35 | 18172 bytes |
SHA-256: 6b67f018b80637fa7e1954b7ad75dfb45fa54f18f7eed7d29be7d54167cb7d77 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.