Windows
Analysis Report
https:/sterling-prod-acumatica.s3.amazonaws.com/9189038_142739N.pdf?AWSAccessKeyId=AKIAIYFV2RUQHU32EZPQ&Expires=1730052721&Signature=Q6nX6CSG3roHKmU5gHtiFWgx1ck%3D
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
chrome.exe (PID: 5612 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) chrome.exe (PID: 4912 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2076 --fi eld-trial- handle=195 6,i,388026 1074420648 777,695274 0187572368 295,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
chrome.exe (PID: 3488 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps:/sterli ng-prod-ac umatica.s3 .amazonaws .com/91890 38_142739N .pdf?AWSAc cessKeyId= AKIAIYFV2R UQHU32EZPQ &Expires=1 730052721& Signature= Q6nX6CSG3r oHKmU5gHti FWgx1ck%3D " MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
Acrobat.exe (PID: 4416 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Downloads \downloade d.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) AcroCEF.exe (PID: 4132 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) AcroCEF.exe (PID: 2292 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=21 00 --field -trial-han dle=1604,i ,122423566 8784677000 ,165959860 0461381899 9,131072 - -disable-f eatures=Ba ckForwardC ache,Calcu lateNative WinOcclusi on,WinUseB rowserSpel lChecker / prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | File opened: | Jump to behavior |
Source: | Window detected: |
Source: | File created: | |||
Source: | File created: | Jump to dropped file |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 11 Masquerading | OS Credential Dumping | 1 System Information Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 4 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 5 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
s3-w.us-east-1.amazonaws.com | 54.231.228.41 | true | false | unknown | |
chrome.cloudflare-dns.com | 162.159.61.3 | true | false | unknown | |
bg.microsoft.map.fastly.net | 199.232.214.172 | true | false | unknown | |
www.google.com | 216.58.212.132 | true | false | unknown | |
sterling-prod-acumatica.s3.amazonaws.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown | |
false |
| unknown | |
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
216.58.212.132 | www.google.com | United States | 15169 | GOOGLEUS | false | |
54.231.228.41 | s3-w.us-east-1.amazonaws.com | United States | 16509 | AMAZON-02US | false | |
162.159.61.3 | chrome.cloudflare-dns.com | United States | 13335 | CLOUDFLARENETUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false |
IP |
---|
192.168.2.8 |
192.168.2.17 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1466895 |
Start date and time: | 2024-07-03 14:50:29 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 44s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https:/sterling-prod-acumatica.s3.amazonaws.com/9189038_142739N.pdf?AWSAccessKeyId=AKIAIYFV2RUQHU32EZPQ&Expires=1730052721&Signature=Q6nX6CSG3roHKmU5gHtiFWgx1ck%3D |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 15 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.win@38/59@5/6 |
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.185.67, 216.58.212.174, 66.102.1.84, 34.104.35.123, 192.229.221.95, 172.217.18.99, 184.28.88.176, 50.16.47.176, 34.237.241.83, 54.224.241.105, 18.213.11.84, 95.101.54.195, 2.16.202.123, 199.232.214.172, 2.19.126.149, 2.19.126.143, 93.184.221.240, 142.251.40.195, 142.250.64.99, 23.47.168.24
- Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, slscr.update.microsoft.com, e4578.dscb.akamaiedge.net, clientservices.googleapis.com, acroipm2.adobe.com, wu.azureedge.net, a1952.dscq.akamai.net, clients2.google.com, ocsp.digicert.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, update.googleapis.com, hlb.apr-52dd2-0.edgecastdns.net, www.gstatic.com, apps.identrust.com, wu-b-net.trafficmanager.net, fs.microsoft.com, identrust.edgesuite.net, accounts.google.com, ctldl.windowsupdate.com.delivery.microsoft.com, acroipm2.adobe.com.edgesuite.net, wu.ec.azureedge.net, ctldl.windowsupdate.com, p13n.adobe.io, fe3cr.delivery.mp.microsoft.com, ssl.adobe.com.edgekey.net, edgedl.me.gvt1.com, armmf.adobe.com, clients.l.google.com, geo2.adobe.com
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing behavior information.
- Report size getting too big, too many NtCreateFile calls found.
- Report size getting too big, too many NtOpenFile calls found.
- Report size getting too big, too many NtSetInformationFile calls found.
- VT rate limit hit for: https:/sterling-prod-acumatica.s3.amazonaws.com/9189038_142739N.pdf?AWSAccessKeyId=AKIAIYFV2RUQHU32EZPQ&Expires=1730052721&Signature=Q6nX6CSG3roHKmU5gHtiFWgx1ck%3D
Time | Type | Description |
---|---|---|
08:52:55 | API Interceptor |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.210870459218237 |
Encrypted: | false |
SSDEEP: | 6:BOWIvTYFlyq2PCHhJ2nKuAl9OmbnIFUt84OWIvTjS1Zmw+4OWIvTjERkwOCHhJ2C:EP7YFIvBHAahFUt81P7jS1/+1P7jE56C |
MD5: | FBF1C7FE497A7ABD1472EC21C68F2BB6 |
SHA1: | 53AF7BBEC0824847B35DF52E572FB20D168C842E |
SHA-256: | C3711FBF29A2AFF177191774C47CDE91006131F952782C7FD60F6D57A03816C6 |
SHA-512: | 5CEB3BDF5454AE82602817EF18A4ADCBD4036BDA4860F6D87B4188AAC46A0E58B6117AD451A92E89512144C066CF88FC8F5C50B41EC4DB03EDB4061F74733068 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.210870459218237 |
Encrypted: | false |
SSDEEP: | 6:BOWIvTYFlyq2PCHhJ2nKuAl9OmbnIFUt84OWIvTjS1Zmw+4OWIvTjERkwOCHhJ2C:EP7YFIvBHAahFUt81P7jS1/+1P7jE56C |
MD5: | FBF1C7FE497A7ABD1472EC21C68F2BB6 |
SHA1: | 53AF7BBEC0824847B35DF52E572FB20D168C842E |
SHA-256: | C3711FBF29A2AFF177191774C47CDE91006131F952782C7FD60F6D57A03816C6 |
SHA-512: | 5CEB3BDF5454AE82602817EF18A4ADCBD4036BDA4860F6D87B4188AAC46A0E58B6117AD451A92E89512144C066CF88FC8F5C50B41EC4DB03EDB4061F74733068 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 335 |
Entropy (8bit): | 5.164385962875535 |
Encrypted: | false |
SSDEEP: | 6:BOWIvTg62+q2PCHhJ2nKuAl9Ombzo2jMGIFUt84OWIvTgaZmw+4OWIvTgU2VkwOS:EP7LvBHAa8uFUt81P7J/+1P7Zm56HAaU |
MD5: | 636ED70BE304453751CF9FB5FBB031DF |
SHA1: | 9260E0838F9F80C1506CBCF8709AA3A0DC180722 |
SHA-256: | BEF85485DE8EE23AAB983F2AABB23784E090751C0EEBC83B63AFD0FDBCF7B427 |
SHA-512: | C2B1E523B0991592C83E97DF44B8D5A5534572D5887CA2A990DBD38407BEA084C078ABCA57B0EE01BE7B4F17970A9F247CB7A3597372FD7685A34F9D1CC20646 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 335 |
Entropy (8bit): | 5.164385962875535 |
Encrypted: | false |
SSDEEP: | 6:BOWIvTg62+q2PCHhJ2nKuAl9Ombzo2jMGIFUt84OWIvTgaZmw+4OWIvTgU2VkwOS:EP7LvBHAa8uFUt81P7J/+1P7Zm56HAaU |
MD5: | 636ED70BE304453751CF9FB5FBB031DF |
SHA1: | 9260E0838F9F80C1506CBCF8709AA3A0DC180722 |
SHA-256: | BEF85485DE8EE23AAB983F2AABB23784E090751C0EEBC83B63AFD0FDBCF7B427 |
SHA-512: | C2B1E523B0991592C83E97DF44B8D5A5534572D5887CA2A990DBD38407BEA084C078ABCA57B0EE01BE7B4F17970A9F247CB7A3597372FD7685A34F9D1CC20646 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\46b0d6a2-944e-45df-9e95-df5abb2cb61d.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 475 |
Entropy (8bit): | 4.967961042110297 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqbUvcsBdOg2HXcaq3QYiub6P7E4T3y:Y2sRdsWcdMHW3QYhbS7nby |
MD5: | 95148E29609AD4519EA73B0915407BF4 |
SHA1: | D80DCAC6A9BC8EBBFE9C6EE93D3A78E72495F0E5 |
SHA-256: | 3F4D3A8C7479430C78629ADADD4CDE7BD73DF0A8AD9FCE5D19A825F110D9DA5C |
SHA-512: | 265092DF107A9A34D2D16875CFA1A28FEDEB76E9EE7F448F4282FB1658E37A613F6623F696362C786D2161053BA6682A88F497BC61BAACFCCCC9D3A1240BE8B8 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 475 |
Entropy (8bit): | 4.967961042110297 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqbUvcsBdOg2HXcaq3QYiub6P7E4T3y:Y2sRdsWcdMHW3QYhbS7nby |
MD5: | 95148E29609AD4519EA73B0915407BF4 |
SHA1: | D80DCAC6A9BC8EBBFE9C6EE93D3A78E72495F0E5 |
SHA-256: | 3F4D3A8C7479430C78629ADADD4CDE7BD73DF0A8AD9FCE5D19A825F110D9DA5C |
SHA-512: | 265092DF107A9A34D2D16875CFA1A28FEDEB76E9EE7F448F4282FB1658E37A613F6623F696362C786D2161053BA6682A88F497BC61BAACFCCCC9D3A1240BE8B8 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4288 |
Entropy (8bit): | 5.237389462166677 |
Encrypted: | false |
SSDEEP: | 96:S4bz5vsZ4CzSAsfTxiVud4TxY0CIOr3MCWO3VxBaw+bnUMdmWcjdOWZ:S43C4mS7fFi0KFYDjr3LWO3V3aw+bnU7 |
MD5: | F5B3D2B0F4145CEA97CB653706EE85E4 |
SHA1: | EDB1B490185850FF08A9DB51DB2459B34B2685CC |
SHA-256: | AF13B806CD029EE1AFC91A4B278720A72CD6581DC45D06C29BA59F4A3EF1AA78 |
SHA-512: | 4C472F22F3CB9B2185AFC2CD6AE143305309217C0F9F502ED6BEC73D6F6E4047EECB6E0A0FE9B1D4621D70ECBFA4FFE56B2DC5AFC699DDE090773DEF242F3765 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 323 |
Entropy (8bit): | 5.188300730751389 |
Encrypted: | false |
SSDEEP: | 6:BOWIvTMU+q2PCHhJ2nKuAl9OmbzNMxIFUt84OWIvTkJZmw+4OWIvTiIVkwOCHhJS:EP7yvBHAa8jFUt81P7G/+1P7ig56HAab |
MD5: | 8FE610FBAB9EDA7F15D68F58A6AC98A1 |
