Windows
Analysis Report
a58.pdf
Overview
General Information
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64_ra
Acrobat.exe (PID: 6160 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\a 58.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) AcroCEF.exe (PID: 6084 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) AcroCEF.exe (PID: 6580 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=21 08 --field -trial-han dle=1568,i ,619986599 9433682923 ,671851639 167481023, 131072 --d isable-fea tures=Back ForwardCac he,Calcula teNativeWi nOcclusion ,WinUseBro wserSpellC hecker /pr efetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | Classification label: |
Source: | File created: |
Source: | File created: |
Source: | Key opened: |
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: |
Source: | Window detected: |
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: |
Source: | Process information queried: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 Process Discovery | Remote Services | Data from Local System | Data Obfuscation | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | 1 System Information Discovery | Remote Desktop Protocol | Data from Removable Media | Junk Data | Exfiltration Over Bluetooth | Network Denial of Service |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | ReversingLabs |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
2.18.96.131 | unknown | European Union | 20940 | AKAMAI-ASN1EU | false | |
52.22.41.97 | unknown | United States | 14618 | AMAZON-AESUS | false | |
162.159.61.3 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
2.16.241.15 | unknown | European Union | 20940 | AKAMAI-ASN1EU | false | |
199.232.210.172 | unknown | United States | 54113 | FASTLYUS | false |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1467138 |
Start date and time: | 2024-07-03 18:38:08 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 17 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | stream |
Analysis stop reason: | Timeout |
Sample name: | a58.pdf |
Detection: | CLEAN |
Classification: | clean0.winPDF@18/40@0/48 |
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 2.18.96.131, 52.22.41.97, 3.219.243.226, 52.6.155.20, 3.233.129.217, 162.159.61.3, 172.64.41.3
- Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, ssl-delivery.adobe.com.edgekey.net, ctldl.windowsupdate.com, p13n.adobe.io, geo2.adobe.com
- Not all processes where analyzed, report is missing behavior information
- VT rate limit hit for: a58.pdf
Input | Output |
---|---|
URL: PDF Model: gpt-4o | ```json{ "riskscore": 0, "reasons": "The provided screenshot of the PDF document does not contain any visually prominent button or link. There is no text present in the screenshot that could create a sense of urgency or interest. Additionally, there is no indication of impersonation of well-known brands. Therefore, there is no evidence to suggest that this PDF document could mislead the user into clicking on a potentially harmful link."} |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 290 |
Entropy (8bit): | 5.221855533361338 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4501CD067E1A5E9A4BD49AF5DF14B86F |
