Windows
Analysis Report
https://www.isda.org/a/r41gE/ISDA-SIFMA-Basel-III-Endgame-Comment-Letter-Partial-LTA.pdf
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 2084 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92) - chrome.exe (PID: 1096 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2288 --fi eld-trial- handle=221 2,i,794581 1400495194 843,715096 2842891366 104,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
- chrome.exe (PID: 1668 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://www.i sda.org/a/ r41gE/ISDA -SIFMA-Bas el-III-End game-Comme nt-Letter- Partial-LT A.pdf" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
- Acrobat.exe (PID: 2056 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Downloads \downloade d.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) - AcroCEF.exe (PID: 3472 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 2828 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --user-d ata-dir="C :\Users\us er\AppData \Local\CEF \User Data " --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=21 52 --field -trial-han dle=1684,i ,691555269 3595644880 ,680818617 8863427705 ,131072 -- disable-fe atures=Bac kForwardCa che,Calcul ateNativeW inOcclusio n,WinUseBr owserSpell Checker /p refetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | HTTP traffic detected: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Key opened: |
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: |
Source: | File opened: |
Source: | Window detected: |
Source: | File created: | |||
Source: | File created: | Jump to dropped file |
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 11 Masquerading | OS Credential Dumping | 1 System Information Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
bg.microsoft.map.fastly.net | 199.232.210.172 | true | false |
| unknown |
chrome.cloudflare-dns.com | 172.64.41.3 | true | false |
| unknown |
cdn.aws.isda.org | 18.66.147.7 | true | false |
| unknown |
www.isda.org | 52.201.165.217 | true | false |
| unknown |
www.google.com | 216.58.206.36 | true | false |
| unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
52.201.165.217 | www.isda.org | United States | 14618 | AMAZON-AESUS | false | |
18.66.147.7 | cdn.aws.isda.org | United States | 3 | MIT-GATEWAYSUS | false | |
216.58.206.36 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
18.66.147.121 | unknown | United States | 3 | MIT-GATEWAYSUS | false | |
172.64.41.3 | chrome.cloudflare-dns.com | United States | 13335 | CLOUDFLARENETUS | false |
IP |
---|
192.168.2.6 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1458696 |
Start date and time: | 2024-06-18 08:36:19 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 8s |
Hypervisor based Inspection enabled: | false |
Report type: | light |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://www.isda.org/a/r41gE/ISDA-SIFMA-Basel-III-Endgame-Comment-Letter-Partial-LTA.pdf |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 13 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.win@38/54@9/7 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- TCP Packets have been reduced to 100
- Excluded IPs from analysis (whitelisted): 216.58.212.163, 142.250.185.110, 74.125.206.84, 34.104.35.123, 192.229.221.95, 20.3.187.198, 199.232.210.172, 52.165.164.15, 93.184.221.240, 142.250.185.67, 184.28.88.176, 52.6.155.20, 3.233.129.217, 3.219.243.226, 52.22.41.97, 2.19.126.143, 2.19.126.149, 95.101.54.195, 2.16.202.123, 95.101.148.135, 142.250.114.94, 142.251.116.94
- Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, slscr.update.microsoft.com, e4578.dscb.akamaiedge.net, clientservices.googleapis.com, wu.azureedge.net, acroipm2.adobe.com, a1952.dscq.akamai.net, clients2.google.com, ocsp.digicert.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, glb.cws.prod.dcat.dsp.trafficmanager.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, www.gstatic.com, wu-b-net.trafficmanager.net, apps.identrust.com, client.wns.windows.com, fs.microsoft.com, identrust.edgesuite.net, accounts.google.com, ctldl.windowsupdate.com.delivery.microsoft.com, acroipm2.adobe.com.edgesuite.net, wu.ec.azureedge.net, ctldl.windowsupdate.com, p13n.adobe.io, fe3cr.delivery.mp.microsoft.com, ssl.adobe.com.edgekey.net, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, armmf.adobe.com, clients.l.google.com, geo2.adobe.com
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Time | Type | Description |
---|---|---|
02:38:55 | API Interceptor |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 298 |
Entropy (8bit): | 5.129992419167028 |
Encrypted: | false |
SSDEEP: | 6:j+7q2PN72nKuAl9OmbnIFUt8S+UDZmw+S+UZkwON72nKuAl9OmbjLJ:q7vVaHAahFUt830/+305OaHAaSJ |
MD5: | 03C487A1C8B4D8D34009A63D522B4E4C |
SHA1: | 30F84D8519CEE387B5F660C06ACDB161B86F0FF5 |
SHA-256: | 9D6EDB10FF16E652F44A2E747C19A51EF6D9CE2C1B01D634674BA4EFD41D20BB |
SHA-512: | 711AEADFB222C86A2D5012A6016010DC9A7036EC3B198C3051F081831399CD4B6E7B313CB8FD89BDCE6A0FB070D28BD59616BC902D30FEB0D6DA73C27E535D95 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 298 |
Entropy (8bit): | 5.129992419167028 |
Encrypted: | false |
SSDEEP: | 6:j+7q2PN72nKuAl9OmbnIFUt8S+UDZmw+S+UZkwON72nKuAl9OmbjLJ:q7vVaHAahFUt830/+305OaHAaSJ |
MD5: | 03C487A1C8B4D8D34009A63D522B4E4C |
SHA1: | 30F84D8519CEE387B5F660C06ACDB161B86F0FF5 |
SHA-256: | 9D6EDB10FF16E652F44A2E747C19A51EF6D9CE2C1B01D634674BA4EFD41D20BB |
SHA-512: | 711AEADFB222C86A2D5012A6016010DC9A7036EC3B198C3051F081831399CD4B6E7B313CB8FD89BDCE6A0FB070D28BD59616BC902D30FEB0D6DA73C27E535D95 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 339 |
Entropy (8bit): | 5.1788457100066 |
Encrypted: | false |
SSDEEP: | 6:j+kQQ+q2PN72nKuAl9Ombzo2jMGIFUt8S+TgZmw+S+3wQVkwON72nKuAl9Ombzos:qkovVaHAa8uFUt83M/+3j5OaHAa8RJ |
MD5: | 38F501D44416EFE113CBFC2E5035E451 |