SHA1: | FA94E86B7B75C505353AA4E19AD50F8A8723547B |
SHA-256: | DC8B72EB2AB2C379888F90ACBCDF8C1EE3375250B61736E1C18AFD2DE3131170 |
SHA-512: | E476AA958037EDB31ACFF39DAF8CFED5AC0C292FBC2FB9455CD05B65019D6B13BB9E0050615C29717A50D522D2EFF75EA40510A243521BA52D626EF817AFCE3B |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 323 |
Entropy (8bit): | 5.188300730751389 |
Encrypted: | false |
SSDEEP: | 6:BOWIvTMU+q2PCHhJ2nKuAl9OmbzNMxIFUt84OWIvTkJZmw+4OWIvTiIVkwOCHhJS:EP7yvBHAa8jFUt81P7G/+1P7ig56HAab |
MD5: | 8FE610FBAB9EDA7F15D68F58A6AC98A1 |
SHA1: | FA94E86B7B75C505353AA4E19AD50F8A8723547B |
SHA-256: | DC8B72EB2AB2C379888F90ACBCDF8C1EE3375250B61736E1C18AFD2DE3131170 |
SHA-512: | E476AA958037EDB31ACFF39DAF8CFED5AC0C292FBC2FB9455CD05B65019D6B13BB9E0050615C29717A50D522D2EFF75EA40510A243521BA52D626EF817AFCE3B |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240703125247Z-157.bmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71190 |
Entropy (8bit): | 1.3912228272303144 |
Encrypted: | false |
SSDEEP: | 96:lX92MMM719PMgPMMylCmNMIEOM6A5zZnc6b1lk4gBs9fjFMMkxMMMMM9/gMRMmh9:/L9SyeNQjF51B |
MD5: | 6FD5557B953F470E4B7A0629689BE74E |
SHA1: | 07C3F0B878BD149C931CC86323C517B746805866 |
SHA-256: | E66CE0D21ED6E82A0D8A1B8F59E9033BB2A96EEFBC210417D747F7ABD8164DBF |
SHA-512: | FAF7F8BC050CEE54C348B5A88FD2D99A6CD2AACCF3DB27689DDF53EBAAD2CF3898B56A68C7007FE14FACD0EDADA4441424F6FE8C81E995FF78BDCCD2A8179C4F |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506 ![encrypted](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAXCAYAAAARIY8tAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyFpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuNi1jMTQyIDc5LjE2MDkyNCwgMjAxNy8wNy8xMy0wMTowNjozOSAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iIHhtbG5zOnN0UmVmPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VSZWYjIiB4bWxuczp4bXA9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8iIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6NkY0N0QxMkZFMDExMTFFNzlEQjNEM0NBNTA2NjRBOEEiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6NkY0N0QxMkVFMDExMTFFNzlEQjNEM0NBNTA2NjRBOEEiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENDIChXaW5kb3dzKSI+IDx4bXBNTTpEZXJpdmVkRnJvbSBzdFJlZjppbnN0YW5jZUlEPSJ4bXAuaWlkOjUxREYxNzEwRTAxMTExRTc4NzA2RDNFQTNEMTNCRTY1IiBzdFJlZjpkb2N1bWVudElEPSJ4bXAuZGlkOjUxREYxNzExRTAxMTExRTc4NzA2RDNFQTNEMTNCRTY1Ii8+IDwvcmRmOkRlc2NyaXB0aW9uPiA8L3JkZjpSREY+IDwveDp4bXBtZXRhPiA8P3hwYWNrZXQgZW5kPSJyIj8+MtWoxQAAAcJJREFUeNpi/P//PwMyYGRkhLOrauvZuDg5izk5OZPff/ig9O/fP0YGVADSfBOI5wLxpLbmxl9wCai5jLgsABkuJiq6j5ub2/rBw4cM6OqwgD1A7A2zBKaeBZdqoMFNwsLC1tdv3ABxXwPxJiD+gqaMB4j9gFgUiF2AuBaKEQ7G5gOg61nk5eXev3v7jufzly93gcKWQJe9xuYQoFqQ4ceBWBmIP4AsA6r9AzOXCYcHVIDhDjIcxJ6My3AQgMpNhnIFQHqR5XFZwMHECJd6yEAYIKvhIMYCqoFRCwgCjGSanZPzhpeXVwiYXBn///vH8PPXr/8MaGpu3Ljx+e/fv/+RkjYrExMTF4gNzO1fgGYe27VrlzvWjCYsJCT8/ccPkEKIF5mYGLE4jA+lvAA6AGghcuZzwxlE/4CKYYbTPQ5AuVxTU5PBzMwMpVDEB1hIscDB3p7Bx8cHzJ49ezbD6tWrqesDGRkZOFtNTY36QXT02DFw/IAidNOmTdQPonv37jFcv36d4fPnzwyXL1+mTUb7j1SZDIqcjBFEhFx34sQJhkcPH5Jvwa9fv/BqAMXBtatXyQ+iHz9+/KRCyFyDMQACDADO2LiJuitcAQAAAABJRU5ErkJggg==)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71954 |
Entropy (8bit): | 7.996617769952133 |
Encrypted: | true |
SSDEEP: | 1536:gc257bHnClJ3v5mnAQEBP+bfnW8Ctl8G1G4eu76NWDdB34w18R5cBWcJAm68+Q:gp2ld5jPqW8LgeulxB3fgcEfDQ |
MD5: | 49AEBF8CBD62D92AC215B2923FB1B9F5 |
SHA1: | 1723BE06719828DDA65AD804298D0431F6AFF976 |
SHA-256: | B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F |
SHA-512: | BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 893 |
Entropy (8bit): | 7.366016576663508 |
Encrypted: | false |
SSDEEP: | 24:hBntmDvKUQQDvKUr7C5fpqp8gPvXHmXvponXux:3ntmD5QQD5XC5RqHHXmXvp++x |
MD5: | D4AE187B4574036C2D76B6DF8A8C1A30 |
SHA1: | B06F409FA14BAB33CBAF4A37811B8740B624D9E5 |
SHA-256: | A2CE3A0FA7D2A833D1801E01EC48E35B70D84F3467CC9F8FAB370386E13879C7 |
SHA-512: | 1F44A360E8BB8ADA22BC5BFE001F1BABB4E72005A46BC2A94C33C4BD149FF256CCE6F35D65CA4F7FC2A5B9E15494155449830D2809C8CF218D0B9196EC646B0C |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 328 |
Entropy (8bit): | 3.2418003062782916 |
Encrypted: | false |
SSDEEP: | 6:kKI9UswD8HGsL+N+SkQlPlEGYRMY9z+4KlDA3RUebT3:rDImsLNkPlE99SNxAhUe/3 |
MD5: | 7E5820ABB9CF2506FA793C89E440979B |
SHA1: | F6689340D1A0BDF46E31BE42E012B78C8A2FE32B |
SHA-256: | 8597132D918FB236700A29D858EE0F431A25FA18C8502E6A9A127ADA826F729B |
SHA-512: | EC8B34CC4BD3B0CCEBF41B55AADA1E9634CAEA38750020CF33588527709E83BB3D630133C71C18C965CF8BABE7BAD99152A23F450BE5E6AB33995AA0D844A57E |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 252 |
Entropy (8bit): | 3.026467887142631 |
Encrypted: | false |
SSDEEP: | 3:kkFklxRsVXfllXlE/E/KRkzllPlzRkwWBARLNDU+ZMlKlBkvclcMlVHblB8V7ln3:kKIYxliBAIdQZV7I7kc3 |
MD5: | 4F70720B2BF7514C39642733647247AD |
SHA1: | 8BB7422A6129BF4390A0813188116C8F3B74FB69 |
SHA-256: | 2AD24A864B01AA6592CCDDBD449C5D68FD42179CBD9CA096C2BCDB3C152DAB0A |
SHA-512: | CF2F3E6535D0EC41402E74A0F4179B5229782561F80A5B50EEBD70237F0302319B23782E087618DBFDFB6BE0712514F84CAC1F24CF1F0C1B7A200F9554393B31 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 227002 |
Entropy (8bit): | 3.392780893644728 |
Encrypted: | false |
SSDEEP: | 1536:qKPC4iyzDtrh1cK3XEiv07VK/3AYvYwgF/rRoL+sn:XPCaL/3AYvYwglFoL+sn |
MD5: | 27094DF6D14B4D6728D59FFC4E31294B |
SHA1: | CC768A8693F9C122496C2BE949E13F0C36AE7888 |
SHA-256: | B26846BECCDB3792F05A996D2863C7A1D286BD9F997DBC2112604EBDD206FEAC |
SHA-512: | 681F8D3F21AF1B1898F6572DB44AE92CF2AF56B3E8C9421C679DF0962A6CABE44753A5327368DAB97BC9AF997EFD86B803847285BB64F427196C65C8B0348BE8 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.3407864060635895 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXUJ+z2vB3/dVlPIHAR0YOgEeoAvJM3g98kUwPeUkwRe9:YvXKXUJfvR/ZwHAgGMbLUkee9 |
MD5: | 26EB31CE2C0A458587BD0D3E99377557 |
SHA1: | 666560ADC1EB5F7D3260CF454D80393E2E0FFF1F |
SHA-256: | CFCD1CEBB4C28344AAE4D06D5530D799D153CD6B04170792B1D74B7ECF84B39E |
SHA-512: | C43CF00863610F941C718DDD54D120C3D7DEE7BD7B4918852253A34414DF1CCBDABFB347E275EE449C3F6107CC4B8BAA0BC229EBF49199F68CD44055FAB98B7C |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.276802157995061 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXUJ+z2vB3/dVlPIHAR0YOgEeoAvJfBoTfXpnrPeUkwRe9:YvXKXUJfvR/ZwHAgGWTfXcUkee9 |
MD5: | 81D5B4A1E8F33B75C76775107C9CE890 |
SHA1: | E025564E7F85CA12A4E6C0A7BD619B7470E2992B |
SHA-256: | 98766EC46DB1D5F97D366B076BE4070D6062EB6EFA123563CDB9AAB8A9A41059 |
SHA-512: | 45CFB692404CF586D3B173241EA2B4D79A1F04402B3FA30184F2BE5558AC634010E2F2E44B45351A2EDC20D681D26D22AE2B6A8278C788ADF775B247B9B6B684 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.255061653352868 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXUJ+z2vB3/dVlPIHAR0YOgEeoAvJfBD2G6UpnrPeUkwRe9:YvXKXUJfvR/ZwHAgGR22cUkee9 |
MD5: | 20EBA5E99FE2B5C62BC040FAAE041E21 |
SHA1: | ADE60E62AA3C128CC0F77E224CFF8C70A3AABA55 |
SHA-256: | 873313A83EC49EA58BF128B9515CBF3820C14A115220AD1DA66FBE2025AB4BC7 |
SHA-512: | B3ED1CA3515A302A3DE4D8404851BAF1D7B7C3E7C2E67F921EBA7A144DEA91873251B621696CE488D6A622ED92831D6646254B1A2E270B9E41649D925762E17B |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.316942777863145 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXUJ+z2vB3/dVlPIHAR0YOgEeoAvJfPmwrPeUkwRe9:YvXKXUJfvR/ZwHAgGH56Ukee9 |
MD5: | 45D8966E0F051B566559638DB9BC51A8 |
SHA1: | D4757167A55574F78C34275EE5179A1ADB93A556 |
SHA-256: | D34F24930E471007987CE33385F7F436C72C0992AA6D00528B2C32B2A9B09483 |
SHA-512: | DEB63E92E737E2BC26ABFD5C26B148A366ACA59BD7E3F95EBC005DE3C497BDB453D5CB6F09E3B499517ABB5EC2FF6E39570E3A6F396B89C157CA25DF56B6C262 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.2821112775348595 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXUJ+z2vB3/dVlPIHAR0YOgEeoAvJfJWCtMdPeUkwRe9:YvXKXUJfvR/ZwHAgGBS8Ukee9 |
MD5: | 4BE46114803C495FEC1E062C8D02CF67 |
SHA1: | FAACE4AE74A031A8E00C83CAFE6F130CC54C586D |
SHA-256: | 7A6061928AB912120BB0530C276D2D5E105FF71A4D3832563C358EDD4CDCA6C2 |
SHA-512: | 6CB15CE6FBC22B24DE87416FB2EF5A498357E2A144156FB5C2B4FB519E02CC3BEE2B32E403443796AA05A604F80BCD7342A8695CF97B2CBF2E18382CFCA21648 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.266867126336802 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXUJ+z2vB3/dVlPIHAR0YOgEeoAvJf8dPeUkwRe9:YvXKXUJfvR/ZwHAgGU8Ukee9 |
MD5: | 46A83F2966B936593EB52EDDB39F44EA |
SHA1: | 91F5EAECD8C18953ADBFAF332A4CD3077431A546 |
SHA-256: | 9D5561235EE4F6EA863107BFE6EB05591A47493244BD1D339881B24349765042 |
SHA-512: | 50E318E455DFC11C0A6E310972B31889CE5B47B372762C8270C0112077383F181985BD93EAAF2576FE0856B40A4200D78A1BB82430A4491621412D7BFDEF586B |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.265886500214572 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXUJ+z2vB3/dVlPIHAR0YOgEeoAvJfQ1rPeUkwRe9:YvXKXUJfvR/ZwHAgGY16Ukee9 |