SHA1: | B467EF8C748134A93C89F6F9FA736A16F05CC6EB |
SHA-256: | 2C1C9EC2EA6442D683BF57C6F9562E0A3D6B5B6BB02DB72E5ABAA51C3411B126 |
SHA-512: | 2F8B018C37E243B8F654AB11C2169E17F3076C508CC803E0E5BEB46E3EB31224D33660E526337DCB7FFA1C49935C63EC5CD4570A9B92D20E40885706B93EBBFD |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 334 |
Entropy (8bit): | 5.2272977689704545 |
Encrypted: | false |
SSDEEP: | |
MD5: | FBCDC04A783A39A7DC194454EF321992 |
SHA1: | 90D77584A8B0FA80819BDBEF06F8F9B8D25C22E2 |
SHA-256: | 1383F32CF293A57AF0DB7246723A8D0DF8A3929CF08DDB4DF4C1DD7CC208FAFE |
SHA-512: | 694BA3A65EB943036924DD4FBF3F44529D42DB8C97DFD7A82BEF4A397855C5EB3BAA2E0A83770173D4DE7EB78332A501DDE79B8848A4C7DD378400C2B36087F4 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\6c995781-8387-4b6b-8db6-d4bd2feed7cb.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 403 |
Entropy (8bit): | 4.953858338552356 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4C313FE514B5F4E7E89329630909F8DC |
SHA1: | 916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56 |
SHA-256: | 1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873 |
SHA-512: | 1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4C313FE514B5F4E7E89329630909F8DC |
SHA1: | 916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56 |
SHA-256: | 1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873 |
SHA-512: | 1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State~RF4db35b.TMP (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4C313FE514B5F4E7E89329630909F8DC |
SHA1: | 916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56 |
SHA-256: | 1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873 |
SHA-512: | 1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4099 |
Entropy (8bit): | 5.229353805250166 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3749262F21F41950606DC677C788FA52 |
SHA1: | 4E79AA0567FBF3B938949C3FD52FF3E01353E32E |
SHA-256: | 9C1FEEEB1DC2D22F426C0AAC01D21B7DBAEBB293009E6D08D50F61350613E3BD |
SHA-512: | 24AB473AD21D1E6118D69A5D93FF957F54490D84D8D83EEBBCCD1C9DDC1A393A88055963B2F6955FF7A758CE20D4DD25E848DA4730F73C97DAE6FEFF6A49CFAB |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 322 |
Entropy (8bit): | 5.2452682804596 |
Encrypted: | false |
SSDEEP: | |
MD5: | AB5B01F252C719FF3866E258D1188E6B |
SHA1: | 3B98D2194D968693EEA6233E2319BA67F2E8F0D1 |
SHA-256: | 8D28FEB546DEC27A8EB04E8564879F7703C4FD841CED15679DCD5740DAA4F1A8 |
SHA-512: | 3CA5BAFE07177A74ACE6D7280BD019FBDC3F5668FB884163B5BDB3FA1D63F7B221200B0BF7F5A1802B4AABDAF8CAB0EB95330C52D0D8575A2D70BEA4A390FF1D |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240703163839Z-162.bmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 72406 |
Entropy (8bit): | 0.0640284735327138 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3077E0AD608B5D120A28634DC3890B8B |
SHA1: | 13B57A30AD0C726A3BA787A2250E14DF87D3BF18 |
SHA-256: | 0FC2D40E490DD2FA04909CA9840F24AEA668F86B1B99C6D81B65DC1DE9084F6F |
SHA-512: | 8E368438C9DBEC0D9584A744666EE911C67DF80EF65EB2B537AE03F18A00249AAFEB1D9459CF572BB4C230C649C985473BD1F7026F9AE973DD4FA9F0AE6F0669 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 57344 |
Entropy (8bit): | 3.291927920232006 |
Encrypted: | false |