SHA1: | BA9E73AFFE6C7FC1D2A90A718FEFCBE66FA5349C |
SHA-256: | 2D71E115477D123F6097A7A9516BCAD9539AB8AECB1FC30A819CC570296A472D |
SHA-512: | C9B0AD577A40BA4ECC67E6C71EC9772554B3B2BB475E786B627DF89A3DAE33F2E8872E673EB73E555E058ED1CF81032662E6CAC0E4A785FB189713342FF1DC59 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 339 |
Entropy (8bit): | 5.1788457100066 |
Encrypted: | false |
SSDEEP: | 6:j+kQQ+q2PN72nKuAl9Ombzo2jMGIFUt8S+TgZmw+S+3wQVkwON72nKuAl9Ombzos:qkovVaHAa8uFUt83M/+3j5OaHAa8RJ |
MD5: | 38F501D44416EFE113CBFC2E5035E451 |
SHA1: | BA9E73AFFE6C7FC1D2A90A718FEFCBE66FA5349C |
SHA-256: | 2D71E115477D123F6097A7A9516BCAD9539AB8AECB1FC30A819CC570296A472D |
SHA-512: | C9B0AD577A40BA4ECC67E6C71EC9772554B3B2BB475E786B627DF89A3DAE33F2E8872E673EB73E555E058ED1CF81032662E6CAC0E4A785FB189713342FF1DC59 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 475 |
Entropy (8bit): | 4.964484232732606 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqJWsBdOg2HdeAcaq3QYiubcP7E4T3y:Y2sRdsgdMHder3QYhbA7nby |
MD5: | 530B8A1B691B4B9069D51CE311BCE957 |
SHA1: | 317887B2B2E852D839F659C9AED31ACC686D7D24 |
SHA-256: | AB3BC038C45EBA426FAD00A5F58CEFE0AC0CDE7895EE061447AFB782DA9AC45B |
SHA-512: | FE4AE397A7133DC11FA66EC63559AFF947128D3DC0CA1EE66CDDCB1C222BE04E301C9A17A3DE6DF7F54ECEFF770BCE34C0584A9D869A601EA4A9316B11B08E3C |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\b1bac4f3-d163-4063-a214-5945520ec20f.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 475 |
Entropy (8bit): | 4.964484232732606 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqJWsBdOg2HdeAcaq3QYiubcP7E4T3y:Y2sRdsgdMHder3QYhbA7nby |
MD5: | 530B8A1B691B4B9069D51CE311BCE957 |
SHA1: | 317887B2B2E852D839F659C9AED31ACC686D7D24 |
SHA-256: | AB3BC038C45EBA426FAD00A5F58CEFE0AC0CDE7895EE061447AFB782DA9AC45B |
SHA-512: | FE4AE397A7133DC11FA66EC63559AFF947128D3DC0CA1EE66CDDCB1C222BE04E301C9A17A3DE6DF7F54ECEFF770BCE34C0584A9D869A601EA4A9316B11B08E3C |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 5859 |
Entropy (8bit): | 5.25014064062795 |
Encrypted: | false |
SSDEEP: | 96:av+Nkkl+2GAouz3z3xfNLUS3vHp5OuDzUrMzh28qXAXFP74LRXOtW7ANwE7fsS5q:av+Nkkl+2G1uz3zhfZUyPp5OuDzUwzho |
MD5: | E22675EDE04EA9EDCA8E306869580879 |
SHA1: | F8557B7054D1960FFEB3F8F24EC5DF31C1413520 |
SHA-256: | 90D01C6D4BE2C7FA402A1ED759ACCFFE74F3541CD971CF66EFA2424B986919D4 |
SHA-512: | 3D0187143BB3BA61B3043B15FD516A5CCCBB6B15E2FA6FEF76EBAEF02924A5B0830E3C0E14EFFF22D025AA1A029C93D597FEA3AB86447CC3FD7694ACC07FE96E |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 327 |
Entropy (8bit): | 5.17870245668716 |
Encrypted: | false |
SSDEEP: | 6:j+ksQ+q2PN72nKuAl9OmbzNMxIFUt8S+ksHwgZmw+S+5QVkwON72nKuAl9OmbzNq:qkUvVaHAa8jFUt83ksHZ/+3q5OaHAa8E |
MD5: | 04DBE74C5D3623DF152A0F02F11EC7D8 |
SHA1: | 27FAB2249AD9F1ACE2D77E285EF7B40DDB7B4CFE |
SHA-256: | F57360B8B57E144E9AC9C84425460CE8E5F7C55EA3D17E3D36705F84C9AA76F7 |
SHA-512: | 3D542CAF906158408F3ABD45DECB2AE38DC9A7D791E01E6C61A6ED8B8C3AC5A848642B59C84EF94669CF96B1188977D474B11C67C847992FA99D10DE04D808B5 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 327 |
Entropy (8bit): | 5.17870245668716 |
Encrypted: | false |
SSDEEP: | 6:j+ksQ+q2PN72nKuAl9OmbzNMxIFUt8S+ksHwgZmw+S+5QVkwON72nKuAl9OmbzNq:qkUvVaHAa8jFUt83ksHZ/+3q5OaHAa8E |
MD5: | 04DBE74C5D3623DF152A0F02F11EC7D8 |
SHA1: | 27FAB2249AD9F1ACE2D77E285EF7B40DDB7B4CFE |
SHA-256: | F57360B8B57E144E9AC9C84425460CE8E5F7C55EA3D17E3D36705F84C9AA76F7 |
SHA-512: | 3D542CAF906158408F3ABD45DECB2AE38DC9A7D791E01E6C61A6ED8B8C3AC5A848642B59C84EF94669CF96B1188977D474B11C67C847992FA99D10DE04D808B5 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240618063846Z-166.bmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71190 |
Entropy (8bit): | 1.446454684938329 |
Encrypted: | false |
SSDEEP: | 192:cb9tVLSUX4Ds7J3kPV4hDz23gcajTJSr+rQl+tg3jm:4tVLSUXZJ3K0Lca8r36 |
MD5: | 293F0F38B18DE4E28BE1F36BEA8B07D8 |
SHA1: | 967C824CCEC6ED6BB70EC2CD7740D97E828CD6B8 |
SHA-256: | E8D6AE3E7EF1FC13AC45FCC7F6042E107D153E0FBAFB2D657C6C7E9D1FA58062 |
SHA-512: | 908ADE31293DDB16C9C4A78B53D8B2405E9F7EEED7110C5AC6C3D6132561DAD45DE39A099D60C53099AC76E6BDBF09DF860180322C2F02597C0E7B00E8B9DFEC |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 86016 |
Entropy (8bit): | 4.445170774537404 |
Encrypted: | false |
SSDEEP: | 384:ye6ci5t5iBA7aDQPsknQ0UNCFOa14ocOUw6zyFzqFkdZ+EUTTcdUZ5yDQhJL:mas3OazzU89UTTgUL |
MD5: | 9A92323910202DCC92B0891FABC00E20 |
SHA1: | E779FE96E2CFD0CE4B3135CADE823EFDFB295C4C |
SHA-256: | 0DDCDE4489DCE65DEA4738C93A67072D4D52A59F29A175CA78014A8D65E74D8E |
SHA-512: | AE26001DFB1FCCF5561C105CDE01EB2A1CBC9D1160B43E776541A7FC3D7FD0E931EEAE31AC6798799ECAF00A0B043233C56F80AE158CFBD606D5BAC935338591 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 3.769735743330777 |
Encrypted: | false |
SSDEEP: | 48:7MpJioyVXsioyg5oy1C7oy16oy1qdKOioy1noy1AYoy1Wioy1oioykioyBoy1noL:7SJu8aFXjBi9b9IVXEBodRBkq |
MD5: | 9F560A3BF90A0DEEEDCD03BA17A43634 |
SHA1: | 1E247D157D67AC235846768092F3252292E11DDD |
SHA-256: | 2DC008C28085BCB043B79B641C71EF106946A87E0366ABDAEC397BA320393DAD |
SHA-512: | FDCEAC14DCE6BE81452DFC2A73263E7DF96B67213972E5C4D0EFDAF120D265FD14CFEF33D48E49B2A3606276659E5C452A65DCF8D6D71FB75EB5E267127B81EE |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 893 |
Entropy (8bit): | 7.366016576663508 |
Encrypted: | false |
SSDEEP: | 24:hBntmDvKUQQDvKUr7C5fpqp8gPvXHmXvponXux:3ntmD5QQD5XC5RqHHXmXvp++x |
MD5: | D4AE187B4574036C2D76B6DF8A8C1A30 |
SHA1: | B06F409FA14BAB33CBAF4A37811B8740B624D9E5 |
SHA-256: | A2CE3A0FA7D2A833D1801E01EC48E35B70D84F3467CC9F8FAB370386E13879C7 |
SHA-512: | 1F44A360E8BB8ADA22BC5BFE001F1BABB4E72005A46BC2A94C33C4BD149FF256CCE6F35D65CA4F7FC2A5B9E15494155449830D2809C8CF218D0B9196EC646B0C |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 252 |
Entropy (8bit): | 3.0215269645321685 |
Encrypted: | false |
