SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF document was flagged as suspicious by an ML classifier. The file presents a deceptive download button. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.7417
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/free-roblox-accounts-with-robux-november-2021 PDF link annotation
- https://www.hofe-gmbh.de/images/roblox-cheat-god-mode.pdfIn PDF document text
- https://www.hotschool.com.au/images/free-robux-game-cards.pdfIn PDF document text
- http://jakthund.org/images/how-to-get-free-money-in-roblox-adopt-me.pdfIn PDF document text
- http://greasley.online/images/roblox-jailbreak-telport-hack.pdfIn PDF document text
- http://columbuscigar.com/images/doomsdire-battle-roblox-hack.pdfIn PDF document text
- http://bullyinformate.org/images/free-robux-generator5.pdfIn PDF document text
- http://www.campiresine.it/images/roblox-free-exploits-2021.pdfIn PDF document text
- http://jijel.info/images/roblox-robux-hacks-2021-working.pdfIn PDF document text
- http://www.hawler.in/images/free-boy-shirts-roblox.pdfIn PDF document text
- http://ivalor.fr/images/cheat-roblox-wallhack.pdfIn PDF document text
- https://socialvalue.gr/images/mythical-chaos-robux-hack-v3-0.pdfIn PDF document text
- https://pagadder.com/images/how-to-get-the-game-bloxtube-for-free-roblox.pdfIn PDF document text
- http://rumler.pl/images/cheats-for-sprinting-simulator-2-roblox.pdfIn PDF document text
- http://oddgraphic.com/images/how-to-hack-in-jailbreak-roblox-2021.pdfIn PDF document text
- http://ferienwohnung-dorsten.com/images/dragon-egg-backpack-roblox-free.pdfIn PDF document text
- https://yarburservices.ru/images/free-robux-generator5.pdfIn PDF document text
- http://leigraphics.com/images/roblox-dynamic-ship-simulator-hack.pdfIn PDF document text
- http://schrichte.de/images/asshurt-roblox-free-download.pdfIn PDF document text
- http://dos.most.gov.la/images/roblox-how-to-hack-ro-get-free-robux-no-scam.pdfIn PDF document text
- http://shootawayproduction.com/images/free-robux-sites-no-verification.pdfIn PDF document text
- http://icomsolutions.com.au/images/how-to-get-free-robux-no-app-download.pdfIn PDF document text
- http://energotestcontrol.ru/images/roblox-hack-scripts-2021.pdfIn PDF document text
- http://panaceafamilymedicine.com/images/free-gift-card-codes-generator-roblox.pdfIn PDF document text
- http://amtabor2.at/images/cheat-roblox-en-francais.pdfIn PDF document text
- https://gzog.pl/images/como-hackear-assassin-en-roblox-2021.pdfIn PDF document text
- http://www.evaplast.by/images/roblox-free-robux-hack-easy.pdfIn PDF document text
- http://lewishome.net/images/free-robux-no-human-verification-not-clickbait.pdfIn PDF document text
- http://iedarelief.us/images/roblox-offline-apk-free-download.pdfIn PDF document text
- https://ghpa.ru/images/how-to-hack-into-a-roblox-account-2021.pdfIn PDF document text
- https://www.milewood.co.uk/images/free-builders-club-roblox-2021.pdfIn PDF document text
- http://dos.most.gov.la/images/how-to-equip-knife-roblox-hack.pdfIn PDF document text
- http://haertetechnik-steinbach.de/images/how-to-hack-redwood-prison-roblox-2021.pdfIn PDF document text
- http://www.occquimica.com.br/images/how-to-get-free-cash-on-horse-valley-beta-roblox.pdfIn PDF document text
- http://ff-obertraun.at/images/how-to-use-a-roblox-hack-script.pdfIn PDF document text
- https://ogm-goettingen.de/images/gabe-youtube-free-robux.pdfIn PDF document text
- https://www.audev.com/images/free-robux-and-tix-on-roblox-no-survey.pdfIn PDF document text
- http://hk-kan.org/images/free-accounts-roblox-2021-september-2021-live.pdfIn PDF document text
- http://ohsawamacrobiotics.com/images/claim-free-robux-game-roblox.pdfIn PDF document text
- http://www.brtes.com/images/free-robux-no-scam-or-password.pdfIn PDF document text
- http://petarda.hu/images/comant-avoir-le-shop-de-roblox-free.pdfIn PDF document text
- https://www.iadh.bi/images/hack-2021-roblox-ap.pdfIn PDF document text
- http://www.zdravazena.sk/images/25-000-free-robux.pdfIn PDF document text
- http://icomsolutions.com.au/images/free-tix-anmd-robux-hack-roblox.pdfIn PDF document text
- http://papec.ir/images/roblox-download-free-windows-vista.pdfIn PDF document text
- http://www.mjclautrec.fr/images/edm-reaper-free-robux-april-2021.pdfIn PDF document text
- http://fm-express.de/images/hack-roblox-dll-2021.pdfIn PDF document text
- http://www.sapaengineering.kz/images/case-clicker-cheats-roblox-2021.pdfIn PDF document text
- https://sdg-trade.com/images/how-to-play-roblox-for-free.pdfIn PDF document text
- http://www.sabbiadoro.net/images/unlimited-free-robux-2021.pdfIn PDF document text
+15 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_004_off000087e9.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x87E9 | 28036 bytes |
SHA-256: 740a9d86c60cff1495cc5e9021f9042ada0c4196fd285a177f124b05463f6e6c |
|||
font_01_sfnt_off0000c5f9.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xC5F9 | 19176 bytes |
SHA-256: 95cf1814998f3a5f85e9cc729bea3099b2283e30ce7031917b05bd9ef9bd761e |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.