SSDEEP: | |
MD5: | A4D5FECEFE05F21D6F81ACF4D9A788CF |
SHA1: | 1A9AC236C80F2A2809F7DE374072E2FCCA5A775C |
SHA-256: | 83BE4623D80FFB402FBDEC4125671DF532845A3828A1B378D99BD243A4FD8FF2 |
SHA-512: | FF106C6B9E1EA4B1F3E3AB01FAEA21BA24A885E63DDF0C36EB0A8C3C89A9430FE676039C076C50D7C46DC4E809F6A7E35A4BFED64D9033FEBD6121AC547AA5E9 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16928 |
Entropy (8bit): | 1.2157103278214163 |
Encrypted: | false |
SSDEEP: | |
MD5: | 6684ECADFA0FAC521059F22FE286C14C |
SHA1: | 290972005C428EF85D95F17449876ABAFCEEB487 |
SHA-256: | 6D53E50425356318C0FB92840C9F1C28B736E1B20F716105DED0B89BD11878D2 |
SHA-512: | E1DC08308A0272C5E2FC4458E408B17AEDAA9F0D06221E08C9CDFB788A663D5ED27C427B2180E7E4968561273FCC899A4CB619D8195C464295F870A581A512AF |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506 ![encrypted](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAXCAYAAAARIY8tAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyFpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuNi1jMTQyIDc5LjE2MDkyNCwgMjAxNy8wNy8xMy0wMTowNjozOSAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iIHhtbG5zOnN0UmVmPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VSZWYjIiB4bWxuczp4bXA9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8iIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6NkY0N0QxMkZFMDExMTFFNzlEQjNEM0NBNTA2NjRBOEEiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6NkY0N0QxMkVFMDExMTFFNzlEQjNEM0NBNTA2NjRBOEEiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENDIChXaW5kb3dzKSI+IDx4bXBNTTpEZXJpdmVkRnJvbSBzdFJlZjppbnN0YW5jZUlEPSJ4bXAuaWlkOjUxREYxNzEwRTAxMTExRTc4NzA2RDNFQTNEMTNCRTY1IiBzdFJlZjpkb2N1bWVudElEPSJ4bXAuZGlkOjUxREYxNzExRTAxMTExRTc4NzA2RDNFQTNEMTNCRTY1Ii8+IDwvcmRmOkRlc2NyaXB0aW9uPiA8L3JkZjpSREY+IDwveDp4bXBtZXRhPiA8P3hwYWNrZXQgZW5kPSJyIj8+MtWoxQAAAcJJREFUeNpi/P//PwMyYGRkhLOrauvZuDg5izk5OZPff/ig9O/fP0YGVADSfBOI5wLxpLbmxl9wCai5jLgsABkuJiq6j5ub2/rBw4cM6OqwgD1A7A2zBKaeBZdqoMFNwsLC1tdv3ABxXwPxJiD+gqaMB4j9gFgUiF2AuBaKEQ7G5gOg61nk5eXev3v7jufzly93gcKWQJe9xuYQoFqQ4ceBWBmIP4AsA6r9AzOXCYcHVIDhDjIcxJ6My3AQgMpNhnIFQHqR5XFZwMHECJd6yEAYIKvhIMYCqoFRCwgCjGSanZPzhpeXVwiYXBn///vH8PPXr/8MaGpu3Ljx+e/fv/+RkjYrExMTF4gNzO1fgGYe27VrlzvWjCYsJCT8/ccPkEKIF5mYGLE4jA+lvAA6AGghcuZzwxlE/4CKYYbTPQ5AuVxTU5PBzMwMpVDEB1hIscDB3p7Bx8cHzJ49ezbD6tWrqesDGRkZOFtNTY36QXT02DFw/IAidNOmTdQPonv37jFcv36d4fPnzwyXL1+mTUb7j1SZDIqcjBFEhFx34sQJhkcPH5Jvwa9fv/BqAMXBtatXyQ+iHz9+/KRCyFyDMQACDADO2LiJuitcAQAAAABJRU5ErkJggg==)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71954 |
Entropy (8bit): | 7.996617769952133 |
Encrypted: | true |
SSDEEP: | |
MD5: | 49AEBF8CBD62D92AC215B2923FB1B9F5 |
SHA1: | 1723BE06719828DDA65AD804298D0431F6AFF976 |
SHA-256: | B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F |
SHA-512: | BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 893 |
Entropy (8bit): | 7.366016576663508 |
Encrypted: | false |
SSDEEP: | |
MD5: | D4AE187B4574036C2D76B6DF8A8C1A30 |
SHA1: | B06F409FA14BAB33CBAF4A37811B8740B624D9E5 |
SHA-256: | A2CE3A0FA7D2A833D1801E01EC48E35B70D84F3467CC9F8FAB370386E13879C7 |
SHA-512: | 1F44A360E8BB8ADA22BC5BFE001F1BABB4E72005A46BC2A94C33C4BD149FF256CCE6F35D65CA4F7FC2A5B9E15494155449830D2809C8CF218D0B9196EC646B0C |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 328 |