SSDEEP: | 3:kkFklKBvRllXfllXlE/E/KRkzllPlzRkwWBARLNDU+ZMlKlBkvclcMlVHblB8V7F:kKdBRxliBAIdQZV7I7kc3 |
MD5: | E3BB793F1DFDF9B49C702497E0399D5F |
SHA1: | 50CCF0083A264433C9501A01FBEC5CFFD67927BA |
SHA-256: | 15257F0CBA01653994662381A00B1D72227B9FF73EF302CA199AF4BB858E29BD |
SHA-512: | CD589D62C86594006927542184E3572D64373CA1A7E8F04E77A94BB9B8EECE06AD798BF14E32ECD6AE8F608408309352A898E967739E9A0C6FB71A22E349C1EA |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 227002 |
Entropy (8bit): | 3.392780893644728 |
Encrypted: | false |
SSDEEP: | 1536:qKPC4iyzDtrh1cK3XEivK7VK/3AYvYwgF/rRoL+sn:XPCaJ/3AYvYwglFoL+sn |
MD5: | 265E3E1166312A864FB63291EA661C6A |
SHA1: | 80DFF3187FF929596EB22E1DB9021BAD6F97178C |
SHA-256: | C13E08B1887A4E44DC39609D7234E8D732A6BC11313B55D6F4ECFB060CD87728 |
SHA-512: | 48776A2BFE8F25E5601DCC0137F7AB103D5684517334B806E3ACF61683DD9B283828475FC85CE0CBE4E8AF88E6F8B25EED0A77640E2CFFF2CC73708726519AFA |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.345866250906453 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPWxMpUHGnZiQ0YRWdvoAvJM3g98kUwPeUkwRe9:YvXKXuqpmGcGWdQGMbLUkee9 |
MD5: | 5E2F023F790F8D3C1697D682C3C5B053 |
SHA1: | 166EBD5868F0E6D0C2E0E298B2F05EC29D040983 |
SHA-256: | 1EF6AD369FCEE97CF05C26165D4528B31F11EDB7C05451F5F18EB3BECFCB95D9 |
SHA-512: | 0D7A276E0EB38A4E2AC2425CCB011CE1C42FE107427ECF5C2F1E50F55CE393EC44AD26EA086736A67D99C01C7DA2409DC12351F66E8E0AB27772E3AFB83F5193 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.297441686877155 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPWxMpUHGnZiQ0YRWdvoAvJfBoTfXpnrPeUkwRe9:YvXKXuqpmGcGWdQGWTfXcUkee9 |
MD5: | B820ABB533263CD1022F17EB6C40EDD1 |
SHA1: | D4F6B07B0F30724CBCC589282EB356DC33275163 |
SHA-256: | BCA6CD9AA3803D5453E450142739298F8CB714A2F558D2A4DCA2C2093E7ADCC8 |
SHA-512: | 00862DF71B06F49DC363FCF89AA827C3AAD85A5A750A6167099FBAE0CC95470282FEFF46E3437CDDD35F97047C53866C6DAB7773184883F6DE6214A5E59F95BE |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.276521151082117 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPWxMpUHGnZiQ0YRWdvoAvJfBD2G6UpnrPeUkwRe9:YvXKXuqpmGcGWdQGR22cUkee9 |
MD5: | 893BD891E042CF73CF89B1B7F5797805 |
SHA1: | 06B73DC55D8777E7380DFD7FB4BD19B506FAB53F |
SHA-256: | 41217DB3595F90AF2389B46E8D4676B8BA2AD3916C038E977C7074AE9EF43B47 |
SHA-512: | CABEC853C4BC39611CFF7AC328A50583B98ADB82D76574BDBA913B09A9C4547AA3D0B7808210B84F45996811DA588215FBDD93A3E3F049EC5C83F50F1FE6E44A |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.325274891994575 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPWxMpUHGnZiQ0YRWdvoAvJfPmwrPeUkwRe9:YvXKXuqpmGcGWdQGH56Ukee9 |
MD5: | 407E9DE3541AAB0A8321DE0E4FAA2349 |
SHA1: | E1C561951409ADFEB0C4D2C97D0D04EC867CCD22 |
SHA-256: | 640250A66A4B0AA2E414680036AC20BAC43CC19A3F9472BB87F340DE05E0F99A |
SHA-512: | 0C16112CAA723F55F273FAAF64BB79D5F26FB6B7CE46DA5CEB513EBBBBB361A0D1412320520B6C6215E4CAE2D52F7D6011C32F68250DE99AE031C92F01B5F423 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.2891935429161485 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPWxMpUHGnZiQ0YRWdvoAvJfJWCtMdPeUkwRe9:YvXKXuqpmGcGWdQGBS8Ukee9 |
MD5: | F8AD33801EC0030ABD6D4A862472FF2E |
SHA1: | 8D87EE1A76695F0178F0C15E2C2371056E3F77A4 |
SHA-256: | 6055412DABAB1E7AE84EEA57251B1628A3094CD398B0FBD558F0D459B25603C1 |
SHA-512: | 38C39D3D478FFCB3CC0E6A2F2151B4BBC74BB309FA8082A26BD2A4F0738B4951C4491727C59BBB8056FBA7D4D75E8FEFFA6FEF006B77451B63173B6660BA7E0B |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.273961523193665 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPWxMpUHGnZiQ0YRWdvoAvJf8dPeUkwRe9:YvXKXuqpmGcGWdQGU8Ukee9 |
MD5: | 6BFA6803ECDD51D32AE421CD13DC1C44 |
SHA1: | 749E32F1B3DAB83F9A2E514255A5FC2BD7B8E660 |
SHA-256: | CAD8E9967973FBCC9DEA3D7F29BD191A0EFA2CE2109FC0E01E9626B6B12D1CB1 |
SHA-512: | E02ABC84A39F60553C429250672543F5114A52432C422D684E9A7C73342A17EA1CDDD410ADFDF7C48CD09B74F4C9B9A38FD1D4803BD0BF34A27733C4E7746ACF |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.2763465082570615 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPWxMpUHGnZiQ0YRWdvoAvJfQ1rPeUkwRe9:YvXKXuqpmGcGWdQGY16Ukee9 |
MD5: | 5F67DB2B2682720B7114EE216FACD7D5 |
SHA1: | 471BD5CC2B1A02B3BEEDF8BA35B73AFC79E2A181 |
SHA-256: | BCF38CB6D52C743DE7FDFF1F686AF20A779A3E8DEEC1350EA472192325A174EA |
SHA-512: | 8659818FE9232A3E8F9570FEA447AB031139A8DF1D3003B8764A409B4AC73094D661F8C0EA4F5B001E139E7B978BCE7D1E8E5CF6859C35349ADA646FF9E10C57 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.285451231630831 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPWxMpUHGnZiQ0YRWdvoAvJfFldPeUkwRe9:YvXKXuqpmGcGWdQGz8Ukee9 |
MD5: | 351CF57BFDE88B3A0BB206579CED9465 |
SHA1: | 5C424E9D6FB3EA321627DBBF3C75B04C4410BD69 |
SHA-256: | BCCB90E7E98F3D4FF756A0A410E7EDEE87157B975C9EC65198A166ABAE53C479 |
SHA-512: | F86DD2DD4A0F491BEFCDF4F9AFE426F710272DDE4902C1FAC394F3FE6CEEED1CBF14D7908B0367C8FCE2A3A30E55C8F93026E9DA7F5F50900B42CC3B46049E95 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1372 |
Entropy (8bit): | 5.740200930639981 |
Encrypted: | false |
SSDEEP: | 24:Yv6XuqmGaIKLgENRcbrZbq00iCCBrwJo++ns8ct4mFJN1:YvgHaIEgigrNt0wSJn+ns8cvFJP |
MD5: | 6E55F5A865A7C22DBB22B4EB55024AA1 |
SHA1: | 0FE0047905C5FE5D3EB4A92DDB8A6707DF36F058 |
SHA-256: | 3D5E44E8C4CD6910CDE1C72C23F7FCB40275E281304B132F3DE7E40BEE004E06 |
SHA-512: | DC1D8E3C739A971A9E4785A7B0B925996A13EE156ABC6FECD291CA5AEB28E18A7164C1DA12EE52F87E8357F17002323F283CE3CC2DDCBE5E95D65B4708D361DB |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.28089332162007 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPWxMpUHGnZiQ0YRWdvoAvJfYdPeUkwRe9:YvXKXuqpmGcGWdQGg8Ukee9 |
MD5: | C1B98C3587BBF80F56653DB0055ABEB8 |
SHA1: | C8200A57E6DD812B619A04A2B809AFCB198C7EF0 |
SHA-256: | 59FE096B26C20868182CFD552E65AD663F986BAB93CA3CD87B1997EFBA86E109 |