MD5: | BAA2FD9CA1009BDE6D34337451B6EC0F |
SHA1: | 87ED5FDA5EDBDC2707005B07E2F18A091FAAF79B |
SHA-256: | 0F005A7DD31F5B8BEAB1FD7B818617A2B0ED2974106D402F8D775A0A8923F6D2 |
SHA-512: | 85F1F3129A4163870C5CF704C886B931E9C4625B06A2DFB3EDB72F714FB39825C8373E4F8A2159B70EE300BC6146C176CE9F1359DFF8A55190F2189DBEB50FE1 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.2823398724675705 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXUJ+z2vB3/dVlPIHAR0YOgEeoAvJfFldPeUkwRe9:YvXKXUJfvR/ZwHAgGz8Ukee9 |
MD5: | 109D1DECADB10959E7B27A6F5A117983 |
SHA1: | 32E7A6AEE1BFB23B6CC5C45235AB5867B933FE74 |
SHA-256: | 785C4FE215A7A5EA8CF054F7AB99E2162076834D4C17FD2645702A085DA607FB |
SHA-512: | 98116A45A4147AC8A730114A92F1B81AF90DDB677D8FF7C10BDEBC9D8686FA49BC6AE6FBFB008144C8CD74F77FC02D17A6ACBFE3649EDA504C09610EA4540AC3 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1372 |
Entropy (8bit): | 5.7396829065655 |
Encrypted: | false |
SSDEEP: | 24:Yv6XaJh8KLgENRcbrZbq00iCCBrwJo++ns8ct4mFJNZO:Yv7Jh8EgigrNt0wSJn+ns8cvFJzO |
MD5: | 6F9AB7F4AF880EDA04D94A22EC7B8F6F |
SHA1: | D635FFA900122152B1C2F4C2B3A0239F31C93CE5 |
SHA-256: | ACED2728D1175DACE75D1DAD6070CF3EFDF9633366B2038F35F855363FD1B12A |
SHA-512: | F45B204F1BB75336F2CFD3C2B5CF0A6D79A1566B99BCBB3FCBD22A03318477F0467243C9799E2D1028D0047E8D8A8615315619FE0C9225B94CC31D804A88C429 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.276004050134664 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXUJ+z2vB3/dVlPIHAR0YOgEeoAvJfYdPeUkwRe9:YvXKXUJfvR/ZwHAgGg8Ukee9 |
MD5: | BD2A0E31EF5FF47DC75FCCBEB5134540 |
SHA1: | 2959D40F131DFE93BBD7857E716CCCE90876354F |
SHA-256: | 0AEC2C612AD0204C74007FC985437B77C804F7FB9349CFFB115EC6A5A36877C7 |
SHA-512: | 2CA59D0B840751A9FE0B17B54EA8DD832EFC38A72E12B38FEE56A4F0AEDB922FEA18FC0BFC8219027FDFAB5394C912D88947E9C84FB05E6A686E37F6E0BE74F3 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1395 |
Entropy (8bit): | 5.776851276199195 |
Encrypted: | false |
SSDEEP: | 24:Yv6XaJhzrLgEGOc93W2JeFmaR7CQzttgBcu141CjrWpHfRzVCV9FJNBO:Yv7JhzHgDv3W2aYQfgB5OUupHrQ9FJfO |
MD5: | 6CF51D468D7EA390D54A611A9CFABFA7 |
SHA1: | 1877A4764A2AA2E50EC1565B29BDDA66F135B5E9 |
SHA-256: | 4EA99D3AFF926CB08D840E13804AACB02BD4F67AF36C87EB2800C6ACEA06431C |
SHA-512: | 9F16D7490669EEE3407F49450C0582BA0AA524B762D6510BF988EF601D44733766DD728B1495CA108ABE12F11CEB3951E66BF2A27209FEE948F1A2A5D6B70836 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.259716068426159 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXUJ+z2vB3/dVlPIHAR0YOgEeoAvJfbPtdPeUkwRe9:YvXKXUJfvR/ZwHAgGDV8Ukee9 |
MD5: | 279F19207EA76DA8E1C7B46C5A435DDC |
SHA1: | 5A046D8C035B52C132AB212EEED17D2DC97C607C |
SHA-256: | 6093FCDCAA51161D130929B0D74C72ADEEEAB8BDC39A45CD183743F11E663D6A |
SHA-512: | 970D2161AE7B53580AFCE0DC9576BD98BB88D0E0F0C42895A825A8FC406FDAFBA4D2142F486E3D4581E24F01B1C02EF6822D0FCC6A1F26D6B2E3D7CD0B5AC37F |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.258426877886678 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXUJ+z2vB3/dVlPIHAR0YOgEeoAvJf21rPeUkwRe9:YvXKXUJfvR/ZwHAgG+16Ukee9 |
MD5: | D5B18B917D70E23AE9290B8AF4FA8060 |
SHA1: | 2104A09BF2E78E2DE5AF5895A0C9E1DF0D873473 |
SHA-256: | CB673BE7C195A0761A1BA8FF37FE22E1D5DC2B29A9D1237FBCF6EDD23593C0BF |
SHA-512: | 5038DFC26246D858446A95DEDC668DF05A313BD393B01B12135A8B5165EA14916D87A6D19616CDDFE5B41C9D308C213E2E9737DD38F8008F2F6D20580E309CD6 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.28254536081859 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXUJ+z2vB3/dVlPIHAR0YOgEeoAvJfbpatdPeUkwRe9:YvXKXUJfvR/ZwHAgGVat8Ukee9 |
MD5: | 8D60EBD38EE799D76D4866EEC8250EBA |
SHA1: | 31023B98584920FFE5D30903E9FE2346B3B130DF |
SHA-256: | 8248F3E335F6C0CD33C786DB115CF43B82AE164CBD47D60C4B6AE77BB85F3369 |
SHA-512: | DADDA1271AD1DEE713C3BCDF5A8FB900192B8A6D79929BAA3E6B943966C6E56DA7BA40A7D55F91C3C236C850F517FCEB3665B1B1ECE4674CC813D9A6DADB2454 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 286 |
Entropy (8bit): | 5.2336672270284845 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXUJ+z2vB3/dVlPIHAR0YOgEeoAvJfshHHrPeUkwRe9:YvXKXUJfvR/ZwHAgGUUUkee9 |
MD5: | 83B121D3493F2129A43065ED202EC144 |
SHA1: | DF52A9B391D360C38F935F3D23AFF0C32F3C2F0E |
SHA-256: | CF118D44598D5AE5053BF8E247D31A8AA0E9B22D53E0B5185FD8EFB7AF569F1B |
SHA-512: | EB2F5AB9D1B7020496D7557DC02CD6E2DE88CE127A87A365EA1712B8A8688F4C37997471844DAB9B391A4911FD544FA53E5908697B16E302BCB053643045A6BD |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 782 |
Entropy (8bit): | 5.365113799039468 |
Encrypted: | false |
SSDEEP: | 12:YvXKXUJfvR/ZwHAgGTq16Ukee1+3CEJ1KXd15kcyKMQo7P70c0WM6ZB/uhWFO:Yv6XaJhK168CgEXX5kcIfANhoO |
MD5: | B2E72568058C1E9C7E52DC4D3A55E7F2 |
SHA1: | 191A50376A68018F9CAF4D0EF9D4567088B21B97 |
SHA-256: | 43364751AD0EDD454DE16CB43D9198B0B1186D4E05398F2221BBB3A8A55728BD |
SHA-512: | 8D77C9DE6C3F9CB081A45A0C8D79DF9E3836E6AA0FDC17AE70826DC41EB29E37C0B6B335A3F38051C70EE37072479142E8D93BB4B724DCF33612075E3FE8F9A2 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | 3:e:e |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2814 |
Entropy (8bit): | 5.102774995415939 |
Encrypted: | false |
SSDEEP: | 48:Y/L93kzXJdAjavbExrgUYmrgFNNaJTN1GlpIn0HP4ROwh9JEimIb:Zzf0avyGlNKTNhS4F/a6 |
MD5: | 569A23CFB57EC8DE938C661DC18F1551 |
SHA1: | D4310C20C365A476D1F7477D24F173E9E92A84DF |
SHA-256: | 13C670F2887274C93035F87A488E06F73AAA31526D46C61C088141873A252701 |
SHA-512: | 9602E2723D3DFB4ABC5E389A253367144CD5C185AF4A7B75F91412B0E82645BF607A59363DFF6AA887FC4372D5F8C7B3C08F097B4D539E885166910E872CC414 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 1.3189171789207417 |
Encrypted: | false |
SSDEEP: | 24:TLKufx/XYKQvGJF7urs9Ohn07oz7oF0Hl0FopUEiP66UEiPbnPnNknNMebytqVpU:TGufl2GL7ms9WR1CPmPbPahbkypilI5y |
MD5: | BA13CD34AF3FCCEF3A09F4FEF3A039C2 |
SHA1: | E6F9C3DC26A96370922468D24AAE114BEA7BFBF5 |
SHA-256: | 0C3B4D48FE92F12A1DB9799B6D26A32AC13180A0B9D5EF750257026776EAD96E |
SHA-512: | 007DCEAEB9EE05D1FA144011DB8A927EEA27C21175BCC62BA799350617440BF8C376B90753C29726C703F74DE7F4F350DDCC446D6A6A456D00BB10FD7E920091 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.7803035008916455 |
Encrypted: | false |
SSDEEP: | 24:7+tWwlhn07oz7oF0Hl0FopUEiP66UEiPbnPnNknNMeby4qVpaVrScVr0InWqLhxT:7MuWR1CPmPbPahbBypilIvqFl2GL7msN |
MD5: | C76B7CAF97133ED8EFF0AA322AC95BB7 |
SHA1: | 759037A20ADE5FEEE20D0120EE40B2741A3D3B0D |
SHA-256: | 0BAD4B0CE440E9D4C06EACA7379CE82960E3C1EC9331553DCF82F7A802353612 |
SHA-512: | 2DC183B71225CF7D5A6124269DFE1A1F6D050AE59D1CC54875032E7A574B581D2CC88CFC7AB76D1112247A924A7B0CF9D83E1A9026FB7C1D38F672C6E27D7421 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.5274671434738973 |
Encrypted: | false |
SSDEEP: | 6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K82A0l4oYH:Qw946cPbiOxDlbYnuRKXA7oYH |
MD5: | 865DC099AFE0A0FE8BDBFC582CD53296 |
SHA1: | F35716C65C723AA81F02B15DB4851F4DC04FDA09 |
SHA-256: | E1A8F69E47703BEF6A229AD7A7F44233190355CC7722FAA4B13FBCFB78E4A614 |
SHA-512: | F9DD04F9A97202B940455FE69A99D922359A58735438CD5E77F55F83768AD92883E114067C966EBCC0BA6D80BEB1DF9D036A6F5F863A3702AEB7F9917E3EB322 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-07-03 08-52-45-406.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.33860678500249 |
Encrypted: | false |
SSDEEP: | 384:IC2heaVGJMUPhP80d0Wc+9eG/CCihFomva7RVRkfKhZmWWyC7rjgNgXo6ge5iaW0:X8B |
MD5: | C3FEDB046D1699616E22C50131AAF109 |
SHA1: | C9EEA5A1A16BD2CD8154E8C308C8A336E990CA8D |
SHA-256: | EA948BAC75D609B74084113392C9F0615D447B7F4AACA78D818205503EACC3FD |
SHA-512: | 845CDB5166B35B39215A051144452BEF9161FFD735B3F8BD232FB9A7588BA016F7939D91B62E27D6728686DFA181EFC3F3CC9954B2EDAB7FC73FCCE850915185 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 15089 |
Entropy (8bit): | 5.382435882474414 |
Encrypted: | false |
SSDEEP: | 384:mtRFFwMJSRdqCHFn7JnGJLyT7QviEihVaMb9p7f7RYzCfW5Y8eHaeGrGruPRWIFp:mONg |
MD5: | 1AD84EE10B4781DCF4000F52A06B8A6D |
SHA1: | 7EC5C2EA6854D1AC782031DBF121CE7538280D04 |
SHA-256: | 3C3C051F9C1082BDA8AB867E265C3A0FD39EDA06B5CB30E92DED3846D3FCAE4F |
SHA-512: | 69A825F4052F181FC988B912AB1DF22B206DFB6918822224D643FE00FAB6DEE5D85C29BD4ADA250C8623281C717DB8B37595CC8A996EA42414E68A1193B74B00 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 29752 |
Entropy (8bit): | 5.411975370780219 |
Encrypted: | false |
SSDEEP: | 192:TcbeIewcbVcbqI4ucbrcbQIrJcb6cbCIC4cbHcbmIHNcbt:ceo4+rsCOHW |
MD5: | A557665B8AA310D559A1C6763A919A8D |
SHA1: | 2807A15DFB3AE1C2FA94258B27C2288FAFAF4932 |
SHA-256: | BF91036451DF65AE09E438436495BD01A8B5DC4F642201F2844F5BB9742208B6 |
SHA-512: | 75E84109997267C48B197FF199557F9A4177E2656CFAD08465AD59CD5E0DC5AF25ECEC18FCD09E1CA8E2AD1D952273BE90AFFEDE45BCE44DCF51875F15D1B1B8 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | 24576:/xA7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R07/WLaGZDwYIGNPJe:JVB3mlind9i4ufFXpAXkrfUs0jWLaGZo |
MD5: | A0CFC77914D9BFBDD8BC1B1154A7B364 |
SHA1: | 54962BFDF3797C95DC2A4C8B29E873743811AD30 |
SHA-256: | 81E45F94FE27B1D7D61DBC0DAFC005A1816D238D594B443BF4F0EE3241FB9685 |
SHA-512: | 74A8F6D96E004B8AFB4B635C0150355CEF5D7127972EA90683900B60560AA9C7F8DE780D1D5A4A944AF92B63C69F80DCDE09249AB99696932F1955F9EED443BE |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | 6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | 12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg |
MD5: | 3A49135134665364308390AC398006F1 |
SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | 24576:/rwYIGNP4mOWL07oBGZ1dpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:TwZG6bWLxBGZN3mlind9i4ufFXpAXkru |
MD5: | 95F182500FC92778102336D2D5AADCC8 |
SHA1: | BEC510B6B3D595833AF46B04C5843B95D2A0A6C9 |
SHA-256: | 9F9C041D7EE1DA404E53022D475B9E6D5924A17C08D5FDEC58C0A1DCDCC4D4C9 |
SHA-512: | D7C022459486D124CC6CDACEAD8D46E16EDC472F4780A27C29D98B35AD01A9BA95F62155433264CC12C32BFF384C7ECAFCE0AC45853326CBC622AE65EE0D90BA |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.977939266399265 |
Encrypted: | false |
SSDEEP: | 48:8y0dtT1JVHDidAKZdA1oehwiZUklqeh3y+3:8ySTa8y |
MD5: | D27F16B0EB8FBF35C4CCAC4E7CFC108F |
SHA1: | 228FD7E292C59A2F8F968593AB7AF49574B0FC30 |
SHA-256: | 228EABDFCF1154622211B7CC25DA404E46F8580FE087923892F9E4BA43A13DA4 |
SHA-512: | C7693CC1211292D0162A0B72363F56B2A4AACC503AE13C6F7E3EC16B999CFB5F70336EDC57876D99A50C186026DD15E95AACC66D3D0088DA8A92E08AA192492F |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.9911578148363764 |
Encrypted: | false |
SSDEEP: | 48:8k0dtT1JVHDidAKZdA1leh/iZUkAQkqehsy+2:8kSTw9Qly |
MD5: | EA7914B3EF4DB157D1CF786BADD050B0 |
SHA1: | D9DD92DB7166713BA97248920430EF3674015D9D |
SHA-256: | A69DF6D3313E9604F33F79D650EA9DCB10CF2EC270D9C416EBB04B793D0B6754 |
SHA-512: | 184C702135E4F715BAEC1B8C396C7CBECBE19AC139C0E7E020F2220BB5B8A39C74DD2158B9D75F2D1212D13F32C3A8A4E558319E63CB9BD226005863641199EC |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.003440485511762 |
Encrypted: | false |
SSDEEP: | 48:8g0dtT1JbHDidAKZdA14t5eh7sFiZUkmgqeh7syy+BX:8gSTSngy |
MD5: | 1DB4BDA44E7721EC7CEC0AEBBD0C6935 |
SHA1: | 0F838219DB73E3EB7E7E4ECAA131B88753ABDB91 |
SHA-256: | 5E3407AA51AB9C71B1603B929456F664A84DABB7102899D90F8DDA066523D0F1 |
SHA-512: | 05477EB97FF945F4C163E38E42AD52B8A23071E734BBC2BCDC870C15229DF46A8874FD32458DD65F7EA150896562086BB843A47981264EC56EBC9DF784E1382C |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.986102493729921 |
Encrypted: | false |
SSDEEP: | 48:8D0dtT1JVHDidAKZdA16ehDiZUkwqeh4y+R:8DSTrKy |
MD5: | DADDA82624CE21759F56A133C1A3749D |
SHA1: | D4CA31E0FD00E5EB514300FB2828A030201F7F96 |
SHA-256: | 2A9326258562DA1F226C67CFCF623E7581340C3DC8AECBD9EA0BD9D5A15DA20E |
SHA-512: | AD30035ABFAF47F79793B7FDD286E6C2F3BDA0234A136780605ABBA6468B4002D8DE9035A12419E71703B4A36B4B700B3E82F9CEFDFE586DC139B2296CF7FD70 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9815646143809453 |
Encrypted: | false |
SSDEEP: | 48:850dtT1JVHDidAKZdA1UehBiZUk1W1qehmy+C:85STL9Gy |
MD5: | 954C0EDA9F81B3D0CE260CDF05ED0742 |
SHA1: | AEE6657B37F9E70EE3E2E9086637732A1F9DDCD6 |
SHA-256: | 05E2502D21AD262593741BE7A7736545E3F2AC31C877FFBE12BD3FBB0AD9CA7E |
SHA-512: | FA7AE32D52E945FD74410F7F6AD7B852604AED6B83E06B5EF8A4AEBE1AA1DFEE3388251FB7CF61007D57BD28C17855334CD541702B89B7334C1D9F5BFD80EEDD |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 3.99210246472408 |
Encrypted: | false |
SSDEEP: | 48:8xh0dtT1JVHDidAKZdA1duTrehOuTbbiZUk5OjqehOuTbgy+yT+:8bSTETYTbxWOvTbgy7T |
MD5: | 3AFE32C3EFA89F727AD3F7DB7367CD70 |
SHA1: | 250103C70FEB63F00191CE3CBAD848ED4286223F |
SHA-256: | 4879872A671E2D74956B32580F96CFCC4C67EA0F31A9C636B5B30C612A2AEA06 |
SHA-512: | 6F9BDC1C199333893F40A761EE0BA3ADD33F98B9A814CD5E3A57EE508C403198C9A0926EA6B3A06398BEB0DDC977082A789DD9EA0BED585C57A14DBD73FFB592 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 24972 |
Entropy (8bit): | 7.513461749332853 |
Encrypted: | false |
SSDEEP: | 768:x/HBRmNMZ88dZxt61mzzAeWSVBUKG4sw9KhwikD:5G8dZ/YAgSV6KG4BKzG |
MD5: | 73F1BD18DA9F1963C1C93CCAF9D68128 |
SHA1: | 16E41B58446C9EDAF32F26758B1BB6408BDC1267 |
SHA-256: | A1DAFA5B4206C93DAAD1E1BA7B6A672ED143E4AB1E215275E7FDD6C6E4CA1137 |
SHA-512: | FB825A7FC5244B61E74A8CB087D412CA1F7AC7DC005BE79ED114D8D73A677CEB797DBE8634769AD5F610B1B751C238A3E7222E655E635D554E6D7B965140BDF6 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 24972 |
Entropy (8bit): | 7.513461749332853 |
Encrypted: | false |
SSDEEP: | 768:x/HBRmNMZ88dZxt61mzzAeWSVBUKG4sw9KhwikD:5G8dZ/YAgSV6KG4BKzG |
MD5: | 73F1BD18DA9F1963C1C93CCAF9D68128 |
SHA1: | 16E41B58446C9EDAF32F26758B1BB6408BDC1267 |
SHA-256: | A1DAFA5B4206C93DAAD1E1BA7B6A672ED143E4AB1E215275E7FDD6C6E4CA1137 |
SHA-512: | FB825A7FC5244B61E74A8CB087D412CA1F7AC7DC005BE79ED114D8D73A677CEB797DBE8634769AD5F610B1B751C238A3E7222E655E635D554E6D7B965140BDF6 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 24972 |
Entropy (8bit): | 7.513461749332853 |
Encrypted: | false |
SSDEEP: | 768:x/HBRmNMZ88dZxt61mzzAeWSVBUKG4sw9KhwikD:5G8dZ/YAgSV6KG4BKzG |
MD5: | 73F1BD18DA9F1963C1C93CCAF9D68128 |
SHA1: | 16E41B58446C9EDAF32F26758B1BB6408BDC1267 |
SHA-256: | A1DAFA5B4206C93DAAD1E1BA7B6A672ED143E4AB1E215275E7FDD6C6E4CA1137 |
SHA-512: | FB825A7FC5244B61E74A8CB087D412CA1F7AC7DC005BE79ED114D8D73A677CEB797DBE8634769AD5F610B1B751C238A3E7222E655E635D554E6D7B965140BDF6 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 24972 |
Entropy (8bit): | 7.513461749332853 |
Encrypted: | false |
SSDEEP: | 768:x/HBRmNMZ88dZxt61mzzAeWSVBUKG4sw9KhwikD:5G8dZ/YAgSV6KG4BKzG |
MD5: | 73F1BD18DA9F1963C1C93CCAF9D68128 |
SHA1: | 16E41B58446C9EDAF32F26758B1BB6408BDC1267 |
SHA-256: | A1DAFA5B4206C93DAAD1E1BA7B6A672ED143E4AB1E215275E7FDD6C6E4CA1137 |
SHA-512: | FB825A7FC5244B61E74A8CB087D412CA1F7AC7DC005BE79ED114D8D73A677CEB797DBE8634769AD5F610B1B751C238A3E7222E655E635D554E6D7B965140BDF6 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 243 |
Entropy (8bit): | 5.551513252377009 |
Encrypted: | false |
SSDEEP: | 6:TMVBd/ZbZjZvKtWRVzjm9EAiDGO2hq5XTJBUYcBan:TMHd9BZKtWRnFFixBa |
MD5: | 1470312FC89F1BD3C639C7D308D30156 |
SHA1: | 26B0CB382BCE0084CF83F755FC96975E9CEEC372 |
SHA-256: | CF685E0F7EDCC6AF1081831CFB7ABC298BD87AAFE7F40C47DE0E07D431B9661F |
SHA-512: | E8D6C17CDFE20F010AE410B4056FABB94C5C8A83F198DBECA719D2C809F21905508BC2BB39262E6EC9C46401F4A1DDBC69D3F088D4F06479E1CF2A6F84034F46 |
Malicious: | false |
Reputation: | low |
URL: | https://sterling-prod-acumatica.s3.amazonaws.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 24972 |
Entropy (8bit): | 7.513461749332853 |
Encrypted: | false |
SSDEEP: | 768:x/HBRmNMZ88dZxt61mzzAeWSVBUKG4sw9KhwikD:5G8dZ/YAgSV6KG4BKzG |
MD5: | 73F1BD18DA9F1963C1C93CCAF9D68128 |
SHA1: | 16E41B58446C9EDAF32F26758B1BB6408BDC1267 |
SHA-256: | A1DAFA5B4206C93DAAD1E1BA7B6A672ED143E4AB1E215275E7FDD6C6E4CA1137 |
SHA-512: | FB825A7FC5244B61E74A8CB087D412CA1F7AC7DC005BE79ED114D8D73A677CEB797DBE8634769AD5F610B1B751C238A3E7222E655E635D554E6D7B965140BDF6 |
Malicious: | false |
Reputation: | low |
URL: | https://sterling-prod-acumatica.s3.amazonaws.com/9189038_142739N.pdf?AWSAccessKeyId=AKIAIYFV2RUQHU32EZPQ&Expires=1730052721&Signature=Q6nX6CSG3roHKmU5gHtiFWgx1ck%3D |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 3, 2024 14:51:16.022568941 CEST | 49677 | 80 | 192.168.2.8 | 192.229.211.108 |
Jul 3, 2024 14:51:18.522543907 CEST | 49673 | 443 | 192.168.2.8 | 23.206.229.226 |
Jul 3, 2024 14:51:18.866281986 CEST | 49672 | 443 | 192.168.2.8 | 23.206.229.226 |
Jul 3, 2024 14:51:19.725634098 CEST | 49676 | 443 | 192.168.2.8 | 52.182.143.211 |
Jul 3, 2024 14:51:20.991288900 CEST | 49671 | 443 | 192.168.2.8 | 204.79.197.203 |
Jul 3, 2024 14:51:21.335072994 CEST | 49677 | 80 | 192.168.2.8 | 192.229.211.108 |
Jul 3, 2024 14:51:26.063903093 CEST | 49710 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.063936949 CEST | 443 | 49710 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.064045906 CEST | 49710 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.064273119 CEST | 49710 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.064286947 CEST | 443 | 49710 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.064749002 CEST | 49711 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.064794064 CEST | 443 | 49711 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.064856052 CEST | 49711 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.065048933 CEST | 49711 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.065063953 CEST | 443 | 49711 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.645838022 CEST | 443 | 49710 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.646790028 CEST | 49710 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.646820068 CEST | 443 | 49710 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.648024082 CEST | 443 | 49710 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.648097038 CEST | 49710 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.648768902 CEST | 443 | 49711 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.649300098 CEST | 49710 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.649388075 CEST | 443 | 49710 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.649532080 CEST | 49711 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.649557114 CEST | 443 | 49711 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.649761915 CEST | 49710 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.649775982 CEST | 443 | 49710 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.654179096 CEST | 443 | 49711 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.654256105 CEST | 49711 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.655158997 CEST | 49711 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.655282974 CEST | 443 | 49711 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.692776918 CEST | 49710 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.708195925 CEST | 49711 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.708213091 CEST | 443 | 49711 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.754895926 CEST | 49711 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.833782911 CEST | 443 | 49710 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.836740017 CEST | 443 | 49710 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.836859941 CEST | 49710 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.836888075 CEST | 443 | 49710 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.836930037 CEST | 49710 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.837007999 CEST | 443 | 49710 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.837017059 CEST | 443 | 49710 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.837049007 CEST | 443 | 49710 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.837073088 CEST | 49710 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.837079048 CEST | 443 | 49710 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.837115049 CEST | 49710 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.837137938 CEST | 49710 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.924185991 CEST | 443 | 49710 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.924253941 CEST | 49710 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.924284935 CEST | 443 | 49710 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.924304962 CEST | 443 | 49710 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:26.924348116 CEST | 49710 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.924973965 CEST | 49710 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:26.924989939 CEST | 443 | 49710 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:27.183135986 CEST | 49711 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:27.228508949 CEST | 443 | 49711 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:27.500971079 CEST | 443 | 49711 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:27.501074076 CEST | 443 | 49711 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:27.501166105 CEST | 49711 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:27.582766056 CEST | 49711 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:27.582792997 CEST | 443 | 49711 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:27.673590899 CEST | 49714 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:27.673659086 CEST | 443 | 49714 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:27.673772097 CEST | 49714 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:27.677191973 CEST | 49714 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:27.677210093 CEST | 443 | 49714 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:28.131249905 CEST | 49673 | 443 | 192.168.2.8 | 23.206.229.226 |
Jul 3, 2024 14:51:28.266459942 CEST | 443 | 49714 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:28.309617996 CEST | 49714 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:28.319787025 CEST | 49714 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:28.319797039 CEST | 443 | 49714 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:28.320259094 CEST | 443 | 49714 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:28.320935965 CEST | 49714 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:28.321001053 CEST | 443 | 49714 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:28.321263075 CEST | 49714 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:28.364509106 CEST | 443 | 49714 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:28.466665983 CEST | 49672 | 443 | 192.168.2.8 | 23.206.229.226 |
Jul 3, 2024 14:51:28.480962038 CEST | 443 | 49714 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:28.482496023 CEST | 443 | 49714 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:28.482505083 CEST | 443 | 49714 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:28.482552052 CEST | 443 | 49714 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:28.482559919 CEST | 49714 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:28.482584953 CEST | 443 | 49714 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:28.482598066 CEST | 49714 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:28.482620001 CEST | 49714 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:28.482642889 CEST | 49714 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:28.572093010 CEST | 443 | 49714 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:28.572156906 CEST | 49714 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:28.572169065 CEST | 443 | 49714 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:28.572216034 CEST | 443 | 49714 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:28.572264910 CEST | 49714 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:28.592361927 CEST | 49714 | 443 | 192.168.2.8 | 54.231.228.41 |
Jul 3, 2024 14:51:28.592379093 CEST | 443 | 49714 | 54.231.228.41 | 192.168.2.8 |
Jul 3, 2024 14:51:29.033592939 CEST | 49715 | 443 | 192.168.2.8 | 184.28.90.27 |
Jul 3, 2024 14:51:29.033627987 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:29.033818007 CEST | 49715 | 443 | 192.168.2.8 | 184.28.90.27 |
Jul 3, 2024 14:51:29.035465002 CEST | 49715 | 443 | 192.168.2.8 | 184.28.90.27 |
Jul 3, 2024 14:51:29.035480976 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:29.326462984 CEST | 49676 | 443 | 192.168.2.8 | 52.182.143.211 |
Jul 3, 2024 14:51:29.413325071 CEST | 49716 | 443 | 192.168.2.8 | 216.58.212.132 |
Jul 3, 2024 14:51:29.413356066 CEST | 443 | 49716 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:51:29.413420916 CEST | 49716 | 443 | 192.168.2.8 | 216.58.212.132 |
Jul 3, 2024 14:51:29.418447018 CEST | 49716 | 443 | 192.168.2.8 | 216.58.212.132 |
Jul 3, 2024 14:51:29.418462992 CEST | 443 | 49716 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:51:29.706883907 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:29.706969023 CEST | 49715 | 443 | 192.168.2.8 | 184.28.90.27 |
Jul 3, 2024 14:51:29.741941929 CEST | 49715 | 443 | 192.168.2.8 | 184.28.90.27 |
Jul 3, 2024 14:51:29.741969109 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:29.742326021 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:29.796574116 CEST | 49715 | 443 | 192.168.2.8 | 184.28.90.27 |
Jul 3, 2024 14:51:29.877315998 CEST | 49715 | 443 | 192.168.2.8 | 184.28.90.27 |
Jul 3, 2024 14:51:29.920507908 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:30.068514109 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:30.068615913 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:30.068695068 CEST | 49715 | 443 | 192.168.2.8 | 184.28.90.27 |
Jul 3, 2024 14:51:30.072968960 CEST | 49715 | 443 | 192.168.2.8 | 184.28.90.27 |
Jul 3, 2024 14:51:30.072993994 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:30.073050976 CEST | 49715 | 443 | 192.168.2.8 | 184.28.90.27 |
Jul 3, 2024 14:51:30.073060036 CEST | 443 | 49715 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:30.074882030 CEST | 443 | 49716 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:51:30.090830088 CEST | 49716 | 443 | 192.168.2.8 | 216.58.212.132 |
Jul 3, 2024 14:51:30.090842962 CEST | 443 | 49716 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:51:30.091835976 CEST | 443 | 49716 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:51:30.091967106 CEST | 49716 | 443 | 192.168.2.8 | 216.58.212.132 |
Jul 3, 2024 14:51:30.110769033 CEST | 49716 | 443 | 192.168.2.8 | 216.58.212.132 |
Jul 3, 2024 14:51:30.110851049 CEST | 443 | 49716 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:51:30.139832020 CEST | 443 | 49704 | 23.206.229.226 | 192.168.2.8 |
Jul 3, 2024 14:51:30.139935017 CEST | 49704 | 443 | 192.168.2.8 | 23.206.229.226 |
Jul 3, 2024 14:51:30.159388065 CEST | 49716 | 443 | 192.168.2.8 | 216.58.212.132 |
Jul 3, 2024 14:51:30.159401894 CEST | 443 | 49716 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:51:30.204969883 CEST | 49716 | 443 | 192.168.2.8 | 216.58.212.132 |
Jul 3, 2024 14:51:30.278255939 CEST | 49717 | 443 | 192.168.2.8 | 184.28.90.27 |
Jul 3, 2024 14:51:30.278310061 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:30.278390884 CEST | 49717 | 443 | 192.168.2.8 | 184.28.90.27 |
Jul 3, 2024 14:51:30.282107115 CEST | 49717 | 443 | 192.168.2.8 | 184.28.90.27 |
Jul 3, 2024 14:51:30.282123089 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:30.933418036 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:30.933552980 CEST | 49717 | 443 | 192.168.2.8 | 184.28.90.27 |
Jul 3, 2024 14:51:30.935992956 CEST | 49717 | 443 | 192.168.2.8 | 184.28.90.27 |
Jul 3, 2024 14:51:30.936012983 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:30.936362982 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:30.937871933 CEST | 49717 | 443 | 192.168.2.8 | 184.28.90.27 |
Jul 3, 2024 14:51:30.984497070 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:31.209374905 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:31.209481001 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:31.209661961 CEST | 49717 | 443 | 192.168.2.8 | 184.28.90.27 |
Jul 3, 2024 14:51:31.256505013 CEST | 49717 | 443 | 192.168.2.8 | 184.28.90.27 |
Jul 3, 2024 14:51:31.256535053 CEST | 443 | 49717 | 184.28.90.27 | 192.168.2.8 |
Jul 3, 2024 14:51:32.112674952 CEST | 49677 | 80 | 192.168.2.8 | 192.229.211.108 |
Jul 3, 2024 14:51:38.615945101 CEST | 49719 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:51:38.615988970 CEST | 443 | 49719 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:51:38.616080046 CEST | 49719 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:51:38.617135048 CEST | 49719 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:51:38.617153883 CEST | 443 | 49719 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:51:39.214091063 CEST | 443 | 49719 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:51:39.214179993 CEST | 49719 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:51:39.223813057 CEST | 49719 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:51:39.223835945 CEST | 443 | 49719 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:51:39.224217892 CEST | 443 | 49719 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:51:39.266155005 CEST | 49719 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:51:39.352611065 CEST | 49719 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:51:39.400505066 CEST | 443 | 49719 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:51:39.545841932 CEST | 443 | 49719 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:51:39.545875072 CEST | 443 | 49719 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:51:39.545882940 CEST | 443 | 49719 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:51:39.545919895 CEST | 443 | 49719 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:51:39.546010017 CEST | 49719 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:51:39.546010017 CEST | 49719 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:51:39.546030998 CEST | 443 | 49719 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:51:39.546039104 CEST | 443 | 49719 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:51:39.546082973 CEST | 49719 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:51:39.546345949 CEST | 443 | 49719 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:51:39.546636105 CEST | 443 | 49719 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:51:39.546664000 CEST | 49719 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:51:39.546734095 CEST | 49719 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:51:39.556715012 CEST | 49719 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:51:39.556739092 CEST | 443 | 49719 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:51:39.556796074 CEST | 49719 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:51:39.556802034 CEST | 443 | 49719 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:51:39.996567011 CEST | 443 | 49716 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:51:39.996632099 CEST | 443 | 49716 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:51:39.996699095 CEST | 49716 | 443 | 192.168.2.8 | 216.58.212.132 |
Jul 3, 2024 14:51:40.242149115 CEST | 49704 | 443 | 192.168.2.8 | 23.206.229.226 |
Jul 3, 2024 14:51:40.242238998 CEST | 49704 | 443 | 192.168.2.8 | 23.206.229.226 |
Jul 3, 2024 14:51:40.242549896 CEST | 49721 | 443 | 192.168.2.8 | 23.206.229.226 |
Jul 3, 2024 14:51:40.242595911 CEST | 443 | 49721 | 23.206.229.226 | 192.168.2.8 |
Jul 3, 2024 14:51:40.242676020 CEST | 49721 | 443 | 192.168.2.8 | 23.206.229.226 |
Jul 3, 2024 14:51:40.243058920 CEST | 49721 | 443 | 192.168.2.8 | 23.206.229.226 |
Jul 3, 2024 14:51:40.243072033 CEST | 443 | 49721 | 23.206.229.226 | 192.168.2.8 |
Jul 3, 2024 14:51:40.248270988 CEST | 443 | 49704 | 23.206.229.226 | 192.168.2.8 |
Jul 3, 2024 14:51:40.248286009 CEST | 443 | 49704 | 23.206.229.226 | 192.168.2.8 |
Jul 3, 2024 14:51:40.661560059 CEST | 49716 | 443 | 192.168.2.8 | 216.58.212.132 |
Jul 3, 2024 14:51:40.661595106 CEST | 443 | 49716 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:51:40.859910011 CEST | 443 | 49721 | 23.206.229.226 | 192.168.2.8 |
Jul 3, 2024 14:51:40.859972954 CEST | 49721 | 443 | 192.168.2.8 | 23.206.229.226 |
Jul 3, 2024 14:51:40.895148039 CEST | 49721 | 443 | 192.168.2.8 | 23.206.229.226 |
Jul 3, 2024 14:51:40.895169973 CEST | 443 | 49721 | 23.206.229.226 | 192.168.2.8 |
Jul 3, 2024 14:51:40.895556927 CEST | 443 | 49721 | 23.206.229.226 | 192.168.2.8 |
Jul 3, 2024 14:51:40.895616055 CEST | 49721 | 443 | 192.168.2.8 | 23.206.229.226 |
Jul 3, 2024 14:51:40.897504091 CEST | 49721 | 443 | 192.168.2.8 | 23.206.229.226 |
Jul 3, 2024 14:51:40.897522926 CEST | 443 | 49721 | 23.206.229.226 | 192.168.2.8 |
Jul 3, 2024 14:51:40.897721052 CEST | 49721 | 443 | 192.168.2.8 | 23.206.229.226 |
Jul 3, 2024 14:51:40.940495968 CEST | 443 | 49721 | 23.206.229.226 | 192.168.2.8 |
Jul 3, 2024 14:51:41.418977976 CEST | 443 | 49721 | 23.206.229.226 | 192.168.2.8 |
Jul 3, 2024 14:51:41.419043064 CEST | 49721 | 443 | 192.168.2.8 | 23.206.229.226 |
Jul 3, 2024 14:51:41.419070005 CEST | 443 | 49721 | 23.206.229.226 | 192.168.2.8 |
Jul 3, 2024 14:51:41.419090986 CEST | 443 | 49721 | 23.206.229.226 | 192.168.2.8 |
Jul 3, 2024 14:51:41.419136047 CEST | 49721 | 443 | 192.168.2.8 | 23.206.229.226 |
Jul 3, 2024 14:51:41.419164896 CEST | 49721 | 443 | 192.168.2.8 | 23.206.229.226 |
Jul 3, 2024 14:52:16.355022907 CEST | 49722 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:52:16.355067968 CEST | 443 | 49722 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:52:16.355281115 CEST | 49722 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:52:16.355601072 CEST | 49722 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:52:16.355617046 CEST | 443 | 49722 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:52:16.946655035 CEST | 443 | 49722 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:52:16.946737051 CEST | 49722 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:52:16.948328972 CEST | 49722 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:52:16.948339939 CEST | 443 | 49722 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:52:16.948606968 CEST | 443 | 49722 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:52:16.950042963 CEST | 49722 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:52:16.992496967 CEST | 443 | 49722 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:52:17.148984909 CEST | 443 | 49722 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:52:17.149013996 CEST | 443 | 49722 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:52:17.149029016 CEST | 443 | 49722 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:52:17.149297953 CEST | 49722 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:52:17.149318933 CEST | 443 | 49722 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:52:17.149374962 CEST | 49722 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:52:17.150706053 CEST | 443 | 49722 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:52:17.150753021 CEST | 443 | 49722 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:52:17.150810003 CEST | 49722 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:52:17.150810003 CEST | 49722 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:52:17.150816917 CEST | 443 | 49722 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:52:17.150829077 CEST | 443 | 49722 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:52:17.150862932 CEST | 49722 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:52:17.154031992 CEST | 49722 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:52:17.154046059 CEST | 443 | 49722 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:52:17.154059887 CEST | 49722 | 443 | 192.168.2.8 | 20.12.23.50 |