Entropy (8bit): | 3.239498819991208 |
Encrypted: | false |
SSDEEP: | |
MD5: | 04BDA36C638DE06FF1709204201EF54A |
SHA1: | 14A9E4B1F602C97337F3C230B965EF62321BC9C0 |
SHA-256: | AE3382FF2303C7032C390E55F9DC4A1D2F68ADA7EA7CC44F3C7441DB3732A420 |
SHA-512: | A406434BFB71F77BE14B801997CE9F419976CEE95E657AD7C484A74BBB55B16859C7401705A441713487514A78BC97D28C591653AD9789F2214D54D4A5F6478C |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 252 |
Entropy (8bit): | 3.0215269645321685 |
Encrypted: | false |
SSDEEP: | |
MD5: | F4A5A4DDB5243C1FE753FC61992AC043 |
SHA1: | 6B47E6A3325AF6345E923E916C09A4AC985CCFB3 |
SHA-256: | 24E12FAF49AB9DEE681707105996D83C33A8D03F833E067AD3A7D5C739620A3B |
SHA-512: | 5930C1ED13C7CDF9603BDDEE0DA08855DD678988D5BBDE638F72137D06E445F3C7160E6C8326EA52B8CC18DCBDBB88B9113137580671507E670F013B148652D0 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.3668910299698585 |
Encrypted: | false |
SSDEEP: | |
MD5: | 51AFDF6C7EB2AC697CB6400CFE90400C |
SHA1: | E8960E289CA3A6D81D8A2575C009E9C5B147BC9B |
SHA-256: | 48502D9832FFA1CE891A8141737CDD903702E6F43E8AEDC16D0F33A1E3BF1774 |
SHA-512: | D7437D5E33D45225E30E8F9C288B80F796E991CDCDF3047A4474FCB79C0F6623CE75B9D84DA831BB4B62CA0A82DAD194BE49C7B1C34E7938B233B563343B71E7 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.31363887007274 |
Encrypted: | false |
SSDEEP: | |
MD5: | B1E40B942A13BCA358CD4781549975D6 |
SHA1: | 6B16B900C9E58AC6B7F3112F33DB7783F969C310 |
SHA-256: | 6F99B9DF7AE6175BA9B18C9F374AC64787F08F3CD08D2BA205CAE571759BDC89 |
SHA-512: | 346FAD4DEF87378E682E5CE302BD952906D391F3A910269239C7DF60DA284B5025ACB27CA9D6DA50E6F6F80627AD2E858C69A23DD370C267667A232C97A0743C |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.29290666398741 |
Encrypted: | false |
SSDEEP: | |
MD5: | 0FA6187E2B9F5B33C7DDDE2CCC9C8B1C |
SHA1: | CF22AE85EE6BF8006AF3052D0D0355D83D9942D8 |
SHA-256: | 3826F75DABD2519C2D2D13FB625B289B976357300F5A872523A1C5E14ACDFF08 |
SHA-512: | 85DCEA7CFC904D4ADCEF6CC375934E46EF6D9CFF6893C39FCAFBC833E541DAA47627FD8353A190494F66E37D5FC01E00A194A80F0F043A152F0ADF3B9E93616D |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.355394995681124 |
Encrypted: | false |
SSDEEP: | |
MD5: | 66619DA16EF52D5697F72679D08D8F58 |
SHA1: | 6EEBBF849F94BF93869A1E9ED0BEE053A5D1C8DB |
SHA-256: | 08A7D17B76ED0A2D470847977E421FC20B2A1C019B64F1A9766635C1F996AB9E |
SHA-512: | 68029E349BA9ECD6B99A10280C2FA430A018986B24A607139F8935234F8D16BB927ED8504D07596B0EDE2664B6CD0BFCE3D5E521C8BFA0262BD85802D28C25E5 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.311038166141252 |
Encrypted: | false |
SSDEEP: | |
MD5: | F9B3E797BDE59EA39D0F2692DB493503 |
SHA1: | 839E45E086E3A67684D8A1964AEC5CB5B56BA3D3 |
SHA-256: | 3EEA142E215FE2554D95CB05063E8DF3C7EFC1B81402FA48D6176E8F86F0DF1C |
SHA-512: | 20DAAB4C846CB61B89BD8079BF521013C562F6B27966E3EDD15D8DE3FDDEF55E41569D3F4D5D89964A23C41A6BE3AC47209A3A421D754220FDFC0698755346F4 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.298712882557051 |
Encrypted: | false |
SSDEEP: | |
MD5: | 8EBE96D9C6CD68255EAE63CC8F014621 |
SHA1: | 500567859AB2136718A509B8FC41BA664F3742DF |
SHA-256: | 448F1B5C92C4FA938B7167517C7D04C371977531E4B0B130AB391D37C5893B5D |
SHA-512: | FB8AC62269A3A9FDDB9E8AF739E79A505BEE8DA72181BD12ADC8BFB2F2D854506932E7D89D238F897EF2DC369B3FE7D3F95F6DCA85E9B0A5EE861061848312A3 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.301103731780591 |
Encrypted: | false |
SSDEEP: | |
MD5: | 33D4CEF330772FD447EFCDC3A1BDB699 |
SHA1: | 87FE599C5EBFC971207256E173A801A1B7059E7C |
SHA-256: | E8D65489E01DC7D6EA925B5EE8CE59B933F9E2B32D3DEBA68E3BBDBD1B79F63A |
SHA-512: | 4551117D24EED5FD85E8349191F93E7A564073CAB33B4958FB922D92C2AEC2A9E8BD27071A350FDAEE414F37B7387BAA2E7E2D19432E8D2B792B4FC5206B2854 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.304782982786619 |
Encrypted: | false |
SSDEEP: | |
MD5: | B799A652F8E03F31C360E4071C4811E2 |
SHA1: | BDC5A98850B658C3505ECBCB791A3A9F72AB113B |
SHA-256: | 2D91586D5D6FF41DFDCEA06642A85DFE2F166DC86560D1E014FB721E3AE7D6CD |
SHA-512: | 0A3895CB41D1091EEFDCD8C8721615BB9041872D56BE3B14B06DC864EF81B5D2A1B683991495664403CD80823AA8C1F3683A46B4F33A2C96F4E31105E165F816 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1372 |
Entropy (8bit): | 5.731051533152495 |
Encrypted: | false |
SSDEEP: | |
MD5: | 17F0186F16E63345A6A29AD5854DB240 |
SHA1: | 47F840CD96FCAEFD8BF622433C649C84C4C45872 |
SHA-256: | 28E58535AE8E6667E9F16DFB1EDC3DC7AA4018CBADE333D3A7CDBE2ED73491D0 |
SHA-512: | 7F12551E493EA8F91834445DF867896A48B4997B40DA8624DD62810DAB01B03BCA22C51AF012932B92C665E19CC79792E0A7F85CC9028E6855B6F40252C9E22F |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.304226048119485 |
Encrypted: | false |
SSDEEP: | |
MD5: | 49B1EEA00AF93AF35087BA9F63F94316 |
SHA1: | 620E1BF4BD951DA2A199089CC3D3B8C5FBA4B886 |
SHA-256: | F8DDC87C46BFC4A602CEDC7F111FCDF841F318932F4CD33F71E6D83252F9BB6D |
SHA-512: | 1782DBD5132B80A545BBBF19C2B1BD59B6526DAF4EFCB3B1E9204A1294BD1903E9BA9AC2830F415050066129372918C2B265950618F67487E61444C3FA5F44DE |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1395 |
Entropy (8bit): | 5.764270587888276 |
Encrypted: | false |
SSDEEP: | |
MD5: | F31843F2D078441D25C4A898BCC21711 |
SHA1: | 06428876DC0D4F84EE1E0352FBA2F3498A8921E7 |
SHA-256: | A4723543C54A6DF07053FA37895E3BD2E7703031C570421054735F30C7AE9B82 |
SHA-512: | 0BEFA4EB1F0844EC56D049F870173325468A259FD4C21DB1A6F5DF57AB485D99465DDAE29E6E9D45D45A34BF877B36BE3A6D99CFBABF48AA092A458AFC82F8D5 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.287744100789091 |
Encrypted: | false |
SSDEEP: | |
MD5: | 33B0B06E5E168DA54EFCC7E53BAA0278 |
SHA1: | 78DDCB5F5888B9BBE70B21C01B7D1E089D575591 |
SHA-256: | 2351D15E361A2F764B45307D8D4D8CD17BD13673407A757F8EC470927B923CEE |
SHA-512: | CB5A79DFB7AE1B01843ED11F8A6C898E7A004C5FB02F926F0F64608726D7B45ECA5DD92A46027D1B75621B9594A2D0572640040DD57A80FC3F92E35D6A6847D5 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.2911839159196035 |
Encrypted: | false |
SSDEEP: | |
MD5: | 0B5E23F5A01C48C953112DD8680E86AC |
SHA1: | 2DD814ABD095E529B289EDCB9166FD1CABBFDABC |
SHA-256: | BE31742345E8BD672D6252C2B1A9B11067424075EE64D2D247E77173BC19D2EF |
SHA-512: | 5A358E60D021B457352FEDC131856F60D18015D7810BDFC34136BB169A9D0BD4D5B1084D7E4F70B9D359474D59A91700DADAF529E0ECCE6B146CBF6C489DD750 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.311338654402757 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3944E193CA0D2D1EB54B5A1ECD2B3E70 |
SHA1: | E8A5EFA8291A4C2246EF67BCDC0E82AA139553D3 |
SHA-256: | E2670ABF5F619890896EE79CC91E3909E9FDADBC3D836CB7E0AA8F367A45A2A8 |
SHA-512: | 6E2C4D8D5568F76AA0B7E99A861155F1B12AC9FA8150B8775017F6C73144D1D2677617D25B41DA8A8722880F9BF4EF417C38A9514D5E62E7CF8E5440A0837FD6 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 286 |
Entropy (8bit): | 5.2643544750622535 |
Encrypted: | false |
SSDEEP: | |
MD5: | 6DAE572088DC040A52D48072E93D7CDF |
SHA1: | 9BA1F976F177E0270913E72FBA233B100AE08655 |
SHA-256: | 84D9856F9BF7C53070515D7461AEE6703595E52430B6961CDFCE86A90CF235BA |
SHA-512: | 348B1F00B98EEC14B079B20F1CF6847601C44749BF832F72D6617B8A0AA183848F5A57D793F8448C3EA89AEA860151E1104513F1C3B5E1C8CCD0F857041FA670 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 782 |
Entropy (8bit): | 5.356753034315171 |
Encrypted: | false |
SSDEEP: | |
MD5: | 57758A8BBB4BEDA4166FB1AB5608AE4E |
SHA1: | BBFDF527CEF110603A04867269EA147BF74821DE |
SHA-256: | 56A3BA35B3583F3B38E80F19B0284186DDB14D8201C0990974A3355D3AE666D4 |
SHA-512: | C4ED41A6028484BC627A9EF4508A09E4E65EA90CAA3D3BE82BDFB6F1DB50412DC396DF4B562A9C0CF3A03F84B9ABBAFB3844AFB238E9FAFD9E3C75C6051FAE39 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2814 |
Entropy (8bit): | 5.103014707257456 |
Encrypted: | false |
SSDEEP: | |
MD5: | BAC61DF2423CB6D1B5C29F0353AD3627 |
SHA1: | E4B681FB7A09AEFAAFE65ED33F57F5B475647CBE |
SHA-256: | 061C96B96B63078E4C02CB0A387067886A150B61CE4E513240725737A5DD6201 |
SHA-512: | 84D5ACF9A7B295A5CD45C5DE7590640F52F704225165E476B2964186E2B3432CE24BEC2A9D83583D6F2A624F2CA991E1CDBE20E0EA42ADABEF5E33886611217D |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 0.9883039499276811 |
Encrypted: | false |
SSDEEP: | |
MD5: | E97AC3D298170370E8FB12BEABF666BD |
SHA1: | 25E0401CB2FED6DC2F0A7A2CF98C70B9D3FAB18C |
SHA-256: | 4F32729371BBBAED110598AF6864FE6D6F675A7AA03E04DDA9D68BF25E04ED1D |
SHA-512: | 6E76761CD5BD638E9E9FA4D2F590F624A1433ADC7A637E7D4B20FE713D82051B97C943ED22D7C0D1B99A7FD8F63612F903CBFC8482FAE72FA59127BCE33D6E7B |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.343531705294225 |
Encrypted: | false |
SSDEEP: | |
MD5: | F252EB7159E40F30229172ECFA00430C |
SHA1: | B66AE1525FE8A02FFB8A55149928904827F1C8E6 |
SHA-256: | C600A03206C7089990D0AECAC8D30B16C7B803906F855F7EAE465F5B9930CADA |
SHA-512: | 54173178882C76DB60AA4FF6E1B790952DC4558642862673F1A12C6C5866E6B587590BFAE0935D94CA8F6792C9B7D09DC36AFD74965E8BE718FDC086886E9FD3 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.5213298467083405 |
Encrypted: | false |
SSDEEP: | |
MD5: | 48F71D05330DE0888FC0FEB4B695533E |
SHA1: | 828A39B1F5A0CF0553DA61F519DB501B91C3D3B5 |
SHA-256: | F618B4BC56E28AF8C91B3795AA4795DEA8FF23CA0A0C7E8992B03CF784F79741 |
SHA-512: | 1A0837F1B8FF0CD4FB46F18D1E272701848FB7F9FB1A92E295C33A669895B8821A5E92F7003765BCA18DAA487377CF26C45171B0AC73AE453BEF0C4F2EAB275C |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-07-03 12-38-37-307.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.353642815103214 |
Encrypted: | false |
SSDEEP: | |
MD5: | 91F06491552FC977E9E8AF47786EE7C1 |
SHA1: | 8FEB27904897FFCC2BE1A985D479D7F75F11CEFC |
SHA-256: | 06582F9F48220653B0CB355A53A9B145DA049C536D00095C57FCB3E941BA90BB |
SHA-512: | A63E6E0D25B88EBB6602885AB8E91167D37267B24516A11F7492F48876D3DDCAE44FFC386E146F3CF6EB4FA6AF251602143F254687B17FCFE6F00783095C5082 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 29752 |
Entropy (8bit): | 5.42292021057369 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4C8B3DEB20D494B3BA5178A266772D35 |
SHA1: | 2B4C9DEE305B887FCAE521D150A500138F0E68FF |
SHA-256: | 138EF955A4D86DF8EC28B46FDCB8F93BB088EDD5D42FB7781B88E53253D95A8B |
SHA-512: | B4EA9911108D02241D882D7CC2AD59E02E2980086A2D03937B1349E57450C2A57A2E5C23899C8DECA2B3F24D1D15DBC5113EB1F8FE2D51C52C65FE7702477B4D |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | |
MD5: | 1D64D25345DD73F100517644279994E6 |
SHA1: | DE807F82098D469302955DCBE1A963CD6E887737 |
SHA-256: | 0A05C4CE0C4D8527D79A3C9CEE2A8B73475F53E18544622E4656C598BC814DFC |
SHA-512: | C0A37437F84B4895A7566E278046CFD50558AD84120CA0BD2EAD2259CA7A30BD67F0BDC4C043D73257773C607259A64B6F6AE4987C8B43BB47241F3C78EB9416 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3A49135134665364308390AC398006F1 |
SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | |
MD5: | 18E3D04537AF72FDBEB3760B2D10C80E |
SHA1: | B313CD0B25E41E5CF0DFB83B33AB3E3C7678D5CC |
SHA-256: | BBEF113A2057EE7EAC911DC960D36D4A62C262DAE5B1379257908228243BD6F4 |
SHA-512: | 2A5B9B0A5DC98151AD2346055DF2F7BFDE62F6069A4A6A9AB3377B644D61AE31609B9FC73BEE4A0E929F84BF30DA4C1CDE628915AC37C7542FD170D12DE41298 |
Malicious: | false |
Reputation: | unknown |
Preview: |
File type: | |
Entropy (8bit): | 7.859691281321626 |
TrID: |
|
File name: | a58.pdf |
File size: | 179'024 bytes |
MD5: | e800cacb7da9706f7cbadecc954b0a10 |
SHA1: | 58342023921cfa86088d234ba94230e805acfe94 |
SHA256: | 13a80791ee707dca434fa10783c8adc4175c091adc6499c8cbc32db0d59a27f8 |
SHA512: | 70562d10b9477fd5826dece6d48a79481d0e25133aa5c034b890206df5c2049753978f2e458032ef174b596f897602ccdef3ce090072fbe69ebb1b0aca95f222 |
SSDEEP: | 3072:7Jp/QzgaPJ2FHnVVWrVvlR+zcX7VlyyBpW+55/dPuwC/4vc2FYPy51plsSr:HaJ2FH7W/R+z6Vc2pJbur/Qc2FAS1plb |
TLSH: | 330412A4C7CA4DA0FB4638B0D2015B7AE66949D91541BFD0618E4A13860BCFBF3E1E6D |
File Content Preview: | %PDF-1.6.%......2 0 obj.<</Type/XObject/Subtype/Form/BBox[0 0 630 802.08002]/Group 16 0 R/StructParents 0/Resources<</ColorSpace<</CS0 3 0 R>>/ExtGState<</GS0 5 0 R>>/Font<</TT0 6 0 R/TT1 10 0 R>>/XObject<</Im0 14 0 R>>>>/Filter/FlateDecode/Length 2309>>s |
Icon Hash: | 62cc8caeb29e8ae0 |
General | |
---|---|
Header: | %PDF-1.6 |
Total Entropy: | 7.859691 |
Total Bytes: | 179024 |
Stream Entropy: | 7.857886 |
Stream Bytes: | 176805 |
Entropy outside Streams: | 5.266457 |
Bytes outside Streams: | 2219 |
Number of EOF found: | 1 |
Bytes after EOF: |
Name | Count |
---|---|
obj | 19 |
endobj | 19 |
stream | 18 |
endstream | 18 |
xref | 0 |
trailer | 0 |
startxref | 1 |
/Page | 0 |
/Encrypt | 0 |
/ObjStm | 1 |
/URI | 0 |
/JS | 0 |
/JavaScript | 0 |
/AA | 0 |
/OpenAction | 0 |
/AcroForm | 0 |
/JBIG2Decode | 0 |
/RichMedia | 0 |
/Launch | 0 |
/EmbeddedFile | 0 |
Image Streams |
---|
ID | DHASH | MD5 | Preview |
---|---|---|---|
14 | 0000000000000000 | d4e1a967557f7d21399b655ad250a36f | |
15 | 181840880002010b | 80de75b5a496cb0e1538a227d32e54d5 |