SHA-512: | 379829A0D0A60CB21478FE72C601C74BE217FBA8F798DB2211F692F8B88D1CD0775C9C861CA73F934D3B951459860083D7D8177625C26872D27D05B32588AE7D |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1395 |
Entropy (8bit): | 5.778027152569 |
Encrypted: | false |
SSDEEP: | 24:Yv6XuqmGanrLgEGOc93W2JeFmaR7CQzttgBcu141CjrWpHfRzVCV9FJNt:YvgHanHgDv3W2aYQfgB5OUupHrQ9FJr |
MD5: | 4638B2D3C165FF4830F6EBEC353A6EFD |
SHA1: | AAF151FDD3260FC85523314470AC4F5B0E88933B |
SHA-256: | CF18F7736F590DCB09C6B65724FF941DFC1A6354E5034EDDF933C90422D32283 |
SHA-512: | 20C714D082C95B270AE077C3DF32C27304E1F4C68ACC5A25E9DACA826549D6BA8BDE7C260E958D81E9B8578D4D3AAF85B41FBB4FD9E18F40BD4B676F6DC31BA4 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.264571736671114 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPWxMpUHGnZiQ0YRWdvoAvJfbPtdPeUkwRe9:YvXKXuqpmGcGWdQGDV8Ukee9 |
MD5: | ADD16D6BC4C1B1286EBDF33972BA28A3 |
SHA1: | 84A1A24B37734175C38E2DCAF0831F242B9BB420 |
SHA-256: | E32FF159D3B5F0CED47E85D82F848C5EBD42B753DF4808C63561F055DCF5AE2B |
SHA-512: | A279D144A2ED33B2861892205A2D3F1FC2AF5ADEB576C856C915DF491E3BBFF89E417B7EC57C119F45A55A9D35340EE88F473C9899EA2E9C5C0EF1DC7F3F38A2 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.2676885920229815 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPWxMpUHGnZiQ0YRWdvoAvJf21rPeUkwRe9:YvXKXuqpmGcGWdQG+16Ukee9 |
MD5: | 07DFEC4564D9C9FCBD618B8BF32849A1 |
SHA1: | 7A600AC0D00DD1C4CA2C406AB1500D907FFF6F6A |
SHA-256: | 0807B0BE9887E81F901BA5C17AE43ADCE1A54466F4CC064E30DA8EF7580DD752 |
SHA-512: | 421C5C5CBF050D710B7D4D4D6755A79167006F81FF038380F9FB1867BDAE0C9D7D37E8E5187C834B040B40EE23335A04502DC8ACB0225938A9939D3666C32D76 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.288268787463385 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPWxMpUHGnZiQ0YRWdvoAvJfbpatdPeUkwRe9:YvXKXuqpmGcGWdQGVat8Ukee9 |
MD5: | 49F1EF19DE8D0BD23408332DC0C46DB7 |
SHA1: | DAC0C01C4553A81538DB4624C00422CEDFEA3FFA |
SHA-256: | 9AE17F031F661296EDFA5109F655E68587C540E08BE99DC3533CD501313CB544 |
SHA-512: | 825D4480395AFC875DF685689F639046B3837C38D40238E55A06FDC9494AFB33EE33C14DCC9A8BC5C64EA9E7C12303C0698F1481FBBA800731E3BF00E2B6C4A3 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 286 |
Entropy (8bit): | 5.2460945166446935 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPWxMpUHGnZiQ0YRWdvoAvJfshHHrPeUkwRe9:YvXKXuqpmGcGWdQGUUUkee9 |
MD5: | 4DC6DF7BC56FB5E95009AA7BE8810CED |
SHA1: | 4E078F2D3FD40B759D59DCFAB83E45685A586AA6 |
SHA-256: | F6F2D729F893B8F07417449BE48275776C801A4ABC045AA3618941600BA8557C |
SHA-512: | 712A95ADD107C8517AC199631EF3E71F77F8AA6A2D0C6968C746262149103A3982A0FF72D22FBA3AEF560B77D33F31F1A48108901ACF8F44262075B1C4C53E14 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 782 |
Entropy (8bit): | 5.357139967217346 |
Encrypted: | false |
SSDEEP: | 12:YvXKXuqpmGcGWdQGTq16Ukee1+3CEJ1KXd15kcyKMQo7P70c0WM6ZB/uhWR:Yv6XuqmGaG168CgEXX5kcIfANhM |
MD5: | 59404DAA59D3192BB725F35AD0497966 |
SHA1: | F3A8E04E06E44FFEBC3DC97FFEA74588C84E67C2 |
SHA-256: | CD2B29186212E8E3589C1F203CC712B874AEA1ADF903062B5653C364A116DF10 |
SHA-512: | 28D1A5817D1A3650FD32BFC68FE9F5F9FAE819EF08221E36BDA46BA747FEBD2C46A21E8416C72272ABD47ABB3D34BC99975EDBDE2F51EC2D30628C6A03A914DE |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | 3:e:e |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2814 |
Entropy (8bit): | 5.140314054850346 |
Encrypted: | false |
SSDEEP: | 24:YeHTAW4nflCbmsiMGOt57TeajX3ayIRdwST2jI58j0SGldG2r2LSwRRF1Ml5RV9L:YeH3OE7uAF5X6dmwOqgGiPF1MlPV9eA |
MD5: | 375DCF65C805442B34B03763416E068A |
SHA1: | 0EB2D1C11A3CEC6C57CEF55BAEA0131548C17C33 |
SHA-256: | 2B234D7995FF57F64C1F307B4A70C3055216D7EF026998ADEC3D081A1B1D285A |
SHA-512: | E276EC4EBEBB981AB78C951EAF443154840303226F9CD270BECFE8FD183A6FB7E8AAB306C466D642669B0A6B4DEBCBA082F880AC83D5B30BD27AAA25F9460B5D |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 1.1450097125382765 |
Encrypted: | false |
SSDEEP: | 24:TLhx/XYKQvGJF7urstRZXcMRZXcMZgux3Fmu3n9u1oGuDyIX4uDyvuOudIUudcH0:TFl2GL7msxXc+XcGNFlRYIX2v3k0 |
MD5: | D0642CDB75AFF18D29E45E3F88C89C72 |
SHA1: | 90B40F90E48C817CF5263BB9E67592277E98C4ED |
SHA-256: | BDBE240D66A6FC3A031BB3B7D7D1C020281E40CF8E49167EE312B5BE5F3C7927 |
SHA-512: | 518B0E154490526AD7C20ED9408C1BAB5455833F716BEBEE66DADA42F2131F86C938B6CD55759F5CD7000FB454C5DC8107B57DFBCDD8D71AB7A3323A3209FE59 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.5502763245432876 |
Encrypted: | false |
SSDEEP: | 24:7+tFUXcMRZXcMZgux3Fmu3n9u1oGuDyIX4uDyvuOudIUudcHRuLux8nqLxx/XYKF:7M2Xc+XcGNFlRYIX2vdnqVl2GL7msN |
MD5: | 678AC07C024E421A5AD149EB3BF66CC1 |
SHA1: | F4698021FC3E5C9CD01259DF131B4A460A18276F |
SHA-256: | 7E51DD403ED56671C7CC0FF22FC6B5A9278ABA1A81567956D668B05B5B0A121F |
SHA-512: | 7C950CA749629F81123978286ADE2E9837B6EC71BA602AAED4B465548EF9462168B907B4AE28C8D5C1AA477CE153E9CB50D387E886230A3FF1DE14DD2F99ADAE |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.5441332632710916 |
Encrypted: | false |
SSDEEP: | 6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K8sKcIlnNg9:Qw946cPbiOxDlbYnuRKScI/e |
MD5: | 9B30DA5C801750546C1A9A0E85A612B0 |
SHA1: | 90C75485C8D94849FC5F8CEE5B6BA28D100BF85B |
SHA-256: | D453834A3955F165082FC8AF60A8CD6BEAD589AD95CD6F085A218F22C79459EE |
SHA-512: | 9A306F2E14FDF84E86AAE84DFD735A7475C0105F4CF292B6558A688583BE04FF40313580F2FA5B58B22A665DE7D578E869C0FEF70C4BEABF78BD165A6F2BC3B1 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 358 |
Entropy (8bit): | 5.091930671864232 |
Encrypted: | false |
SSDEEP: | 6:IngVMrexJzJT0y9VEQIFVmb/eu2g/86S1kxROOXO9WAkhO9WGCSyAAO:IngVMre9T0HQIDmy9g06JXu9WAk49WGR |
MD5: | 632638918B21D6CF1538ADCF7875C89D |
SHA1: | A8D2CEA83607337C678599F2198D136EACFCA608 |
SHA-256: | 30201424012BCB8A68441C7A7BBB64343CD491B6515CE205BC388125295DE608 |