Jul 3, 2024 14:52:17.154066086 CEST | 443 | 49722 | 20.12.23.50 | 192.168.2.8 |
Jul 3, 2024 14:52:28.609771013 CEST | 49724 | 443 | 192.168.2.8 | 216.58.212.132 |
Jul 3, 2024 14:52:28.609829903 CEST | 443 | 49724 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:52:28.609940052 CEST | 49724 | 443 | 192.168.2.8 | 216.58.212.132 |
Jul 3, 2024 14:52:28.610276937 CEST | 49724 | 443 | 192.168.2.8 | 216.58.212.132 |
Jul 3, 2024 14:52:28.610291958 CEST | 443 | 49724 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:52:29.250572920 CEST | 443 | 49724 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:52:29.254534006 CEST | 49724 | 443 | 192.168.2.8 | 216.58.212.132 |
Jul 3, 2024 14:52:29.254555941 CEST | 443 | 49724 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:52:29.254913092 CEST | 443 | 49724 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:52:29.255557060 CEST | 49724 | 443 | 192.168.2.8 | 216.58.212.132 |
Jul 3, 2024 14:52:29.255623102 CEST | 443 | 49724 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:52:29.306457996 CEST | 49724 | 443 | 192.168.2.8 | 216.58.212.132 |
Jul 3, 2024 14:52:39.417200089 CEST | 443 | 49724 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:52:39.417278051 CEST | 443 | 49724 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:52:39.417503119 CEST | 49724 | 443 | 192.168.2.8 | 216.58.212.132 |
Jul 3, 2024 14:52:40.658472061 CEST | 49724 | 443 | 192.168.2.8 | 216.58.212.132 |
Jul 3, 2024 14:52:40.658508062 CEST | 443 | 49724 | 216.58.212.132 | 192.168.2.8 |
Jul 3, 2024 14:52:49.429857016 CEST | 49727 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:49.429913998 CEST | 443 | 49727 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:49.430140972 CEST | 49727 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:49.430546045 CEST | 49727 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:49.430562973 CEST | 443 | 49727 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:49.430877924 CEST | 49729 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:49.430902958 CEST | 443 | 49729 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:49.431148052 CEST | 49729 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:49.431299925 CEST | 49729 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:49.431313992 CEST | 443 | 49729 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:49.899728060 CEST | 443 | 49727 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:49.900146961 CEST | 49727 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:49.900182009 CEST | 443 | 49727 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:49.901196003 CEST | 443 | 49727 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:49.901252985 CEST | 49727 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:49.903042078 CEST | 49727 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:49.903115034 CEST | 443 | 49727 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:49.903223038 CEST | 49727 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:49.904872894 CEST | 443 | 49729 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:49.905061960 CEST | 49729 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:49.905076981 CEST | 443 | 49729 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:49.906069040 CEST | 443 | 49729 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:49.906117916 CEST | 49729 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:49.907732010 CEST | 49729 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:49.907793045 CEST | 443 | 49729 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:49.907862902 CEST | 49729 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:49.907870054 CEST | 443 | 49729 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:49.948507071 CEST | 443 | 49727 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:49.953452110 CEST | 49727 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:49.953468084 CEST | 443 | 49727 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:49.953473091 CEST | 49729 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:50.000332117 CEST | 49727 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:50.020782948 CEST | 443 | 49727 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:50.020849943 CEST | 443 | 49727 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:50.021050930 CEST | 49727 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:50.032841921 CEST | 49727 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:50.032866001 CEST | 443 | 49727 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:50.037992001 CEST | 443 | 49729 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:50.038052082 CEST | 443 | 49729 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:50.038188934 CEST | 49729 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:50.038261890 CEST | 49729 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:50.038283110 CEST | 443 | 49729 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:56.213916063 CEST | 49730 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:56.213973999 CEST | 443 | 49730 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:56.214246988 CEST | 49730 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:56.214536905 CEST | 49730 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:56.214551926 CEST | 443 | 49730 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:56.671458960 CEST | 443 | 49730 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:56.671844006 CEST | 49730 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:56.671859980 CEST | 443 | 49730 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:56.672897100 CEST | 443 | 49730 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:56.672954082 CEST | 49730 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:56.673377991 CEST | 49730 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:56.673438072 CEST | 443 | 49730 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:56.673782110 CEST | 49730 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:56.673788071 CEST | 443 | 49730 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:56.717164040 CEST | 49730 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:56.811069012 CEST | 443 | 49730 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:56.811141014 CEST | 443 | 49730 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:56.811197996 CEST | 49730 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:56.811381102 CEST | 49730 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:56.811412096 CEST | 443 | 49730 | 162.159.61.3 | 192.168.2.8 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 3, 2024 14:51:24.251377106 CEST | 53 | 54629 | 1.1.1.1 | 192.168.2.8 |
Jul 3, 2024 14:51:24.398106098 CEST | 53 | 59568 | 1.1.1.1 | 192.168.2.8 |
Jul 3, 2024 14:51:25.370815039 CEST | 53 | 60441 | 1.1.1.1 | 192.168.2.8 |
Jul 3, 2024 14:51:26.019036055 CEST | 65244 | 53 | 192.168.2.8 | 1.1.1.1 |
Jul 3, 2024 14:51:26.019176960 CEST | 57010 | 53 | 192.168.2.8 | 1.1.1.1 |
Jul 3, 2024 14:51:26.048938990 CEST | 53 | 65244 | 1.1.1.1 | 192.168.2.8 |
Jul 3, 2024 14:51:26.076205015 CEST | 53 | 57010 | 1.1.1.1 | 192.168.2.8 |
Jul 3, 2024 14:51:28.604038000 CEST | 57349 | 53 | 192.168.2.8 | 1.1.1.1 |
Jul 3, 2024 14:51:28.604841948 CEST | 59216 | 53 | 192.168.2.8 | 1.1.1.1 |
Jul 3, 2024 14:51:28.612282038 CEST | 53 | 57349 | 1.1.1.1 | 192.168.2.8 |
Jul 3, 2024 14:51:28.612422943 CEST | 53 | 59216 | 1.1.1.1 | 192.168.2.8 |
Jul 3, 2024 14:51:42.594620943 CEST | 53 | 51886 | 1.1.1.1 | 192.168.2.8 |
Jul 3, 2024 14:52:01.430633068 CEST | 53 | 52980 | 1.1.1.1 | 192.168.2.8 |
Jul 3, 2024 14:52:10.147861004 CEST | 138 | 138 | 192.168.2.8 | 192.168.2.255 |
Jul 3, 2024 14:52:23.964402914 CEST | 53 | 64333 | 1.1.1.1 | 192.168.2.8 |
Jul 3, 2024 14:52:23.977782965 CEST | 53 | 57430 | 1.1.1.1 | 192.168.2.8 |
Jul 3, 2024 14:52:49.407645941 CEST | 58295 | 53 | 192.168.2.8 | 1.1.1.1 |
Jul 3, 2024 14:52:49.429086924 CEST | 53 | 58295 | 1.1.1.1 | 192.168.2.8 |
Jul 3, 2024 14:52:55.911432981 CEST | 63239 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:56.213226080 CEST | 63239 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:56.363996029 CEST | 443 | 63239 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:56.364056110 CEST | 443 | 63239 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:56.364063978 CEST | 443 | 63239 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:56.364245892 CEST | 443 | 63239 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:56.364253998 CEST | 443 | 63239 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:56.402141094 CEST | 63239 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:56.404567957 CEST | 63239 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:56.780633926 CEST | 63239 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:56.877140999 CEST | 443 | 63239 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:58.137708902 CEST | 63239 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:58.137849092 CEST | 63239 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:58.234291077 CEST | 443 | 63239 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:58.234309912 CEST | 443 | 63239 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:58.234314919 CEST | 443 | 63239 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:58.234325886 CEST | 443 | 63239 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:58.234786034 CEST | 63239 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:58.234863043 CEST | 63239 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:52:58.344790936 CEST | 443 | 63239 | 162.159.61.3 | 192.168.2.8 |
Jul 3, 2024 14:52:58.370285034 CEST | 63239 | 443 | 192.168.2.8 | 162.159.61.3 |
Jul 3, 2024 14:53:07.917921066 CEST | 63239 | 443 | 192.168.2.8 | 162.159.61.3 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Jul 3, 2024 14:51:26.076306105 CEST | 192.168.2.8 | 1.1.1.1 | c282 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jul 3, 2024 14:51:26.019036055 CEST | 192.168.2.8 | 1.1.1.1 | 0x3d2b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 14:51:26.019176960 CEST | 192.168.2.8 | 1.1.1.1 | 0x64df | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 3, 2024 14:51:28.604038000 CEST | 192.168.2.8 | 1.1.1.1 | 0x79e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 3, 2024 14:51:28.604841948 CEST | 192.168.2.8 | 1.1.1.1 | 0xb0f2 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 3, 2024 14:52:49.407645941 CEST | 192.168.2.8 | 1.1.1.1 | 0xfb0 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jul 3, 2024 14:51:26.048938990 CEST | 1.1.1.1 | 192.168.2.8 | 0x3d2b | No error (0) | s3-1-w.amazonaws.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 14:51:26.048938990 CEST | 1.1.1.1 | 192.168.2.8 | 0x3d2b | No error (0) | s3-w.us-east-1.amazonaws.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 14:51:26.048938990 CEST | 1.1.1.1 | 192.168.2.8 | 0x3d2b | No error (0) | 54.231.228.41 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 14:51:26.048938990 CEST | 1.1.1.1 | 192.168.2.8 | 0x3d2b | No error (0) | 52.216.51.89 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 14:51:26.048938990 CEST | 1.1.1.1 | 192.168.2.8 | 0x3d2b | No error (0) | 54.231.165.241 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 14:51:26.048938990 CEST | 1.1.1.1 | 192.168.2.8 | 0x3d2b | No error (0) | 52.217.138.121 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 14:51:26.048938990 CEST | 1.1.1.1 | 192.168.2.8 | 0x3d2b | No error (0) | 52.217.174.137 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 14:51:26.048938990 CEST | 1.1.1.1 | 192.168.2.8 | 0x3d2b | No error (0) | 16.182.35.225 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 14:51:26.048938990 CEST | 1.1.1.1 | 192.168.2.8 | 0x3d2b | No error (0) | 52.217.117.161 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 14:51:26.048938990 CEST | 1.1.1.1 | 192.168.2.8 | 0x3d2b | No error (0) | 52.217.199.6 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 14:51:26.076205015 CEST | 1.1.1.1 | 192.168.2.8 | 0x64df | No error (0) | s3-1-w.amazonaws.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 14:51:26.076205015 CEST | 1.1.1.1 | 192.168.2.8 | 0x64df | No error (0) | s3-w.us-east-1.amazonaws.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 3, 2024 14:51:28.612282038 CEST | 1.1.1.1 | 192.168.2.8 | 0x79e | No error (0) | 216.58.212.132 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 14:51:28.612422943 CEST | 1.1.1.1 | 192.168.2.8 | 0xb0f2 | No error (0) | 65 | IN (0x0001) | false | |||
Jul 3, 2024 14:52:49.429086924 CEST | 1.1.1.1 | 192.168.2.8 | 0xfb0 | No error (0) | 162.159.61.3 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 14:52:49.429086924 CEST | 1.1.1.1 | 192.168.2.8 | 0xfb0 | No error (0) | 172.64.41.3 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 14:52:57.098505974 CEST | 1.1.1.1 | 192.168.2.8 | 0x3d04 | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
Jul 3, 2024 14:52:57.098505974 CEST | 1.1.1.1 | 192.168.2.8 | 0x3d04 | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.8 | 49710 | 54.231.228.41 | 443 | 4912 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 12:51:26 UTC | 798 | OUT | |
2024-07-03 12:51:26 UTC | 531 | IN | |
2024-07-03 12:51:26 UTC | 3475 | IN | |
2024-07-03 12:51:26 UTC | 13904 | IN | |
2024-07-03 12:51:26 UTC | 7593 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.8 | 49711 | 54.231.228.41 | 443 | 4912 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 12:51:27 UTC | 751 | OUT | |
2024-07-03 12:51:27 UTC | 285 | IN | |
2024-07-03 12:51:27 UTC | 254 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.8 | 49714 | 54.231.228.41 | 443 | 4912 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 12:51:28 UTC | 470 | OUT | |
2024-07-03 12:51:28 UTC | 531 | IN | |
2024-07-03 12:51:28 UTC | 1426 | IN | |
2024-07-03 12:51:28 UTC | 15952 | IN | |
2024-07-03 12:51:28 UTC | 7594 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.8 | 49715 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 12:51:29 UTC | 161 | OUT | |
2024-07-03 12:51:30 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.8 | 49717 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 12:51:30 UTC | 239 | OUT | |
2024-07-03 12:51:31 UTC | 514 | IN | |
2024-07-03 12:51:31 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.8 | 49719 | 20.12.23.50 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 12:51:39 UTC | 306 | OUT | |
2024-07-03 12:51:39 UTC | 560 | IN | |
2024-07-03 12:51:39 UTC | 15824 | IN | |
2024-07-03 12:51:39 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
6 | 192.168.2.8 | 49721 | 23.206.229.226 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 12:51:40 UTC | 2171 | OUT | |
2024-07-03 12:51:40 UTC | 1 | OUT | |
2024-07-03 12:51:40 UTC | 515 | OUT | |
2024-07-03 12:51:41 UTC | 480 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.8 | 49722 | 20.12.23.50 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 12:52:16 UTC | 306 | OUT | |
2024-07-03 12:52:17 UTC | 560 | IN | |
2024-07-03 12:52:17 UTC | 15824 | IN | |
2024-07-03 12:52:17 UTC | 14181 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.8 | 49727 | 162.159.61.3 | 443 | 2292 | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 12:52:49 UTC | 245 | OUT | |
2024-07-03 12:52:49 UTC | 128 | OUT | |
2024-07-03 12:52:50 UTC | 247 | IN | |
2024-07-03 12:52:50 UTC | 468 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
9 | 192.168.2.8 | 49729 | 162.159.61.3 | 443 | 2292 | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 12:52:49 UTC | 245 | OUT | |
2024-07-03 12:52:49 UTC | 128 | OUT | |
2024-07-03 12:52:50 UTC | 247 | IN | |
2024-07-03 12:52:50 UTC | 468 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
10 | 192.168.2.8 | 49730 | 162.159.61.3 | 443 | 2292 | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-03 12:52:56 UTC | 245 | OUT | |
2024-07-03 12:52:56 UTC | 128 | OUT | |
2024-07-03 12:52:56 UTC | 247 | IN | |
2024-07-03 12:52:56 UTC | 468 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 08:51:18 |
Start date: | 03/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff678760000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 2 |
Start time: | 08:51:22 |
Start date: | 03/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff678760000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 3 |
Start time: | 08:51:24 |
Start date: | 03/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff678760000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 10 |
Start time: | 08:52:41 |
Start date: | 03/07/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6e8200000 |
File size: | 5'641'176 bytes |
MD5 hash: | 24EAD1C46A47022347DC0F05F6EFBB8C |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 11 |
Start time: | 08:52:42 |
Start date: | 03/07/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff79c940000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 12 |
Start time: | 08:52:43 |
Start date: | 03/07/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff79c940000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |