Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
http://img1.wsimg.com/blobby/go/e817bb84-a239-4ab7-b799-a1a28b73e3bf/downloads/vibujoxupekumig.pdf

Overview

General Information

Sample URL:http://img1.wsimg.com/blobby/go/e817bb84-a239-4ab7-b799-a1a28b73e3bf/downloads/vibujoxupekumig.pdf
Analysis ID:1323052
Infos:

Detection

Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for dropped file
Found potential malicious PDF (bad image similarity)
Stores files to the Windows start menu directory
Checks for available system drives (often done to infect USB drives)
Creates files inside the system directory

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64
  • chrome.exe (PID: 4184 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
    • chrome.exe (PID: 2092 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2448 --field-trial-handle=2112,i,11896617920037136445,4751922825408255977,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
  • chrome.exe (PID: 5932 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" "http://img1.wsimg.com/blobby/go/e817bb84-a239-4ab7-b799-a1a28b73e3bf/downloads/vibujoxupekumig.pdf MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
  • Acrobat.exe (PID: 8688 cmdline: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Downloads\downloaded.pdf MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)
    • AcroCEF.exe (PID: 8596 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
      • AcroCEF.exe (PID: 432 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2204 --field-trial-handle=1564,i,16990901771295455395,1012609527637628534,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

  • AV Detection
  • Phishing
  • Compliance
  • Spreading
  • Networking
  • System Summary
  • Boot Survival
  • Hooking and other Techniques for Hiding and Protection

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Source: C:\Users\user\Downloads\27644e28-4f83-400a-b9eb-7f7c3cfc7da2.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\2cf0b46e-fe5c-4b1c-9ebe-ff5c0954bf8f.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\1154c74f-441c-4e0d-be32-802beef0a013.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\0e5cb5f7-7c0e-45da-bae5-057982727c07.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\053745c0-ee62-4174-9efe-41f725849e4e.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\28839db3-0322-4c76-98e2-00516a1e3257.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\35b7cbef-7585-47fd-9f98-3635ee69ff5f.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\3930d822-783e-4d9a-b25e-52ef47857f2f.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\092f6f55-149c-4787-b3db-dd6d05b8e771.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\054341f0-d7f0-4f89-a1ab-49feacc0d7fe.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\1f5caf68-71f0-4d26-b7b6-a75d94382cdd.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\0a753d6f-4d38-4a9c-91a8-acd8cc7a708f.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\056b2eb8-bfff-4e8f-ad14-3c4ce4f5b4ff.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\22cdb44a-4f46-4252-9d5e-dc343feabc47.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\0163d16a-f995-4ada-95ac-98bf8e1a68c8.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\1996f230-b8e3-42ad-8c33-288c708a9fc5.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\184a510c-c40d-4e2e-a9fa-8ac5aba9d219.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\1f53909a-9b3b-4c3b-ba40-f2296e264ded.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\05082a25-4e61-4440-8ba5-a723f5be17aa.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\1553c37a-ec78-4ecd-a2e2-513b8a3adafe.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\1e214cb2-cb14-4893-9c60-df0452c6e396.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\092be2f1-bdfa-4933-93fb-fa71e0e56049.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\33ad54fe-56dc-4981-96ae-d6ddf986d7d0.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: C:\Users\user\Downloads\1e11b344-9070-4987-812b-a9545744177e.tmpAvira: detection malicious, Label: HTML/Malicious.PDF.Gen2
Source: http://img1.wsimg.com/blobby/go/e817bb84-a239-4ab7-b799-a1a28b73e3bf/downloads/vibujoxupekumig.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 72.247.100.147:443 -> 192.168.2.3:49726 version: TLS 1.2
Source: unknownHTTPS traffic detected: 72.247.100.147:443 -> 192.168.2.3:49727 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.3:49729 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.3:49741 version: TLS 1.2
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: z:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: x:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: v:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: t:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: r:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: p:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: n:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: l:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: j:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: h:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: f:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: b:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: y:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: w:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: u:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: s:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: q:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: o:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: m:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: k:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: i:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: g:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: e:Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile opened: c:Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: a:Jump to behavior
Source: unknownDNS traffic detected: queries for: clients2.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 49676 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49677 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 49681 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.5
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.5
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.5
Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.43
Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.155
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.5
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.5
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.5
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.43
Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.155
Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.5
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: global trafficHTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.134&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-117.0.5938.134Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.3448/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.3031&MK=xA8KrWEY9XlR3xy&MD=F6k2UB4X HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.3448/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.3031&MK=xA8KrWEY9XlR3xy&MD=F6k2UB4X HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /tools/pso/ping?as=chrome&brand=ONGR&pid=&hl=en&events=C1I,C2I,C7I,C1S,C7S&rep=2&rlz=C1:,C2:,C7:&id=00000000000000000000000000000000000000006B40F232AC HTTP/1.1Host: clients1.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br
Source: global trafficHTTP traffic detected: GET /psdk/v2/content?surfaceId=ACROBAT_READER_MASTER_SURFACEID&surfaceId=DC_READER_LAUNCH_CARD&surfaceId=DC_Reader_RHP_Banner&surfaceId=DC_Reader_RHP_Retention&surfaceId=Edit_InApp_Aug2020&surfaceId=DC_FirstMile_Right_Sec_Surface&surfaceId=DC_Reader_Upsell_Cards&surfaceId=DC_FirstMile_Home_View_Surface&surfaceId=DC_Reader_RHP_Intent_Banner&surfaceId=DC_Reader_Disc_LHP_Banner&surfaceId=DC_Reader_Edit_LHP_Banner&surfaceId=DC_Reader_Convert_LHP_Banner&surfaceId=DC_Reader_Sign_LHP_Banner&surfaceId=DC_Reader_More_LHP_Banner&surfaceId=DC_Reader_Disc_LHP_Retention&surfaceId=DC_Reader_Home_LHP_Trial_Banner&adcProductLanguage=en-us&adcVersion=23.6.20320&adcProductType=SingleClientMini&adcOSType=WIN&adcCountryCode=US&adcXAPIClientID=api_reader_desktop_win_23.6.20320&encodingScheme=BASE_64 HTTP/1.1Host: p13n.adobe.ioConnection: keep-alivesec-ch-ua: "Chromium";v="105"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) ReaderServices/23.6.20320 Chrome/105.0.0.0 Safari/537.36Accept: application/json, text/javascript, */*; q=0.01x-adobe-uuid: 970e02fa-57d1-4240-a0ce-04ea7a641583x-adobe-uuid-type: visitorIdx-api-key: AdobeReader9sec-ch-ua-platform: "Windows"Origin: https://rna-resource.acrobat.comAccept-Language: en-US,en;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://rna-resource.acrobat.com/Accept-Encoding: gzip, deflate, br
Source: 27644e28-4f83-400a-b9eb-7f7c3cfc7da2.tmp.5.dr, d4343937-3d63-49ba-92e5-eb5091199a36.tmp.5.dr, 9c67641d-2cf4-4ab3-b985-217ab34fa7e0.tmp.5.dr, ee3f0f10-8973-4315-b5ab-1eaeace6d70b.tmp.5.dr, e1e5ab51-a453-4957-b6bd-60e616fb6d14.tmp.5.dr, e38059bc-c638-423e-84df-b8b79064c4d1.tmp.5.dr, 65445438-0556-4c95-a6d9-b94a564df508.tmp.5.dr, 2cf0b46e-fe5c-4b1c-9ebe-ff5c0954bf8f.tmp.5.dr, 1154c74f-441c-4e0d-be32-802beef0a013.tmp.5.dr, 74ef8cb9-113f-4dd0-80d8-89e61192972d.tmp.5.dr, 0e5cb5f7-7c0e-45da-bae5-057982727c07.tmp.5.dr, 053745c0-ee62-4174-9efe-41f725849e4e.tmp.5.dr, 862f858d-1367-40f0-b863-e856c00ffca2.tmp.5.dr, 28839db3-0322-4c76-98e2-00516a1e3257.tmp.5.dr, fa8e36c0-f71a-4c9f-ac5f-5fb17e25894f.tmp.5.dr, 35b7cbef-7585-47fd-9f98-3635ee69ff5f.tmp.5.dr, 762afc15-d781-4a2b-8893-86fe22756384.tmp.5.dr, 3930d822-783e-4d9a-b25e-52ef47857f2f.tmp.5.dr, 092f6f55-149c-4787-b3db-dd6d05b8e771.tmp.5.dr, cfe08b29-96f0-463c-98fd-19149ebdfb90.tmp.5.dr, b9a699af-1c39-4bfa-b1e1-aa3cf126913f.tmp.5.drString found in binary or memory: https://gitilojilajirig.lovig.co.za/157729196711736744?pomafutamutipejenuwira=lolobasitamoteteweriga
Source: unknownHTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2023-10-05-14; NID=511=OL3WgnA24QwPfMpspsItpZ2c_g7YXAAMilzUqiZdxG8z8Ka1c00AfG24ctRwvhPMrHVqO7oNbKVSwiOA0g2EzuMjPJIvQtOS7zZy99O8OkMoKSMKDFs-L1TjxHc_KVN5KBVb4BTfsPAzvlWsn_iACmkP3ulD50w_qpZ6JVqkr7w
Source: unknownHTTPS traffic detected: 72.247.100.147:443 -> 192.168.2.3:49726 version: TLS 1.2
Source: unknownHTTPS traffic detected: 72.247.100.147:443 -> 192.168.2.3:49727 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.3:49729 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.3:49741 version: TLS 1.2

System Summary

barindex
Source: downloaded.pdf.crdownload.5.drStatic PDF information: Image stream: 7
Source: e0f48191-c58e-4b49-81ec-f76287ba4475.tmp.5.drStatic PDF information: Image stream: 7
Source: cb094c13-5d98-4cad-ae2e-2ebf01f708e0.tmp.5.drStatic PDF information: Image stream: 7
Source: 624d2783-ccb2-4534-a5a2-0dd1144e2650.tmp.5.drStatic PDF information: Image stream: 7
Source: 1996f230-b8e3-42ad-8c33-288c708a9fc5.tmp.5.drStatic PDF information: Image stream: 7
Source: e1e5ab51-a453-4957-b6bd-60e616fb6d14.tmp.5.drStatic PDF information: Image stream: 7
Source: b9a699af-1c39-4bfa-b1e1-aa3cf126913f.tmp.5.drStatic PDF information: Image stream: 7
Source: 9d029239-2e51-4c12-81cd-8219916b96e7.tmp.5.drStatic PDF information: Image stream: 7
Source: 1154c74f-441c-4e0d-be32-802beef0a013.tmp.5.drStatic PDF information: Image stream: 7
Source: 4f766108-163f-4f3e-834e-4f1924d7d2cb.tmp.5.drStatic PDF information: Image stream: 7
Source: 6d9821da-a97e-42b1-9c88-2abadd666cdd.tmp.5.drStatic PDF information: Image stream: 7
Source: 053745c0-ee62-4174-9efe-41f725849e4e.tmp.5.drStatic PDF information: Image stream: 7
Source: dd5f5d1a-6b33-4e84-ad98-83f78b1dd3b0.tmp.5.drStatic PDF information: Image stream: 7
Source: 7aa6ef48-7375-4702-98fe-a648a475e33c.tmp.5.drStatic PDF information: Image stream: 7
Source: 1e11b344-9070-4987-812b-a9545744177e.tmp.5.drStatic PDF information: Image stream: 7
Source: 77586b20-f398-4fe2-a14d-749542221949.tmp.5.drStatic PDF information: Image stream: 7
Source: 0e5cb5f7-7c0e-45da-bae5-057982727c07.tmp.5.drStatic PDF information: Image stream: 7
Source: ed5df0a5-5211-418d-854c-76d6f447e083.tmp.5.drStatic PDF information: Image stream: 7
Source: bdacef5e-66c3-4b35-a14d-737ec4173867.tmp.5.drStatic PDF information: Image stream: 7
Source: 1f53909a-9b3b-4c3b-ba40-f2296e264ded.tmp.5.drStatic PDF information: Image stream: 7
Source: 862f858d-1367-40f0-b863-e856c00ffca2.tmp.5.drStatic PDF information: Image stream: 7
Source: cbe7eaf8-ac01-445c-870d-260c85e35135.tmp.5.drStatic PDF information: Image stream: 7
Source: 28839db3-0322-4c76-98e2-00516a1e3257.tmp.5.drStatic PDF information: Image stream: 7
Source: ee3f0f10-8973-4315-b5ab-1eaeace6d70b.tmp.5.drStatic PDF information: Image stream: 7
Source: 056b2eb8-bfff-4e8f-ad14-3c4ce4f5b4ff.tmp.5.drStatic PDF information: Image stream: 7
Source: b034f9a7-00ab-4f64-8538-f6a6a63da35b.tmp.5.drStatic PDF information: Image stream: 7
Source: 7c5b2d10-171d-4f5d-9653-d44f2448d3bc.tmp.5.drStatic PDF information: Image stream: 7
Source: c71dac73-4cc3-4797-9c47-14484e497f02.tmp.5.drStatic PDF information: Image stream: 7
Source: ecfedc4f-f373-4d00-8f7c-be7ebb875323.tmp.5.drStatic PDF information: Image stream: 7
Source: 559f6bf7-c20b-475d-82ef-1d7b5f215c4d.tmp.5.drStatic PDF information: Image stream: 7
Source: 74ef8cb9-113f-4dd0-80d8-89e61192972d.tmp.5.drStatic PDF information: Image stream: 7
Source: fa267f96-06b3-4d42-8a9e-ce1e30ed2ce5.tmp.5.drStatic PDF information: Image stream: 7
Source: 27644e28-4f83-400a-b9eb-7f7c3cfc7da2.tmp.5.drStatic PDF information: Image stream: 7
Source: 1553c37a-ec78-4ecd-a2e2-513b8a3adafe.tmp.5.drStatic PDF information: Image stream: 7
Source: c6a49baa-7653-458b-9231-d523846a8330.tmp.5.drStatic PDF information: Image stream: 7
Source: 969f3c0c-3247-4487-8b2a-16ed65461964.tmp.5.drStatic PDF information: Image stream: 7
Source: 81026891-3c51-4b4f-81df-6ccf3782c978.tmp.5.drStatic PDF information: Image stream: 7
Source: 46181df3-81d1-429a-9ccb-5d8212f5fbaf.tmp.5.drStatic PDF information: Image stream: 7
Source: 8b7cbf1d-ec25-48fa-b563-5ed17368a772.tmp.5.drStatic PDF information: Image stream: 7
Source: 1e214cb2-cb14-4893-9c60-df0452c6e396.tmp.5.drStatic PDF information: Image stream: 7
Source: 1f5caf68-71f0-4d26-b7b6-a75d94382cdd.tmp.5.drStatic PDF information: Image stream: 7
Source: d4343937-3d63-49ba-92e5-eb5091199a36.tmp.5.drStatic PDF information: Image stream: 7
Source: 5a9d1141-6594-4047-bc4c-5d411b9f47b2.tmp.5.drStatic PDF information: Image stream: 7
Source: 9686e8e2-e978-4fc8-aa0d-7487edc5642f.tmp.5.drStatic PDF information: Image stream: 7
Source: 3930d822-783e-4d9a-b25e-52ef47857f2f.tmp.5.drStatic PDF information: Image stream: 7
Source: 092be2f1-bdfa-4933-93fb-fa71e0e56049.tmp.5.drStatic PDF information: Image stream: 7
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_BITS_4184_1820262750Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2023-10-10 17-19-03-018.logJump to behavior
Source: 092be2f1-bdfa-4933-93fb-fa71e0e56049.tmp.5.drInitial sample: https://gitilojilajirig.lovig.co.za/157729196711736744?pomafutamutipejenuwira=lolobasitamotetewerigawukotawogazekovugaxikepuzakudixibexurokowunatalajezapujonekabanakoxeradekulurokepigikulotogimidudowomajefixugopukowaborefekitilosaxedigexixezelawalatenubasamitogixarusegifuwazaki&utm_term=how+to+set+up+a+vodafone+wifi+booster&gebodagawutesewifukevizuvoxawogakokidadilijuwijonazinimotiwujopofitilajosexux=gepabulolodomevidazudamogotipewinataxaviwifafixoxaniredakitabadowutukogevapalarefuvupetiwakugemesapabuxufilunezabugubozewulo
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CAJump to behavior
Source: classification engineClassification label: mal56.win@153/128@12/7
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2448 --field-trial-handle=2112,i,11896617920037136445,4751922825408255977,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" "http://img1.wsimg.com/blobby/go/e817bb84-a239-4ab7-b799-a1a28b73e3bf/downloads/vibujoxupekumig.pdf
Source: unknownProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Downloads\downloaded.pdf
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2204 --field-trial-handle=1564,i,16990901771295455395,1012609527637628534,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2448 --field-trial-handle=2112,i,11896617920037136445,4751922825408255977,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" "http://img1.wsimg.com/blobby/go/e817bb84-a239-4ab7-b799-a1a28b73e3bf/downloads/vibujoxupekumig.pdfJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Downloads\downloaded.pdfJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2204 --field-trial-handle=1564,i,16990901771295455395,1012609527637628534,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2204 --field-trial-handle=1564,i,16990901771295455395,1012609527637628534,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.5.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.5.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.5.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.5.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.5.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.5.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeFile opened: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\crash_reporter.cfgJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
1
Spearphishing Link		Windows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		11
Masquerading		OS Credential Dumping11
Peripheral Device Discovery		1
Replication Through Removable Media		Data from Local SystemExfiltration Over Other Network Medium1
Encrypted Channel		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
1
Replication Through Removable Media		Scheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS Memory1
System Information Discovery		Remote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth3
Non-Application Layer Protocol		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration4
Application Layer Protocol		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Binary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureScheduled Transfer1
Ingress Tool Transfer		SIM Card SwapCarrier Billing Fraud

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1323052 URL: http://img1.wsimg.com/blobb... Startdate: 10/10/2023 Architecture: WINDOWS Score: 56 43 Found potential malicious PDF (bad image similarity) 2->43 45 Antivirus detection for dropped file 2->45 7 chrome.exe 98 2->7         started        11 Acrobat.exe 20 60 2->11         started        13 chrome.exe 2->13         started        process3 dnsIp4 33 192.168.2.3, 138, 443, 49410 unknown unknown 7->33 35 239.255.255.250 unknown Reserved 7->35 23 3930d822-783e-4d9a-b25e-52ef47857f2f.tmp, PDF 7->23 dropped 25 35b7cbef-7585-47fd-9f98-3635ee69ff5f.tmp, PDF 7->25 dropped 27 33ad54fe-56dc-4981-96ae-d6ddf986d7d0.tmp, PDF 7->27 dropped 29 21 other malicious files 7->29 dropped 15 chrome.exe 7->15         started        18 AcroCEF.exe 72 11->18         started        file5 process6 dnsIp7 37 accounts.google.com 142.250.189.13, 443, 49714 GOOGLEUS United States 15->37 39 www.google.com 142.250.72.132, 443, 49725, 49746 GOOGLEUS United States 15->39 41 5 other IPs or domains 15->41 20 AcroCEF.exe 4 18->20         started        process8 dnsIp9 31 50.16.47.176, 443, 49764 AMAZON-AESUS United States 20->31

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://img1.wsimg.com/blobby/go/e817bb84-a239-4ab7-b799-a1a28b73e3bf/downloads/vibujoxupekumig.pdf0%Avira URL Cloudsafe

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\Downloads\27644e28-4f83-400a-b9eb-7f7c3cfc7da2.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\2cf0b46e-fe5c-4b1c-9ebe-ff5c0954bf8f.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\1154c74f-441c-4e0d-be32-802beef0a013.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\0e5cb5f7-7c0e-45da-bae5-057982727c07.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\053745c0-ee62-4174-9efe-41f725849e4e.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\28839db3-0322-4c76-98e2-00516a1e3257.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\35b7cbef-7585-47fd-9f98-3635ee69ff5f.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\3930d822-783e-4d9a-b25e-52ef47857f2f.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\092f6f55-149c-4787-b3db-dd6d05b8e771.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\054341f0-d7f0-4f89-a1ab-49feacc0d7fe.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\1f5caf68-71f0-4d26-b7b6-a75d94382cdd.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\0a753d6f-4d38-4a9c-91a8-acd8cc7a708f.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\056b2eb8-bfff-4e8f-ad14-3c4ce4f5b4ff.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\22cdb44a-4f46-4252-9d5e-dc343feabc47.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\0163d16a-f995-4ada-95ac-98bf8e1a68c8.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\1996f230-b8e3-42ad-8c33-288c708a9fc5.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\184a510c-c40d-4e2e-a9fa-8ac5aba9d219.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\1f53909a-9b3b-4c3b-ba40-f2296e264ded.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\05082a25-4e61-4440-8ba5-a723f5be17aa.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\1553c37a-ec78-4ecd-a2e2-513b8a3adafe.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\1e214cb2-cb14-4893-9c60-df0452c6e396.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\092be2f1-bdfa-4933-93fb-fa71e0e56049.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\33ad54fe-56dc-4981-96ae-d6ddf986d7d0.tmp100%AviraHTML/Malicious.PDF.Gen2
C:\Users\user\Downloads\1e11b344-9070-4987-812b-a9545744177e.tmp100%AviraHTML/Malicious.PDF.Gen2

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Download Network PCAP: filteredfull

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
accounts.google.com
142.250.189.13
truefalse
    		high
    www.google.com
    		142.250.72.132
    		truefalse
      		high
      clients.l.google.com
      		142.250.72.174
      		truefalse
        		high
        img1.wsimg.com
        		unknown
        		unknownfalse
          		high
          clients1.google.com
          		unknown
          		unknownfalse
            		high
            clients2.google.com
            		unknown
            		unknownfalse
              		high

              Contacted URLs

              NameMaliciousAntivirus DetectionReputation
              http://img1.wsimg.com/blobby/go/e817bb84-a239-4ab7-b799-a1a28b73e3bf/downloads/vibujoxupekumig.pdffalse
                		high
                file:///C:/Users/user/Downloads/downloaded.pdffalse
                  		low
                  https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.134&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1false
                    		high
                    https://clients1.google.com/tools/pso/ping?as=chrome&brand=ONGR&pid=&hl=en&events=C1I,C2I,C7I,C1S,C7S&rep=2&rlz=C1:,C2:,C7:&id=00000000000000000000000000000000000000006B40F232ACfalse
                      		high
                      https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standardfalse
                        		high
                        NameSourceMaliciousAntivirus DetectionReputation
                        https://gitilojilajirig.lovig.co.za/157729196711736744?pomafutamutipejenuwira=lolobasitamoteteweriga27644e28-4f83-400a-b9eb-7f7c3cfc7da2.tmp.5.dr, d4343937-3d63-49ba-92e5-eb5091199a36.tmp.5.dr, 9c67641d-2cf4-4ab3-b985-217ab34fa7e0.tmp.5.dr, ee3f0f10-8973-4315-b5ab-1eaeace6d70b.tmp.5.dr, e1e5ab51-a453-4957-b6bd-60e616fb6d14.tmp.5.dr, e38059bc-c638-423e-84df-b8b79064c4d1.tmp.5.dr, 65445438-0556-4c95-a6d9-b94a564df508.tmp.5.dr, 2cf0b46e-fe5c-4b1c-9ebe-ff5c0954bf8f.tmp.5.dr, 1154c74f-441c-4e0d-be32-802beef0a013.tmp.5.dr, 74ef8cb9-113f-4dd0-80d8-89e61192972d.tmp.5.dr, 0e5cb5f7-7c0e-45da-bae5-057982727c07.tmp.5.dr, 053745c0-ee62-4174-9efe-41f725849e4e.tmp.5.dr, 862f858d-1367-40f0-b863-e856c00ffca2.tmp.5.dr, 28839db3-0322-4c76-98e2-00516a1e3257.tmp.5.dr, fa8e36c0-f71a-4c9f-ac5f-5fb17e25894f.tmp.5.dr, 35b7cbef-7585-47fd-9f98-3635ee69ff5f.tmp.5.dr, 762afc15-d781-4a2b-8893-86fe22756384.tmp.5.dr, 3930d822-783e-4d9a-b25e-52ef47857f2f.tmp.5.dr, 092f6f55-149c-4787-b3db-dd6d05b8e771.tmp.5.dr, cfe08b29-96f0-463c-98fd-19149ebdfb90.tmp.5.dr, b9a699af-1c39-4bfa-b1e1-aa3cf126913f.tmp.5.drfalse
                          		high

                          World Map of Contacted IPs

                          • No. of IPs < 25%
                          • 25% < No. of IPs < 50%
                          • 50% < No. of IPs < 75%
                          • 75% < No. of IPs

                          Public IPs

                          IPDomainCountryFlagASNASN NameMalicious
                          142.250.72.238
                          		unknownUnited States
                          		15169GOOGLEUSfalse
                          50.16.47.176
                          		unknownUnited States
                          		14618AMAZON-AESUSfalse
                          239.255.255.250
                          		unknownReserved
                          		unknownunknownfalse
                          142.250.72.132
                          		www.google.comUnited States
                          		15169GOOGLEUSfalse
                          142.250.189.13
                          		accounts.google.comUnited States
                          		15169GOOGLEUSfalse
                          142.250.72.174
                          		clients.l.google.comUnited States
                          		15169GOOGLEUSfalse

                          Private

                          IP
                          192.168.2.3

                          General Information

                          Joe Sandbox Version:38.0.0 Ammolite
                          Analysis ID:1323052
                          Start date and time:2023-10-10 17:16:43 +02:00
                          Joe Sandbox Product:CloudBasic
                          Overall analysis duration:0h 5m 39s
                          Hypervisor based Inspection enabled:false
                          Report type:full
                          Cookbook file name:browseurl.jbs
                          Sample URL:http://img1.wsimg.com/blobby/go/e817bb84-a239-4ab7-b799-a1a28b73e3bf/downloads/vibujoxupekumig.pdf
                          Analysis system description:Windows 10 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                          Number of analysed new started processes analysed:21
                          Number of new started drivers analysed:0
                          Number of existing processes analysed:0
                          Number of existing drivers analysed:0
                          Number of injected processes analysed:0
                          Technologies:
                          • HCA enabled
                          • EGA enabled
                          • AMSI enabled
                          Analysis Mode:default
                          Analysis stop reason:Timeout
                          Detection:MAL
                          Classification:mal56.win@153/128@12/7
                          EGA Information:Failed
                          HCA Information:
                          • Successful, ratio: 100%
                          • Number of executed functions: 0
                          • Number of non-executed functions: 0
                          • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                          • Excluded IPs from analysis (whitelisted): 172.217.12.131, 34.104.35.123, 23.15.241.80, 23.15.241.65, 142.250.68.67, 72.247.100.179, 162.159.61.3, 172.64.41.3, 3.219.243.226, 52.6.155.20, 3.233.129.217, 52.22.41.97, 23.72.90.12, 23.72.90.6
                          • Excluded domains from analysis (whitelisted): www.bing.com, e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, e40258.g.akamaiedge.net, fs.microsoft.com, slscr.update.microsoft.com, acroipm2.adobe.com.edgesuite.net, clientservices.googleapis.com, p13n.adobe.io, acroipm2.adobe.com, fe3cr.delivery.mp.microsoft.com, edgedl.me.gvt1.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, update.googleapis.com, global-wildcard.wsimg.com.sni-only.edgekey.net, geo2.adobe.com
                          • Not all processes where analyzed, report is missing behavior information
                          • Report size getting too big, too many NtCreateFile calls found.
                          • VT rate limit hit for: http://img1.wsimg.com/blobby/go/e817bb84-a239-4ab7-b799-a1a28b73e3bf/downloads/vibujoxupekumig.pdf

                          Simulations

                          Behavior and APIs

                          No simulations

                          Joe Sandbox View / Context

                          IPs

                          No context

                          Domains

                          No context

                          ASNs

                          No context

                          JA3 Fingerprints

                          No context

                          Dropped Files

                          No context

                          Created / dropped Files

                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):292
                          Entropy (8bit):5.2082093881876865
                          Encrypted:false
                          SSDEEP:6:kl/TVq2PWXp+N2nKuAl9OmbnIFUtU/SmSgZmwC/SmSIkwOWXp+N2nKuAl9OmbjLJ:kl/RvaHAahFUtUbX/CbF5fHAaSJ
                          MD5:73648669FC1761931B49CDCEE9D1FC54
                          SHA1:01F229429D4651C07D797BB6EC54E770E2C1D470
                          SHA-256:C0870D6E6F1D91F81B109FE7EC34658BFEDE0D3FADF3624C1779AEFAB879E549
                          SHA-512:6CE274B322215EFF7C71EDAC6A8CA686823402C0D149D51118702451F71579E61F3B44C7DB412F06AFEE38BB886390EBA987CA29DEC936D0B5A033C3DB170D9F
                          Malicious:false
                          Reputation:low
                          Preview:2023/10/10-17:19:01.566 1870 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2023/10/10-17:19:01.567 1870 Recovering log #3.2023/10/10-17:19:01.567 1870 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):292
                          Entropy (8bit):5.2082093881876865
                          Encrypted:false
                          SSDEEP:6:kl/TVq2PWXp+N2nKuAl9OmbnIFUtU/SmSgZmwC/SmSIkwOWXp+N2nKuAl9OmbjLJ:kl/RvaHAahFUtUbX/CbF5fHAaSJ
                          MD5:73648669FC1761931B49CDCEE9D1FC54
                          SHA1:01F229429D4651C07D797BB6EC54E770E2C1D470
                          SHA-256:C0870D6E6F1D91F81B109FE7EC34658BFEDE0D3FADF3624C1779AEFAB879E549
                          SHA-512:6CE274B322215EFF7C71EDAC6A8CA686823402C0D149D51118702451F71579E61F3B44C7DB412F06AFEE38BB886390EBA987CA29DEC936D0B5A033C3DB170D9F
                          Malicious:false
                          Reputation:low
                          Preview:2023/10/10-17:19:01.566 1870 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2023/10/10-17:19:01.567 1870 Recovering log #3.2023/10/10-17:19:01.567 1870 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):336
                          Entropy (8bit):5.13247087504565
                          Encrypted:false
                          SSDEEP:6:kl0Flyq2PWXp+N2nKuAl9Ombzo2jMGIFUtUmF1ZmwCmTRkwOWXp+N2nKuAl9OmbX:kl0OvaHAa8uFUtUmF1/Cm15fHAa8RJ
                          MD5:1EB7FD643D61E74C5A7CBC18552EAE18
                          SHA1:C6D8479DBB6F454C4F68DC52D525188A581D8233
                          SHA-256:189A4B8BA64F8D1C043ADF75A2B11C996B3D67FAFFC90DED4397D4CCE5ACEABF
                          SHA-512:D6B63238EFF738113D774F8FB3076E80B95F993F2B2625C961DDA4DA46D18D0BE99BED35B43CFFA9EEDFCCAAE0DA0D93598BC6FD55607105A01380D52A4A3A93
                          Malicious:false
                          Reputation:low
                          Preview:2023/10/10-17:19:01.299 19e4 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2023/10/10-17:19:01.303 19e4 Recovering log #3.2023/10/10-17:19:01.303 19e4 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):336
                          Entropy (8bit):5.13247087504565
                          Encrypted:false
                          SSDEEP:6:kl0Flyq2PWXp+N2nKuAl9Ombzo2jMGIFUtUmF1ZmwCmTRkwOWXp+N2nKuAl9OmbX:kl0OvaHAa8uFUtUmF1/Cm15fHAa8RJ
                          MD5:1EB7FD643D61E74C5A7CBC18552EAE18
                          SHA1:C6D8479DBB6F454C4F68DC52D525188A581D8233
                          SHA-256:189A4B8BA64F8D1C043ADF75A2B11C996B3D67FAFFC90DED4397D4CCE5ACEABF
                          SHA-512:D6B63238EFF738113D774F8FB3076E80B95F993F2B2625C961DDA4DA46D18D0BE99BED35B43CFFA9EEDFCCAAE0DA0D93598BC6FD55607105A01380D52A4A3A93
                          Malicious:false
                          Reputation:low
                          Preview:2023/10/10-17:19:01.299 19e4 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2023/10/10-17:19:01.303 19e4 Recovering log #3.2023/10/10-17:19:01.303 19e4 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):475
                          Entropy (8bit):4.9602737064168165
                          Encrypted:false
                          SSDEEP:12:YH/um3RA8sq7nJEsBdOg2HMcaq3QYiubWQP7E4T3y:Y2sRds+7dMHv3QYhbP7nby
                          MD5:171CDDBE854C22365405D5F8B4F8659B
                          SHA1:FD57545A1B0F0C3D7A538399477C3F6C29D70921
                          SHA-256:B58714C74AC38AFD2C63D7EE84541A020F07DAB38E830872C851A650FE0A81F7
                          SHA-512:C19F078546AC8B312C91ABC6D867C55BCBC18C5CC0E83C7807258454973662D8BA9891BAAE6A1D593011B7624D90FFCBB3619E369A050F02EAB60C8A0D5D014F
                          Malicious:false
                          Reputation:low
                          Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13341075489391448","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":148216},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.3","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\b411c059-4935-4d21-9627-0ce8d9e007e9.tmp

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                          File Type:JSON data
                          Category:modified
                          Size (bytes):475
                          Entropy (8bit):4.9602737064168165
                          Encrypted:false
                          SSDEEP:12:YH/um3RA8sq7nJEsBdOg2HMcaq3QYiubWQP7E4T3y:Y2sRds+7dMHv3QYhbP7nby
                          MD5:171CDDBE854C22365405D5F8B4F8659B
                          SHA1:FD57545A1B0F0C3D7A538399477C3F6C29D70921
                          SHA-256:B58714C74AC38AFD2C63D7EE84541A020F07DAB38E830872C851A650FE0A81F7
                          SHA-512:C19F078546AC8B312C91ABC6D867C55BCBC18C5CC0E83C7807258454973662D8BA9891BAAE6A1D593011B7624D90FFCBB3619E369A050F02EAB60C8A0D5D014F
                          Malicious:false
                          Reputation:low
                          Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13341075489391448","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":148216},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.3","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):4320
                          Entropy (8bit):5.229015395853078
                          Encrypted:false
                          SSDEEP:96:Zo07PN+kzPNrAWTJeu3ICJXjBMgXpc44MMYFOJ4lIYBLlIL/5d:Zo07PN+kzPNr/V3XRXpcR8Fq4qY1qL/P
                          MD5:95192408FF9B86D126CFC8F57DCD7ACA
                          SHA1:9FED1009DF5FED6E0AD9BC991A934688DF96E48A
                          SHA-256:723A51462D4FACD1A648CE118D99C084772229A071D607DEEE2A670714483B0D
                          SHA-512:FD5122D508BF97F400AF94E9F7C6A7FB659C03C295E61FF67064A56D977FAB1778301160ED7776C7360BE00F38C648CB43E085D73C2EC6A40432CE7F2C1F5521
                          Malicious:false
                          Reputation:low
                          Preview:*...#................version.1..namespace-..4so................next-map-id.1.Pnamespace-597a9d9c_2843_4867_ac28_329f96afb599-https://rna-resource.acrobat.com/.0"..r................next-map-id.2.Snamespace-6bd2256a_8321_4239_9a03_ec75c13c7275-https://rna-v2-resource.acrobat.com/.1.$..r................next-map-id.3.Snamespace-132b666a_5014_4bf9_bc90_c9be903c132e-https://rna-v2-resource.acrobat.com/.2...o................next-map-id.4.Pnamespace-3ed57827_cfe5_4f6c_826d_7df420168420-https://rna-resource.acrobat.com/.3U*..^...............Pnamespace-597a9d9c_2843_4867_ac28_329f96afb599-https://rna-resource.acrobat.com/:.B.^...............Pnamespace-3ed57827_cfe5_4f6c_826d_7df420168420-https://rna-resource.acrobat.com/..a...............Snamespace-6bd2256a_8321_4239_9a03_ec75c13c7275-https://rna-v2-resource.acrobat.com/....a...............Snamespace-132b666a_5014_4bf9_bc90_c9be903c132e-https://rna-v2-resource.acrobat.com/M.xCo................next-map-id.5.Pnamespace-ddae9db6_4c9b_47a3_9d76_

                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):324
                          Entropy (8bit):5.202836183437074
                          Encrypted:false
                          SSDEEP:6:kljUsyq2PWXp+N2nKuAl9OmbzNMxIFUtUjWT21ZmwCjjulRkwOWXp+N2nKuAl9Ob:kljUBvaHAa8jFUtUj11/Cjiz5fHAa84J
                          MD5:108E928225239DF96DE2CF9966EF89B2
                          SHA1:1E205B5DAFF9C8479723BE42906D45AD1E6E2C76
                          SHA-256:CA1B246D26CE13FE6960F8750B2A2B3C3279210B1E0EBA6D4DF97BF869C00E4D
                          SHA-512:72558482934F342CCE5BB1ECBB4EA4CC2C40D13F05C8BC82DAD3ACA8630D682FF81FF536213E642D36E3F3CD0C87F07C9D25A787CA55E88AE2EB84A73F074580
                          Malicious:false
                          Reputation:low
                          Preview:2023/10/10-17:19:01.681 19e4 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2023/10/10-17:19:01.683 19e4 Recovering log #3.2023/10/10-17:19:01.684 19e4 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):324
                          Entropy (8bit):5.202836183437074
                          Encrypted:false
                          SSDEEP:6:kljUsyq2PWXp+N2nKuAl9OmbzNMxIFUtUjWT21ZmwCjjulRkwOWXp+N2nKuAl9Ob:kljUBvaHAa8jFUtUj11/Cjiz5fHAa84J
                          MD5:108E928225239DF96DE2CF9966EF89B2
                          SHA1:1E205B5DAFF9C8479723BE42906D45AD1E6E2C76
                          SHA-256:CA1B246D26CE13FE6960F8750B2A2B3C3279210B1E0EBA6D4DF97BF869C00E4D
                          SHA-512:72558482934F342CCE5BB1ECBB4EA4CC2C40D13F05C8BC82DAD3ACA8630D682FF81FF536213E642D36E3F3CD0C87F07C9D25A787CA55E88AE2EB84A73F074580
                          Malicious:false
                          Reputation:low
                          Preview:2023/10/10-17:19:01.681 19e4 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2023/10/10-17:19:01.683 19e4 Recovering log #3.2023/10/10-17:19:01.684 19e4 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

                          C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-231010151905Z-262.bmp

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:PC bitmap, Windows 3.x format, 107 x -152 x 32, cbSize 65110, bits offset 54
                          Category:dropped
                          Size (bytes):65110
                          Entropy (8bit):1.629565193382136
                          Encrypted:false
                          SSDEEP:24:DfU8u0EFdf01dqSLQbwqcLIgqvMkVK+4Ui/d:fj4d4qJwqEIgqvMM4
                          MD5:3156BD5FF253D9B1B67144C73B667D29
                          SHA1:DA1D65242919012E5A70A994D2E03EFD9E2CE0AA
                          SHA-256:941C836E9E3B6055224B57BBA18077AF43313C89E35F10BF2378F64612825AA9
                          SHA-512:89542A6E7181624BBFE965952245B123C6FF4C7DF15C7E7485B1668220A0B04247D542122F82875B206361C3CF825C279EB8E3E1CC7373F0E2284316D77D0D58
                          Malicious:false
                          Reputation:low
                          Preview:BMV.......6...(...k...h..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):295
                          Entropy (8bit):5.361356918167936
                          Encrypted:false
                          SSDEEP:6:YEQXJ2HXVxaWsym1ym0YBiFGYxoAvJM3g98kUwPeUkwRe9:YvXKXNsf1LioYOGMbLUkee9
                          MD5:2656B88C14A5765144CACC1F3D8A3520
                          SHA1:250F1C4A0C66954E1F381002B897F1321AB36D8E
                          SHA-256:2B258A2E12DC5B9975BF83EDA95D18CB80E9CBAC140C54B3E0AB3A08CEF6B647
                          SHA-512:BA5D8874F35C2A2CB395113512DED165BBF478F4761A38D1F6D5D47BE75185816A9BE3DDE4804BA749669ED75A9CAE6AE136E8B3FE0BED335672F4F7F5EB0450
                          Malicious:false
                          Reputation:low
                          Preview:{"analyticsData":{"responseGUID":"ddd7468f-d26a-48f3-9e7c-828f390773ea","sophiaUUID":"43A605B0-D726-4998-AA7C-63F8BCED1880"},"encodingScheme":true,"expirationDTS":1697130520775,"statusCode":200,"surfaceID":"ACROBAT_READER_MASTER_SURFACEID","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):294
                          Entropy (8bit):5.30531270428824
                          Encrypted:false
                          SSDEEP:6:YEQXJ2HXVxaWsym1ym0YBiFGYxoAvJfBoTfXpnrPeUkwRe9:YvXKXNsf1LioYOGWTfXcUkee9
                          MD5:10F2F1678F1FF9C286A2096CCE670793
                          SHA1:9CDC3E8562F942246B5556F3E117E29D7DF94B00
                          SHA-256:B764B9DE29A1040C28F976EDEB3A8CF742285ADE05C75E5562C521D835CCECF3
                          SHA-512:5F737361667DC133F5E5EECE16C178A4E9F83280819B799E79D033609A8DF1AF6C23ACE3AC3609CB9FFFDA75A460D58C93F3E4A376758344476F6B7775DFDDBA
                          Malicious:false
                          Reputation:low
                          Preview:{"analyticsData":{"responseGUID":"ddd7468f-d26a-48f3-9e7c-828f390773ea","sophiaUUID":"43A605B0-D726-4998-AA7C-63F8BCED1880"},"encodingScheme":true,"expirationDTS":1697130520775,"statusCode":200,"surfaceID":"DC_FirstMile_Home_View_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):294
                          Entropy (8bit):5.284307739683316
                          Encrypted:false
                          SSDEEP:6:YEQXJ2HXVxaWsym1ym0YBiFGYxoAvJfBD2G6UpnrPeUkwRe9:YvXKXNsf1LioYOGR22cUkee9
                          MD5:FD29AD240DCDE70099FA35C72FC85737
                          SHA1:0A906754BA2F7263CBE2FF4723D099E6D59E867B
                          SHA-256:C05A5259E32E245F44EE1BEF9870D8B284B83DDC5B45C322E64891B71F2C4013
                          SHA-512:94659C3C891D8F8CB953CD565F2365510BA7541D9E7DAD7312FFD5B142BBE8972D7FA1214608D280497538AF4C2DAA1DEE502F804A853400A22A1FFA50A060A9
                          Malicious:false
                          Reputation:low
                          Preview:{"analyticsData":{"responseGUID":"ddd7468f-d26a-48f3-9e7c-828f390773ea","sophiaUUID":"43A605B0-D726-4998-AA7C-63F8BCED1880"},"encodingScheme":true,"expirationDTS":1697130520775,"statusCode":200,"surfaceID":"DC_FirstMile_Right_Sec_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):285
                          Entropy (8bit):5.3437960031496665
                          Encrypted:false
                          SSDEEP:6:YEQXJ2HXVxaWsym1ym0YBiFGYxoAvJfPmwrPeUkwRe9:YvXKXNsf1LioYOGH56Ukee9
                          MD5:1EB2BD4FB285BC9AD3E6EC6D56053AA6
                          SHA1:FEE632FF457A2B521C8BE8A568DBB98AB07A63FE
                          SHA-256:A9BEACF3FCDD2CC93CCBCD9F29E511018509C5B637D74FF7A03A20126F469235
                          SHA-512:94CCC1CAF19448A5E4AC271174F160BCF25BEDF535783BDE854CB5A4743575EB264C810DCD5EF2A580E6B34BD853D5D4252FD77055413147271158A2CE5F29D7
                          Malicious:false
                          Reputation:low
                          Preview:{"analyticsData":{"responseGUID":"ddd7468f-d26a-48f3-9e7c-828f390773ea","sophiaUUID":"43A605B0-D726-4998-AA7C-63F8BCED1880"},"encodingScheme":true,"expirationDTS":1697130520775,"statusCode":200,"surfaceID":"DC_READER_LAUNCH_CARD","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1255
                          Entropy (8bit):5.697601016316664
                          Encrypted:false
                          SSDEEP:24:Yv6XaUospLgEsv4ce3KnctSrymTBcu14wChluBks8ctq3HO:Yv5RshgnvjRrNTB5OJhABks8c2HO
                          MD5:2233B13AA3F19663D91203FC8623D411
                          SHA1:4C3B1040945A442FA0B81D34387EC04633038572
                          SHA-256:3AFE92B149519D165AB6C04CC7183C9DC41101DCDB6397852011D5E1065D5BB9
                          SHA-512:6BA739DA58DC11E800F5FBED84CF0B09A0E0C64E08A4318AC1418E721A1345047F1FBDD413921C8A8D982DCE4FB59F373AE62ABABC73FDFA29C2CA4F9998F1E1
                          Malicious:false
                          Reputation:low
                          Preview:{"analyticsData":{"responseGUID":"ddd7468f-d26a-48f3-9e7c-828f390773ea","sophiaUUID":"43A605B0-D726-4998-AA7C-63F8BCED1880"},"encodingScheme":true,"expirationDTS":1697130520775,"statusCode":200,"surfaceID":"DC_Reader_Convert_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Convert_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"65179_200306ActionBlock_0","campaignId":65179,"containerId":"1","controlGroupId":"","treatmentId":"f7fa0e9f-7d25-4321-b719-c501bbb8a162","variationId":"200306"},"containerId":1,"containerLabel":"JSON for DC_Reader_Convert_LHP_Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJGcmVlIDctZGF5IHRyaWFsIn0sInVpIjp7InRpdGxlX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTQiLCJmb250X3N0eWxlIjoiMyJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjE0IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjoiIiwiZGVzY3JpcHRpb24iOiJDb252ZXJ0IGZpbGVzIHRvIGFuZCBmcm9tIFBERiBcbndpdGhvdXQgbGltaXRzLiIsImJhY2tncm91bmRfc3R5bGluZyI6eyJiYWNrZ3JvdW5k

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1250
                          Entropy (8bit):5.707149147730236
                          Encrypted:false
                          SSDEEP:24:Yv6XaUoGVLgEsy4c19ZrGmTBcu14wCh5rgos8ctq3HO:Yv5RGFgnyl9ZrBTB5OJhFgos8c2HO
                          MD5:51A0A871AA6423C9A1149C3F59DEF939
                          SHA1:77092B346C96AB0C62F197325727492ECBCD066D
                          SHA-256:4BEB270947A7AE53C7B0E3F1431CF2E01CD63643172D4A6DE1BE2C686D7A4FD1
                          SHA-512:2D83D4CE3427AB4F82830B15B23F3374E4226042ECA2F135EF22F9E1C482AB749FC1FBFA4140C146C16B49867026A76709B6A83B01E4F7BB55D19711F9F5258A
                          Malicious:false
                          Reputation:low
                          Preview:{"analyticsData":{"responseGUID":"ddd7468f-d26a-48f3-9e7c-828f390773ea","sophiaUUID":"43A605B0-D726-4998-AA7C-63F8BCED1880"},"encodingScheme":true,"expirationDTS":1697130520775,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Disc_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"65179_200306ActionBlock_1","campaignId":65179,"containerId":"1","controlGroupId":"","treatmentId":"250f56c6-2d66-4fca-8033-eabbd2bc9951","variationId":"200306"},"containerId":1,"containerLabel":"JSON for DC_Reader_Disc_LHP_Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJGcmVlIDctZGF5IHRyaWFsIn0sInVpIjp7InRpdGxlX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTQiLCJmb250X3N0eWxlIjoiMyJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjE0IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjoiIiwiZGVzY3JpcHRpb24iOiJDb252ZXJ0LCBlZGl0IGFuZCBlLXNpZ24gUERGXG4gZm9ybXMgJiBhZ3JlZW1lbnRzLiIsImJhY2tncm91bmRfc3R5bGluZyI6eyJiYWNrZ3JvdW5kX2Nvb

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):292
                          Entropy (8bit):5.291670857715179
                          Encrypted:false
                          SSDEEP:6:YEQXJ2HXVxaWsym1ym0YBiFGYxoAvJfQ1rPeUkwRe9:YvXKXNsf1LioYOGY16Ukee9
                          MD5:2E40323347BA059DE884C65F2FFE43D8
                          SHA1:4F65D9B22A27653A0CEBCBF44D5DF31B2F4B710F
                          SHA-256:1C75A5A2B743BB8D56E1247EB3F10690F81EF8F62BD275681C95C9CA578B4487
                          SHA-512:98A6A1244DE3661632049C2F415224527FF98592E67468254DF75597534D4251765D5A3D8C310542ED6F698E2B7844537C09594BB5A47C731B8D3CC0A22091A4
                          Malicious:false
                          Reputation:low
                          Preview:{"analyticsData":{"responseGUID":"ddd7468f-d26a-48f3-9e7c-828f390773ea","sophiaUUID":"43A605B0-D726-4998-AA7C-63F8BCED1880"},"encodingScheme":true,"expirationDTS":1697130520775,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1230
                          Entropy (8bit):5.687294969347453
                          Encrypted:false
                          SSDEEP:24:Yv6XaUoz2LgEsk4ccVrhmTBcu14wChds8ctq3HO:Yv5RzognkMVrYTB5OJhds8c2HO
                          MD5:15DD2DDB38398A7F0E057F6F18C29EDB
                          SHA1:39E4CE78175CE6AFD6A4024CD47795612E334E83
                          SHA-256:05B5FED226B2D3DB3DF52D101124F4AAAC55381F086FA55031751B8B13CED786
                          SHA-512:BEAF1E35ADDB4D136F821CA7866315C239F8A996BB408FDD6031C00A34F22E414A8CE972FA601FFE4F0F88E0FA3FCE5829DAA975831B3F0A7152DE87F1D6C033
                          Malicious:false
                          Reputation:low
                          Preview:{"analyticsData":{"responseGUID":"ddd7468f-d26a-48f3-9e7c-828f390773ea","sophiaUUID":"43A605B0-D726-4998-AA7C-63F8BCED1880"},"encodingScheme":true,"expirationDTS":1697130520775,"statusCode":200,"surfaceID":"DC_Reader_Edit_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Edit_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"65179_200306ActionBlock_3","campaignId":65179,"containerId":"1","controlGroupId":"","treatmentId":"07caa165-20a7-4c5f-adf8-061ef3d98af3","variationId":"200306"},"containerId":1,"containerLabel":"JSON for DC_Reader_Edit_LHP_Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJGcmVlIDctZGF5IHRyaWFsIn0sInVpIjp7InRpdGxlX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTQiLCJmb250X3N0eWxlIjoiMyJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjE0IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjoiIiwiZGVzY3JpcHRpb24iOiJFZGl0IHRleHQsIGltYWdlcywgcGFnZXMsIGFuZCBtb3JlLiIsImJhY2tncm91bmRfc3R5bGluZyI6eyJiYWNrZ3JvdW5kX2NvbG9yX2RhcmtfdGhlbWUiO

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):295
                          Entropy (8bit):5.316434248157302
                          Encrypted:false
                          SSDEEP:6:YEQXJ2HXVxaWsym1ym0YBiFGYxoAvJfzdPeUkwRe9:YvXKXNsf1LioYOGb8Ukee9
                          MD5:66F47DEEE652F9FFDA166B57742783D6
                          SHA1:1B85E2E68651C64F3961BEAB8998C8D42A68FB7E
                          SHA-256:2A581250DF9EB73F1E4EA9B6C1326A85B765B34BFE85C0ADBA1B55AF408002A0
                          SHA-512:384A855A2CE170AC92A893D9DF7C23E7DAC6880BDD79395C3DF0CAF1ED00E952A8B00AF16713EF5B9622ECB3610C4B2F0EF3DAB18794BF667C702D811693AE66
                          Malicious:false
                          Reputation:low
                          Preview:{"analyticsData":{"responseGUID":"ddd7468f-d26a-48f3-9e7c-828f390773ea","sophiaUUID":"43A605B0-D726-4998-AA7C-63F8BCED1880"},"encodingScheme":true,"expirationDTS":1697130520775,"statusCode":200,"surfaceID":"DC_Reader_Home_LHP_Trial_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):289
                          Entropy (8bit):5.297017173503419
                          Encrypted:false
                          SSDEEP:6:YEQXJ2HXVxaWsym1ym0YBiFGYxoAvJfYdPeUkwRe9:YvXKXNsf1LioYOGg8Ukee9
                          MD5:0422563FC20AA4F4C76F8B1EF31AC832
                          SHA1:0163ED582D561853061AD76192FE4320C2E95AED
                          SHA-256:6F91C3280C634F297E1CF6D34F1B9C309D378FB4236FB897496D5AC22AFA24FE
                          SHA-512:A50203BE1E3FF20486063C0632925F29702240E774C1B48CA5E9F0A91CD2BDFA6EB82B862379CCDD8797127F9781FC273A309ADD39D24DD20238E3E4EFE1BF3E
                          Malicious:false
                          Reputation:low
                          Preview:{"analyticsData":{"responseGUID":"ddd7468f-d26a-48f3-9e7c-828f390773ea","sophiaUUID":"43A605B0-D726-4998-AA7C-63F8BCED1880"},"encodingScheme":true,"expirationDTS":1697130520775,"statusCode":200,"surfaceID":"DC_Reader_More_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1395
                          Entropy (8bit):5.7757910431267865
                          Encrypted:false
                          SSDEEP:24:Yv6XaUoCrLgEGOc93W2JeFmaR7CQzttgBcu141CjrWpHfRzVCV9FJNP:Yv5RCHgDv3W2aYQfgB5OUupHrQ9FJV
                          MD5:D2985869ABBBD9BD5ADF52114E92C8D1
                          SHA1:0902CEFA08B4049A27C0ADECE3E2956AE19E4186
                          SHA-256:C3B6964CDA9530653EB0B798860F7F7005600E07521E1BF6C2D1D43462535739
                          SHA-512:0CA7B674C890E4F4330E8E95F9793F961AE1BE6D5E9042D7AE539BE0AF9AF8322B378CA2A7C066C52F38BF25D219DF077448D9A0D271746FF8F9B46265E18796
                          Malicious:false
                          Reputation:low
                          Preview:{"analyticsData":{"responseGUID":"ddd7468f-d26a-48f3-9e7c-828f390773ea","sophiaUUID":"43A605B0-D726-4998-AA7C-63F8BCED1880"},"encodingScheme":true,"expirationDTS":1697130520775,"statusCode":200,"surfaceID":"DC_Reader_RHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_RHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"57802_176003ActionBlock_0","campaignId":57802,"containerId":"1","controlGroupId":"","treatmentId":"d0374f2d-08b2-49b9-9500-3392758c9e2e","variationId":"176003"},"containerId":1,"containerLabel":"JSON for Reader DC RHP Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJGcmVlIDctRGF5IFRyaWFsIiwiZ29fdXJsIjoiaHR0cHM6Ly9hY3JvYmF0LmFkb2JlLmNvbS9wcm94eS9wcmljaW5nL3VzL2VuL3NpZ24tZnJlZS10cmlhbC5odG1sP3RyYWNraW5naWQ9UEMxUFFMUVQmbXY9aW4tcHJvZHVjdCZtdjI9cmVhZGVyIn0sInVpIjp7InRpdGxlX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTQiLCJmb250X3N0eWxlIjoiMyJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjEyIiwiZm9udF9zdHlsZSI6IjMifSwidGl0

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):291
                          Entropy (8bit):5.280584771703032
                          Encrypted:false
                          SSDEEP:6:YEQXJ2HXVxaWsym1ym0YBiFGYxoAvJfbPtdPeUkwRe9:YvXKXNsf1LioYOGDV8Ukee9
                          MD5:AAD0F4E9C629DF5511C007B491A8F5C7
                          SHA1:1641706A41B0F7C95404DEA49C0370A898339E1D
                          SHA-256:9C9877EFC59CABB7D57B2946847646B5A44EAE65164D7100DA2ABC5A023D66EA
                          SHA-512:B16AE921964CB33A1BF4DBE6C3C5DA9D127A912F7FD6275BBC73FF5B286D2D62313BC0152DFF30D9604374E7F2BC48FF9BA97923D109A1BC5343E27C444FBB74
                          Malicious:false
                          Reputation:low
                          Preview:{"analyticsData":{"responseGUID":"ddd7468f-d26a-48f3-9e7c-828f390773ea","sophiaUUID":"43A605B0-D726-4998-AA7C-63F8BCED1880"},"encodingScheme":true,"expirationDTS":1697130520775,"statusCode":200,"surfaceID":"DC_Reader_RHP_Intent_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):287
                          Entropy (8bit):5.282216704213275
                          Encrypted:false
                          SSDEEP:6:YEQXJ2HXVxaWsym1ym0YBiFGYxoAvJf21rPeUkwRe9:YvXKXNsf1LioYOG+16Ukee9
                          MD5:459F4CEA96CF3AF16B269954A66ECEE8
                          SHA1:E1D40FDD6DC9ABDC5154F9D8E569F7A42CD4D6F8
                          SHA-256:3B75623F2D5E93BE3F653E66492836F687BAA42BA11E856438B26FC51CD02B0D
                          SHA-512:078AAB30AD523F39370BC46013E426040AE29AF8E79A4C187F1E578A57D290C163A36CA229D5E057E32EEE2E2D19B03D961965C422DDC2B6FBC7637B970207B9
                          Malicious:false
                          Reputation:low
                          Preview:{"analyticsData":{"responseGUID":"ddd7468f-d26a-48f3-9e7c-828f390773ea","sophiaUUID":"43A605B0-D726-4998-AA7C-63F8BCED1880"},"encodingScheme":true,"expirationDTS":1697130520775,"statusCode":200,"surfaceID":"DC_Reader_RHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1250
                          Entropy (8bit):5.717501928562054
                          Encrypted:false
                          SSDEEP:24:Yv6XaUoYamXayLgEs54c3drNaHmTBcu14wChqx+plVCV9FJN3HO:Yv5ReBgn5drpTB5OJhr9Q9FJ9HO
                          MD5:D568627F6026440D30CE99965EC79B63
                          SHA1:96E4FCBBF10D5A48D105EC0A0E829625231E3C8D
                          SHA-256:2ED94CF3A7DE94130F3AEF81D26B7464E59F927E05CFD27E4BC9E6D2A4EDE5E3
                          SHA-512:849B90636B045F0A22DF2D49E1A771BC9EEEAF123CD282250DEFF729AFF4242D5A4F8B008AD3E824800FF65F54FB2DF3284CF14199336B7751A387ACBAF838DD
                          Malicious:false
                          Reputation:low
                          Preview:{"analyticsData":{"responseGUID":"ddd7468f-d26a-48f3-9e7c-828f390773ea","sophiaUUID":"43A605B0-D726-4998-AA7C-63F8BCED1880"},"encodingScheme":true,"expirationDTS":1697130520775,"statusCode":200,"surfaceID":"DC_Reader_Sign_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Sign_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"65179_200306ActionBlock_2","campaignId":65179,"containerId":"1","controlGroupId":"","treatmentId":"8deb148d-1a64-4e57-9648-e8bf939c598e","variationId":"200306"},"containerId":1,"containerLabel":"JSON for DC_Reader_Sign_LHP_Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJGcmVlIDctZGF5IHRyaWFsIn0sInVpIjp7InRpdGxlX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTQiLCJmb250X3N0eWxlIjoiMyJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjE0IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjoiIiwiZGVzY3JpcHRpb24iOiJTZW5kIGRvY3VtZW50cyAmIGZvcm1zIFxuZm9yIGZhc3QgZS1zaWduaW5nIG9ubGluZS4iLCJiYWNrZ3JvdW5kX3N0eWxpbmciOnsiYmFja2dyb3VuZF9jb

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):5220
                          Entropy (8bit):5.805402704684698
                          Encrypted:false
                          SSDEEP:96:G5RMgLhhCf8gWwk8Cs4w3wKh/S5ag1wAtagGmgvwaRQFJFD8zw8:IzLhAf8gq8Cs4YVSZhgv2bB81
                          MD5:F7AB46D3F4BE825E21B4181DE9916E91
                          SHA1:1ED38C86D8468258DA370B44E8D3465C01A4A2EF
                          SHA-256:C5D236B37E387D252515F34BB35F268A8F137C92128FFBE8EBBA7EA432822CA5
                          SHA-512:52D9143975EEABAD41776B4895159C189865F9B1A7FC517BCB3EEFFE38FC07241C88FB31FF4DF07FD84E201727BDA78ACE31362AE09CFADFB4A1F9A4B5C00ED5
                          Malicious:false
                          Reputation:low
                          Preview:{"analyticsData":{"responseGUID":"ddd7468f-d26a-48f3-9e7c-828f390773ea","sophiaUUID":"43A605B0-D726-4998-AA7C-63F8BCED1880"},"encodingScheme":true,"expirationDTS":1697130520775,"statusCode":200,"surfaceID":"DC_Reader_Upsell_Cards","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Upsell_Cards"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"65872_202577ActionBlock_0","campaignId":65872,"containerId":"1","controlGroupId":"","treatmentId":"fde975b8-6690-4353-9b93-ee40b641f60f","variationId":"202577"},"containerId":1,"containerLabel":"JSON for DC Reader Upsell Cards","content":{"data":"eyJVcGdyYWRlQWNyb2JhdFBlcnNpc3RlbnRCdXR0b24iOnsiZGF0YVR5cGUiOiJ1cmwiLCJkYXRhIjp7ImxpZ2h0IjoiaHR0cHM6Ly9jdnMuYWRvYmUuY29tL2NvbnRlbnQvZGFtL2N2cy9hY3JvYmF0ZGVza3RvcC91cHNlbGxjYXJkcy9yZ3MwMjU0L3YyL2luZGV4Lmh0bWw\/ZXhwZXJpZW5jZT11cGdyYWRlLXRvcHxlbnwxfGxpZ2h0IiwiZGFyayI6Imh0dHBzOi8vY3ZzLmFkb2JlLmNvbS9jb250ZW50L2RhbS9jdnMvYWNyb2JhdGRlc2t0b3AvdXBzZWxsY2FyZHMvcmdzMDI1NC92Mi9pbmRleC5odG1sP2V4c

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):782
                          Entropy (8bit):5.361859693478632
                          Encrypted:false
                          SSDEEP:12:YvXKXNsf1LioYOGTq16Ukee1+3CEJ1KXd15kcyKMQo7P70c0WM6ZB/uhWQk1:Yv6XaUon168CgEXX5kcIfANhO
                          MD5:B271B6005D6B2FCBF6204E9ED16D015C
                          SHA1:E758D74F0E069F471E6B361F6F000B7EBFB8D56B
                          SHA-256:044D65C8A03BF5CEA610C101AEDE1A07105661774F5B89ADDBBB2210C639678B
                          SHA-512:CCCF7D380D56CED8D46BBE495699B0456F672A12B25D7262262FCD9B24CF786647F90920139D1CD8D17359D5E8FE58D8629B040BA73C90AE1BA519AA146B8A47
                          Malicious:false
                          Reputation:low
                          Preview:{"analyticsData":{"responseGUID":"ddd7468f-d26a-48f3-9e7c-828f390773ea","sophiaUUID":"43A605B0-D726-4998-AA7C-63F8BCED1880"},"encodingScheme":true,"expirationDTS":1697130520775,"statusCode":200,"surfaceID":"Edit_InApp_Aug2020","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"Edit_InApp_Aug2020"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"20360_57769ActionBlock_0","campaignId":20360,"containerId":"1","controlGroupId":"","treatmentId":"3c07988a-9c54-409d-9d06-53885c9f21ec","variationId":"57769"},"containerId":1,"containerLabel":"JSON for switching in-app test","content":{"data":"eyJ1cHNlbGxleHBlcmltZW50Ijp7InRlc3RpZCI6IjEiLCJjb2hvcnQiOiJicm93c2VyIn19","dataType":"application\/json","encodingScheme":true},"endDTS":1735804679000,"startDTS":1696951150814}}}}

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):4
                          Entropy (8bit):0.8112781244591328
                          Encrypted:false
                          SSDEEP:3:e:e
                          MD5:DC84B0D741E5BEAE8070013ADDCC8C28
                          SHA1:802F4A6A20CBF157AAF6C4E07E4301578D5936A2
                          SHA-256:81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
                          SHA-512:65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
                          Malicious:false
                          Reputation:low
                          Preview:....

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):2818
                          Entropy (8bit):5.115229570157694
                          Encrypted:false
                          SSDEEP:48:YCofHOdbKCf34IDVcivUij260jnvjesnJy1+GIxJYP4MaOd9iHjY:vPd+nsbx26EaEm+u4M37
                          MD5:25ABB1730E07A5E9CBDE045CD90F2AF0
                          SHA1:84015F68F09F504A8E1677C34059B28F258A07C4
                          SHA-256:9DF4CE583B84D5F5E14F45CD667D4A2546288FC6F0D78D316E969BB6110514D3
                          SHA-512:238660E14E488EA577890DA67EB588958F8C2B44402F9ABC2C8EFFF6249A195CB914EE94025646B50FEFBFEC6E2D08FD8043870C114818B34857B6CF4D0CC0B4
                          Malicious:false
                          Reputation:low
                          Preview:{"all":[{"id":"DC_Reader_Disc_LHP_Banner","info":{"dg":"3b11b21f4118687f517502f91e8f0f0d","sid":"DC_Reader_Disc_LHP_Banner"},"mimeType":"file","size":1250,"ts":1696951150000},{"id":"DC_Reader_Sign_LHP_Banner","info":{"dg":"d61f9e1517dfb490991f99ba5e6c0310","sid":"DC_Reader_Sign_LHP_Banner"},"mimeType":"file","size":1250,"ts":1696951149000},{"id":"DC_Reader_Convert_LHP_Banner","info":{"dg":"90ae9514f4ae9c6c6f0f6df794ec7d8a","sid":"DC_Reader_Convert_LHP_Banner"},"mimeType":"file","size":1255,"ts":1696951149000},{"id":"DC_Reader_Edit_LHP_Banner","info":{"dg":"8124fa0159a882e157bfb1635a777f2d","sid":"DC_Reader_Edit_LHP_Banner"},"mimeType":"file","size":1230,"ts":1696951149000},{"id":"DC_Reader_Upsell_Cards","info":{"dg":"2ed0e7ce3e1992a3bd31de68189cd770","sid":"DC_Reader_Upsell_Cards"},"mimeType":"file","size":5220,"ts":1696951149000},{"id":"Edit_InApp_Aug2020","info":{"dg":"1d19e3804207864d554b07ddd094eb8e","sid":"Edit_InApp_Aug2020"},"mimeType":"file","size":782,"ts":1696951149000},{"id"

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 19, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 19
                          Category:dropped
                          Size (bytes):12288
                          Entropy (8bit):1.3230835271045296
                          Encrypted:false
                          SSDEEP:24:TLHRx/XYKQvGJF7ursmbwwwwwwwwwwwGyk6EsTt7jX78Z2iLIa2dDYksSqrqXFsD:TVl2GL7msmHyCqKKa2dDzsS4UFsIyz
                          MD5:21C46C01559D46354A7B534CE5F1FB24
                          SHA1:D6AA3B676A309BB38004C31709A847EF0E54D9AB
                          SHA-256:81BFF27326E48EA37F9AE3F065F299EE6A7239D0F0DC1287F7B15182EB17F5DF
                          SHA-512:BAB22085625B997FD784EA1E3199C32C3899F8068001D760373AE7F1DD65C67F534BAEAC68C54A03E690D4F1486EFE1504DE34D7CF4E9A278AF793E52C934B9B
                          Malicious:false
                          Reputation:low
                          Preview:SQLite format 3......@ ..........................................................................c.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:SQLite Rollback Journal
                          Category:dropped
                          Size (bytes):8720
                          Entropy (8bit):1.7838423067571467
                          Encrypted:false
                          SSDEEP:24:7+tqwwwwwwwwwwwwwGyk6eMsTt7jX78Z2iLIa2dDYksSqrqXFs63fqLBx/XYKQvi:7MAyUMqKKa2dDzsS4UFs2fqll2GL7msJ
                          MD5:3216AEB1491D1FA92530D6BAE6459B29
                          SHA1:CB3A074255A7229FAEA2FFB8DD65250EDA5CB193
                          SHA-256:A789FEADC6E5A0B80400B1146D7BC8A43ED51410893062A7ED0F914E2DF1DC2B
                          SHA-512:71D4722434DBB28719422F7E7693774A8D2BC76229F1E73B25F3FEB7FEDE6FFCC6109BB6C27AEDE5320054A1580C1DE565AE240C38012064A0F1CDB9C6A626E2
                          Malicious:false
                          Reputation:low
                          Preview:.... .c......Kf..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................Z..Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z..........................................................................................................................................................................................................................................................................................................................................................................................................................................................

                          C:\Users\user\AppData\Local\Temp\MSIb7f76.LOG

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                          Category:dropped
                          Size (bytes):246
                          Entropy (8bit):3.5085442896850614
                          Encrypted:false
                          SSDEEP:6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K8ErO0lXhF:Qw946cPbiOxDlbYnuRKHlT
                          MD5:24B8A4CE93FAB8C2E613F11260218817
                          SHA1:DE71C6110A1C2906E2F903CE886BBCA0A1D96DF1
                          SHA-256:F0895DF305400ADAADB63678C45DE086801CBFB0FD25BF38A590756A875B395A
                          SHA-512:A8730050939DC7869B1F084D5316E0B375D72D49F898B38E7181FACCBAB5C2E63FB6E7429312ABD9A8A19A29A765ED119A69EB3F0FCEFC1D0975554FCA2926E6
                          Malicious:false
                          Reputation:low
                          Preview:..E.r.r.o.r. .2.7.1.1...T.h.e. .s.p.e.c.i.f.i.e.d. .F.e.a.t.u.r.e. .n.a.m.e. .(.'.A.R.M.'.). .n.o.t. .f.o.u.n.d. .i.n. .F.e.a.t.u.r.e. .t.a.b.l.e.......=.=.=. .L.o.g.g.i.n.g. .s.t.o.p.p.e.d.:. .1.0./.1.0./.2.0.2.3. . .1.7.:.1.9.:.0.8. .=.=.=.....

                          C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2023-10-10 17-19-03-018.log

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:ASCII text, with very long lines (393)
                          Category:dropped
                          Size (bytes):16525
                          Entropy (8bit):5.3642074368816415
                          Encrypted:false
                          SSDEEP:384:7cKjycFsNqtn2n5O8TAEWPUYNqtascBVYAqM0KQAu9Ak393V92GyJyJ6ICtEh5p3:jvi
                          MD5:81AF462213266DBAC9B781BB5BE2E1AE
                          SHA1:90BF653EB28CABE16DEF65768A4E2ED1D5525A39
                          SHA-256:BE985400A702077F254954105E5716F830BBB6B3F2EF768D7603B9CF4817D081
                          SHA-512:3711E7EA90D4B9B0A50EC68EAD6EDC8497B7C07454E43CEEEC4B0FAD096C3A45B2B946AE08BADB51F84BE03F6D7B805CC595632A46811218D82DF0096430B175
                          Malicious:false
                          Reputation:low
                          Preview:SessionID=cf7b554e-2c7f-4c07-801f-6a9858d67d8a.1696515479656 Timestamp=2023-10-05T16:17:59:656+0200 ThreadID=7128 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------".SessionID=cf7b554e-2c7f-4c07-801f-6a9858d67d8a.1696515479656 Timestamp=2023-10-05T16:17:59:657+0200 ThreadID=7128 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found".SessionID=cf7b554e-2c7f-4c07-801f-6a9858d67d8a.1696515479656 Timestamp=2023-10-05T16:17:59:657+0200 ThreadID=7128 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!".SessionID=cf7b554e-2c7f-4c07-801f-6a9858d67d8a.1696515479656 Timestamp=2023-10-05T16:17:59:657+0200 ThreadID=7128 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1".SessionID=cf7b554e-2c7f-4c07-801f-6a9858d67d8a.1696515479656 Timestamp=2023-10-05T16:17:59:657+0200 ThreadID=7128 Component=ngl-lib_NglAppLib Description="SetConfig:

                          C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:ASCII text, with very long lines (393), with CRLF line terminators
                          Category:dropped
                          Size (bytes):15114
                          Entropy (8bit):5.355347110739027
                          Encrypted:false
                          SSDEEP:384:7tb4aYLg8NH0OkreKy+monmCtMp3uaBZWCGo8Y4BFfhq3FSi1jFAXH2vN3hIRRFY:zk
                          MD5:F568A31C5BFBB71FA7986FDD50451191
                          SHA1:7CF2DB64C55F6C7BE0F127935036B4118BDD7EE3
                          SHA-256:5CFC29D81E557EF69B9A040C567D81AEA13BE45F0C016C578939FDF1D183CAFD
                          SHA-512:8BC80473825E398BEE3489306BE8BE29008402F379678636CEF0DC8E070CE35EDA7C37FD3CEA765BD3DE0FACBF1CA52433140FFF1B7682234C85F18D7A83FF2A
                          Malicious:false
                          Reputation:low
                          Preview:SessionID=966600b3-d7cd-433d-adde-634356eb9cf3.1696951143074 Timestamp=2023-10-10T17:19:03:074+0200 ThreadID=8536 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------"..SessionID=966600b3-d7cd-433d-adde-634356eb9cf3.1696951143074 Timestamp=2023-10-10T17:19:03:079+0200 ThreadID=8536 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found"..SessionID=966600b3-d7cd-433d-adde-634356eb9cf3.1696951143074 Timestamp=2023-10-10T17:19:03:079+0200 ThreadID=8536 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!"..SessionID=966600b3-d7cd-433d-adde-634356eb9cf3.1696951143074 Timestamp=2023-10-10T17:19:03:080+0200 ThreadID=8536 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1"..SessionID=966600b3-d7cd-433d-adde-634356eb9cf3.1696951143074 Timestamp=2023-10-10T17:19:03:081+0200 ThreadID=8536 Component=ngl-lib_NglAppLib Description="SetConf

                          C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          File Type:ASCII text, with CRLF line terminators
                          Category:dropped
                          Size (bytes):29752
                          Entropy (8bit):5.408050339637984
                          Encrypted:false
                          SSDEEP:192:4cboIFDcblcb6I8qcbrcbuIuocbecbgIrpcboScb4IfxcbB:bFr8su3r19fe
                          MD5:065AB41675C4FA9487E7D7003515147F
                          SHA1:4641C5920E15A59EE999F4DE8388A3B89C47A411
                          SHA-256:3BAB4BE8CF8B2C4CACE16CF66573E3336E90230DA4D1FF8FB5E1207E236AE5D1
                          SHA-512:39DFDCF9000838C05AB6BE71AB546584DA9B22C54B668460D75124CADD68C182A3899AC99162D94AF304F7B880FFA97F6A72A833E23DAFAC755F66FA4AC32B6A
                          Malicious:false
                          Reputation:low
                          Preview:05-10-2023 04:08:26:.---2---..05-10-2023 04:08:26:.AcroNGL Integ ADC-4240758 : ***************************************..05-10-2023 04:08:26:.AcroNGL Integ ADC-4240758 : ***************************************..05-10-2023 04:08:26:.AcroNGL Integ ADC-4240758 : ******** Starting new session ********..05-10-2023 04:08:26:.AcroNGL Integ ADC-4240758 : Starting NGL..05-10-2023 04:08:26:.AcroNGL Integ ADC-4240758 : Setting synchronous launch...05-10-2023 04:08:26:.AcroNGL Integ ADC-4240758 ::::: Configuring as AcrobatReader1..05-10-2023 04:08:26:.AcroNGL Integ ADC-4240758 : NGLAppVersion 23.6.20320.6..05-10-2023 04:08:26:.AcroNGL Integ ADC-4240758 : NGLAppMode NGL_INIT..05-10-2023 04:08:26:.AcroNGL Integ ADC-4240758 : AcroCEFPath, NGLCEFWorkflowModulePath - C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1 C:\Program Files\Adobe\Acrobat DC\Acrobat\NGL\cefWorkflow..05-10-2023 04:08:26:.AcroNGL Integ ADC-4240758 : isNGLExternalBrowserDisabled - No..05-10-2023 04:08:26:.Closing File..05-10-

                          C:\Users\user\AppData\Local\Temp\acrocef_low\045d1e6c-51ec-4542-84b4-bec4692e4d07.tmp

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
                          Category:dropped
                          Size (bytes):1419751
                          Entropy (8bit):7.976496077007677
                          Encrypted:false
                          SSDEEP:24576:/xA7owWLkwYIGNPMGZfPdpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:JVwWLkwZGuGZn3mlind9i4ufFXpAXkru
                          MD5:CA6B0D9F8DDC295DACE8157B69CA7CF6
                          SHA1:6299B4A49AB28786E7BF75E1481D8011E6022AF4
                          SHA-256:A933C727CE6547310A0D7DAD8704B0F16DB90E024218ACE2C39E46B8329409C7
                          SHA-512:9F150CDA866D433BD595F23124E369D2B797A0CA76A69BA98D30DF462F0A95D13E3B0834887B5CD2A032A55161A0DC8BB30C16AA89663939D6DCF83FAC056D34
                          Malicious:false
                          Reputation:low
                          Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

                          C:\Users\user\AppData\Local\Temp\acrocef_low\1dae2409-33bb-4784-b43e-f69740947fe4.tmp

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 921996
                          Category:dropped
                          Size (bytes):386528
                          Entropy (8bit):7.9736851559892425
                          Encrypted:false
                          SSDEEP:6144:rBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOFjNOX1Lj3vfE4JvWTlP:r+Tegs661ybxrr/IxkB1mabFhOXZ/fEh
                          MD5:C14EBC9A03804BAB863F67F539F142C6
                          SHA1:FD44F63771819778149B24DD4B073940F5D95BFA
                          SHA-256:A495629FA5E71EE50BB96F9C4CAEAC46E8B44BFC3F910A073348258F63DFAFCE
                          SHA-512:8ED832A54A3925914E3BCFC96A3ABFF63A511ADAC79A869AD1569BB175CC1AF84E6C2BD20FA2187A5C3B733625EDE5D95C2172B24ED2F252835689F6D4A0F5A2
                          Malicious:false
                          Reputation:low
                          Preview:...........[l\[.......p.a$..$.K...&%J.J...Wuo..dI.vk4.E..P.u..(.....1.I....A...............0.....$ctg.H.'....@.Zk...~.s.A]M.A..:g?.^{...cjL...X..#.Q{......z...m...K.U]-..^V.........@..P...U.R..z.......?......]nG..O{..n........y...v7...~C#..O.z...:...H&..6M;........c..#.y4u.~6.?...V?.%?SW.....K...[..`N.i.1..:..@?i.Q..O...`.....m.!y.{...?=.. .....Zk......%.6......o<.....yA}......no......u,.....U...a.......[S.n..`.....:...1......X..u.u...`..B=.&M.y..s.....}.i..l.'u]. ...6.s`....zdN.F.>;.d%D..}3..b..~..k.......,hl.j..._...F..p.z..o...C..,.Ss.u.Xd..a.Y.{.p...?.k..t,&..'...........^.f.hg....y..Y...i..m....<..^......yK.......;.5...E...K..Q.;k..|;..B.{m..eS..>b..>...6...wmC.i.....wv..k..{..X...RB.P..?w......1l.H..{{.`g.P.8.Z..v_.G.....f.%+z.....p.P..u}.T.....~r]..W7..._..c.k.....@....y.K...uOSj........^....B..]..~{..;...c....r.J.m.S.}.....k....u*^...5./...{......3.I.p.t...V..........W-..|.K.N.....n.........Bl...#)..;..4.x.....'....A....x..

                          C:\Users\user\AppData\Local\Temp\acrocef_low\82a421f1-8b1e-404e-aaa4-4a8dfbaf2bf5.tmp

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 647360
                          Category:dropped
                          Size (bytes):1407294
                          Entropy (8bit):7.97605879016224
                          Encrypted:false
                          SSDEEP:24576:/YkwYIGNPQbdpy6mlind9j2kvhsfFXpAXDgrFBU2/R07WWL07oXGZd:DwZG2b3mlind9i4ufFXpAXkrfUs0qWLk
                          MD5:38ED8E7B44D526DDA0F3E7608AF1AFA1
                          SHA1:45E30A6789382E29AC870CCF92B514FB95742C45
                          SHA-256:7B277E2332AE55A014D8C37CCC879D165E33315437F6197BEB153CD75E4EFBBF
                          SHA-512:7169B1E4B2895A91FA0FBE4297CB70BE56D733084653334BB4E8421382F8F761DAD11B5D87277E0286A7C16CB53A2C79F96BB45F433D776E82A7CF45EA25121C
                          Malicious:false
                          Reputation:low
                          Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

                          C:\Users\user\AppData\Local\Temp\acrocef_low\cc637b69-8919-4df6-b201-c1cb85c27573.tmp

                          Download File
                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1111944
                          Category:dropped
                          Size (bytes):758601
                          Entropy (8bit):7.98639316555857
                          Encrypted:false
                          SSDEEP:12288:ONh3P65+Tegs6121D1ybxrr/IxkB1mabFhOXZ/fEa+fDERXTJJJJv+9UZwY0SWB4:O3Pjegf121DMNB1DofjEiJJJJm94GS84
                          MD5:FA6978A9EA472E8ACFF72AFE8CC7CC81
                          SHA1:D58155446B67ACF4DA331A977B8EC7BA105C2C4F
                          SHA-256:3D0DF2B14FC632520705424D2DA394922D3EDD8C977950656B736352CD5A37E2
                          SHA-512:6B16382E6A4B9EECB8E8FB82189C2741511E8CF99C83B3FA52B062165B3B366EE0C11A7F60CE4B08D881B2418234097FA13CCAA9C90B1D7D37BD4D9A56EBA96C
                          Malicious:false
                          Reputation:low
                          Preview:...........kWT..0...W`.........b..@..nn........5.._..I.R3I..9g.x....s.\+.J......F...P......V]u......t....jK...C.fD..]..K....;......y._.U..}......S.........7...Q.............W.D..S.....y......%..=.....e..^.RG......L..].T.9.y.zqm.Q]..y..(......Q]..~~..}..q...@.T..xI.B.L.a.6...{..W..}.mK?u...5.#.{...n...........z....m^.6!.`.....u...eFa........N....o..hA-..s.N..B.q..{..z.{=..va4_`5Z........3.uG.n...+...t...z.M."2..x.-...DF..VtK.....o]b.Fp.>........c....,..t..an[............5.1.(}..q.q......K3.....[>..;e..f.Y.........mV.cL...]eF..7.e.<.._.o\.S..Z...`..}......>@......|.......ox.........h.......o....-Yj=.s.g.Cc\.i..\..A.B>.X..8`...P......[..O...-.g...r..u\...k..7..#E....N}...8.....(..0....w....j.......>.L....H.....y.x3...[>..t......0..z.qw..]X..i8..w.b..?0.wp..XH.A.[.....S..g.g..I.A.15.0?._n.Q.]..r8.....l..18...(.].m...!|G.1...... .3.`./....`~......G.............|..pS.e.C....:o.u_..oi.:..|....joi...eM.m.K...2%...Z..j...VUh..9.}.....

                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 10 14:17:37 2023, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
                          Category:dropped
                          Size (bytes):2675
                          Entropy (8bit):3.9736324535377157
                          Encrypted:false
                          SSDEEP:48:8SZdzTTXAnHWidAKZdA1kLehwiZUklqehHy+3:8SHnA9oy
                          MD5:6D253CD6818D41B80CAB22F502178D53
                          SHA1:EDC7FD466A1ED1EE4703DD5A8AEF4FEA2692A021
                          SHA-256:BBEB5584B5BB77D6F0B4C6AB85345CEE23C24F0AD4BE91ACCBC768F932C1C650
                          SHA-512:70334B109B6B6C9803393B343D8EA00A2849E5E27801727C018C47637206F6B1A63E6E0DCAA1EE4DA0FB8576AF4A0CE201B1BFE133D030B6CE2A80196C8EF0AA
                          Malicious:false
                          Reputation:low
                          Preview:L..................F.@.. ...$+.,....."F......v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.q..PROGRA~1..t......O.IJW1z....B...............J.....o4_.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VJW1z....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.f..Chrome..>......CW.VJW1z....M.....................c...C.h.r.o.m.e.....`.1.....EW.f..APPLIC~1..H......CW.VJW1z...........................P..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.VJW3z....O......................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........2.@k.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 10 14:17:37 2023, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
                          Category:dropped
                          Size (bytes):2677
                          Entropy (8bit):3.987954536278747
                          Encrypted:false
                          SSDEEP:48:8wZdzTTXAnHWidAKZdA1DLeh/iZUkAQkqehYy+2:8wHnAh9QBy
                          MD5:BF902DCD55B56DCA16FC93CB283E908F
                          SHA1:2A06643ECC476F5B10351B44F671F123DC77E314
                          SHA-256:6EAA561DEFC05AEC3F1B054B6A8C1DCF9775FEF13B2DC2DE40A4E4009BFCEE11
                          SHA-512:62C5E62B4E301955843F6B785FED8FB09BD5E7B6B70C1793159C6560AAA92784CFBB3A6A81D2473EB45794A52F93ACD97384186ED39D2DE24756BEA849F7DA00
                          Malicious:false
                          Reputation:low
                          Preview:L..................F.@.. ...$+.,....>.:......v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.q..PROGRA~1..t......O.IJW1z....B...............J.....o4_.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VJW1z....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.f..Chrome..>......CW.VJW1z....M.....................c...C.h.r.o.m.e.....`.1.....EW.f..APPLIC~1..H......CW.VJW1z...........................P..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.VJW3z....O......................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........2.@k.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 13:13:28 2023, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
                          Category:dropped
                          Size (bytes):2691
                          Entropy (8bit):4.002219037851155
                          Encrypted:false
                          SSDEEP:48:8yZdzTTXCnHWidAKZdA14PLeh7sFiZUkmgqeh7sqy+BX:8yHnCXn0y
                          MD5:EF45C05ED8F7D40DA016A184E3C6AE51
                          SHA1:EC474352AE876A54965585E9F6ED79DA72E5E52A
                          SHA-256:79F9F024C771E709EE6B7A09ABFF3CF49B3477F6ABE98406FF82CD4B707A7D97
                          SHA-512:BD09B585A955438EA83C208FFEAABBFAEA82042BE9026653EBF167BAD88E98996EBEE4F7963DAB2CFBADFC932FD9F2F50117B957708BFE2B840A8DA2990F5F94
                          Malicious:false
                          Reputation:low
                          Preview:L..................F.@.. ...$+.,.....k........v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.q..PROGRA~1..t......O.IJW1z....B...............J.....o4_.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VJW1z....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.f..Chrome..>......CW.VJW1z....M.....................c...C.h.r.o.m.e.....`.1.....EW.f..APPLIC~1..H......CW.VJW1z...........................P..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.VEW.q....O......................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........2.@k.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 10 14:17:37 2023, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
                          Category:dropped
                          Size (bytes):2679
                          Entropy (8bit):3.985256572712988
                          Encrypted:false
                          SSDEEP:48:8eZdzTTXAnHWidAKZdA1mLehDiZUkwqeh8y+R:8eHnAUyy
                          MD5:0907B62E7B3FEA3A223E60FA25BC8F3E
                          SHA1:FD51745A485AC642FB42C3833D34FF3DF985FD86
                          SHA-256:69A92376D8A9FA1E62D8B0A07B3D42FB830F84C5D032746B995EFF548FB19CF5
                          SHA-512:FE7C0C29ECB4D43C19E3562A65EDDD1E26ED5477C88185983BB71D73F31EED1834B40C0DEAF2747AAF8BFD92000C82BBBF0BE63150779B4645C52C458B40FC70
                          Malicious:false
                          Reputation:low
                          Preview:L..................F.@.. ...$+.,.....3......v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.q..PROGRA~1..t......O.IJW1z....B...............J.....o4_.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VJW1z....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.f..Chrome..>......CW.VJW1z....M.....................c...C.h.r.o.m.e.....`.1.....EW.f..APPLIC~1..H......CW.VJW1z...........................P..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.VJW3z....O......................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........2.@k.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 10 14:17:37 2023, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
                          Category:dropped
                          Size (bytes):2679
                          Entropy (8bit):3.9730549839899703
                          Encrypted:false
                          SSDEEP:48:8HZdzTTXAnHWidAKZdA1oLehBiZUk1W1qehWy+C:8HHnAE92y
                          MD5:DDEBC032DA348C93251E1F86B8590960
                          SHA1:BC2D6AEFC20A7A9C5BAA5BA4204B365A71522F8C
                          SHA-256:90C9A66E980BFA48C95A056C6664DF9AFE84912DD0847FCE6D06A710BFD934DC
                          SHA-512:082C07AD162BBEA1E41B8DE59BCD8BA934DAE6673A8DB39A2432D690DB7C2DD2908B506FC198F3D526B82D5CF63EE3821E9E9F74B30BBA99D6EB58FBD66A21CF
                          Malicious:false
                          Reputation:low
                          Preview:L..................F.@.. ...$+.,....C.@......v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.q..PROGRA~1..t......O.IJW1z....B...............J.....o4_.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VJW1z....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.f..Chrome..>......CW.VJW1z....M.....................c...C.h.r.o.m.e.....`.1.....EW.f..APPLIC~1..H......CW.VJW1z...........................P..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.VJW3z....O......................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........2.@k.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 10 14:17:37 2023, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
                          Category:dropped
                          Size (bytes):2681
                          Entropy (8bit):3.9875664664273187
                          Encrypted:false
                          SSDEEP:48:81ZdzTTXAnHWidAKZdA1duTBLehOuTbbiZUk5OjqehOuTb0y+yT+:81HnA5T6TbxWOvTb0y7T
                          MD5:AE4634CC097AE12E854B1CB3D44F9D5C
                          SHA1:511303F88B8DD1BAB6766911F9E97F048C243C7B
                          SHA-256:6E6747A057CAE7A6AA8DB7E6F02E0699F25E8349F340F326F0B0691BD5C02480
                          SHA-512:E605F2B4F0FC7A4444B720E2F5B1E6275CDFB906F4326CFDC957BAE2E74BDCA9CA3B347176E64204596C642D1289C220F3A524F49B4C9AD4A03DF737124F92E5
                          Malicious:false
                          Reputation:low
                          Preview:L..................F.@.. ...$+.,....V.*......v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.q..PROGRA~1..t......O.IJW1z....B...............J.....o4_.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VJW1z....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.f..Chrome..>......CW.VJW1z....M.....................c...C.h.r.o.m.e.....`.1.....EW.f..APPLIC~1..H......CW.VJW1z...........................P..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.VJW3z....O......................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........2.@k.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                          C:\Users\user\Downloads\0163d16a-f995-4ada-95ac-98bf8e1a68c8.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\05082a25-4e61-4440-8ba5-a723f5be17aa.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\053745c0-ee62-4174-9efe-41f725849e4e.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\054341f0-d7f0-4f89-a1ab-49feacc0d7fe.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\056b2eb8-bfff-4e8f-ad14-3c4ce4f5b4ff.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\092be2f1-bdfa-4933-93fb-fa71e0e56049.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\092f6f55-149c-4787-b3db-dd6d05b8e771.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\0a753d6f-4d38-4a9c-91a8-acd8cc7a708f.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\0e5cb5f7-7c0e-45da-bae5-057982727c07.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\1154c74f-441c-4e0d-be32-802beef0a013.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\1553c37a-ec78-4ecd-a2e2-513b8a3adafe.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\184a510c-c40d-4e2e-a9fa-8ac5aba9d219.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\1996f230-b8e3-42ad-8c33-288c708a9fc5.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\1e11b344-9070-4987-812b-a9545744177e.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\1e214cb2-cb14-4893-9c60-df0452c6e396.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\1f53909a-9b3b-4c3b-ba40-f2296e264ded.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\1f5caf68-71f0-4d26-b7b6-a75d94382cdd.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\22cdb44a-4f46-4252-9d5e-dc343feabc47.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\27644e28-4f83-400a-b9eb-7f7c3cfc7da2.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\28839db3-0322-4c76-98e2-00516a1e3257.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\2cf0b46e-fe5c-4b1c-9ebe-ff5c0954bf8f.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\33ad54fe-56dc-4981-96ae-d6ddf986d7d0.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\35b7cbef-7585-47fd-9f98-3635ee69ff5f.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\3930d822-783e-4d9a-b25e-52ef47857f2f.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:true
                          Antivirus:
                          • Antivirus: Avira, Detection: 100%
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\39a7da91-c645-4d79-93af-f3d197872a99.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\3f5b4456-97c5-445b-a2be-be7137cd5494.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\46181df3-81d1-429a-9ccb-5d8212f5fbaf.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\4f6c3d2d-e4f4-4500-a5e2-20837f932756.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\4f766108-163f-4f3e-834e-4f1924d7d2cb.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\559f6bf7-c20b-475d-82ef-1d7b5f215c4d.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\5a9d1141-6594-4047-bc4c-5d411b9f47b2.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\624d2783-ccb2-4534-a5a2-0dd1144e2650.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\65445438-0556-4c95-a6d9-b94a564df508.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\68aef91b-caee-45fe-bd26-a8e3c6ce85db.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\6d9821da-a97e-42b1-9c88-2abadd666cdd.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\6e6a240f-2fbd-42ea-a95b-09d5ab47646c.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\74ef8cb9-113f-4dd0-80d8-89e61192972d.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\762afc15-d781-4a2b-8893-86fe22756384.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\77586b20-f398-4fe2-a14d-749542221949.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\7aa6ef48-7375-4702-98fe-a648a475e33c.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\7c5b2d10-171d-4f5d-9653-d44f2448d3bc.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\81026891-3c51-4b4f-81df-6ccf3782c978.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\815ae370-613c-4a52-93f6-13b7f88db018.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4
                          Category:dropped
                          Size (bytes):20211
                          Entropy (8bit):7.895164352488663
                          Encrypted:false
                          SSDEEP:384:zyNjKWPIXD/svj7BckbKf9clGcK/e20hHFE7asAIXrRzany:zyhLPBrG1yBaYlErsny
                          MD5:19FDFD29C3E50A78CA5EA2B07830627E
                          SHA1:BE021F3454749C89EBC25F3EA988E8252A0E3018
                          SHA-256:110844FE246497B64633769D9E17AFF4BA2817D281F57F419A67255268AEEAC7
                          SHA-512:334D3E58779DE80B2AB7427F391467F1558D704DCD1E561DE3850B048009CBDFEE44DA73258DF3DE458BB044ED8361BAF9703B21F81BCAE3628A41832FD96C70
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\862f858d-1367-40f0-b863-e856c00ffca2.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\8b7cbf1d-ec25-48fa-b563-5ed17368a772.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\9461a8ca-4aff-4e5d-8987-0ee40faf1e7c.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\95b35cd0-9fd7-4bad-b738-7af3808df216.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4
                          Category:dropped
                          Size (bytes):1024
                          Entropy (8bit):6.48794120814418
                          Encrypted:false
                          SSDEEP:24:BnmvwoscaRHB/GIhpYWQPxf8hpKSo0XxDuLHeOWXG4OZ7DAJf:FI9sTzVP4JpuERAp
                          MD5:962F8A0160E5458F061F6008E46853C2
                          SHA1:F9DFEA266A602951B25A92D7C686AE1C12D97480
                          SHA-256:FA6B7844193041612F935EAAF73982BA85398B7CD884C65AB9B957D144BEF51B
                          SHA-512:4013922ADF4E5F9E453B4CB65FBB36549C5F2D119F996A880682DF0F0DECB676D0977E697F7A3482356ED4542A8431D042BF2D0F87D572B6F49617B77941C107
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\9686e8e2-e978-4fc8-aa0d-7487edc5642f.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\969f3c0c-3247-4487-8b2a-16ed65461964.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\9b39867b-0cfa-401c-86b0-3b221c339723.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\9c67641d-2cf4-4ab3-b985-217ab34fa7e0.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\9d029239-2e51-4c12-81cd-8219916b96e7.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\b034f9a7-00ab-4f64-8538-f6a6a63da35b.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\b26d2c75-5cbc-41aa-933a-f2c98c271ca8.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\b7c08520-dc2f-4b54-8a8e-d0a683c82709.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\b9a699af-1c39-4bfa-b1e1-aa3cf126913f.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\ba0f765a-6281-4ea9-8d87-491862b9fe2b.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\bdacef5e-66c3-4b35-a14d-737ec4173867.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\bdb40f1e-e580-4279-8dfc-09da34ce96f3.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\c6a49baa-7653-458b-9231-d523846a8330.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\c71dac73-4cc3-4797-9c47-14484e497f02.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\cb094c13-5d98-4cad-ae2e-2ebf01f708e0.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\cbe7eaf8-ac01-445c-870d-260c85e35135.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\cfe08b29-96f0-463c-98fd-19149ebdfb90.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\d4343937-3d63-49ba-92e5-eb5091199a36.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\da743bca-ca5c-4062-bb87-a139de0a6436.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4
                          Category:dropped
                          Size (bytes):1024
                          Entropy (8bit):6.48794120814418
                          Encrypted:false
                          SSDEEP:24:BnmvwoscaRHB/GIhpYWQPxf8hpKSo0XxDuLHeOWXG4OZ7DAJf:FI9sTzVP4JpuERAp
                          MD5:962F8A0160E5458F061F6008E46853C2
                          SHA1:F9DFEA266A602951B25A92D7C686AE1C12D97480
                          SHA-256:FA6B7844193041612F935EAAF73982BA85398B7CD884C65AB9B957D144BEF51B
                          SHA-512:4013922ADF4E5F9E453B4CB65FBB36549C5F2D119F996A880682DF0F0DECB676D0977E697F7A3482356ED4542A8431D042BF2D0F87D572B6F49617B77941C107
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\dd5f5d1a-6b33-4e84-ad98-83f78b1dd3b0.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\de4f50a2-41e1-40fb-8b81-4794bca7571a.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\downloaded.pdf (copy)

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\downloaded.pdf.crdownload

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\e0f48191-c58e-4b49-81ec-f76287ba4475.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\e1e5ab51-a453-4957-b6bd-60e616fb6d14.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\e38059bc-c638-423e-84df-b8b79064c4d1.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\e42ac4d0-103b-41ab-8114-b29b4dff50f8.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\ecfedc4f-f373-4d00-8f7c-be7ebb875323.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\ed5df0a5-5211-418d-854c-76d6f447e083.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\ee3f0f10-8973-4315-b5ab-1eaeace6d70b.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\f1b4d5b7-c8ba-4ce7-804b-1ffc2dacbe56.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\f77d355c-fca5-457d-9989-80edb3a34672.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4
                          Category:dropped
                          Size (bytes):1024
                          Entropy (8bit):6.48794120814418
                          Encrypted:false
                          SSDEEP:24:BnmvwoscaRHB/GIhpYWQPxf8hpKSo0XxDuLHeOWXG4OZ7DAJf:FI9sTzVP4JpuERAp
                          MD5:962F8A0160E5458F061F6008E46853C2
                          SHA1:F9DFEA266A602951B25A92D7C686AE1C12D97480
                          SHA-256:FA6B7844193041612F935EAAF73982BA85398B7CD884C65AB9B957D144BEF51B
                          SHA-512:4013922ADF4E5F9E453B4CB65FBB36549C5F2D119F996A880682DF0F0DECB676D0977E697F7A3482356ED4542A8431D042BF2D0F87D572B6F49617B77941C107
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\fa267f96-06b3-4d42-8a9e-ce1e30ed2ce5.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          C:\Users\user\Downloads\fa8e36c0-f71a-4c9f-ac5f-5fb17e25894f.tmp

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PDF document, version 1.4, 3 pages
                          Category:dropped
                          Size (bytes):191555
                          Entropy (8bit):7.884510267670101
                          Encrypted:false
                          SSDEEP:3072:2XvEMaMeVHUwjrjQUihzyPXF7KGYNTRXKbwSUkAc+V3sJC/9j+:2fEMWUwjrjQUWzGDYjabwvkAc+V3sJP
                          MD5:11B68B73E084564E6F64E3E30EA58054
                          SHA1:2FAC8713ECF4031C2FA41D3EAF61E03D7F942D09
                          SHA-256:EBB9ABE0D272EE399F64C939C6C4EFC790998ABAA2EF93B964E5ED8E785C7F9A
                          SHA-512:15CA9BBD72C5448CE23BD4CF8E7C10CB94B6581252E54D7F9F128FBF9B14BF3912846C0598768DAEA9CB861351AB9F305127528A338B991A1BBFE7F034984BD4
                          Malicious:false
                          Reputation:low
                          Preview:%PDF-1.4.%...1 0 obj.<<./Title ()./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...6)./Producer (...Q.t. .5...1.5...1.0)./CreationDate (D:20230929153824+03'00').>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None>>.endobj.5 0 obj.[/Pattern /DeviceRGB].endobj.7 0 obj.<<./Type /XObject./Subtype /Image./Width 625./Height 155./BitsPerComponent 8./ColorSpace /DeviceRGB./Length 8 0 R./Filter /DCTDecode.>>.stream.......JFIF.....d.d.....C....................................................................C.........................................................................q.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'(

                          Chrome Cache Entry: 253

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 2238
                          Category:dropped
                          Size (bytes):125
                          Entropy (8bit):6.309471484523636
                          Encrypted:false
                          SSDEEP:3:FttcxPphliHFpRq3nOsMeAYblI/boj3koniywubXln:XtcxRhliHI3O12blI0Lk6Rwcln
                          MD5:77630AF7007C83BD751B157AF6FD1C5A
                          SHA1:36308B189A884CEA72795CAD7E9353E9232025AB
                          SHA-256:864E445F862EAEF8D3B2E82FFEB0DE5FD19281FBA80D4ECCD682E5A4D5325034
                          SHA-512:D3ACAF8CD20CFFD66831AA77D9336EA07B5A6D3AD9D0EB8A9D8BC4AA4D5C24B15BDB861CC742C58C7FA30C342174F8E94175C4EB9F16D2A45925DA5B147125FA
                          Malicious:false
                          Reputation:low
                          Preview:..............0...G.`.jJ.`4...!.p...AO.<.ez..Yq.N...j...a......&...Z.P/..6.)..).;}w.....w.'9..........>...B...WTv..R!o....

                          Chrome Cache Entry: 254

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 2238
                          Category:downloaded
                          Size (bytes):125
                          Entropy (8bit):6.309471484523636
                          Encrypted:false
                          SSDEEP:3:FttcxPphliHFpRq3nOsMeAYblI/boj3koniywubXln:XtcxRhliHI3O12blI0Lk6Rwcln
                          MD5:77630AF7007C83BD751B157AF6FD1C5A
                          SHA1:36308B189A884CEA72795CAD7E9353E9232025AB
                          SHA-256:864E445F862EAEF8D3B2E82FFEB0DE5FD19281FBA80D4ECCD682E5A4D5325034
                          SHA-512:D3ACAF8CD20CFFD66831AA77D9336EA07B5A6D3AD9D0EB8A9D8BC4AA4D5C24B15BDB861CC742C58C7FA30C342174F8E94175C4EB9F16D2A45925DA5B147125FA
                          Malicious:false
                          Reputation:low
                          URL:http://img1.wsimg.com/favicon.ico
                          Preview:..............0...G.`.jJ.`4...!.p...AO.<.ez..Yq.N...j...a......&...Z.P/..6.)..).;}w.....w.'9..........>...B...WTv..R!o....

                          Chrome Cache Entry: 255

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:gzip compressed data, from Unix, original size modulo 2^32 191555
                          Category:downloaded
                          Size (bytes):172305
                          Entropy (8bit):7.996978666708849
                          Encrypted:true
                          SSDEEP:3072:F8q3R4wD5PDPqHCMwkDooxTs7Uu/Nr2kIldu/Zs0ky8MYpYaeVuhfkzG9kLfW:F1BLtDPQIMoMTs7UASlK/Zkr7hfkCd
                          MD5:26B19D5C435D04437137A63E30C26CFE
                          SHA1:8F54250318A254A0503702B7B3CA0F1BF4FB02C4
                          SHA-256:23BE3E122986569AA9E85E9C2FFE5FE58820ADD65C419D7CF8F0619145C6B58C
                          SHA-512:687B6E77756794270E70DAF257318BF15859F696067D9F8268BB5A0C11CD5BD1273A3161F6B4B2693633884D8498A7ED5F2603C016318FBCE69E1FE43180F464
                          Malicious:false
                          Reputation:low
                          URL:http://img1.wsimg.com/blobby/go/e817bb84-a239-4ab7-b799-a1a28b73e3bf/downloads/vibujoxupekumig.pdf
                          Preview:............wTS.............)JU.Z@....(Jo"*...D@....HTJD.X...Ih....C....@...9g.]...3...v....y........h..h}.Z .&.*..vG@WW@..;....)....@O.`.@.SL.....n....p.}....... ...g.5@.}?.^a......._K..'..g.3..........`.)...U.5T......puM%U.yUUy..}}.O_..2...E.{........b.....$...`..-..?.\..6..f.(.bm(........Uu..wW..3.l.......Z....q..+.b......?...........Q......ier...&i..2...x...7.q....3....*.=.o.S?+.b...u;XF.,...wp..g....?.x.`.8[D.{~........*.=}..[..c..c.{l....l.x..yx.3MP0..>...I@........`....X#.............o.rss.xA...>...||.| ......A.........m.o..U.K...'..y....|.K.......A.....6....<.......N.n.^.H....*E..sqq.....f......>.#*.f.{.+.x..z\..>..O..~R.4......9*.q..I.S...g.i...F.......[..^.nw...-...w..CB..#"..$$&=L~...4;.....o....q.J...RQYU]S[...........?.kp....i..._............m.^.......G.....d....O/.....r....^....:...'v>..f~.....[.O.#r.S'........)v...f..b.K.a@....<....`.a....F...s.W.R:~..%.p"&)...C....M....d..Y..gS".P.{.......5.Y.0+..1.YK.on..:.V..m....MN$.....

                          Static File Info

                          No static file info

                          File Icon

                          Icon Hash:b29a8a8e86868381

                          Network Behavior

                          Download Network PCAP: filteredfull

                          Network Port Distribution

                          • Total Packets: 156
                          • 443 (HTTPS)
                          • 80 (HTTP)
                          • 53 (DNS)
                          TimestampSource PortDest PortSource IPDest IP
                          Oct 10, 2023 17:17:31.654689074 CEST49681443192.168.2.320.189.173.5
                          Oct 10, 2023 17:17:31.963541031 CEST49681443192.168.2.320.189.173.5
                          Oct 10, 2023 17:17:32.572907925 CEST49681443192.168.2.320.189.173.5
                          Oct 10, 2023 17:17:32.666651964 CEST49676443192.168.2.3104.98.116.138
                          Oct 10, 2023 17:17:32.666750908 CEST49677443192.168.2.3104.98.116.138
                          Oct 10, 2023 17:17:32.668863058 CEST49674443192.168.2.3173.222.162.43
                          Oct 10, 2023 17:17:32.668863058 CEST49675443192.168.2.3104.98.116.155
                          Oct 10, 2023 17:17:32.979243040 CEST49671443192.168.2.3204.79.197.203
                          Oct 10, 2023 17:17:33.073050022 CEST49672443192.168.2.3104.98.116.138
                          Oct 10, 2023 17:17:33.776139975 CEST49681443192.168.2.320.189.173.5
                          Oct 10, 2023 17:17:36.182383060 CEST49681443192.168.2.320.189.173.5
                          Oct 10, 2023 17:17:37.073199034 CEST49713443192.168.2.3142.250.72.174
                          Oct 10, 2023 17:17:37.073293924 CEST44349713142.250.72.174192.168.2.3
                          Oct 10, 2023 17:17:37.073374987 CEST49713443192.168.2.3142.250.72.174
                          Oct 10, 2023 17:17:37.073765039 CEST49714443192.168.2.3142.250.189.13
                          Oct 10, 2023 17:17:37.073848963 CEST44349714142.250.189.13192.168.2.3
                          Oct 10, 2023 17:17:37.073916912 CEST49714443192.168.2.3142.250.189.13
                          Oct 10, 2023 17:17:37.074079990 CEST49713443192.168.2.3142.250.72.174
                          Oct 10, 2023 17:17:37.074120045 CEST44349713142.250.72.174192.168.2.3
                          Oct 10, 2023 17:17:37.074318886 CEST49714443192.168.2.3142.250.189.13
                          Oct 10, 2023 17:17:37.074354887 CEST44349714142.250.189.13192.168.2.3
                          Oct 10, 2023 17:17:37.487890959 CEST44349714142.250.189.13192.168.2.3
                          Oct 10, 2023 17:17:37.488404036 CEST49714443192.168.2.3142.250.189.13
                          Oct 10, 2023 17:17:37.488464117 CEST44349714142.250.189.13192.168.2.3
                          Oct 10, 2023 17:17:37.488467932 CEST44349713142.250.72.174192.168.2.3
                          Oct 10, 2023 17:17:37.488749981 CEST49713443192.168.2.3142.250.72.174
                          Oct 10, 2023 17:17:37.488771915 CEST44349713142.250.72.174192.168.2.3
                          Oct 10, 2023 17:17:37.489293098 CEST44349713142.250.72.174192.168.2.3
                          Oct 10, 2023 17:17:37.489370108 CEST49713443192.168.2.3142.250.72.174
                          Oct 10, 2023 17:17:37.490386963 CEST44349713142.250.72.174192.168.2.3
                          Oct 10, 2023 17:17:37.490427971 CEST44349714142.250.189.13192.168.2.3
                          Oct 10, 2023 17:17:37.490453005 CEST49713443192.168.2.3142.250.72.174
                          Oct 10, 2023 17:17:37.490509987 CEST49714443192.168.2.3142.250.189.13
                          Oct 10, 2023 17:17:37.491436958 CEST49713443192.168.2.3142.250.72.174
                          Oct 10, 2023 17:17:37.491522074 CEST44349713142.250.72.174192.168.2.3
                          Oct 10, 2023 17:17:37.491684914 CEST49714443192.168.2.3142.250.189.13
                          Oct 10, 2023 17:17:37.491769075 CEST49713443192.168.2.3142.250.72.174
                          Oct 10, 2023 17:17:37.491775036 CEST44349714142.250.189.13192.168.2.3
                          Oct 10, 2023 17:17:37.491786957 CEST44349713142.250.72.174192.168.2.3
                          Oct 10, 2023 17:17:37.491866112 CEST49714443192.168.2.3142.250.189.13
                          Oct 10, 2023 17:17:37.491883993 CEST44349714142.250.189.13192.168.2.3
                          Oct 10, 2023 17:17:37.537341118 CEST49713443192.168.2.3142.250.72.174
                          Oct 10, 2023 17:17:37.631159067 CEST49714443192.168.2.3142.250.189.13
                          Oct 10, 2023 17:17:37.832926989 CEST44349713142.250.72.174192.168.2.3
                          Oct 10, 2023 17:17:37.833295107 CEST44349713142.250.72.174192.168.2.3
                          Oct 10, 2023 17:17:37.833385944 CEST49713443192.168.2.3142.250.72.174
                          Oct 10, 2023 17:17:37.834038019 CEST49713443192.168.2.3142.250.72.174
                          Oct 10, 2023 17:17:37.834081888 CEST44349713142.250.72.174192.168.2.3
                          Oct 10, 2023 17:17:37.876177073 CEST44349714142.250.189.13192.168.2.3
                          Oct 10, 2023 17:17:37.876542091 CEST44349714142.250.189.13192.168.2.3
                          Oct 10, 2023 17:17:37.876741886 CEST49714443192.168.2.3142.250.189.13
                          Oct 10, 2023 17:17:37.877904892 CEST49714443192.168.2.3142.250.189.13
                          Oct 10, 2023 17:17:37.877943993 CEST44349714142.250.189.13192.168.2.3
                          Oct 10, 2023 17:17:40.718988895 CEST49725443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:17:40.719027042 CEST44349725142.250.72.132192.168.2.3
                          Oct 10, 2023 17:17:40.719098091 CEST49725443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:17:40.719419003 CEST49725443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:17:40.719430923 CEST44349725142.250.72.132192.168.2.3
                          Oct 10, 2023 17:17:40.983138084 CEST49681443192.168.2.320.189.173.5
                          Oct 10, 2023 17:17:41.092348099 CEST44349725142.250.72.132192.168.2.3
                          Oct 10, 2023 17:17:41.092572927 CEST49725443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:17:41.092596054 CEST44349725142.250.72.132192.168.2.3
                          Oct 10, 2023 17:17:41.094141006 CEST44349725142.250.72.132192.168.2.3
                          Oct 10, 2023 17:17:41.094202995 CEST49725443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:17:41.095526934 CEST49725443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:17:41.095670938 CEST44349725142.250.72.132192.168.2.3
                          Oct 10, 2023 17:17:41.143683910 CEST49725443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:17:41.143695116 CEST44349725142.250.72.132192.168.2.3
                          Oct 10, 2023 17:17:41.194926023 CEST49725443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:17:42.141225100 CEST49726443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:42.141305923 CEST4434972672.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:42.141403913 CEST49726443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:42.143568993 CEST49726443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:42.143682003 CEST4434972672.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:42.271982908 CEST49676443192.168.2.3104.98.116.138
                          Oct 10, 2023 17:17:42.272078037 CEST49674443192.168.2.3173.222.162.43
                          Oct 10, 2023 17:17:42.272078991 CEST49675443192.168.2.3104.98.116.155
                          Oct 10, 2023 17:17:42.272093058 CEST49677443192.168.2.3104.98.116.138
                          Oct 10, 2023 17:17:42.491837025 CEST4434972672.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:42.492073059 CEST49726443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:42.578282118 CEST49726443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:42.578318119 CEST4434972672.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:42.579329967 CEST4434972672.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:42.582421064 CEST49671443192.168.2.3204.79.197.203
                          Oct 10, 2023 17:17:42.631777048 CEST49726443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:42.680032969 CEST49672443192.168.2.3104.98.116.138
                          Oct 10, 2023 17:17:42.715204000 CEST49726443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:42.758519888 CEST4434972672.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:42.879664898 CEST4434972672.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:42.879826069 CEST4434972672.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:42.880017996 CEST49726443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:42.925481081 CEST49726443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:42.925481081 CEST49726443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:42.925542116 CEST4434972672.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:42.925575972 CEST4434972672.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:43.188854933 CEST49727443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:43.188949108 CEST4434972772.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:43.189033985 CEST49727443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:43.189483881 CEST49727443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:43.189518929 CEST4434972772.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:43.532569885 CEST4434972772.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:43.532663107 CEST49727443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:43.533900023 CEST49727443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:43.533920050 CEST4434972772.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:43.534327984 CEST4434972772.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:43.535536051 CEST49727443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:43.578449965 CEST4434972772.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:43.855539083 CEST4434972772.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:43.855668068 CEST4434972772.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:43.855755091 CEST49727443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:43.993894100 CEST49727443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:43.993952990 CEST4434972772.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:43.993989944 CEST49727443192.168.2.372.247.100.147
                          Oct 10, 2023 17:17:43.994007111 CEST4434972772.247.100.147192.168.2.3
                          Oct 10, 2023 17:17:44.055250883 CEST44349709104.98.116.138192.168.2.3
                          Oct 10, 2023 17:17:44.055470943 CEST49709443192.168.2.3104.98.116.138
                          Oct 10, 2023 17:17:50.718516111 CEST49681443192.168.2.320.189.173.5
                          Oct 10, 2023 17:17:51.114351988 CEST44349725142.250.72.132192.168.2.3
                          Oct 10, 2023 17:17:51.114522934 CEST44349725142.250.72.132192.168.2.3
                          Oct 10, 2023 17:17:51.114602089 CEST49725443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:17:51.142986059 CEST49725443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:17:51.143038034 CEST44349725142.250.72.132192.168.2.3
                          Oct 10, 2023 17:17:53.552397013 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:53.552478075 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:53.552577019 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:53.558793068 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:53.558868885 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:54.162679911 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:54.163064003 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:54.303025007 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:54.303138018 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:54.304110050 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:54.398780107 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:54.774041891 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:54.814527035 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:55.165992975 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:55.166054010 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:55.166071892 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:55.166214943 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:55.166270971 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:55.166291952 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:55.166316032 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:55.166316032 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:55.166316032 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:55.166353941 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:55.166393995 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:55.166393995 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:55.166397095 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:55.166414976 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:55.166416883 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:55.166477919 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:55.166492939 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:55.166534901 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:55.166534901 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:55.166549921 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:55.166599989 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:55.268587112 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:55.268649101 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:55.268701077 CEST49729443192.168.2.320.114.59.183
                          Oct 10, 2023 17:17:55.268718958 CEST4434972920.114.59.183192.168.2.3
                          Oct 10, 2023 17:17:57.474458933 CEST49709443192.168.2.3104.98.116.138
                          Oct 10, 2023 17:17:57.474459887 CEST49709443192.168.2.3104.98.116.138
                          Oct 10, 2023 17:17:57.637595892 CEST44349709104.98.116.138192.168.2.3
                          Oct 10, 2023 17:17:57.637656927 CEST44349709104.98.116.138192.168.2.3
                          Oct 10, 2023 17:18:23.135200977 CEST4970880192.168.2.323.64.190.239
                          Oct 10, 2023 17:18:23.135385990 CEST49707443192.168.2.3104.106.49.52
                          Oct 10, 2023 17:18:23.298537016 CEST44349707104.106.49.52192.168.2.3
                          Oct 10, 2023 17:18:23.298589945 CEST44349707104.106.49.52192.168.2.3
                          Oct 10, 2023 17:18:23.298753023 CEST49707443192.168.2.3104.106.49.52
                          Oct 10, 2023 17:18:23.298988104 CEST49707443192.168.2.3104.106.49.52
                          Oct 10, 2023 17:18:23.300307989 CEST804970823.64.190.239192.168.2.3
                          Oct 10, 2023 17:18:23.300523996 CEST4970880192.168.2.323.64.190.239
                          Oct 10, 2023 17:18:24.934045076 CEST8049710209.197.3.8192.168.2.3
                          Oct 10, 2023 17:18:24.934261084 CEST4971080192.168.2.3209.197.3.8
                          Oct 10, 2023 17:18:28.037172079 CEST4971180192.168.2.3192.229.211.108
                          Oct 10, 2023 17:18:28.037219048 CEST4971080192.168.2.3209.197.3.8
                          Oct 10, 2023 17:18:28.200226068 CEST8049711192.229.211.108192.168.2.3
                          Oct 10, 2023 17:18:28.200280905 CEST8049710209.197.3.8192.168.2.3
                          Oct 10, 2023 17:18:28.200436115 CEST4971180192.168.2.3192.229.211.108
                          Oct 10, 2023 17:18:28.200563908 CEST4971080192.168.2.3209.197.3.8
                          Oct 10, 2023 17:18:32.334722042 CEST49741443192.168.2.320.114.59.183
                          Oct 10, 2023 17:18:32.334800959 CEST4434974120.114.59.183192.168.2.3
                          Oct 10, 2023 17:18:32.334883928 CEST49741443192.168.2.320.114.59.183
                          Oct 10, 2023 17:18:32.337171078 CEST49741443192.168.2.320.114.59.183
                          Oct 10, 2023 17:18:32.337203979 CEST4434974120.114.59.183192.168.2.3
                          Oct 10, 2023 17:18:32.946464062 CEST4434974120.114.59.183192.168.2.3
                          Oct 10, 2023 17:18:32.946724892 CEST49741443192.168.2.320.114.59.183
                          Oct 10, 2023 17:18:32.967827082 CEST49741443192.168.2.320.114.59.183
                          Oct 10, 2023 17:18:32.967870951 CEST4434974120.114.59.183192.168.2.3
                          Oct 10, 2023 17:18:32.968813896 CEST4434974120.114.59.183192.168.2.3
                          Oct 10, 2023 17:18:32.970060110 CEST49741443192.168.2.320.114.59.183
                          Oct 10, 2023 17:18:33.014467955 CEST4434974120.114.59.183192.168.2.3
                          Oct 10, 2023 17:18:33.529145956 CEST4434974120.114.59.183192.168.2.3
                          Oct 10, 2023 17:18:33.529211044 CEST4434974120.114.59.183192.168.2.3
                          Oct 10, 2023 17:18:33.529256105 CEST4434974120.114.59.183192.168.2.3
                          Oct 10, 2023 17:18:33.529408932 CEST49741443192.168.2.320.114.59.183
                          Oct 10, 2023 17:18:33.529443026 CEST4434974120.114.59.183192.168.2.3
                          Oct 10, 2023 17:18:33.529527903 CEST4434974120.114.59.183192.168.2.3
                          Oct 10, 2023 17:18:33.529664993 CEST4434974120.114.59.183192.168.2.3
                          Oct 10, 2023 17:18:33.529685020 CEST49741443192.168.2.320.114.59.183
                          Oct 10, 2023 17:18:33.529752970 CEST49741443192.168.2.320.114.59.183
                          Oct 10, 2023 17:18:33.608566046 CEST49741443192.168.2.320.114.59.183
                          Oct 10, 2023 17:18:33.608608961 CEST4434974120.114.59.183192.168.2.3
                          Oct 10, 2023 17:18:33.608639002 CEST49741443192.168.2.320.114.59.183
                          Oct 10, 2023 17:18:33.608659029 CEST4434974120.114.59.183192.168.2.3
                          Oct 10, 2023 17:18:40.605730057 CEST49746443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:18:40.605811119 CEST44349746142.250.72.132192.168.2.3
                          Oct 10, 2023 17:18:40.606125116 CEST49746443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:18:40.606245041 CEST49746443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:18:40.606273890 CEST44349746142.250.72.132192.168.2.3
                          Oct 10, 2023 17:18:40.966028929 CEST44349746142.250.72.132192.168.2.3
                          Oct 10, 2023 17:18:40.966481924 CEST49746443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:18:40.966542006 CEST44349746142.250.72.132192.168.2.3
                          Oct 10, 2023 17:18:40.968017101 CEST44349746142.250.72.132192.168.2.3
                          Oct 10, 2023 17:18:40.968270063 CEST49746443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:18:40.968765020 CEST49746443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:18:40.968888998 CEST44349746142.250.72.132192.168.2.3
                          Oct 10, 2023 17:18:41.114828110 CEST49746443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:18:41.114886045 CEST44349746142.250.72.132192.168.2.3
                          Oct 10, 2023 17:18:41.224169970 CEST49746443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:18:45.807166100 CEST49746443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:18:45.807410955 CEST44349746142.250.72.132192.168.2.3
                          Oct 10, 2023 17:18:45.807524920 CEST49746443192.168.2.3142.250.72.132
                          Oct 10, 2023 17:19:07.360963106 CEST49760443192.168.2.3142.250.72.238
                          Oct 10, 2023 17:19:07.360997915 CEST44349760142.250.72.238192.168.2.3
                          Oct 10, 2023 17:19:07.361151934 CEST49760443192.168.2.3142.250.72.238
                          Oct 10, 2023 17:19:07.361394882 CEST49760443192.168.2.3142.250.72.238
                          Oct 10, 2023 17:19:07.361413956 CEST44349760142.250.72.238192.168.2.3
                          Oct 10, 2023 17:19:07.719918013 CEST44349760142.250.72.238192.168.2.3
                          Oct 10, 2023 17:19:07.784579992 CEST49760443192.168.2.3142.250.72.238
                          Oct 10, 2023 17:19:07.784596920 CEST44349760142.250.72.238192.168.2.3
                          Oct 10, 2023 17:19:07.785315037 CEST44349760142.250.72.238192.168.2.3
                          Oct 10, 2023 17:19:07.785334110 CEST44349760142.250.72.238192.168.2.3
                          Oct 10, 2023 17:19:07.785706997 CEST49760443192.168.2.3142.250.72.238
                          Oct 10, 2023 17:19:07.786335945 CEST44349760142.250.72.238192.168.2.3
                          Oct 10, 2023 17:19:07.786451101 CEST49760443192.168.2.3142.250.72.238
                          Oct 10, 2023 17:19:07.792057991 CEST49760443192.168.2.3142.250.72.238
                          Oct 10, 2023 17:19:07.792150974 CEST44349760142.250.72.238192.168.2.3
                          Oct 10, 2023 17:19:07.797271013 CEST49760443192.168.2.3142.250.72.238
                          Oct 10, 2023 17:19:07.797281981 CEST44349760142.250.72.238192.168.2.3
                          Oct 10, 2023 17:19:08.006469965 CEST44349760142.250.72.238192.168.2.3
                          Oct 10, 2023 17:19:08.006829023 CEST49760443192.168.2.3142.250.72.238
                          Oct 10, 2023 17:19:08.110722065 CEST44349760142.250.72.238192.168.2.3
                          Oct 10, 2023 17:19:08.111382008 CEST44349760142.250.72.238192.168.2.3
                          Oct 10, 2023 17:19:08.111521006 CEST49760443192.168.2.3142.250.72.238
                          Oct 10, 2023 17:19:08.202321053 CEST49760443192.168.2.3142.250.72.238
                          Oct 10, 2023 17:19:08.202359915 CEST44349760142.250.72.238192.168.2.3
                          Oct 10, 2023 17:19:09.937230110 CEST49764443192.168.2.350.16.47.176
                          Oct 10, 2023 17:19:09.937311888 CEST4434976450.16.47.176192.168.2.3
                          Oct 10, 2023 17:19:09.937401056 CEST49764443192.168.2.350.16.47.176
                          Oct 10, 2023 17:19:09.937849045 CEST49764443192.168.2.350.16.47.176
                          Oct 10, 2023 17:19:09.937886953 CEST4434976450.16.47.176192.168.2.3
                          Oct 10, 2023 17:19:10.401288033 CEST4434976450.16.47.176192.168.2.3
                          Oct 10, 2023 17:19:10.401690006 CEST49764443192.168.2.350.16.47.176
                          Oct 10, 2023 17:19:10.401748896 CEST4434976450.16.47.176192.168.2.3
                          Oct 10, 2023 17:19:10.402697086 CEST4434976450.16.47.176192.168.2.3
                          Oct 10, 2023 17:19:10.402776003 CEST49764443192.168.2.350.16.47.176
                          Oct 10, 2023 17:19:10.402792931 CEST4434976450.16.47.176192.168.2.3
                          Oct 10, 2023 17:19:10.402848959 CEST49764443192.168.2.350.16.47.176
                          Oct 10, 2023 17:19:10.403139114 CEST49764443192.168.2.350.16.47.176
                          Oct 10, 2023 17:19:10.403247118 CEST4434976450.16.47.176192.168.2.3
                          Oct 10, 2023 17:19:10.403435946 CEST49764443192.168.2.350.16.47.176
                          Oct 10, 2023 17:19:10.403462887 CEST4434976450.16.47.176192.168.2.3
                          Oct 10, 2023 17:19:10.512562037 CEST49764443192.168.2.350.16.47.176
                          Oct 10, 2023 17:19:10.953701019 CEST4434976450.16.47.176192.168.2.3
                          Oct 10, 2023 17:19:10.953731060 CEST4434976450.16.47.176192.168.2.3
                          Oct 10, 2023 17:19:10.953738928 CEST4434976450.16.47.176192.168.2.3
                          Oct 10, 2023 17:19:10.953758001 CEST4434976450.16.47.176192.168.2.3
                          Oct 10, 2023 17:19:10.953764915 CEST4434976450.16.47.176192.168.2.3
                          Oct 10, 2023 17:19:10.953813076 CEST49764443192.168.2.350.16.47.176
                          Oct 10, 2023 17:19:10.953830957 CEST4434976450.16.47.176192.168.2.3
                          Oct 10, 2023 17:19:10.953850031 CEST49764443192.168.2.350.16.47.176
                          Oct 10, 2023 17:19:10.953872919 CEST49764443192.168.2.350.16.47.176
                          Oct 10, 2023 17:19:10.957684994 CEST49764443192.168.2.350.16.47.176
                          Oct 10, 2023 17:19:10.957722902 CEST4434976450.16.47.176192.168.2.3
                          TimestampSource PortDest PortSource IPDest IP
                          Oct 10, 2023 17:17:36.904505014 CEST5892253192.168.2.31.1.1.1
                          Oct 10, 2023 17:17:36.904802084 CEST6052153192.168.2.31.1.1.1
                          Oct 10, 2023 17:17:36.905229092 CEST4978853192.168.2.31.1.1.1
                          Oct 10, 2023 17:17:36.905473948 CEST6104953192.168.2.31.1.1.1
                          Oct 10, 2023 17:17:37.002827883 CEST53595481.1.1.1192.168.2.3
                          Oct 10, 2023 17:17:37.067998886 CEST53589221.1.1.1192.168.2.3
                          Oct 10, 2023 17:17:37.068057060 CEST53605211.1.1.1192.168.2.3
                          Oct 10, 2023 17:17:37.068089962 CEST53497881.1.1.1192.168.2.3
                          Oct 10, 2023 17:17:37.068644047 CEST53610491.1.1.1192.168.2.3
                          Oct 10, 2023 17:17:38.040384054 CEST53494101.1.1.1192.168.2.3
                          Oct 10, 2023 17:17:38.457969904 CEST5079353192.168.2.31.1.1.1
                          Oct 10, 2023 17:17:38.458344936 CEST5700553192.168.2.31.1.1.1
                          Oct 10, 2023 17:17:39.873682976 CEST6467953192.168.2.31.1.1.1
                          Oct 10, 2023 17:17:39.873939991 CEST6543553192.168.2.31.1.1.1
                          Oct 10, 2023 17:17:40.554548979 CEST6370053192.168.2.31.1.1.1
                          Oct 10, 2023 17:17:40.554728031 CEST5400053192.168.2.31.1.1.1
                          Oct 10, 2023 17:17:40.717700958 CEST53540001.1.1.1192.168.2.3
                          Oct 10, 2023 17:17:40.717777014 CEST53637001.1.1.1192.168.2.3
                          Oct 10, 2023 17:17:55.374350071 CEST53607101.1.1.1192.168.2.3
                          Oct 10, 2023 17:18:14.617288113 CEST53527601.1.1.1192.168.2.3
                          Oct 10, 2023 17:18:35.348440886 CEST138138192.168.2.3192.168.2.255
                          Oct 10, 2023 17:18:36.316597939 CEST53537871.1.1.1192.168.2.3
                          Oct 10, 2023 17:18:37.389231920 CEST53622961.1.1.1192.168.2.3
                          Oct 10, 2023 17:19:07.193254948 CEST5678553192.168.2.31.1.1.1
                          Oct 10, 2023 17:19:07.193763971 CEST5921753192.168.2.31.1.1.1
                          Oct 10, 2023 17:19:07.357001066 CEST53567851.1.1.1192.168.2.3
                          Oct 10, 2023 17:19:07.358377934 CEST53592171.1.1.1192.168.2.3
                          Oct 10, 2023 17:19:08.501647949 CEST53580101.1.1.1192.168.2.3

                          DNS Queries

                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                          Oct 10, 2023 17:17:36.904505014 CEST192.168.2.31.1.1.10x6e14Standard query (0)clients2.google.comA (IP address)IN (0x0001)false
                          Oct 10, 2023 17:17:36.904802084 CEST192.168.2.31.1.1.10x7cdeStandard query (0)clients2.google.com65IN (0x0001)false
                          Oct 10, 2023 17:17:36.905229092 CEST192.168.2.31.1.1.10x602bStandard query (0)accounts.google.comA (IP address)IN (0x0001)false
                          Oct 10, 2023 17:17:36.905473948 CEST192.168.2.31.1.1.10xd81fStandard query (0)accounts.google.com65IN (0x0001)false
                          Oct 10, 2023 17:17:38.457969904 CEST192.168.2.31.1.1.10x8d0dStandard query (0)img1.wsimg.comA (IP address)IN (0x0001)false
                          Oct 10, 2023 17:17:38.458344936 CEST192.168.2.31.1.1.10x1afaStandard query (0)img1.wsimg.com65IN (0x0001)false
                          Oct 10, 2023 17:17:39.873682976 CEST192.168.2.31.1.1.10x4279Standard query (0)img1.wsimg.comA (IP address)IN (0x0001)false
                          Oct 10, 2023 17:17:39.873939991 CEST192.168.2.31.1.1.10xe462Standard query (0)img1.wsimg.com65IN (0x0001)false
                          Oct 10, 2023 17:17:40.554548979 CEST192.168.2.31.1.1.10x17f2Standard query (0)www.google.comA (IP address)IN (0x0001)false
                          Oct 10, 2023 17:17:40.554728031 CEST192.168.2.31.1.1.10x6205Standard query (0)www.google.com65IN (0x0001)false
                          Oct 10, 2023 17:19:07.193254948 CEST192.168.2.31.1.1.10x3524Standard query (0)clients1.google.comA (IP address)IN (0x0001)false
                          Oct 10, 2023 17:19:07.193763971 CEST192.168.2.31.1.1.10x23baStandard query (0)clients1.google.com65IN (0x0001)false

                          DNS Answers

                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                          Oct 10, 2023 17:17:37.067998886 CEST1.1.1.1192.168.2.30x6e14No error (0)clients2.google.comclients.l.google.comCNAME (Canonical name)IN (0x0001)false
                          Oct 10, 2023 17:17:37.067998886 CEST1.1.1.1192.168.2.30x6e14No error (0)clients.l.google.com142.250.72.174A (IP address)IN (0x0001)false
                          Oct 10, 2023 17:17:37.068057060 CEST1.1.1.1192.168.2.30x7cdeNo error (0)clients2.google.comclients.l.google.comCNAME (Canonical name)IN (0x0001)false
                          Oct 10, 2023 17:17:37.068089962 CEST1.1.1.1192.168.2.30x602bNo error (0)accounts.google.com142.250.189.13A (IP address)IN (0x0001)false
                          Oct 10, 2023 17:17:38.622206926 CEST1.1.1.1192.168.2.30x8d0dNo error (0)img1.wsimg.comglobal-wildcard.wsimg.com.sni-only.edgekey.netCNAME (Canonical name)IN (0x0001)false
                          Oct 10, 2023 17:17:38.622282028 CEST1.1.1.1192.168.2.30x1afaNo error (0)img1.wsimg.comglobal-wildcard.wsimg.com.sni-only.edgekey.netCNAME (Canonical name)IN (0x0001)false
                          Oct 10, 2023 17:17:40.038074017 CEST1.1.1.1192.168.2.30xe462No error (0)img1.wsimg.comglobal-wildcard.wsimg.com.sni-only.edgekey.netCNAME (Canonical name)IN (0x0001)false
                          Oct 10, 2023 17:17:40.038918972 CEST1.1.1.1192.168.2.30x4279No error (0)img1.wsimg.comglobal-wildcard.wsimg.com.sni-only.edgekey.netCNAME (Canonical name)IN (0x0001)false
                          Oct 10, 2023 17:17:40.717700958 CEST1.1.1.1192.168.2.30x6205No error (0)www.google.com65IN (0x0001)false
                          Oct 10, 2023 17:17:40.717777014 CEST1.1.1.1192.168.2.30x17f2No error (0)www.google.com142.250.72.132A (IP address)IN (0x0001)false
                          Oct 10, 2023 17:19:07.357001066 CEST1.1.1.1192.168.2.30x3524No error (0)clients1.google.comclients.l.google.comCNAME (Canonical name)IN (0x0001)false
                          Oct 10, 2023 17:19:07.357001066 CEST1.1.1.1192.168.2.30x3524No error (0)clients.l.google.com142.250.72.238A (IP address)IN (0x0001)false
                          Oct 10, 2023 17:19:07.358377934 CEST1.1.1.1192.168.2.30x23baNo error (0)clients1.google.comclients.l.google.comCNAME (Canonical name)IN (0x0001)false

                          HTTP Request Dependency Graph

                          • clients2.google.com
                          • accounts.google.com
                          • fs.microsoft.com
                          • slscr.update.microsoft.com
                          • clients1.google.com
                          • https:
                            • p13n.adobe.io

                          HTTPS Proxied Packets

                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          0192.168.2.349713142.250.72.174443C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampkBytes transferredDirectionData
                          2023-10-10 15:17:37 UTC0OUTGET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.134&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1
                          Host: clients2.google.com
                          Connection: keep-alive
                          X-Goog-Update-Interactivity: fg
                          X-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda
                          X-Goog-Update-Updater: chromecrx-117.0.5938.134
                          Sec-Fetch-Site: none
                          Sec-Fetch-Mode: no-cors
                          Sec-Fetch-Dest: empty
                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                          Accept-Encoding: gzip, deflate, br
                          Accept-Language: en-US,en;q=0.9


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          1192.168.2.349714142.250.189.13443C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampkBytes transferredDirectionData
                          2023-10-10 15:17:37 UTC0OUTPOST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1
                          Host: accounts.google.com
                          Connection: keep-alive
                          Content-Length: 1
                          Origin: https://www.google.com
                          Content-Type: application/x-www-form-urlencoded
                          Sec-Fetch-Site: none
                          Sec-Fetch-Mode: no-cors
                          Sec-Fetch-Dest: empty
                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                          Accept-Encoding: gzip, deflate, br
                          Accept-Language: en-US,en;q=0.9
                          Cookie: 1P_JAR=2023-10-05-14; NID=511=OL3WgnA24QwPfMpspsItpZ2c_g7YXAAMilzUqiZdxG8z8Ka1c00AfG24ctRwvhPMrHVqO7oNbKVSwiOA0g2EzuMjPJIvQtOS7zZy99O8OkMoKSMKDFs-L1TjxHc_KVN5KBVb4BTfsPAzvlWsn_iACmkP3ulD50w_qpZ6JVqkr7w
                          2023-10-10 15:17:37 UTC1OUTData Raw: 20
                          Data Ascii:


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          10192.168.2.34976450.16.47.176443C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampkBytes transferredDirectionData
                          2023-10-10 15:19:10 UTC57OUTGET /psdk/v2/content?surfaceId=ACROBAT_READER_MASTER_SURFACEID&surfaceId=DC_READER_LAUNCH_CARD&surfaceId=DC_Reader_RHP_Banner&surfaceId=DC_Reader_RHP_Retention&surfaceId=Edit_InApp_Aug2020&surfaceId=DC_FirstMile_Right_Sec_Surface&surfaceId=DC_Reader_Upsell_Cards&surfaceId=DC_FirstMile_Home_View_Surface&surfaceId=DC_Reader_RHP_Intent_Banner&surfaceId=DC_Reader_Disc_LHP_Banner&surfaceId=DC_Reader_Edit_LHP_Banner&surfaceId=DC_Reader_Convert_LHP_Banner&surfaceId=DC_Reader_Sign_LHP_Banner&surfaceId=DC_Reader_More_LHP_Banner&surfaceId=DC_Reader_Disc_LHP_Retention&surfaceId=DC_Reader_Home_LHP_Trial_Banner&adcProductLanguage=en-us&adcVersion=23.6.20320&adcProductType=SingleClientMini&adcOSType=WIN&adcCountryCode=US&adcXAPIClientID=api_reader_desktop_win_23.6.20320&encodingScheme=BASE_64 HTTP/1.1
                          Host: p13n.adobe.io
                          Connection: keep-alive
                          sec-ch-ua: "Chromium";v="105"
                          sec-ch-ua-mobile: ?0
                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) ReaderServices/23.6.20320 Chrome/105.0.0.0 Safari/537.36
                          Accept: application/json, text/javascript, */*; q=0.01
                          x-adobe-uuid: 970e02fa-57d1-4240-a0ce-04ea7a641583
                          x-adobe-uuid-type: visitorId
                          x-api-key: AdobeReader9
                          sec-ch-ua-platform: "Windows"
                          Origin: https://rna-resource.acrobat.com
                          Accept-Language: en-US,en;q=0.9
                          Sec-Fetch-Site: cross-site
                          Sec-Fetch-Mode: cors
                          Sec-Fetch-Dest: empty
                          Referer: https://rna-resource.acrobat.com/
                          Accept-Encoding: gzip, deflate, br


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          1150.16.47.176443192.168.2.349764C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                          TimestampkBytes transferredDirectionData
                          2023-10-10 15:19:10 UTC59INHTTP/1.1 200
                          Server: openresty
                          Date: Tue, 10 Oct 2023 15:19:10 GMT
                          Content-Type: application/json;charset=UTF-8
                          Content-Length: 11126
                          Connection: close
                          x-request-id: evEjnoumYe1UJ0gNERqVpZg7RyJfj3ru
                          vary: accept-encoding
                          Access-Control-Allow-Origin: *
                          Access-Control-Allow-Methods: GET, OPTIONS
                          Access-Control-Allow-Headers: Authorization,Content-Type,X-Api-Key,cache-control,User-Agent,If-None-Match,x-adobe-uuid,x-adobe-uuid-type, X-Request-Id
                          Access-Control-Allow-Credentials: true
                          Access-Control-Expose-Headers: x-request-id
                          2023-10-10 15:19:10 UTC59INData Raw: 7b 22 73 75 72 66 61 63 65 73 22 3a 7b 22 44 43 5f 52 65 61 64 65 72 5f 52 48 50 5f 42 61 6e 6e 65 72 22 3a 7b 22 63 6f 6e 74 61 69 6e 65 72 73 22 3a 5b 7b 22 63 6f 6e 74 61 69 6e 65 72 49 64 22 3a 31 2c 22 63 6f 6e 74 61 69 6e 65 72 4c 61 62 65 6c 22 3a 22 4a 53 4f 4e 20 66 6f 72 20 52 65 61 64 65 72 20 44 43 20 52 48 50 20 42 61 6e 6e 65 72 22 2c 22 64 61 74 61 54 79 70 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 73 6f 6e 22 2c 22 64 61 74 61 22 3a 22 65 79 4a 6a 64 47 45 69 4f 6e 73 69 64 48 6c 77 5a 53 49 36 49 6d 4a 31 64 48 52 76 62 69 49 73 49 6e 52 6c 65 48 51 69 4f 69 4a 47 63 6d 56 6c 49 44 63 74 52 47 46 35 49 46 52 79 61 57 46 73 49 69 77 69 5a 32 39 66 64 58 4a 73 49 6a 6f 69 61 48 52 30 63 48 4d 36 4c 79 39 68 59 33 4a 76 59 6d 46 30
                          Data Ascii: {"surfaces":{"DC_Reader_RHP_Banner":{"containers":[{"containerId":1,"containerLabel":"JSON for Reader DC RHP Banner","dataType":"application/json","data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJGcmVlIDctRGF5IFRyaWFsIiwiZ29fdXJsIjoiaHR0cHM6Ly9hY3JvYmF0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          2142.250.72.174443192.168.2.349713C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampkBytes transferredDirectionData
                          2023-10-10 15:17:37 UTC1INHTTP/1.1 200 OK
                          Content-Security-Policy: script-src 'report-sample' 'nonce-5xIuzvDDCFkFai5JOQovHQ' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1
                          Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                          Pragma: no-cache
                          Expires: Mon, 01 Jan 1990 00:00:00 GMT
                          Date: Tue, 10 Oct 2023 15:17:37 GMT
                          Content-Type: text/xml; charset=UTF-8
                          X-Daynum: 6126
                          X-Daystart: 29857
                          X-Content-Type-Options: nosniff
                          X-Frame-Options: SAMEORIGIN
                          X-XSS-Protection: 1; mode=block
                          Server: GSE
                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                          Accept-Ranges: none
                          Vary: Accept-Encoding
                          Connection: close
                          Transfer-Encoding: chunked
                          2023-10-10 15:17:37 UTC2INData Raw: 32 63 39 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 67 75 70 64 61 74 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 75 70 64 61 74 65 32 2f 72 65 73 70 6f 6e 73 65 22 20 70 72 6f 74 6f 63 6f 6c 3d 22 32 2e 30 22 20 73 65 72 76 65 72 3d 22 70 72 6f 64 22 3e 3c 64 61 79 73 74 61 72 74 20 65 6c 61 70 73 65 64 5f 64 61 79 73 3d 22 36 31 32 36 22 20 65 6c 61 70 73 65 64 5f 73 65 63 6f 6e 64 73 3d 22 32 39 38 35 37 22 2f 3e 3c 61 70 70 20 61 70 70 69 64 3d 22 6e 6d 6d 68 6b 6b 65 67 63 63 61 67 64 6c 64 67 69 69 6d 65 64 70 69 63 63 6d 67 6d 69 65 64 61 22 20 63 6f 68 6f 72 74 3d 22 31 3a 3a 22 20 63 6f 68 6f 72 74 6e 61 6d 65 3d 22 22
                          Data Ascii: 2c9<?xml version="1.0" encoding="UTF-8"?><gupdate xmlns="http://www.google.com/update2/response" protocol="2.0" server="prod"><daystart elapsed_days="6126" elapsed_seconds="29857"/><app appid="nmmhkkegccagdldgiimedpiccmgmieda" cohort="1::" cohortname=""
                          2023-10-10 15:17:37 UTC2INData Raw: 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 68 61 73 68 5f 73 68 61 32 35 36 3d 22 38 31 65 33 61 34 64 34 33 61 37 33 36 39 39 65 31 62 37 37 38 31 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 70 72 6f 74 65 63 74 65 64 3d 22 30 22 20 73 69 7a 65 3d 22 32 34 38 35 33 31 22 20 73 74 61 74 75 73 3d 22 6f 6b 22 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 2e 30 2e 36 22 2f 3e 3c 2f 61 70 70 3e 3c 2f 67 75 70 64 61 74 65 3e 0d 0a
                          Data Ascii: 723f56b8717175c536685c5450122b30789464ad82" hash_sha256="81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82" protected="0" size="248531" status="ok" version="1.0.0.6"/></app></gupdate>
                          2023-10-10 15:17:37 UTC2INData Raw: 30 0d 0a 0d 0a
                          Data Ascii: 0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          3142.250.189.13443192.168.2.349714C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampkBytes transferredDirectionData
                          2023-10-10 15:17:37 UTC2INHTTP/1.1 200 OK
                          Content-Type: application/json; charset=utf-8
                          Access-Control-Allow-Origin: https://www.google.com
                          Access-Control-Allow-Credentials: true
                          X-Content-Type-Options: nosniff
                          Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                          Pragma: no-cache
                          Expires: Mon, 01 Jan 1990 00:00:00 GMT
                          Date: Tue, 10 Oct 2023 15:17:37 GMT
                          Strict-Transport-Security: max-age=31536000; includeSubDomains
                          Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
                          Cross-Origin-Opener-Policy: same-origin
                          Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/IdentityListAccountsHttp/cspreport
                          Content-Security-Policy: script-src 'report-sample' 'nonce-r13b8edjinR1bQMqDqbIJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdentityListAccountsHttp/cspreport;worker-src 'self'
                          Content-Security-Policy: script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdentityListAccountsHttp/cspreport/allowlist
                          Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                          Server: ESF
                          X-XSS-Protection: 0
                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                          Accept-Ranges: none
                          Vary: Accept-Encoding
                          Connection: close
                          Transfer-Encoding: chunked
                          2023-10-10 15:17:37 UTC4INData Raw: 31 31 0d 0a 5b 22 67 61 69 61 2e 6c 2e 61 2e 72 22 2c 5b 5d 5d 0d 0a
                          Data Ascii: 11["gaia.l.a.r",[]]
                          2023-10-10 15:17:37 UTC4INData Raw: 30 0d 0a 0d 0a
                          Data Ascii: 0


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          4192.168.2.34972672.247.100.147443C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampkBytes transferredDirectionData
                          2023-10-10 15:17:42 UTC4OUTHEAD /fs/windows/config.json HTTP/1.1
                          Connection: Keep-Alive
                          Accept: */*
                          Accept-Encoding: identity
                          User-Agent: Microsoft BITS/7.8
                          Host: fs.microsoft.com
                          2023-10-10 15:17:42 UTC4INHTTP/1.1 200 OK
                          ApiVersion: Distribute 1.1
                          Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                          Content-Type: application/octet-stream
                          ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                          Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                          Server: Kestrel
                          X-CID: 11
                          Cache-Control: public, max-age=79244
                          Date: Tue, 10 Oct 2023 15:17:42 GMT
                          Connection: close
                          X-CID: 2


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          5192.168.2.34972772.247.100.147443C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampkBytes transferredDirectionData
                          2023-10-10 15:17:43 UTC5OUTGET /fs/windows/config.json HTTP/1.1
                          Connection: Keep-Alive
                          Accept: */*
                          Accept-Encoding: identity
                          If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                          Range: bytes=0-2147483646
                          User-Agent: Microsoft BITS/7.8
                          Host: fs.microsoft.com
                          2023-10-10 15:17:43 UTC5INHTTP/1.1 200 OK
                          Content-Type: application/octet-stream
                          Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                          ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                          ApiVersion: Distribute 1.1
                          Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                          X-Azure-Ref: 0Fz4RYwAAAACZW8dCTzveR7lI76J6Z2l5U0pDRURHRTA1MTgAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
                          Cache-Control: public, max-age=79348
                          Date: Tue, 10 Oct 2023 15:17:43 GMT
                          Content-Length: 55
                          Connection: close
                          X-CID: 2
                          2023-10-10 15:17:43 UTC5INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                          Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          6192.168.2.34972920.114.59.183443C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampkBytes transferredDirectionData
                          2023-10-10 15:17:54 UTC5OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.3448/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.3031&MK=xA8KrWEY9XlR3xy&MD=F6k2UB4X HTTP/1.1
                          Connection: Keep-Alive
                          Accept: */*
                          User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                          Host: slscr.update.microsoft.com
                          2023-10-10 15:17:55 UTC6INHTTP/1.1 200 OK
                          Cache-Control: no-cache
                          Pragma: no-cache
                          Content-Type: application/octet-stream
                          Expires: -1
                          Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                          ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                          MS-CorrelationId: c27e222d-dd91-40fd-8a2a-ac2aa122bdeb
                          MS-RequestId: b8466c72-c57a-47f1-acac-2f5d0d5922c7
                          MS-CV: VIVLMBvdMkyc8vYK.0
                          X-Microsoft-SLSClientCache: 2880
                          Content-Disposition: attachment; filename=environment.cab
                          X-Content-Type-Options: nosniff
                          Date: Tue, 10 Oct 2023 15:17:54 GMT
                          Connection: close
                          Content-Length: 24490
                          2023-10-10 15:17:55 UTC6INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                          Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                          2023-10-10 15:17:55 UTC22INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                          Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          7192.168.2.34974120.114.59.183443C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampkBytes transferredDirectionData
                          2023-10-10 15:18:32 UTC30OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.3448/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.3031&MK=xA8KrWEY9XlR3xy&MD=F6k2UB4X HTTP/1.1
                          Connection: Keep-Alive
                          Accept: */*
                          User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                          Host: slscr.update.microsoft.com
                          2023-10-10 15:18:33 UTC30INHTTP/1.1 200 OK
                          Cache-Control: no-cache
                          Pragma: no-cache
                          Content-Type: application/octet-stream
                          Expires: -1
                          Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                          ETag: "Mx1RoJH/qEwpWfKllx7sbsl28AuERz5IYdcsvtTJcgM=_2160"
                          MS-CorrelationId: 243b569c-81f2-46db-a4f7-4835c6fc2c1b
                          MS-RequestId: 0402ae5e-921b-42b6-b03f-7472d390516b
                          MS-CV: Mo06FAmDj0eB9Zbh.0
                          X-Microsoft-SLSClientCache: 2160
                          Content-Disposition: attachment; filename=environment.cab
                          X-Content-Type-Options: nosniff
                          Date: Tue, 10 Oct 2023 15:18:32 GMT
                          Connection: close
                          Content-Length: 25457
                          2023-10-10 15:18:33 UTC31INData Raw: 4d 53 43 46 00 00 00 00 51 22 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 db 8e 00 00 14 00 00 00 00 00 10 00 51 22 00 00 20 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 f3 43 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 0d 92 6f db e5 21 f3 43 43 4b ed 5a 09 38 55 5b df 3f 93 99 90 29 99 e7 29 ec 73 cc 4a 66 32 cf 84 32 64 c8 31 c7 11 52 38 87 90 42 66 09 99 87 32 0f 19 0a 09 51 a6 a8 08 29 53 86 4a 52 84 50 df 46 83 ba dd 7b df fb 7e ef 7d ee 7d bf ef 9e e7 d9 67 ef 35 ee b5 fe eb 3f ff b6 96 81 a2 0a 04 fc 31 40 21 5b 3f a5 ed 1b 04 0e 85 42 a0 10 04 64 12 6c a5 de aa a1 d8 ea f3 58 01 f2 f5 67 0b 5e 9b bd e8 a0 90 1d bf 40 88 9d eb 49 b4 87 9b ab 8b 9d 2b 46 c8 c7 c5 19 92
                          Data Ascii: MSCFQ"DQ" AdCenvironment.cabo!CCKZ8U[?))sJf22d1R8Bf2Q)SJRPF{~}}g5?1@![?BdlXg^@I+F
                          2023-10-10 15:18:33 UTC46INData Raw: 21 6f b3 eb a6 cc f5 31 be cf 05 e2 a9 fe fa 57 6d 19 30 b3 c2 c5 66 c9 6a df f5 e7 f0 78 bd c7 a8 9e 25 e3 f9 bc ed 6b 54 57 08 2b 51 82 44 12 fb b9 53 8c cc f4 60 12 8a 76 cc 40 40 41 9b dc 5c 17 ff 5c f9 5e 17 35 98 24 56 4b 74 ef 42 10 c8 af bf 7f c6 7f f2 37 7d 5a 3f 1c f2 99 79 4a 91 52 00 af 38 0f 17 f5 2f 79 81 65 d9 a9 b5 6b e4 c7 ce f6 ca 7a 00 6f 4b 30 44 24 22 3c cf ed 03 a5 96 8f 59 29 bc b6 fd 04 e1 70 9f 32 4a 27 fd 55 af 2f fe b6 e5 8e 33 bb 62 5f 9a db 57 40 e9 f1 ce 99 66 90 8c ff 6a 62 7f dd c5 4a 0b 91 26 e2 39 ec 19 4a 71 63 9d 7b 21 6d c3 9c a3 a2 3c fa 7f 7d 96 6a 90 78 a6 6d d2 e1 9c f9 1d fc 38 d8 94 f4 c6 a5 0a 96 86 a4 bd 9e 1a ae 04 42 83 b8 b5 80 9b 22 38 20 b5 25 e5 64 ec f7 f4 bf 7e 63 59 25 0f 7a 2e 39 57 76 a2 71 aa 06 8a
                          Data Ascii: !o1Wm0fjx%kTW+QDS`v@@A\\^5$VKtB7}Z?yJR8/yekzoK0D$"<Y)p2J'U/3b_W@fjbJ&9Jqc{!m<}jxm8B"8 %d~cY%z.9Wvq


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          8192.168.2.349760142.250.72.238443C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampkBytes transferredDirectionData
                          2023-10-10 15:19:07 UTC56OUTGET /tools/pso/ping?as=chrome&brand=ONGR&pid=&hl=en&events=C1I,C2I,C7I,C1S,C7S&rep=2&rlz=C1:,C2:,C7:&id=00000000000000000000000000000000000000006B40F232AC HTTP/1.1
                          Host: clients1.google.com
                          Connection: keep-alive
                          Sec-Fetch-Site: none
                          Sec-Fetch-Mode: no-cors
                          Sec-Fetch-Dest: empty
                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                          Accept-Encoding: gzip, deflate, br


                          Session IDSource IPSource PortDestination IPDestination PortProcess
                          9142.250.72.238443192.168.2.349760C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampkBytes transferredDirectionData
                          2023-10-10 15:19:08 UTC56INHTTP/1.1 200 OK
                          Content-Security-Policy: script-src 'report-sample' 'nonce-fsjDrAKbX1wYE8rhIujJ_Q' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/download-dt/1
                          Content-Security-Policy: script-src 'report-sample' 'nonce-jmuuqXDt3m8Cct0qzVA1ig' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/download-dt/1
                          Content-Type: text/plain; charset=utf-8
                          Content-Length: 220
                          Date: Tue, 10 Oct 2023 15:19:07 GMT
                          Expires: Tue, 10 Oct 2023 15:19:07 GMT
                          Cache-Control: private, max-age=0
                          X-Content-Type-Options: nosniff
                          X-Frame-Options: SAMEORIGIN
                          X-XSS-Protection: 1; mode=block
                          Server: GSE
                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                          Connection: close
                          2023-10-10 15:19:08 UTC57INData Raw: 72 6c 7a 43 31 3a 20 31 43 31 4f 4e 47 52 5f 65 6e 55 53 31 30 37 39 0a 72 6c 7a 43 32 3a 20 31 43 32 4f 4e 47 52 5f 65 6e 55 53 31 30 37 39 0a 72 6c 7a 43 37 3a 20 31 43 37 4f 4e 47 52 5f 65 6e 55 53 31 30 37 39 0a 64 63 63 3a 20 0a 73 65 74 5f 64 63 63 3a 20 43 31 3a 31 43 31 4f 4e 47 52 5f 65 6e 55 53 31 30 37 39 2c 43 32 3a 31 43 32 4f 4e 47 52 5f 65 6e 55 53 31 30 37 39 2c 43 37 3a 31 43 37 4f 4e 47 52 5f 65 6e 55 53 31 30 37 39 0a 65 76 65 6e 74 73 3a 20 43 31 49 2c 43 32 49 2c 43 37 49 2c 43 31 53 2c 43 37 53 0a 73 74 61 74 65 66 75 6c 2d 65 76 65 6e 74 73 3a 20 43 31 49 2c 43 32 49 2c 43 37 49 0a 63 72 63 33 32 3a 20 66 64 61 34 39 62 30 66 0a
                          Data Ascii: rlzC1: 1C1ONGR_enUS1079rlzC2: 1C2ONGR_enUS1079rlzC7: 1C7ONGR_enUS1079dcc: set_dcc: C1:1C1ONGR_enUS1079,C2:1C2ONGR_enUS1079,C7:1C7ONGR_enUS1079events: C1I,C2I,C7I,C1S,C7Sstateful-events: C1I,C2I,C7Icrc32: fda49b0f


                          Statistics

                          CPU Usage

                          Click to jump to process

                          Memory Usage

                          020406080100s0.0050100150200MB

                          Click to jump to process

                          High Level Behavior Distribution

                          • File
                          • Registry

                          Click to dive into process behavior distribution

                          Behavior

                          Click to jump to process

                          System Behavior

                          General

                          Target ID:5
                          Start time:17:17:32
                          Start date:10/10/2023
                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                          Wow64 process (32bit):false
                          Commandline:C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
                          Imagebase:0x7ff7c89f0000
                          File size:3'242'272 bytes
                          MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:low
                          Has exited:false
                          Show Windows behavior

                          File Activities

                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                          Show Windows behavior

                          Process Activities

                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                          Show Windows behavior

                          Memory Activities

                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                          Show Windows behavior

                          Process Token Activities


                          General

                          Target ID:7
                          Start time:17:17:34
                          Start date:10/10/2023
                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                          Wow64 process (32bit):false
                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2448 --field-trial-handle=2112,i,11896617920037136445,4751922825408255977,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                          Imagebase:0x7ff7c89f0000
                          File size:3'242'272 bytes
                          MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:low
                          Has exited:false
                          Show Windows behavior

                          File Activities

                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                          Show Windows behavior

                          Memory Activities


                          General

                          Target ID:8
                          Start time:17:17:37
                          Start date:10/10/2023
                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                          Wow64 process (32bit):false
                          Commandline:C:\Program Files\Google\Chrome\Application\chrome.exe" "http://img1.wsimg.com/blobby/go/e817bb84-a239-4ab7-b799-a1a28b73e3bf/downloads/vibujoxupekumig.pdf
                          Imagebase:0x7ff7c89f0000
                          File size:3'242'272 bytes
                          MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:low
                          Has exited:true
                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                          General

                          Target ID:14
                          Start time:17:18:55
                          Start date:10/10/2023
                          Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                          Wow64 process (32bit):false
                          Commandline:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Downloads\downloaded.pdf
                          Imagebase:0x7ff752410000
                          File size:5'641'176 bytes
                          MD5 hash:24EAD1C46A47022347DC0F05F6EFBB8C
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:low
                          Has exited:false
                          Show Windows behavior

                          File Activities

                          Show Windows behavior

                          Section Activities

                          Show Windows behavior

                          Registry Activities

                          Show Windows behavior

                          COM Activities

                          Show Windows behavior

                          Mutex Activities

                          Show Windows behavior

                          Process Activities

                          Show Windows behavior

                          Thread Activities

                          Show Windows behavior

                          Memory Activities

                          Show Windows behavior

                          System Activities

                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                          Show Windows behavior

                          Windows UI Activities

                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                          General

                          Target ID:15
                          Start time:17:19:00
                          Start date:10/10/2023
                          Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                          Wow64 process (32bit):false
                          Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
                          Imagebase:0x7ff7fd640000
                          File size:3'581'912 bytes
                          MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:low
                          Has exited:false
                          Show Windows behavior

                          File Activities

                          Show Windows behavior

                          Section Activities

                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                          Show Windows behavior

                          Mutex Activities

                          Show Windows behavior

                          Process Activities

                          Show Windows behavior

                          Thread Activities

                          Show Windows behavior

                          Memory Activities

                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                          Show Windows behavior

                          Process Token Activities

                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                          General

                          Target ID:16
                          Start time:17:19:01
                          Start date:10/10/2023
                          Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                          Wow64 process (32bit):false
                          Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2204 --field-trial-handle=1564,i,16990901771295455395,1012609527637628534,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
                          Imagebase:0x7ff7fd640000
                          File size:3'581'912 bytes
                          MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:low
                          Has exited:false
                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                          Show Windows behavior

                          Section Activities

                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                          Show Windows behavior

                          Process Activities

                          Show Windows behavior

                          Thread Activities

                          Show Windows behavior

                          Memory Activities

                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                          Disassembly

                          No disassembly