SHA-512: | F83B90A4CC51429BA7C535B8609D0BC63CD5DEECA214C8F8654FF9D3F8B4BA110A28C20B22A9E3285DCE921198CF4B3EFCFDFECE92C25A78ABC7B95A41B664B8 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-06-18 02-38-44-172.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.338264912747007 |
Encrypted: | false |
SSDEEP: | 384:lH4ZASLaTgKoBKkrNdOZTfUY9/B6u6AJ8dbBNrSVNspYiz5LkiTjgjQLhDydAY8s:kIb |
MD5: | 128A51060103D95314048C2F32A15C66 |
SHA1: | EEB64761BE485729CD12BF4FBF7F2A68BA1AD7DB |
SHA-256: | 601388D70DFB723E560FEA6AE08E5FEE8C1A980DF7DF9B6C10E1EC39705D4713 |
SHA-512: | 55099B6F65D6EF41BC0C077BF810A13BA338C503974B4A5F2AA8EB286E1FCF49DF96318B1DA691296FB71AA8F2A2EA1406C4E86F219B40FB837F2E0BF208E677 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16603 |
Entropy (8bit): | 5.353920592414103 |
Encrypted: | false |
SSDEEP: | 384:AN5NTNSNLghgYg1jnQaCyaParagapxoxOPcx/tS/t+/tgO0OXOjOKOVb5hzLz7zN:ArNoF2BsjQxy4yp6qQC/w/M/u7scBQ7Z |
MD5: | C866ECFE927F2AE190681BD9D8F1DDE1 |
SHA1: | 8D1CA247EC920949C9EB8818CE9E7D96DFFF777C |
SHA-256: | 804F455500E130AF349E24313640101E1A1BB500A0D9FFCD79F8CBC0689F892B |
SHA-512: | 02E5B17147B28224FAF9A480F5F632D83D06814FDAFD007BF3894295209C35165A6D7E3BE3A85DE1D718ACCA6507D9F857F06764A8CDC5BCF6F12C47B23EF3C2 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 29845 |
Entropy (8bit): | 5.397322102387297 |
Encrypted: | false |
SSDEEP: | 192:acb4I3dcbPcbaIO4cbYcbqnIdjcb6acbaIewcbrVbcbiIgi/cbC:V3fOCIdJDesgi |
MD5: | A4770FA710BB612F9AAA4BC459AB6BBA |
SHA1: | C0459ADDDF1EC89810383584031F52ADDA105C0E |
SHA-256: | F8EBBA922475E793D812FB78CB17C8469B67DDBE9348652DD09A922149E42C70 |
SHA-512: | DBDDF742487ECA6E569090C156CE119F16DD06AD653E13DF93BFD2C87A65C5D85F906A7FD1703F143C6208B79EFC3065DC43FD262C5AAB9961A134A7896C08CB |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | 24576:/xA7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R077WLaGZ7wYIGNPJe:JVB3mlind9i4ufFXpAXkrfUs03WLaGZw |
MD5: | 8B9FA2EC5118087D19CFDB20DA7C4C26 |
SHA1: | E32D6A1829B18717EF1455B73E88D36E0410EF93 |
SHA-256: | 4782624EA3A4B3C6EB782689208148B636365AA8E5DAF00814FA9AB722259CBD |
SHA-512: | 662F8664CC3F4E8356D5F5794074642DB65565D40AC9FEA323E16E84EBD4F961701460A1310CC863D1AB38849E84E2142382F5DB88A0E53F97FF66248230F7B9 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | 24576:/xA7owWLaGZDwYIGNPJodpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:JVwWLaGZDwZGk3mlind9i4ufFXpAXkru |
MD5: | 18E3D04537AF72FDBEB3760B2D10C80E |
SHA1: | B313CD0B25E41E5CF0DFB83B33AB3E3C7678D5CC |
SHA-256: | BBEF113A2057EE7EAC911DC960D36D4A62C262DAE5B1379257908228243BD6F4 |
SHA-512: | 2A5B9B0A5DC98151AD2346055DF2F7BFDE62F6069A4A6A9AB3377B644D61AE31609B9FC73BEE4A0E929F84BF30DA4C1CDE628915AC37C7542FD170D12DE41298 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | 6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | 12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg |
MD5: | 3A49135134665364308390AC398006F1 |
SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 261665 |
Entropy (8bit): | 7.984876155555065 |
Encrypted: | false |
SSDEEP: | 6144:22CzEmSQz/XF6tsZFtIRSutvZU1e+mKGggQBR3lbvD:22Tmrj16tsSHvZU3G6Z |
MD5: | C26F7D14B08BE5EBC70EFE2B8ADCC87D |
SHA1: | 5C6F304EC99177D2D90D54A56C81FCD26837E2B7 |
SHA-256: | FFEC9D0932DA38DCBE71DB0E06EC649CCA8EB300139146F7441DE74E2AE49FD4 |
SHA-512: | 4D4052E6F2E2E5D48DDBEA607D3B3EF488D93328A0E628C2ED5F50CEFCF84DA18B2EE7E4ADD69EB56CE9391250057733010A41EE239C7DD55B3D834A0B3F1D27 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 261665 |
Entropy (8bit): | 7.984876155555065 |
Encrypted: | false |
SSDEEP: | 6144:22CzEmSQz/XF6tsZFtIRSutvZU1e+mKGggQBR3lbvD:22Tmrj16tsSHvZU3G6Z |
MD5: | C26F7D14B08BE5EBC70EFE2B8ADCC87D |
SHA1: | 5C6F304EC99177D2D90D54A56C81FCD26837E2B7 |
SHA-256: | FFEC9D0932DA38DCBE71DB0E06EC649CCA8EB300139146F7441DE74E2AE49FD4 |
SHA-512: | 4D4052E6F2E2E5D48DDBEA607D3B3EF488D93328A0E628C2ED5F50CEFCF84DA18B2EE7E4ADD69EB56CE9391250057733010A41EE239C7DD55B3D834A0B3F1D27 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 261665 |
Entropy (8bit): | 7.984876155555065 |
Encrypted: | false |
SSDEEP: | 6144:22CzEmSQz/XF6tsZFtIRSutvZU1e+mKGggQBR3lbvD:22Tmrj16tsSHvZU3G6Z |
MD5: | C26F7D14B08BE5EBC70EFE2B8ADCC87D |
SHA1: | 5C6F304EC99177D2D90D54A56C81FCD26837E2B7 |
SHA-256: | FFEC9D0932DA38DCBE71DB0E06EC649CCA8EB300139146F7441DE74E2AE49FD4 |
SHA-512: | 4D4052E6F2E2E5D48DDBEA607D3B3EF488D93328A0E628C2ED5F50CEFCF84DA18B2EE7E4ADD69EB56CE9391250057733010A41EE239C7DD55B3D834A0B3F1D27 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1150 |
Entropy (8bit): | 4.665213803293841 |
Encrypted: | false |
SSDEEP: | 12:RM2BuBMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMhrh/QvR6h5s:y2BuSF/yR6P32jvTOsLHffyoZX |
MD5: | FF5E0DFDB1B13C53E4958A0CBE3838EF |
SHA1: | FFC6A016F8CE27A4D9D94C7880C2D38D4626ADFD |
SHA-256: | F61B9DCA35C762A2A00D8D9D084C8AE1FC0B7F968246D07768035D6AD5FDC6A0 |
SHA-512: | 388DAEA4756153F3C74D6A0FB17DEB6306E03EF84C903F56D0DCA867B50A5609593545A2E8489B9A0ADDBE729C55E5E84995C1095C574018748F4CC3E54BAFB7 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 261665 |
Entropy (8bit): | 7.984876155555065 |
Encrypted: | false |
SSDEEP: | 6144:22CzEmSQz/XF6tsZFtIRSutvZU1e+mKGggQBR3lbvD:22Tmrj16tsSHvZU3G6Z |
MD5: | C26F7D14B08BE5EBC70EFE2B8ADCC87D |
SHA1: | 5C6F304EC99177D2D90D54A56C81FCD26837E2B7 |
SHA-256: | FFEC9D0932DA38DCBE71DB0E06EC649CCA8EB300139146F7441DE74E2AE49FD4 |
SHA-512: | 4D4052E6F2E2E5D48DDBEA607D3B3EF488D93328A0E628C2ED5F50CEFCF84DA18B2EE7E4ADD69EB56CE9391250057733010A41EE239C7DD55B3D834A0B3F1D27 |
Malicious: | false |
Reputation: | low |
URL: | https://www.isda.org/a/r41gE/ISDA-SIFMA-Basel-III-Endgame-Comment-Letter-Partial-LTA.pdf |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1150 |
Entropy (8bit): | 4.665213803293841 |
Encrypted: | false |
SSDEEP: | 12:RM2BuBMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMhrh/QvR6h5s:y2BuSF/yR6P32jvTOsLHffyoZX |
MD5: | FF5E0DFDB1B13C53E4958A0CBE3838EF |
SHA1: | FFC6A016F8CE27A4D9D94C7880C2D38D4626ADFD |
SHA-256: | F61B9DCA35C762A2A00D8D9D084C8AE1FC0B7F968246D07768035D6AD5FDC6A0 |
SHA-512: | 388DAEA4756153F3C74D6A0FB17DEB6306E03EF84C903F56D0DCA867B50A5609593545A2E8489B9A0ADDBE729C55E5E84995C1095C574018748F4CC3E54BAFB7 |
Malicious: | false |
Reputation: | low |
URL: | https://cdn.aws.isda.org/favicon2.ico |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jun 18, 2024 08:37:14.262335062 CEST | 49711 | 443 | 192.168.2.6 | 40.113.103.199 |
Jun 18, 2024 08:37:14.262373924 CEST | 443 | 49711 | 40.113.103.199 | 192.168.2.6 |
Jun 18, 2024 08:37:14.262449026 CEST | 49711 | 443 | 192.168.2.6 | 40.113.103.199 |
Jun 18, 2024 08:37:14.263221025 CEST | 49711 | 443 | 192.168.2.6 | 40.113.103.199 |
Jun 18, 2024 08:37:14.263232946 CEST | 443 | 49711 | 40.113.103.199 | 192.168.2.6 |
Jun 18, 2024 08:37:15.390948057 CEST | 443 | 49711 | 40.113.103.199 | 192.168.2.6 |
Jun 18, 2024 08:37:15.391216993 CEST | 49711 | 443 | 192.168.2.6 | 40.113.103.199 |
Jun 18, 2024 08:37:15.393443108 CEST | 49711 | 443 | 192.168.2.6 | 40.113.103.199 |
Jun 18, 2024 08:37:15.393454075 CEST | 443 | 49711 | 40.113.103.199 | 192.168.2.6 |
Jun 18, 2024 08:37:15.394036055 CEST | 443 | 49711 | 40.113.103.199 | 192.168.2.6 |
Jun 18, 2024 08:37:15.396469116 CEST | 49711 | 443 | 192.168.2.6 | 40.113.103.199 |
Jun 18, 2024 08:37:15.396549940 CEST | 49711 | 443 | 192.168.2.6 | 40.113.103.199 |
Jun 18, 2024 08:37:15.396554947 CEST | 443 | 49711 | 40.113.103.199 | 192.168.2.6 |
Jun 18, 2024 08:37:15.396739960 CEST | 49711 | 443 | 192.168.2.6 | 40.113.103.199 |
Jun 18, 2024 08:37:15.444521904 CEST | 443 | 49711 | 40.113.103.199 | 192.168.2.6 |
Jun 18, 2024 08:37:15.641357899 CEST | 443 | 49711 | 40.113.103.199 | 192.168.2.6 |
Jun 18, 2024 08:37:15.642014027 CEST | 49711 | 443 | 192.168.2.6 | 40.113.103.199 |
Jun 18, 2024 08:37:15.642034054 CEST | 443 | 49711 | 40.113.103.199 | 192.168.2.6 |
Jun 18, 2024 08:37:15.642054081 CEST | 49711 | 443 | 192.168.2.6 | 40.113.103.199 |
Jun 18, 2024 08:37:15.642105103 CEST | 49711 | 443 | 192.168.2.6 | 40.113.103.199 |
Jun 18, 2024 08:37:15.740125895 CEST | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
Jun 18, 2024 08:37:15.755650997 CEST | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
Jun 18, 2024 08:37:16.036997080 CEST | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
Jun 18, 2024 08:37:16.879189968 CEST | 49712 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:16.879242897 CEST | 443 | 49712 | 40.113.110.67 | 192.168.2.6 |
Jun 18, 2024 08:37:16.879429102 CEST | 49712 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:16.880139112 CEST | 49712 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:16.880153894 CEST | 443 | 49712 | 40.113.110.67 | 192.168.2.6 |
Jun 18, 2024 08:37:17.989859104 CEST | 443 | 49712 | 40.113.110.67 | 192.168.2.6 |
Jun 18, 2024 08:37:17.990005016 CEST | 49712 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:18.106249094 CEST | 49712 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:18.106287003 CEST | 443 | 49712 | 40.113.110.67 | 192.168.2.6 |
Jun 18, 2024 08:37:18.107305050 CEST | 443 | 49712 | 40.113.110.67 | 192.168.2.6 |
Jun 18, 2024 08:37:18.108632088 CEST | 49712 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:18.108844995 CEST | 49712 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:18.108853102 CEST | 443 | 49712 | 40.113.110.67 | 192.168.2.6 |
Jun 18, 2024 08:37:18.108999014 CEST | 49712 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:18.152514935 CEST | 443 | 49712 | 40.113.110.67 | 192.168.2.6 |
Jun 18, 2024 08:37:18.354171038 CEST | 443 | 49712 | 40.113.110.67 | 192.168.2.6 |
Jun 18, 2024 08:37:18.354919910 CEST | 49712 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:18.354988098 CEST | 443 | 49712 | 40.113.110.67 | 192.168.2.6 |
Jun 18, 2024 08:37:18.355020046 CEST | 49712 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:18.355047941 CEST | 49712 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:22.909049034 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:22.909101963 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Jun 18, 2024 08:37:22.909161091 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:22.910048008 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:22.910064936 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Jun 18, 2024 08:37:24.015544891 CEST | 49719 | 443 | 192.168.2.6 | 52.201.165.217 |
Jun 18, 2024 08:37:24.015584946 CEST | 443 | 49719 | 52.201.165.217 | 192.168.2.6 |
Jun 18, 2024 08:37:24.015665054 CEST | 49719 | 443 | 192.168.2.6 | 52.201.165.217 |
Jun 18, 2024 08:37:24.015957117 CEST | 49719 | 443 | 192.168.2.6 | 52.201.165.217 |
Jun 18, 2024 08:37:24.015974045 CEST | 443 | 49719 | 52.201.165.217 | 192.168.2.6 |
Jun 18, 2024 08:37:24.016331911 CEST | 49720 | 443 | 192.168.2.6 | 52.201.165.217 |
Jun 18, 2024 08:37:24.016340017 CEST | 443 | 49720 | 52.201.165.217 | 192.168.2.6 |
Jun 18, 2024 08:37:24.016681910 CEST | 49720 | 443 | 192.168.2.6 | 52.201.165.217 |
Jun 18, 2024 08:37:24.016853094 CEST | 49720 | 443 | 192.168.2.6 | 52.201.165.217 |
Jun 18, 2024 08:37:24.016861916 CEST | 443 | 49720 | 52.201.165.217 | 192.168.2.6 |
Jun 18, 2024 08:37:24.018429995 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Jun 18, 2024 08:37:24.018510103 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:24.023232937 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:24.023246050 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Jun 18, 2024 08:37:24.023492098 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Jun 18, 2024 08:37:24.027378082 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:24.027441025 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:24.027446985 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Jun 18, 2024 08:37:24.027599096 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:24.068501949 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Jun 18, 2024 08:37:24.273201942 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Jun 18, 2024 08:37:24.274349928 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:24.274434090 CEST | 443 | 49718 | 40.113.110.67 | 192.168.2.6 |
Jun 18, 2024 08:37:24.274487019 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:24.274521112 CEST | 49718 | 443 | 192.168.2.6 | 40.113.110.67 |
Jun 18, 2024 08:37:24.700109005 CEST | 443 | 49719 | 52.201.165.217 | 192.168.2.6 |
Jun 18, 2024 08:37:24.700443983 CEST | 443 | 49720 | 52.201.165.217 | 192.168.2.6 |
Jun 18, 2024 08:37:24.700500011 CEST | 49719 | 443 | 192.168.2.6 | 52.201.165.217 |
Jun 18, 2024 08:37:24.700515985 CEST | 443 | 49719 | 52.201.165.217 | 192.168.2.6 |
Jun 18, 2024 08:37:24.700689077 CEST | 49720 | 443 | 192.168.2.6 | 52.201.165.217 |
Jun 18, 2024 08:37:24.700695992 CEST | 443 | 49720 | 52.201.165.217 | 192.168.2.6 |
Jun 18, 2024 08:37:24.701653957 CEST | 443 | 49719 | 52.201.165.217 | 192.168.2.6 |
Jun 18, 2024 08:37:24.701726913 CEST | 49719 | 443 | 192.168.2.6 | 52.201.165.217 |
Jun 18, 2024 08:37:24.701813936 CEST | 443 | 49720 | 52.201.165.217 | 192.168.2.6 |
Jun 18, 2024 08:37:24.701864004 CEST | 49720 | 443 | 192.168.2.6 | 52.201.165.217 |
Jun 18, 2024 08:37:24.702950954 CEST | 49719 | 443 | 192.168.2.6 | 52.201.165.217 |
Jun 18, 2024 08:37:24.703025103 CEST | 443 | 49719 | 52.201.165.217 | 192.168.2.6 |
Jun 18, 2024 08:37:24.703269005 CEST | 49720 | 443 | 192.168.2.6 | 52.201.165.217 |
Jun 18, 2024 08:37:24.703332901 CEST | 443 | 49720 | 52.201.165.217 | 192.168.2.6 |
Jun 18, 2024 08:37:24.703413010 CEST | 49719 | 443 | 192.168.2.6 | 52.201.165.217 |
Jun 18, 2024 08:37:24.703422070 CEST | 443 | 49719 | 52.201.165.217 | 192.168.2.6 |
Jun 18, 2024 08:37:24.755489111 CEST | 49719 | 443 | 192.168.2.6 | 52.201.165.217 |
Jun 18, 2024 08:37:24.756999969 CEST | 49720 | 443 | 192.168.2.6 | 52.201.165.217 |
Jun 18, 2024 08:37:24.757014036 CEST | 443 | 49720 | 52.201.165.217 | 192.168.2.6 |
Jun 18, 2024 08:37:24.812148094 CEST | 49720 | 443 | 192.168.2.6 | 52.201.165.217 |
Jun 18, 2024 08:37:25.340620041 CEST | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
Jun 18, 2024 08:37:25.364749908 CEST | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
Jun 18, 2024 08:37:25.644454956 CEST | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
Jun 18, 2024 08:37:25.911140919 CEST | 443 | 49719 | 52.201.165.217 | 192.168.2.6 |
Jun 18, 2024 08:37:25.911161900 CEST | 443 | 49719 | 52.201.165.217 | 192.168.2.6 |
Jun 18, 2024 08:37:25.911170006 CEST | 443 | 49719 | 52.201.165.217 | 192.168.2.6 |
Jun 18, 2024 08:37:25.911192894 CEST | 443 | 49719 | 52.201.165.217 | 192.168.2.6 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jun 18, 2024 08:37:22.164285898 CEST | 53 | 63765 | 1.1.1.1 | 192.168.2.6 |
Jun 18, 2024 08:37:22.165307999 CEST | 53 | 63998 | 1.1.1.1 | 192.168.2.6 |
Jun 18, 2024 08:37:23.554342985 CEST | 53 | 64736 | 1.1.1.1 | 192.168.2.6 |
Jun 18, 2024 08:37:23.974090099 CEST | 53700 | 53 | 192.168.2.6 | 1.1.1.1 |
Jun 18, 2024 08:37:23.974488020 CEST | 64042 | 53 | 192.168.2.6 | 1.1.1.1 |
Jun 18, 2024 08:37:23.996126890 CEST | 53 | 64042 | 1.1.1.1 | 192.168.2.6 |
Jun 18, 2024 08:37:24.014826059 CEST | 53 | 53700 | 1.1.1.1 | 192.168.2.6 |
Jun 18, 2024 08:37:26.533845901 CEST | 62131 | 53 | 192.168.2.6 | 1.1.1.1 |
Jun 18, 2024 08:37:26.534686089 CEST | 57460 | 53 | 192.168.2.6 | 1.1.1.1 |
Jun 18, 2024 08:37:26.540777922 CEST | 53 | 62131 | 1.1.1.1 | 192.168.2.6 |
Jun 18, 2024 08:37:26.541627884 CEST | 53 | 57460 | 1.1.1.1 | 192.168.2.6 |
Jun 18, 2024 08:37:27.884346962 CEST | 57340 | 53 | 192.168.2.6 | 1.1.1.1 |
Jun 18, 2024 08:37:27.884756088 CEST | 54679 | 53 | 192.168.2.6 | 1.1.1.1 |
Jun 18, 2024 08:37:28.048213959 CEST | 53 | 54679 | 1.1.1.1 | 192.168.2.6 |
Jun 18, 2024 08:37:28.048302889 CEST | 53 | 57340 | 1.1.1.1 | 192.168.2.6 |
Jun 18, 2024 08:37:29.302901983 CEST | 58001 | 53 | 192.168.2.6 | 1.1.1.1 |
Jun 18, 2024 08:37:29.303633928 CEST | 56036 | 53 | 192.168.2.6 | 1.1.1.1 |
Jun 18, 2024 08:37:29.342432022 CEST | 53 | 56036 | 1.1.1.1 | 192.168.2.6 |
Jun 18, 2024 08:37:29.354439020 CEST | 53 | 58001 | 1.1.1.1 | 192.168.2.6 |
Jun 18, 2024 08:37:40.842355013 CEST | 53 | 53582 | 1.1.1.1 | 192.168.2.6 |
Jun 18, 2024 08:37:59.944591999 CEST | 53 | 52019 | 1.1.1.1 | 192.168.2.6 |
Jun 18, 2024 08:38:21.815973043 CEST | 53 | 57265 | 1.1.1.1 | 192.168.2.6 |
Jun 18, 2024 08:38:22.324947119 CEST | 53 | 64798 | 1.1.1.1 | 192.168.2.6 |
Jun 18, 2024 08:38:47.645592928 CEST | 52702 | 53 | 192.168.2.6 | 1.1.1.1 |
Jun 18, 2024 08:38:47.654561043 CEST | 53 | 52702 | 1.1.1.1 | 192.168.2.6 |
Jun 18, 2024 08:38:54.035972118 CEST | 49940 | 443 | 192.168.2.6 | 172.64.41.3 |
Jun 18, 2024 08:38:54.347479105 CEST | 49940 | 443 | 192.168.2.6 | 172.64.41.3 |
Jun 18, 2024 08:38:54.641580105 CEST | 443 | 49940 | 172.64.41.3 | 192.168.2.6 |
Jun 18, 2024 08:38:54.641623974 CEST | 443 | 49940 | 172.64.41.3 | 192.168.2.6 |
Jun 18, 2024 08:38:54.641643047 CEST | 443 | 49940 | 172.64.41.3 | 192.168.2.6 |
Jun 18, 2024 08:38:54.641839981 CEST | 443 | 49940 | 172.64.41.3 | 192.168.2.6 |
Jun 18, 2024 08:38:54.641951084 CEST | 443 | 49940 | 172.64.41.3 | 192.168.2.6 |
Jun 18, 2024 08:38:54.642282963 CEST | 49940 | 443 | 192.168.2.6 | 172.64.41.3 |
Jun 18, 2024 08:38:54.645334959 CEST | 49940 | 443 | 192.168.2.6 | 172.64.41.3 |
Jun 18, 2024 08:38:54.959100008 CEST | 49940 | 443 | 192.168.2.6 | 172.64.41.3 |
Jun 18, 2024 08:38:55.086867094 CEST | 443 | 49940 | 172.64.41.3 | 192.168.2.6 |
Jun 18, 2024 08:38:55.601006985 CEST | 49940 | 443 | 192.168.2.6 | 172.64.41.3 |
Jun 18, 2024 08:38:55.601336956 CEST | 49940 | 443 | 192.168.2.6 | 172.64.41.3 |
Jun 18, 2024 08:38:55.732567072 CEST | 443 | 49940 | 172.64.41.3 | 192.168.2.6 |
Jun 18, 2024 08:38:55.732610941 CEST | 443 | 49940 | 172.64.41.3 | 192.168.2.6 |
Jun 18, 2024 08:38:55.732640982 CEST | 443 | 49940 | 172.64.41.3 | 192.168.2.6 |
Jun 18, 2024 08:38:55.732671022 CEST | 443 | 49940 | 172.64.41.3 | 192.168.2.6 |
Jun 18, 2024 08:38:55.733619928 CEST | 49940 | 443 | 192.168.2.6 | 172.64.41.3 |
Jun 18, 2024 08:38:55.733813047 CEST | 49940 | 443 | 192.168.2.6 | 172.64.41.3 |
Jun 18, 2024 08:38:55.870518923 CEST | 443 | 49940 | 172.64.41.3 | 192.168.2.6 |
Jun 18, 2024 08:38:55.896164894 CEST | 49940 | 443 | 192.168.2.6 | 172.64.41.3 |
Jun 18, 2024 08:39:07.835800886 CEST | 49940 | 443 | 192.168.2.6 | 172.64.41.3 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jun 18, 2024 08:37:23.974090099 CEST | 192.168.2.6 | 1.1.1.1 | 0x6036 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jun 18, 2024 08:37:23.974488020 CEST | 192.168.2.6 | 1.1.1.1 | 0x85c3 | Standard query (0) | 65 | IN (0x0001) | false | |
Jun 18, 2024 08:37:26.533845901 CEST | 192.168.2.6 | 1.1.1.1 | 0xc0b8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jun 18, 2024 08:37:26.534686089 CEST | 192.168.2.6 | 1.1.1.1 | 0x38c6 | Standard query (0) | 65 | IN (0x0001) | false | |
Jun 18, 2024 08:37:27.884346962 CEST | 192.168.2.6 | 1.1.1.1 | 0xf046 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jun 18, 2024 08:37:27.884756088 CEST | 192.168.2.6 | 1.1.1.1 | 0x747d | Standard query (0) | 65 | IN (0x0001) | false | |
Jun 18, 2024 08:37:29.302901983 CEST | 192.168.2.6 | 1.1.1.1 | 0xf816 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jun 18, 2024 08:37:29.303633928 CEST | 192.168.2.6 | 1.1.1.1 | 0xf847 | Standard query (0) | 65 | IN (0x0001) | false | |
Jun 18, 2024 08:38:47.645592928 CEST | 192.168.2.6 | 1.1.1.1 | 0xb881 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jun 18, 2024 08:37:24.014826059 CEST | 1.1.1.1 | 192.168.2.6 | 0x6036 | No error (0) | 52.201.165.217 | A (IP address) | IN (0x0001) | false | ||
Jun 18, 2024 08:37:24.014826059 CEST | 1.1.1.1 | 192.168.2.6 | 0x6036 | No error (0) | 34.205.113.90 | A (IP address) | IN (0x0001) | false | ||
Jun 18, 2024 08:37:26.540777922 CEST | 1.1.1.1 | 192.168.2.6 | 0xc0b8 | No error (0) | 216.58.206.36 | A (IP address) | IN (0x0001) | false | ||
Jun 18, 2024 08:37:26.541627884 CEST | 1.1.1.1 | 192.168.2.6 | 0x38c6 | No error (0) | 65 | IN (0x0001) | false | |||
Jun 18, 2024 08:37:28.048302889 CEST | 1.1.1.1 | 192.168.2.6 | 0xf046 | No error (0) | 18.66.147.7 | A (IP address) | IN (0x0001) | false | ||
Jun 18, 2024 08:37:28.048302889 CEST | 1.1.1.1 | 192.168.2.6 | 0xf046 | No error (0) | 18.66.147.73 | A (IP address) | IN (0x0001) | false | ||
Jun 18, 2024 08:37:28.048302889 CEST | 1.1.1.1 | 192.168.2.6 | 0xf046 | No error (0) | 18.66.147.129 | A (IP address) | IN (0x0001) | false | ||
Jun 18, 2024 08:37:28.048302889 CEST | 1.1.1.1 | 192.168.2.6 | 0xf046 | No error (0) | 18.66.147.121 | A (IP address) | IN (0x0001) | false | ||
Jun 18, 2024 08:37:29.354439020 CEST | 1.1.1.1 | 192.168.2.6 | 0xf816 | No error (0) | 18.66.147.121 | A (IP address) | IN (0x0001) | false | ||
Jun 18, 2024 08:37:29.354439020 CEST | 1.1.1.1 | 192.168.2.6 | 0xf816 | No error (0) | 18.66.147.73 | A (IP address) | IN (0x0001) | false | ||
Jun 18, 2024 08:37:29.354439020 CEST | 1.1.1.1 | 192.168.2.6 | 0xf816 | No error (0) | 18.66.147.7 | A (IP address) | IN (0x0001) | false | ||
Jun 18, 2024 08:37:29.354439020 CEST | 1.1.1.1 | 192.168.2.6 | 0xf816 | No error (0) | 18.66.147.129 | A (IP address) | IN (0x0001) | false | ||
Jun 18, 2024 08:37:38.534245968 CEST | 1.1.1.1 | 192.168.2.6 | 0xf1f4 | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
Jun 18, 2024 08:37:38.534245968 CEST | 1.1.1.1 | 192.168.2.6 | 0xf1f4 | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
Jun 18, 2024 08:38:35.015013933 CEST | 1.1.1.1 | 192.168.2.6 | 0x867f | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
Jun 18, 2024 08:38:35.015013933 CEST | 1.1.1.1 | 192.168.2.6 | 0x867f | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
Jun 18, 2024 08:38:37.859091043 CEST | 1.1.1.1 | 192.168.2.6 | 0xcd2b | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
Jun 18, 2024 08:38:37.859091043 CEST | 1.1.1.1 | 192.168.2.6 | 0xcd2b | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
Jun 18, 2024 08:38:47.654561043 CEST | 1.1.1.1 | 192.168.2.6 | 0xb881 | No error (0) | 172.64.41.3 | A (IP address) | IN (0x0001) | false | ||
Jun 18, 2024 08:38:47.654561043 CEST | 1.1.1.1 | 192.168.2.6 | 0xb881 | No error (0) | 162.159.61.3 | A (IP address) | IN (0x0001) | false |
|
Click to jump to process
Target ID: | 0 |
Start time: | 02:37:18 |
Start date: | 18/06/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff684c40000 |
File size: | 3'242'272 bytes |
MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 2 |
Start time: | 02:37:21 |
Start date: | 18/06/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff684c40000 |
File size: | 3'242'272 bytes |
MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 3 |
Start time: | 02:37:23 |
Start date: | 18/06/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff684c40000 |
File size: | 3'242'272 bytes |
MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 8 |
Start time: | 02:38:40 |
Start date: | 18/06/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff651090000 |
File size: | 5'641'176 bytes |
MD5 hash: | 24EAD1C46A47022347DC0F05F6EFBB8C |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 9 |
Start time: | 02:38:41 |
Start date: | 18/06/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff70df30000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 10 |
Start time: | 02:38:42 |
Start date: | 18/06/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff70df30000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |