Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Resume - Ms. Kyi Kyi Oo.pdf

Overview

General Information

Sample name:Resume - Ms. Kyi Kyi Oo.pdf
Analysis ID:1559187
MD5:1c41f617e44bc8e620cc682573cb8363
SHA1:c1a10c8aab66733f910546b09d5f4b1fb0d3d5e1
SHA256:ec74560f1c40aadec1a061cc796411806aef5d32eff94a855fa679196fad15a4
Infos:

Detection

Score:2
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

IP address seen in connection with other malware
Potential document exploit detected (performs DNS queries)
Potential document exploit detected (performs HTTP gets)
Potential document exploit detected (unknown TCP traffic)
Uses a known web browser user agent for HTTP communication

Classification

  • System is w10x64_ra
  • Acrobat.exe (PID: 5068 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Resume - Ms. Kyi Kyi Oo.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)
    • AcroCEF.exe (PID: 6208 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
      • AcroCEF.exe (PID: 6416 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1608 --field-trial-handle=1560,i,10592316759477976454,9644130627290774418,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: global trafficDNS query: name: x1.i.lencr.org
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49716
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49717
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49716
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49717
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49717
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49717
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49717
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49717
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49717
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49716
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49716
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49716
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49716
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49716
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49717
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49717
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49717 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49717
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49716
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49716
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49716
Source: global trafficTCP traffic: 192.168.2.17:49716 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.17:49716
Source: Joe Sandbox ViewIP Address: 23.47.168.24 23.47.168.24
Source: global trafficHTTP traffic detected: GET /onboarding/smskillreader.txt HTTP/1.1Host: armmf.adobe.comConnection: keep-aliveAccept-Language: en-US,en;q=0.9User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) ReaderServices/23.6.20320 Chrome/105.0.0.0 Safari/537.36Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brIf-None-Match: "78-5faa31cce96da"If-Modified-Since: Mon, 01 May 2023 15:02:33 GMT
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /onboarding/smskillreader.txt HTTP/1.1Host: armmf.adobe.comConnection: keep-aliveAccept-Language: en-US,en;q=0.9User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) ReaderServices/23.6.20320 Chrome/105.0.0.0 Safari/537.36Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brIf-None-Match: "78-5faa31cce96da"If-Modified-Since: Mon, 01 May 2023 15:02:33 GMT
Source: global trafficDNS traffic detected: DNS query: x1.i.lencr.org
Source: 77EC63BDA74BD0D0E0426DC8F80085060.6.drString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: Resume - Ms. Kyi Kyi Oo.pdfString found in binary or memory: http://www.pdf-tools.com
Source: Resume - Ms. Kyi Kyi Oo.pdfString found in binary or memory: http://www.pdf-tools.com)
Source: 2D85F72862B55C4EADD9E66E06947F3D0.6.drString found in binary or memory: http://x1.i.lencr.org/
Source: Resume - Ms. Kyi Kyi Oo.pdfString found in binary or memory: https://v3.camscanner.com/user/download)
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: classification engineClassification label: clean2.winPDF@16/59@1/1
Source: Resume - Ms. Kyi Kyi Oo.pdfInitial sample: http://www.pdf-tools.com\
Source: Resume - Ms. Kyi Kyi Oo.pdfInitial sample: https://v3.camscanner.com/user/download
Source: Resume - Ms. Kyi Kyi Oo.pdfInitial sample: mailto:thaemarwin4@gmail.com
Source: Resume - Ms. Kyi Kyi Oo.pdfInitial sample: mailto:yinmonhtay11111@gmail.com
Source: Resume - Ms. Kyi Kyi Oo.pdfInitial sample: mailto:amml.acca@gmail.com
Source: Resume - Ms. Kyi Kyi Oo.pdfInitial sample: mailto:kyikyioo48351@gmail.com
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journalJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-11-20 03-38-21-702.logJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CAJump to behavior
Source: unknownProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Resume - Ms. Kyi Kyi Oo.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1608 --field-trial-handle=1560,i,10592316759477976454,9644130627290774418,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1608 --field-trial-handle=1560,i,10592316759477976454,9644130627290774418,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: Resume - Ms. Kyi Kyi Oo.pdfStatic file information: File size 9115944 > 6291456
Source: Resume - Ms. Kyi Kyi Oo.pdfInitial sample: PDF keyword /JavaScript count = 0
Source: Resume - Ms. Kyi Kyi Oo.pdfInitial sample: PDF keyword /Page count = 13
Source: Resume - Ms. Kyi Kyi Oo.pdfInitial sample: PDF keyword stream count = 1655
Source: Resume - Ms. Kyi Kyi Oo.pdfInitial sample: PDF keyword /EmbeddedFile count = 0
Source: Resume - Ms. Kyi Kyi Oo.pdfInitial sample: PDF keyword endobj count = 2386
Source: Resume - Ms. Kyi Kyi Oo.pdfInitial sample: PDF keyword endstream count = 1655
Source: Resume - Ms. Kyi Kyi Oo.pdfInitial sample: PDF keyword obj count = 2386
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information queried: ProcessInformationJump to behavior
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire Infrastructure1
Spearphishing Link
3
Exploitation for Client Execution
Path Interception1
Process Injection
1
Masquerading
OS Credential Dumping1
Process Discovery
Remote ServicesData from Local System1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection
LSASS Memory1
System Information Discovery
Remote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive13
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer
Traffic DuplicationData Destruction
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1559187 Sample: Resume - Ms. Kyi Kyi Oo.pdf Startdate: 20/11/2024 Architecture: WINDOWS Score: 2 14 x1.i.lencr.org 2->14 16 bg.microsoft.map.fastly.net 2->16 7 Acrobat.exe 18 74 2->7         started        process3 process4 9 AcroCEF.exe 131 7->9         started        process5 11 AcroCEF.exe 4 9->11         started        dnsIp6 18 23.47.168.24, 443, 49716, 49717 AKAMAI-ASUS United States 11->18

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
Resume - Ms. Kyi Kyi Oo.pdf0%ReversingLabs
No Antivirus matches
No Antivirus matches
No Antivirus matches
SourceDetectionScannerLabelLink
http://www.pdf-tools.com0%Avira URL Cloudsafe
NameIPActiveMaliciousAntivirus DetectionReputation
bg.microsoft.map.fastly.net
199.232.210.172
truefalse
    high
    x1.i.lencr.org
    unknown
    unknownfalse
      high
      NameSourceMaliciousAntivirus DetectionReputation
      http://x1.i.lencr.org/2D85F72862B55C4EADD9E66E06947F3D0.6.drfalse
        high
        https://v3.camscanner.com/user/download)Resume - Ms. Kyi Kyi Oo.pdffalse
          high
          http://www.pdf-tools.com)Resume - Ms. Kyi Kyi Oo.pdffalse
            high
            http://www.pdf-tools.comResume - Ms. Kyi Kyi Oo.pdffalse
            • Avira URL Cloud: safe
            unknown
            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs
            IPDomainCountryFlagASNASN NameMalicious
            23.47.168.24
            unknownUnited States
            16625AKAMAI-ASUSfalse
            Joe Sandbox version:41.0.0 Charoite
            Analysis ID:1559187
            Start date and time:2024-11-20 09:37:35 +01:00
            Joe Sandbox product:CloudBasic
            Overall analysis duration:0h 4m 55s
            Hypervisor based Inspection enabled:false
            Report type:full
            Cookbook file name:defaultwindowsinteractivecookbook.jbs
            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
            Number of analysed new started processes analysed:24
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • EGA enabled
            • AMSI enabled
            Analysis Mode:default
            Analysis stop reason:Timeout
            Sample name:Resume - Ms. Kyi Kyi Oo.pdf
            Detection:CLEAN
            Classification:clean2.winPDF@16/59@1/1
            Cookbook Comments:
            • Found application associated with file extension: .pdf
            • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, RuntimeBroker.exe, WMIADAP.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, backgroundTaskHost.exe, svchost.exe, TextInputHost.exe
            • Excluded IPs from analysis (whitelisted): 184.28.88.176, 54.144.73.197, 18.207.85.246, 34.193.227.236, 107.22.247.231, 172.64.41.3, 162.159.61.3, 2.19.126.149, 2.19.126.143, 2.23.197.184, 2.22.50.131, 2.22.50.144, 2.16.164.11, 2.16.164.64, 2.16.164.91, 2.16.164.115, 2.16.164.59, 2.16.164.35, 2.16.164.113, 2.16.164.114, 2.16.164.65, 2.16.164.50, 2.16.164.19, 23.200.0.33
            • Excluded domains from analysis (whitelisted): www.bing.com, e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, fs.microsoft.com, e8652.dscx.akamaiedge.net, slscr.update.microsoft.com, acroipm2.adobe.com.edgesuite.net, ctldl.windowsupdate.com.delivery.microsoft.com, ctldl.windowsupdate.com, p13n.adobe.io, a767.dspw65.akamai.net, acroipm2.adobe.com, fe3cr.delivery.mp.microsoft.com, download.windowsupdate.com.edgesuite.net, ocsp.digicert.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, evoke-windowsservices-tas.msedge.net, geo2.adobe.com, wu-b-net.trafficmanager.net, crl.root-x1.letsencrypt.org.edgekey.net
            • Not all processes where analyzed, report is missing behavior information
            • Report size exceeded maximum capacity and may have missing behavior information.
            • VT rate limit hit for: Resume - Ms. Kyi Kyi Oo.pdf
            TimeTypeDescription
            03:38:32API Interceptor2x Sleep call for process: AcroCEF.exe modified
            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
            23.47.168.24Complete_with_DocuSign_49584.pdfGet hashmaliciousHTMLPhisherBrowse
              ZGMW2wgPzY.lnkGet hashmaliciousDucktailBrowse
                XUpERCR9nC.lnkGet hashmaliciousDucktailBrowse
                  Heritage Commercial Flooring.pdfGet hashmaliciousUnknownBrowse
                    copyright_infringement_evidence_1.exeGet hashmaliciousUnknownBrowse
                      cleu.cmDGet hashmaliciousUnknownBrowse
                        https://content.app-us1.com/5zbe53/2024/09/30/8d9df716-ca99-47ed-825e-d3a2a0e6cd9e.pdfGet hashmaliciousHTMLPhisherBrowse
                          PDF...pdfGet hashmaliciousUnknownBrowse
                            TM3utH2CsU.exeGet hashmaliciousPureLog Stealer, XWormBrowse
                              8f40pUzDo8.exeGet hashmaliciousMetasploitBrowse
                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                bg.microsoft.map.fastly.netMyInstaller_PDFGear.exeGet hashmaliciousUnknownBrowse
                                • 199.232.210.172
                                PO-000041492.xlsGet hashmaliciousUnknownBrowse
                                • 199.232.214.172
                                file.exeGet hashmaliciousCredential FlusherBrowse
                                • 199.232.214.172
                                file.exeGet hashmaliciousUnknownBrowse
                                • 199.232.210.172
                                Benefit Enrollment -wZ5nusm.pdfGet hashmaliciousUnknownBrowse
                                • 199.232.214.172
                                6GvQSVIEIu.exeGet hashmaliciousUnknownBrowse
                                • 199.232.210.172
                                Benefit Enrollment -eGz8VNb.pdfGet hashmaliciousUnknownBrowse
                                • 199.232.214.172
                                217469812STM.pdfGet hashmaliciousScreenConnect Tool, PhisherBrowse
                                • 199.232.210.172
                                file.exeGet hashmaliciousRemcosBrowse
                                • 199.232.214.172
                                file.exeGet hashmaliciousCredential FlusherBrowse
                                • 199.232.210.172
                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                AKAMAI-ASUSmeow.arm7.elfGet hashmaliciousUnknownBrowse
                                • 23.51.121.34
                                https://estudioit.cl/starl/#ZGVicmEuY2FydGVyQGNhc2EuZ292LmF1Get hashmaliciousUnknownBrowse
                                • 2.19.126.202
                                file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                • 23.57.90.171
                                QuarantineMessage.zipGet hashmaliciousUnknownBrowse
                                • 23.217.172.185
                                Benefit Enrollment -wZ5nusm.pdfGet hashmaliciousUnknownBrowse
                                • 23.203.104.175
                                Customer forms.pdfGet hashmaliciousUnknownBrowse
                                • 104.78.188.188
                                Benefit Enrollment -eGz8VNb.pdfGet hashmaliciousUnknownBrowse
                                • 23.203.104.175
                                Integration.pdf www.skype.com.lnkGet hashmaliciousUnknownBrowse
                                • 96.17.64.171
                                b.pdfGet hashmaliciousUnknownBrowse
                                • 23.217.172.185
                                https://www.bing.com/ck/a?!&&p=5ceef533778c3decJmltdHM9MTcyMzQyMDgwMCZpZ3VpZD0zNjRmNjVlOC1lNTZjLTYxOWQtMTI1Ny03MTNlZTQyYTYwMTImaW5zaWQ9NTE0MA&ptn=3&ver=2&hsh=3&fclid=364f65e8-e56c-619d-1257-713ee42a6012&u=a1aHR0cHM6Ly9sZXhpbnZhcmlhbnQuY29tLw#aHR0cHM6Ly9HMTAuZHpwdndvYnIucnUvdkd5c2dQdC8=Get hashmaliciousUnknownBrowse
                                • 92.122.18.57
                                No context
                                No context
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:ASCII text
                                Category:dropped
                                Size (bytes):294
                                Entropy (8bit):5.110591924427774
                                Encrypted:false
                                SSDEEP:6:H45cVpQ+q2PsHO2nKuAl9OmbnIFUt8Y43SdWZmw+Y43SQVkwOsHO2nKuAl9Ombjd:Y5cVpQ+vkHVHAahFUt8Jig/+JiQV51HY
                                MD5:0B2CFFDE0F079F3C0787653551515707
                                SHA1:FAC102B1FDE2E271FACA4E0004EBCE4869F04FCD
                                SHA-256:8F69D2BA687284A07C50812BF798F0CF825757A6B7057697A046B7C6CAA8AE08
                                SHA-512:482D6332A377CEE4164FD8DF47AAE6046CD45A0F0592F45430796B2E73EAA244BD27D9F8971CB38B2958A4B27B4627D21024615CC98C3835A09AA45177BF7032
                                Malicious:false
                                Reputation:low
                                Preview:2024/11/20-03:38:20.023 190c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/11/20-03:38:20.025 190c Recovering log #3.2024/11/20-03:38:20.025 190c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:ASCII text
                                Category:dropped
                                Size (bytes):294
                                Entropy (8bit):5.110591924427774
                                Encrypted:false
                                SSDEEP:6:H45cVpQ+q2PsHO2nKuAl9OmbnIFUt8Y43SdWZmw+Y43SQVkwOsHO2nKuAl9Ombjd:Y5cVpQ+vkHVHAahFUt8Jig/+JiQV51HY
                                MD5:0B2CFFDE0F079F3C0787653551515707
                                SHA1:FAC102B1FDE2E271FACA4E0004EBCE4869F04FCD
                                SHA-256:8F69D2BA687284A07C50812BF798F0CF825757A6B7057697A046B7C6CAA8AE08
                                SHA-512:482D6332A377CEE4164FD8DF47AAE6046CD45A0F0592F45430796B2E73EAA244BD27D9F8971CB38B2958A4B27B4627D21024615CC98C3835A09AA45177BF7032
                                Malicious:false
                                Reputation:low
                                Preview:2024/11/20-03:38:20.023 190c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/11/20-03:38:20.025 190c Recovering log #3.2024/11/20-03:38:20.025 190c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:ASCII text
                                Category:dropped
                                Size (bytes):338
                                Entropy (8bit):5.146429712938192
                                Encrypted:false
                                SSDEEP:6:H4W2nxSQ+q2PsHO2nKuAl9Ombzo2jMGIFUt8Y4W2ypgZmw+Y4W2HQVkwOsHO2nK3:YW2UQ+vkHVHAa8uFUt8JW2Yg/+JW2HQs
                                MD5:7905FC6D4CC5A6D425E1D74342F456EB
                                SHA1:5467079E84488B022EAC4F0714B11ECA66DB21ED
                                SHA-256:0D6A3923B6CACF9C0C0B7B9BAF9A4364F6CD32F913A0AD5A0D4349D3003B1D43
                                SHA-512:49533E203473605E556ADE6B347D992B2FDBB1A6714571C695295B5B9CD62F2BC9CF2BF8045CE28114713A7E9A708B1BD27CADCE4C58151A09EC48CACFE793C7
                                Malicious:false
                                Reputation:low
                                Preview:2024/11/20-03:38:19.823 192c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/11/20-03:38:19.827 192c Recovering log #3.2024/11/20-03:38:19.828 192c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:ASCII text
                                Category:dropped
                                Size (bytes):338
                                Entropy (8bit):5.146429712938192
                                Encrypted:false
                                SSDEEP:6:H4W2nxSQ+q2PsHO2nKuAl9Ombzo2jMGIFUt8Y4W2ypgZmw+Y4W2HQVkwOsHO2nK3:YW2UQ+vkHVHAa8uFUt8JW2Yg/+JW2HQs
                                MD5:7905FC6D4CC5A6D425E1D74342F456EB
                                SHA1:5467079E84488B022EAC4F0714B11ECA66DB21ED
                                SHA-256:0D6A3923B6CACF9C0C0B7B9BAF9A4364F6CD32F913A0AD5A0D4349D3003B1D43
                                SHA-512:49533E203473605E556ADE6B347D992B2FDBB1A6714571C695295B5B9CD62F2BC9CF2BF8045CE28114713A7E9A708B1BD27CADCE4C58151A09EC48CACFE793C7
                                Malicious:false
                                Reputation:low
                                Preview:2024/11/20-03:38:19.823 192c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/11/20-03:38:19.827 192c Recovering log #3.2024/11/20-03:38:19.828 192c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:Unknown
                                Category:dropped
                                Size (bytes):476
                                Entropy (8bit):4.976622644559748
                                Encrypted:false
                                SSDEEP:12:YH/um3RA8sqTM3xsBdOg2HVZcaq3QYiubEP7E4T3y:Y2sRdsaM3idMHVg3QYhbY7nby
                                MD5:99C8141D4E0205C57BBD053495B50D0E
                                SHA1:F5AF8D6A05B572DD8FF9BB9F92CD2970961AB430
                                SHA-256:335D69B3B4C1051BB37A1BBE2A00702057113FB809116F805E623A48458FBE4D
                                SHA-512:286F80FCAF3CF7DDE7268A74A1B51CDF2BB805649A7ACBEE6E71E7AA5815967ABCCAB2C2B9EE859CD507714AF94B007E4AF880FDB9E5134AAE1D56E1E344EC1A
                                Malicious:false
                                Reputation:low
                                Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13376651911743180","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":258992},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.17","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:Unknown
                                Category:modified
                                Size (bytes):476
                                Entropy (8bit):4.976622644559748
                                Encrypted:false
                                SSDEEP:12:YH/um3RA8sqTM3xsBdOg2HVZcaq3QYiubEP7E4T3y:Y2sRdsaM3idMHVg3QYhbY7nby
                                MD5:99C8141D4E0205C57BBD053495B50D0E
                                SHA1:F5AF8D6A05B572DD8FF9BB9F92CD2970961AB430
                                SHA-256:335D69B3B4C1051BB37A1BBE2A00702057113FB809116F805E623A48458FBE4D
                                SHA-512:286F80FCAF3CF7DDE7268A74A1B51CDF2BB805649A7ACBEE6E71E7AA5815967ABCCAB2C2B9EE859CD507714AF94B007E4AF880FDB9E5134AAE1D56E1E344EC1A
                                Malicious:false
                                Reputation:low
                                Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13376651911743180","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":258992},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.17","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:data
                                Category:dropped
                                Size (bytes):6495
                                Entropy (8bit):5.245226245585287
                                Encrypted:false
                                SSDEEP:192:TUi8h+F8Aj8DRCGwtqzmsLnNreR2ZpjRe4I8qr9jnNI92D3jC+3ETKEAE87pgfZ:jX8eQp
                                MD5:84A7D3617CBADE0B2028DA5AB2089B0D
                                SHA1:2A5F573959ADC9C28A2A4C64CFFE59FB097A1579
                                SHA-256:845FA6DB59B27EA980CDD9B20F002E8EBFEFCB7454524C6FDD1C06E2AD180098
                                SHA-512:8C0052CEA4F727DC0E5FDD012FF4F09E8EDF48CDAEC5688612A32CFBD0CDC9E4EC01E737083A7BD17DC927975F5FDF1232BDE88DE5453194F08A5B3B5364F635
                                Malicious:false
                                Reputation:low
                                Preview:*...#................version.1..namespace-....o................next-map-id.1.Pnamespace-42000ee3_e7f8_4e1a_acf9_c35e414a379e-https://rna-resource.acrobat.com/.0F...r................next-map-id.2.Snamespace-c3e8f6d4_f714_436a_92db_f0a4810aae6e-https://rna-v2-resource.acrobat.com/.1.p..r................next-map-id.3.Snamespace-d0743b68_de08_4f3c_b7bc_aca178ee7ff1-https://rna-v2-resource.acrobat.com/.2....o................next-map-id.4.Pnamespace-ce27b6a8_7896_4616_ab45_36a5ede234ad-https://rna-resource.acrobat.com/.3..).^...............Pnamespace-42000ee3_e7f8_4e1a_acf9_c35e414a379e-https://rna-resource.acrobat.com/...^...............Pnamespace-ce27b6a8_7896_4616_ab45_36a5ede234ad-https://rna-resource.acrobat.com/.{VUa...............Snamespace-c3e8f6d4_f714_436a_92db_f0a4810aae6e-https://rna-v2-resource.acrobat.com/....a...............Snamespace-d0743b68_de08_4f3c_b7bc_aca178ee7ff1-https://rna-v2-resource.acrobat.com/yATuo................next-map-id.5.Pnamespace-eb3aef6d_d129_430c_a353_
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:ASCII text
                                Category:dropped
                                Size (bytes):326
                                Entropy (8bit):5.14217585139798
                                Encrypted:false
                                SSDEEP:6:H4uQ+q2PsHO2nKuAl9OmbzNMxIFUt8Y4zmGSgZmw+Y4oUQVkwOsHO2nKuAl9Ombg:YuQ+vkHVHAa8jFUt8JzxSg/+JjQV51Hp
                                MD5:D7FBFE6D77DA85BC2D2B84EE4595D667
                                SHA1:4E6234D324A745426510129B0073FFF7C966D2A1
                                SHA-256:10ABFEC8A066DC8C9F7687891EDC23E98770BCB6819553DB1B53B25339C75E38
                                SHA-512:47A5AA0C3222874D95BD3264AB7F9787404ADEF90E96C8D5B242EDDCB4CCDC7ABDE3CB472F698A184A1A663C10B0F78BFEAD0DD814E6476F767A662DC91BA143
                                Malicious:false
                                Preview:2024/11/20-03:38:20.063 192c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/11/20-03:38:20.065 192c Recovering log #3.2024/11/20-03:38:20.066 192c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:ASCII text
                                Category:dropped
                                Size (bytes):326
                                Entropy (8bit):5.14217585139798
                                Encrypted:false
                                SSDEEP:6:H4uQ+q2PsHO2nKuAl9OmbzNMxIFUt8Y4zmGSgZmw+Y4oUQVkwOsHO2nKuAl9Ombg:YuQ+vkHVHAa8jFUt8JzxSg/+JjQV51Hp
                                MD5:D7FBFE6D77DA85BC2D2B84EE4595D667
                                SHA1:4E6234D324A745426510129B0073FFF7C966D2A1
                                SHA-256:10ABFEC8A066DC8C9F7687891EDC23E98770BCB6819553DB1B53B25339C75E38
                                SHA-512:47A5AA0C3222874D95BD3264AB7F9787404ADEF90E96C8D5B242EDDCB4CCDC7ABDE3CB472F698A184A1A663C10B0F78BFEAD0DD814E6476F767A662DC91BA143
                                Malicious:false
                                Preview:2024/11/20-03:38:20.063 192c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/11/20-03:38:20.065 192c Recovering log #3.2024/11/20-03:38:20.066 192c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:ASCII text
                                Category:dropped
                                Size (bytes):16
                                Entropy (8bit):3.2743974703476995
                                Encrypted:false
                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                MD5:46295CAC801E5D4857D09837238A6394
                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                Malicious:false
                                Preview:MANIFEST-000001.
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:data
                                Category:modified
                                Size (bytes):108
                                Entropy (8bit):4.604703155082988
                                Encrypted:false
                                SSDEEP:3:U+klXt1HcZUV/TW1g9OvM11HcZUV/TSlBHr:U+klXtVnV6GOMVnVmnr
                                MD5:6B8E12338F874A0602998C0EB718A75A
                                SHA1:49F9ACC8AF1EC396DD8F0A767AD3EC7032358757
                                SHA-256:A1CFC142EC2B1AA3526D02CCA4478492E9C6131A4D8B8D8B09A0DDD31B736F2B
                                SHA-512:43E83BE6B7AF67749E28722DCB8FBD8058CF58261070272F9F42FDBC3E9BB99E9BF415E1C31D543440ED74FF44B6498126AB3DE6861D3A4BC60DD0E8A886BC66
                                Malicious:false
                                Preview:.. ./................22_11|360x240|60........9....4yBO..i/................22_11|360x240|60........9u...4yB
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:ASCII text
                                Category:dropped
                                Size (bytes):16
                                Entropy (8bit):3.2743974703476995
                                Encrypted:false
                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                MD5:46295CAC801E5D4857D09837238A6394
                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                Malicious:false
                                Preview:MANIFEST-000001.
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:ASCII text
                                Category:dropped
                                Size (bytes):285
                                Entropy (8bit):5.18639392703946
                                Encrypted:false
                                SSDEEP:6:HTwo1sHO2nKuAl9OmbzfXkrl2KLlVTwCYVq2PsHO2nKuAl9OmbzfXkrK+IFUv:zwXHVHAa8/uLLwjvkHVHAa8/F3FUv
                                MD5:33694096FD011F3CEE7991B9DD9C3944
                                SHA1:3C3EBA39B6886B75C0B9E2D011E6FA2C395D08F1
                                SHA-256:01711587B43F6EB50E73212A097B8211BBBE6BA0A0575A36A87BC92DBB1A4F4D
                                SHA-512:D6DCD35818B4B4E39A5FB364763A649CA39BC6FCB76847AF377AB79A442DACFE30724F79A7DA0A06ACA69FA736640E26AD02799395E38E0C913CCAE1AAA3313D
                                Malicious:false
                                Preview:2024/11/20-03:40:46.512 1870 Creating DB C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db since it was missing..2024/11/20-03:40:46.521 1870 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db/MANIFEST-000001.
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:OpenPGP Secret Key
                                Category:dropped
                                Size (bytes):41
                                Entropy (8bit):4.704993772857998
                                Encrypted:false
                                SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                Malicious:false
                                Preview:.|.."....leveldb.BytewiseComparator......
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:ASCII text
                                Category:dropped
                                Size (bytes):16
                                Entropy (8bit):3.2743974703476995
                                Encrypted:false
                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                MD5:46295CAC801E5D4857D09837238A6394
                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                Malicious:false
                                Preview:MANIFEST-000001.
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:data
                                Category:dropped
                                Size (bytes):126
                                Entropy (8bit):3.6123534208443075
                                Encrypted:false
                                SSDEEP:3:G0XttkJcsRwI9tkJcsSaJkG3mH2lztzlkzXlfmH2lG:G0XtqcsqczaJf3mH2lztzl4mH2lG
                                MD5:A05963DD9E2C7C3F13C18A9245AD5934
                                SHA1:15A87493591860C6C22499DF3A705ACB3CB466BD
                                SHA-256:F40B7EF0FE0B676871403B8DD21CE42AF8E482DC8B81F09D93CB2C48CCD112B4
                                SHA-512:E67833950A3DB8D4C27FC851C7DF9AEBB85699024F805E98A2951E9E9FC3B606F10EAD23CE0A3B97484A18A9A52520540FB29787178BFEB9FBD8D46D0AA492A2
                                Malicious:false
                                Preview:.h.6.................__global... .t...................__global... ..7..................22_......u...................22_.....
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:ASCII text
                                Category:dropped
                                Size (bytes):16
                                Entropy (8bit):3.2743974703476995
                                Encrypted:false
                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                MD5:46295CAC801E5D4857D09837238A6394
                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                Malicious:false
                                Preview:MANIFEST-000001.
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:ASCII text
                                Category:dropped
                                Size (bytes):303
                                Entropy (8bit):5.16031935001652
                                Encrypted:false
                                SSDEEP:6:HTwN/1sHO2nKuAl9OmbzfXkrzs52KLlVTwgYVq2PsHO2nKuAl9OmbzfXkrzAdIF2:zwNmHVHAa8/N9LLwgAvkHVHAa8/iFUv
                                MD5:95EBF90CA73B35511DB832D0CE7642D2
                                SHA1:01C81E153142E576ECE38E3B538CEA472C308BFB
                                SHA-256:B9F452A446D92AA14A910665D7C5D3B44DA28C2ABEF1F4485CD500FC4DFDB9C9
                                SHA-512:C0B88799EFB884891F01CC1BFDFAF54DF9D2047F4A17698357FCCBC38CD80039BA45A2AD30A9BEDBAB27E17520AEBF8703C622E1615A529716940E06DE2E3AFB
                                Malicious:false
                                Preview:2024/11/20-03:40:46.500 1870 Creating DB C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata since it was missing..2024/11/20-03:40:46.509 1870 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata/MANIFEST-000001.
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:OpenPGP Secret Key
                                Category:dropped
                                Size (bytes):41
                                Entropy (8bit):4.704993772857998
                                Encrypted:false
                                SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                Malicious:false
                                Preview:.|.."....leveldb.BytewiseComparator......
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:PC bitmap, Windows 3.x format, 107 x -152 x 32, cbSize 65110, bits offset 54
                                Category:dropped
                                Size (bytes):65110
                                Entropy (8bit):3.2435283055240207
                                Encrypted:false
                                SSDEEP:768:si3+ylBNk2EX1CgWvX3OjrvJChvQfj3MFexBzki5cMCXKiPQ27NCh0h:sRylHk2E4r6V5q
                                MD5:49FBE601BB189C0E1DB599F8445974F4
                                SHA1:F5DE3210B7E6BF70E656BBF4B9281C8F00245CA0
                                SHA-256:6274FF8B8FB123DB5D0481AC1E95B036AE48835E3BCCB04C7FD645286F80CFDB
                                SHA-512:B99D9001AC650999048DB8ED49CA6F9D4C77E2D5AD5DE75C234A499473A2B9F011F8BFD10C8EEACC936AD0995CE50D76F30F1BDFFD70091AE41FF2054938B51E
                                Malicious:false
                                Preview:BMV.......6...(...k...h..... .........................*jC.E.u.e...a...R.|............g.....................5gF..kA.2jB.:~T.}...~...........~...{..Z.m.:gC.-kC.H.c.z..O.}.}...~...g...s..#kG.6hD.+jE..iD./iD..jD.6iH.....[uc.1k@.GcN..................._..^..................9../../../../../../..5..u..........................................................................................................................................................................j.r.~...Ay_.G.v.v...u..............................Q.l.,jA.0jB.1kC.;fG.g.......|...t...u...T...............y...l...o......y.......T...H.u.2kC..jC./jC.,hB.2jD.I|W.e........................................................../../../../../../../.............................................................................................................................................................................................e.z.3z\............................b...v..,sR.3iE.4gF.k.w.w...G.o.h......{.
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 12, database pages 21, cookie 0x5, schema 4, UTF-8, version-valid-for 12
                                Category:dropped
                                Size (bytes):86016
                                Entropy (8bit):4.444742297700738
                                Encrypted:false
                                SSDEEP:384:ie5ci5ttiBA7aDQPsknQ0UNCFOa14ocOUw6zyFzqFkdZ+EUTTcdUZ5yDQhJL:dGs3OazzU89UTTgUL
                                MD5:17957FEABAB4A23D5F507DF54CC98440
                                SHA1:FBD184B737FD2A2F23EA1F588B44FB730D4861A3
                                SHA-256:9C0CCE0B47B849B9040CAF6EB651CCF1AB9DE939D6EE4D3EFD9B79B921C19B25
                                SHA-512:CCDD564E821DD48DEDEB89E5EE00310FF3283ECA9B394B22E0D3FBEF13AE19AD25DCE8F3BA70ABF69676F4F86CF7A0072AFCA56AC40F7163D3796116DA4C6049
                                Malicious:false
                                Preview:SQLite format 3......@ ..........................................................................c.......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:SQLite Rollback Journal
                                Category:dropped
                                Size (bytes):8720
                                Entropy (8bit):2.2104256434422287
                                Encrypted:false
                                SSDEEP:24:7+tjAnuwKBmqL0MzkrFsgIFsxX3pALXmnHpkDGjmcxBSkomXk+2m9RFTsyg+wmff:7MsnCEq/mFTIF3XmHjBoGGR+jMz+LhX
                                MD5:BBCE93CFD342B6EA74E14322C2C29DA6
                                SHA1:E05CB2AC950A4E675F486564493EC483CFDC7FF3
                                SHA-256:8DE614300B7BA027D6EC4B1092A4E33B0292F7AE698EA89C53034C16DBB7EB0A
                                SHA-512:2FD530C68EBE7741EB83D14B067A531B39966AAD76BBD201BE2774C746EADEBB68CF84F496753F2FECB7BAF2018FB2EAA159B1173A64DF6C91E0C34A74F7EFAE
                                Malicious:false
                                Preview:.... .c.....).sT........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:Certificate, Version=3
                                Category:dropped
                                Size (bytes):1391
                                Entropy (8bit):7.705940075877404
                                Encrypted:false
                                SSDEEP:24:ooVdTH2NMU+I3E0Ulcrgdaf3sWrATrnkC4EmCUkmGMkfQo1fSZotWzD1:ooVguI3Kcx8WIzNeCUkJMmSuMX1
                                MD5:0CD2F9E0DA1773E9ED864DA5E370E74E
                                SHA1:CABD2A79A1076A31F21D253635CB039D4329A5E8
                                SHA-256:96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6
                                SHA-512:3B40F27E828323F5B91F8909883A78A21C86551761F27B38029FAAEC14AF5B7AA96FB9F9CC93EE201B5EB1D0FEF17B290747E8B839D2E49A8F36C5EBF3C7C910
                                Malicious:false
                                Preview:0..k0..S............@.YDc.c...0...*.H........0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10...150604110438Z..350604110438Z0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10.."0...*.H.............0..........$s..7.+W(.....8..n<.W.x.u...jn..O(..h.lD...c...k....1.!~.3<.H..y.....!.K...qiJffl.~<p..)"......K...~....G.|.H#S.8.O.o...IW..t../.8.{.p!.u.0<.....c...O..K~.....w...{J.L.%.p..)..S$........J.?..aQ.....cq...o[...\4ylv.;.by.../&.....................6....7..6u...r......I.....*.A..v........5/(.l....dwnG7..Y^h..r...A)>Y>.&.$...Z.L@.F....:Qn.;.}r...xY.>Qx....../..>{J.Ks......P.|C.t..t.....0.[q6....00\H..;..}`...).........A.......|.;F.H*..v.v..j.=...8.d..+..(.....B.".'].y...p..N..:..'Qn..d.3CO......B0@0...U...........0...U.......0....0...U......y.Y.{....s.....X..n0...*.H.............U.X....P.....i ')..au\.n...i/..VK..s.Y.!.~.Lq...`.9....!V..P.Y...Y.............b.E.f..|o..;.....'...}~.."......
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
                                Category:dropped
                                Size (bytes):71954
                                Entropy (8bit):7.996617769952133
                                Encrypted:true
                                SSDEEP:1536:gc257bHnClJ3v5mnAQEBP+bfnW8Ctl8G1G4eu76NWDdB34w18R5cBWcJAm68+Q:gp2ld5jPqW8LgeulxB3fgcEfDQ
                                MD5:49AEBF8CBD62D92AC215B2923FB1B9F5
                                SHA1:1723BE06719828DDA65AD804298D0431F6AFF976
                                SHA-256:B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F
                                SHA-512:BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B
                                Malicious:false
                                Preview:MSCF............,...................I..................XaK .authroot.stl.[.i..6..CK..<Tk......4.cl!Kg..E..*Y.f_..".$mR"$.J.E.KB."..rKv.."{.g....3.W.....c..9.s...=....y6#..x..........D......\(.#.s.!.A.......cd.c........+^.ov...n.....3BL..0.......BPUR&.X..02.q...R...J.....w.....b.vy>....-.&..(..oe."."...J9...0U.6J..|U..S.....M.F8g...=.......p...........l.?3.J.x.G.Ep..$g..tj......)v]9(:.)W.8.Op.1Q..:.nPd........7.7..M].V F..g.....12..!7(...B.......h.RZ.......l.<.....6..Z^.`p?... .p.Gp.#.'.X..........|!.8.....".m.49r?.I...g...8.v.....a``.g.R4.i...J8q....NFW,E.6Y....!.o5%.Y.....R..<..S9....r....WO...(.....F..Q=*....-..7d..O(....-..+k.........K..........{Q....Z..j._.E...QZ.~.\.^......N.9.k..O.}dD.b1r...[}/....T..E..G..c.|.c.&>?..^t. ..;..X.d.E.0G....[Q.*,*......#.Dp..L.o|#syc.J............}G-.ou6.=52..XWi=...m.....^u......c..fc?&pR7S5....I...j.G........j.j..Tc.El.....B.pQ.,Bp....j...9g.. >..s..m#.Nb.o_u.M.V...........\#...v..Mo\sF..s....Y...
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:data
                                Category:dropped
                                Size (bytes):192
                                Entropy (8bit):2.7582608629891827
                                Encrypted:false
                                SSDEEP:3:kkFklGt2evfllXlE/HT8klHvNNX8RolJuRdxLlGB9lQRYwpDdt:kKft2PT8s1NMa8RdWBwRd
                                MD5:8A25250BDE3484A948E09F347F47242C
                                SHA1:8A75E4EAFF31EED00773D8AEA8AE519D1BC4B430
                                SHA-256:F75B62120E1D02EFF69B0DEB160F2C2C8BDD5100711C9292D519F0E4C096693F
                                SHA-512:827F678392220158C399E769A6D71AA2BC5B9F8DFC0EFA21C0412089234AE58C1851799B42A9CD5E1B92DB07196C553E23950DD615D3817EE710ED9DD120261F
                                Malicious:false
                                Preview:p...... ........5...';..(....................................................... ..........W.....5..............o...h.t.t.p.:././.x.1...i...l.e.n.c.r...o.r.g./...".6.4.c.d.6.6.5.4.-.5.6.f."...
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:data
                                Category:dropped
                                Size (bytes):328
                                Entropy (8bit):3.144086598890895
                                Encrypted:false
                                SSDEEP:6:kKc9UswDLL+N+SkQlPlEGYRMY9z+4KlDA3RUebT3:XDnLNkPlE99SNxAhUe/3
                                MD5:4FDECAB9999D7CB3408FF88A902557C5
                                SHA1:DE715D3F5A7D39B2953EE719B98AE7A65DD008E2
                                SHA-256:10F618A41EAC29E2BA759229137325F90319F61CE599051116F7248C2D0D659E
                                SHA-512:AFB2F9A9108D3D45F72811DA23605708B92AF6ABAEE553FBE7C44DAEF44B5BEB4232A7662A08EDABF56C1F4C27108EECD0BC408D324CE559F76271C267CA694C
                                Malicious:false
                                Preview:p...... ..........G.';..(....................................................... ........G..@.......&...............h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".a.7.2.8.2.e.b.4.0.b.1.d.a.1.:.0."...
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:JSON data
                                Category:dropped
                                Size (bytes):295
                                Entropy (8bit):5.360739329060337
                                Encrypted:false
                                SSDEEP:6:YEQXJ2HXsAVFKVNIcZKxjx6mJ0Yt/EeoAvJM3g98kUwPeUkwRe9:YvXKXsskIJxjx6m50GMbLUkee9
                                MD5:1853205F333304A9EE356983DC3CEEF0
                                SHA1:174262E74E02939D9B9F4842CAEE292EDD90B00E
                                SHA-256:1EBD5C13C4D64EC385190EDECEF3143618A9F96CFA6EB92E5957EBD399ACD601
                                SHA-512:D9637647017D9A75F811B046F09DBD080282EF61368B57E1721677DCA24F694D4497B1C3E2B32E97901C96D28330EFA02D5C596312133FFD626654F1A5A09A2E
                                Malicious:false
                                Preview:{"analyticsData":{"responseGUID":"f4b93200-9694-430a-9443-cb91b148d101","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1732266116328,"statusCode":200,"surfaceID":"ACROBAT_READER_MASTER_SURFACEID","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:JSON data
                                Category:dropped
                                Size (bytes):294
                                Entropy (8bit):5.311561970852877
                                Encrypted:false
                                SSDEEP:6:YEQXJ2HXsAVFKVNIcZKxjx6mJ0Yt/EeoAvJfBoTfXpnrPeUkwRe9:YvXKXsskIJxjx6m50GWTfXcUkee9
                                MD5:DFB82C4CA00B544441CC6532E80211D4
                                SHA1:60381A8E834ED923CF3A9857E35B1651FA32D8D5
                                SHA-256:BEE2B3696A3CC2E56194AD7AE3CBCEFEDB89D7D1453C7FA6F3B742E165970F6B
                                SHA-512:E4DDF37EC24884F0DE9FAE639235C465193D5BE5B5AFF3A63CADD153748408399917DC5B60C9F9B328864CD6BB14FD8CFD712D13643F487120F0197920A67538
                                Malicious:false
                                Preview:{"analyticsData":{"responseGUID":"f4b93200-9694-430a-9443-cb91b148d101","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1732266116328,"statusCode":200,"surfaceID":"DC_FirstMile_Home_View_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:JSON data
                                Category:dropped
                                Size (bytes):294
                                Entropy (8bit):5.289961289721308
                                Encrypted:false
                                SSDEEP:6:YEQXJ2HXsAVFKVNIcZKxjx6mJ0Yt/EeoAvJfBD2G6UpnrPeUkwRe9:YvXKXsskIJxjx6m50GR22cUkee9
                                MD5:CF569EFEB26D762E26CFAE788AC458AF
                                SHA1:704B65C43863ED5862265764593C534CE69D7D47
                                SHA-256:BD9A633DBFA22433ED222A2969EBA7CAB321C359D4C009B9F66F3098CC7502F1
                                SHA-512:4401AE07FFF3556E4D50AEB37702585634C60B3E78EC60290D1CD77631EB6849BDCAA39DAF93F89B2674AD8FBCC798EBC3FC02490691F5F07E7B5EE3A5B2F82C
                                Malicious:false
                                Preview:{"analyticsData":{"responseGUID":"f4b93200-9694-430a-9443-cb91b148d101","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1732266116328,"statusCode":200,"surfaceID":"DC_FirstMile_Right_Sec_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:JSON data
                                Category:dropped
                                Size (bytes):285
                                Entropy (8bit):5.34674374063939
                                Encrypted:false
                                SSDEEP:6:YEQXJ2HXsAVFKVNIcZKxjx6mJ0Yt/EeoAvJfPmwrPeUkwRe9:YvXKXsskIJxjx6m50GH56Ukee9
                                MD5:BF22151A82A343B5C3657B350195F87C
                                SHA1:053585A79C2C46F9576E13EFAA592985415139C8
                                SHA-256:A4A33665072F075FDFDED91536C00523E87D9A4EB053C41E6AD53ECC70F17019
                                SHA-512:861D3796EB0971C849BABCCD322A685229FA015FE545F7AA65B1C8AC059CF1EF0046260F4844469544F0D03304C9CB1211C49FD7936E1ADA96A96AF6A1851C89
                                Malicious:false
                                Preview:{"analyticsData":{"responseGUID":"f4b93200-9694-430a-9443-cb91b148d101","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1732266116328,"statusCode":200,"surfaceID":"DC_READER_LAUNCH_CARD","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:JSON data
                                Category:dropped
                                Size (bytes):1123
                                Entropy (8bit):5.692462899572956
                                Encrypted:false
                                SSDEEP:24:Yv6Xssjxd6apLgE9cQx8LennAvzBvkn0RCmK8czOCCSI:Yv3sjx8ahgy6SAFv5Ah8cv/I
                                MD5:66045AF2B62CE11A366F54F076DC021B
                                SHA1:87B1E43E216C5B91B8F8C2C30C195F05BB9CB6AA
                                SHA-256:E715B93094CBDD2748B66106D9C58CE63F90B09EB11216868A0E5B0405BFFD28
                                SHA-512:B27B8D588A0FD54585D29616FDB75CBE6ACB9709D00191E70F5C82C66C9E19F44A66D227D96C7B3971B192CDB37050C7A2FE09E540F80457A9AE5892F0F5227C
                                Malicious:false
                                Preview:{"analyticsData":{"responseGUID":"f4b93200-9694-430a-9443-cb91b148d101","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1732266116328,"statusCode":200,"surfaceID":"DC_Reader_Convert_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Convert_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"93365_289436ActionBlock_1","campaignId":93365,"containerId":"1","controlGroupId":"","treatmentId":"d5bba1ae-6009-4d23-8886-fd4a474b8ac9","variationId":"289436"},"containerId":1,"containerLabel":"JSON for DC_Reader_Convert_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwiLCJjbGljayI6Im9wZW5Ub29sIiwidG9vbF9pZCI6IkNvbnZlcnRQREZSZHJSSFBBcHAifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkV4cG9ydCBQREZzIHRvIE1pY3Jvc29mdCBXb3JkIGFuZCBFeGNlbC4ifSwidGNh
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:JSON data
                                Category:dropped
                                Size (bytes):1122
                                Entropy (8bit):5.686779838331596
                                Encrypted:false
                                SSDEEP:24:Yv6Xssjxd68VLgEwcp06ybnAvz7xHn0RCmK8czOCYHfl8zdBB:Yv3sjx88FgSNycJUAh8cvYHu
                                MD5:C885D1A06C2744DAB352E1F5F591A4BA
                                SHA1:E730331B1463EA78D5D8689A3A64DADC6196748E
                                SHA-256:7013A9CB48CF324F9BE59527BDBEC221149C87AA847D8A06F4EC1AEFE940A1EC
                                SHA-512:7E529ABB9641403D6184A28BE1A3387B6C272CFB945CD4E12F6F881104446C6C879E584B706D1A411B157FD54F12F56D8D112AD0BEC7E903A7CA04CE34D76A66
                                Malicious:false
                                Preview:{"analyticsData":{"responseGUID":"f4b93200-9694-430a-9443-cb91b148d101","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1732266116328,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Disc_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"93181_288855ActionBlock_0","campaignId":93181,"containerId":"1","controlGroupId":"","treatmentId":"1aad653c-ef44-43f7-be1c-3a2ba2cf2cfc","variationId":"288855"},"containerId":1,"containerLabel":"JSON for DC_Reader_Disc_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwiLCJjbGljayI6Im9wZW5Ub29sIiwidG9vbF9pZCI6IlVwZ3JhZGVSSFBSZHJBcHAifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkNvbnZlcnQsIGVkaXQgYW5kIGUtc2lnblxuIFBERiBmb3JtcyAmIGFncmVlbWVudHMuIn0sInRjY
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:JSON data
                                Category:dropped
                                Size (bytes):292
                                Entropy (8bit):5.301796542128766
                                Encrypted:false
                                SSDEEP:6:YEQXJ2HXsAVFKVNIcZKxjx6mJ0Yt/EeoAvJfQ1rPeUkwRe9:YvXKXsskIJxjx6m50GY16Ukee9
                                MD5:31F423FAE6D922433EEFC1C6E113BFD3
                                SHA1:040F5226E395F8F60711E7CCF56A2B23D343E4F0
                                SHA-256:B7D2C5DDE76887073FB0889AF514082073AF281C81387C9963AC5150C425AE90
                                SHA-512:4F7460D1C38003C1141982BEA5ADCF9D338DA8CE9295F870CFF921F88C96C18E2DBBA8A94D732813F9EA5D6D6E127EE76A55E2AE9F2C0F0D9C591668465E8A6F
                                Malicious:false
                                Preview:{"analyticsData":{"responseGUID":"f4b93200-9694-430a-9443-cb91b148d101","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1732266116328,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:JSON data
                                Category:dropped
                                Size (bytes):1102
                                Entropy (8bit):5.675444420012059
                                Encrypted:false
                                SSDEEP:24:Yv6Xssjxd6h2LgErcXWl7y0nAvzIBcSJCBViVB:Yv3sjx8hogH47yfkB5kVI
                                MD5:0B6CA35BBF6A286C69D6F0F1453EA070
                                SHA1:4394FAF9186DC79BE3BD34F9AEBB94D5432C5A6A
                                SHA-256:A8D90E3AFB7D4D6995E3F338853BCE21D5479711CC72C41C5F9ABE3B5E5B4BF0
                                SHA-512:46F4F2D4FF4BC84DD13D9734EA393A7B73607D6FD04D1D99027B40B533CFE134F34A71A6A6AF649C1A6ACFBAC4C70742BC6EAEF9D18EAEF2CE13B2A93D231E84
                                Malicious:false
                                Preview:{"analyticsData":{"responseGUID":"f4b93200-9694-430a-9443-cb91b148d101","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1732266116328,"statusCode":200,"surfaceID":"DC_Reader_Edit_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Edit_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"93181_288855ActionBlock_1","campaignId":93181,"containerId":"1","controlGroupId":"","treatmentId":"533ab5eb-b236-4889-89a5-ac002261d71e","variationId":"288855"},"containerId":1,"containerLabel":"JSON for DC_Reader_Edit_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwiLCJjbGljayI6Im9wZW5Ub29sIiwidG9vbF9pZCI6IkVkaXRQREZSZHJBcHBGdWxsIn0sInVpIjp7InRpdGxlX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTRweCIsImZvbnRfc3R5bGUiOiIwIn0sImRlc2NyaXB0aW9uX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTJweCIsImZvbnRfc3R5bGUiOiItMSJ9LCJ0aXRsZSI6bnVsbCwiZGVzY3JpcHRpb24iOiJFZGl0IHRleHQsIGltYWdlcywgcGFnZXMsIGFuZCBtb3JlLiJ9LCJ0Y2F0SWQiOm51bGx9","da
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:JSON data
                                Category:dropped
                                Size (bytes):1164
                                Entropy (8bit):5.70278007948475
                                Encrypted:false
                                SSDEEP:24:Yv6Xssjxd6hKLgEfIcZVSkpsn264rS514ZjBrwloJTmcVIsrSK5B:Yv3sjx8hEgqprtrS5OZjSlwTmAfSKH
                                MD5:E9374867A540B96C9E09F1E6036534FC
                                SHA1:4FFC0B209C4706B23B1F96561E88789FA0E0EC13
                                SHA-256:C1D7543E6449710540BFD8933CBB42CFDB8F90E8F2C81E7C762FB997A0C5DA91
                                SHA-512:6728B9540341948622AC9370602DAA35AA2C47BEF4F5A0891D38992CB82B13CCEC8AEB4CC1F254038589A8E9CB966C83C1CA57F0D5B35D67F05EA1134AF06BBB
                                Malicious:false
                                Preview:{"analyticsData":{"responseGUID":"f4b93200-9694-430a-9443-cb91b148d101","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1732266116328,"statusCode":200,"surfaceID":"DC_Reader_Home_LHP_Trial_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Home_LHP_Trial_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"85531_264848ActionBlock_0","campaignId":85531,"containerId":"1","controlGroupId":"","treatmentId":"ee1a7497-76e7-43c2-bb63-9a0551e11d73","variationId":"264848"},"containerId":1,"containerLabel":"JSON for DC_Reader_Home_LHP_Trial_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IlRyeSBBY3JvYmF0IFBybyJ9LCJ1aSI6eyJ0aXRsZV9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjE1cHgiLCJmb250X3N0eWxlIjoiMCJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjEzcHgiLCJmb250X3N0eWxlIjoiLTEifSwidGl0bGUiOiJGcmVlIHRyaWFsIiwiZGVzY3JpcHRpb24iOiJHZXQgdW5saW1pdGVkIGFjY2VzcyB0b1xucHJlbWl1bSBQREYgYW5kIGUtc2lnbmluZ1xudG9vbHMuIn0sImJhbm5lcl9zdHlsaW5nIjo
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:JSON data
                                Category:dropped
                                Size (bytes):289
                                Entropy (8bit):5.307560173794599
                                Encrypted:false
                                SSDEEP:6:YEQXJ2HXsAVFKVNIcZKxjx6mJ0Yt/EeoAvJfYdPeUkwRe9:YvXKXsskIJxjx6m50Gg8Ukee9
                                MD5:480BD9EDEAA8F599C2165BE2E601272B
                                SHA1:F282BF79F1ADB5D2D63E69E448B2B91B888E32B2
                                SHA-256:75D3A9BEA771CD97826927DC1D11C95CA59FBCD993347C879B981B41FEFC538F
                                SHA-512:42C25AD07F3548B44CA04BC5D93EB77887DFBBC675869FDD24533F16F5A61DFA6F50F2EA412ABFBFFF3C6E352B11BE8BD4CE9EAA2F7078F08AE5D2579DFD545A
                                Malicious:false
                                Preview:{"analyticsData":{"responseGUID":"f4b93200-9694-430a-9443-cb91b148d101","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1732266116328,"statusCode":200,"surfaceID":"DC_Reader_More_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:JSON data
                                Category:dropped
                                Size (bytes):284
                                Entropy (8bit):5.293425946735745
                                Encrypted:false
                                SSDEEP:6:YEQXJ2HXsAVFKVNIcZKxjx6mJ0Yt/EeoAvJf+dPeUkwRe9:YvXKXsskIJxjx6m50G28Ukee9
                                MD5:18396041204231399BBC462352ACC8BA
                                SHA1:DBA3AB6DA68A09BFF6E5B373ECDA0D36E3642A61
                                SHA-256:84B51BB4FE13E6D6461AF54FFF9F3656CB1A4B7401ABB8B0146187B11881D6EF
                                SHA-512:A7F17128ED65518F99C9F43E266929DD12006BA9D433BD846F2C362C596DB1A1FDF4C1B744D4B678B05DEAF744EDF7378AA4FD9213AF3C5D43FEA6FCF3415E06
                                Malicious:false
                                Preview:{"analyticsData":{"responseGUID":"f4b93200-9694-430a-9443-cb91b148d101","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1732266116328,"statusCode":200,"surfaceID":"DC_Reader_RHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:JSON data
                                Category:dropped
                                Size (bytes):291
                                Entropy (8bit):5.291055311511111
                                Encrypted:false
                                SSDEEP:6:YEQXJ2HXsAVFKVNIcZKxjx6mJ0Yt/EeoAvJfbPtdPeUkwRe9:YvXKXsskIJxjx6m50GDV8Ukee9
                                MD5:5738A5176BD402AADEE171AC465C03FC
                                SHA1:444F4DFE0AF5E590DB235293E6FF9312BFF5EAF3
                                SHA-256:FEF582DCA0A5A2159D7195C0172ECE9B9D918EA8AF9A8A8AF5D23785D45DE18C
                                SHA-512:D5AA4D10CF80125E313ACB43C490FACB8DD174B29B44D5AD965C3737F742C6964BB7D4CB0BA95C3916D67F205B0B25DA0B3561E7CEE7ADF7A13B25E93CDBA58F
                                Malicious:false
                                Preview:{"analyticsData":{"responseGUID":"f4b93200-9694-430a-9443-cb91b148d101","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1732266116328,"statusCode":200,"surfaceID":"DC_Reader_RHP_Intent_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:JSON data
                                Category:dropped
                                Size (bytes):287
                                Entropy (8bit):5.292518794278666
                                Encrypted:false
                                SSDEEP:6:YEQXJ2HXsAVFKVNIcZKxjx6mJ0Yt/EeoAvJf21rPeUkwRe9:YvXKXsskIJxjx6m50G+16Ukee9
                                MD5:54C497B765B767BD3DF0D80F22A84AA7
                                SHA1:350BA2CA71A0D3E35F08974446C8BB2012D4E6C5
                                SHA-256:A2289E74EE7F170C25D89689A2114E5FE436B438D736B8059E04FAE0121A1D40
                                SHA-512:EC8F4C25E7172D05FE502050DD7347B69354527F5116AABD2CD93DC252BE99A143D33AD4B59853F2FD63687822049E3D013344B170040E2FFEE6CEC0FC5E7FF1
                                Malicious:false
                                Preview:{"analyticsData":{"responseGUID":"f4b93200-9694-430a-9443-cb91b148d101","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1732266116328,"statusCode":200,"surfaceID":"DC_Reader_RHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:JSON data
                                Category:dropped
                                Size (bytes):1090
                                Entropy (8bit):5.665893050544167
                                Encrypted:false
                                SSDEEP:24:Yv6Xssjxd6GamXayLgE+cNDxeNaqnAvz7xHn0RCmK8czOC/BSI:Yv3sjx8IBgkDMUJUAh8cvMI
                                MD5:24386251FC413FB4A56E581384E2DAE6
                                SHA1:292E0D64BA9B8EB5107FE49C50C7A4580341B285
                                SHA-256:F86B94DD52515DA08C98A954CF9F035CDCEE7AF1C41835CD370525D94CA58764
                                SHA-512:D8926BF21BE5F96D7D64207DB33F8559734D54B1D7CD0CCCBE35C45FFB593D4A6E027AA293D8AA8EC05DBEB684C786933C2FFEDC1D8775E6B17D369BA148EA44
                                Malicious:false
                                Preview:{"analyticsData":{"responseGUID":"f4b93200-9694-430a-9443-cb91b148d101","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1732266116328,"statusCode":200,"surfaceID":"DC_Reader_Sign_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Sign_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"93365_289436ActionBlock_0","campaignId":93365,"containerId":"1","controlGroupId":"","treatmentId":"266234d2-130d-426e-8466-c7a061db101f","variationId":"289436"},"containerId":1,"containerLabel":"JSON for DC_Reader_Sign_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwiLCJjbGljayI6Im9wZW5Ub29sIiwidG9vbF9pZCI6IlVwZ3JhZGVSSFBSZHJBcHAifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkVhc2lseSBmaWxsIGFuZCBzaWduIFBERnMuIn0sInRjYXRJZCI6bnVsbH0=","dataType":"app
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:JSON data
                                Category:dropped
                                Size (bytes):286
                                Entropy (8bit):5.268894059405946
                                Encrypted:false
                                SSDEEP:6:YEQXJ2HXsAVFKVNIcZKxjx6mJ0Yt/EeoAvJfshHHrPeUkwRe9:YvXKXsskIJxjx6m50GUUUkee9
                                MD5:500BFA276E0BC6DF43AAC89E1B9360AF
                                SHA1:A504D12491687D4BBF9574A63CD9F29A69E4EA68
                                SHA-256:6B9839268E5C62852DF1ED5A3FB08487C04505A1DF5E5EB99D58F20735A14D0D
                                SHA-512:A39950E849A43AAFA7E3E8CA55C3B2F234040A301A857B309317F9FBDB3F3927ADB75D3D797571F02D97BCEAAE9D4BE340CAB8BD0A1EA461CC1C7126406A8684
                                Malicious:false
                                Preview:{"analyticsData":{"responseGUID":"f4b93200-9694-430a-9443-cb91b148d101","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1732266116328,"statusCode":200,"surfaceID":"DC_Reader_Upsell_Cards","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:JSON data
                                Category:dropped
                                Size (bytes):782
                                Entropy (8bit):5.372865865567789
                                Encrypted:false
                                SSDEEP:12:YvXKXsskIJxjx6m50GTq16Ukee1+3CEJ1KXd15kcyKMQo7P70c0WM6ZB/uhWV:Yv6Xssjxd6R168CgEXX5kcIfANhI
                                MD5:2EC80CD7938CA4D268DD8F03E0460CAE
                                SHA1:6E6EB4763856D1B5370CE34287631919AD0F4DD4
                                SHA-256:A2A672FEE61F589884056E4D61F8C067AFA29302A1BDE2210B297FB148883143
                                SHA-512:59848DCE8BE95C0CDB29E417BEB681ED917D8FFDFC37FF3A131790E0B435C52156D39741C26338CFEE6F211E2FDA070C396A14CAF9B90D9357CC9F105D885B8C
                                Malicious:false
                                Preview:{"analyticsData":{"responseGUID":"f4b93200-9694-430a-9443-cb91b148d101","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1732266116328,"statusCode":200,"surfaceID":"Edit_InApp_Aug2020","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"Edit_InApp_Aug2020"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"20360_57769ActionBlock_0","campaignId":20360,"containerId":"1","controlGroupId":"","treatmentId":"3c07988a-9c54-409d-9d06-53885c9f21ec","variationId":"57769"},"containerId":1,"containerLabel":"JSON for switching in-app test","content":{"data":"eyJ1cHNlbGxleHBlcmltZW50Ijp7InRlc3RpZCI6IjEiLCJjb2hvcnQiOiJicm93c2VyIn19","dataType":"application\/json","encodingScheme":true},"endDTS":1735804679000,"startDTS":1732091906356}}}}
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:data
                                Category:dropped
                                Size (bytes):4
                                Entropy (8bit):0.8112781244591328
                                Encrypted:false
                                SSDEEP:3:e:e
                                MD5:DC84B0D741E5BEAE8070013ADDCC8C28
                                SHA1:802F4A6A20CBF157AAF6C4E07E4301578D5936A2
                                SHA-256:81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
                                SHA-512:65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
                                Malicious:false
                                Preview:....
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:JSON data
                                Category:dropped
                                Size (bytes):2817
                                Entropy (8bit):5.127420417515991
                                Encrypted:false
                                SSDEEP:48:YgEVR3TxUAEC7wcLeA47C7F4bfkpNRneo59kf:REVJTC5ELeAKy6MpN5pkf
                                MD5:82AED75A92E72F3EA9CD99F18299480F
                                SHA1:886EBD407B50ACDDDBA6E55640A710F1DCECA8AC
                                SHA-256:DC3940DD52A742EC9DB510AA0CA94F5F7D83B1F44A6D70A4C59AB700CE8FA52E
                                SHA-512:3D69411296304AAFDAF7E5484702423F2C229F27632CDCAB2107A591B2D7C28B86637321A88A680E451F9D2A1066789CFF54DCA4656E9136E5B764A650075FB1
                                Malicious:false
                                Preview:{"all":[{"id":"DC_Reader_Disc_LHP_Banner","info":{"dg":"cf98104f3a98a6c355706b8217431eee","sid":"DC_Reader_Disc_LHP_Banner"},"mimeType":"file","size":1122,"ts":1732091905000},{"id":"DC_Reader_Home_LHP_Trial_Banner","info":{"dg":"f363537441cea99d97627ecdd49c8765","sid":"DC_Reader_Home_LHP_Trial_Banner"},"mimeType":"file","size":1164,"ts":1732091905000},{"id":"DC_Reader_Sign_LHP_Banner","info":{"dg":"c46ccdb892d26ea56c25a0efb826c49e","sid":"DC_Reader_Sign_LHP_Banner"},"mimeType":"file","size":1090,"ts":1732091905000},{"id":"DC_Reader_Convert_LHP_Banner","info":{"dg":"69c41cd704f61a08d1b1a459acc8f208","sid":"DC_Reader_Convert_LHP_Banner"},"mimeType":"file","size":1123,"ts":1732091905000},{"id":"DC_Reader_Edit_LHP_Banner","info":{"dg":"e2aa2d1d7d1f88f7014e0f8b42aa95fd","sid":"DC_Reader_Edit_LHP_Banner"},"mimeType":"file","size":1102,"ts":1732091905000},{"id":"Edit_InApp_Aug2020","info":{"dg":"9dc5a0057fdcd78e0454dceb3a673471","sid":"Edit_InApp_Aug2020"},"mimeType":"file","size":782,"ts":17
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 23, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 23
                                Category:dropped
                                Size (bytes):12288
                                Entropy (8bit):1.3566718747551323
                                Encrypted:false
                                SSDEEP:48:TVl2GL7msncRVbjVpOV6cV6+VZeVZvVZCVZW/Vk/Vhjv2ubCs22LZZPI5BvP5ZPq:vVmssZnrFIZWtBZS
                                MD5:F327B4AAE8584FF293719232B0D51A8F
                                SHA1:F102768C432E9023E56605A632215250619A3751
                                SHA-256:8B945A89D8B2B5BE41CEB629100CE4013E062FAAB1BBC96EDCE5C47474732CE3
                                SHA-512:BD8DA5E37DC42EE3742548AB35B284D39147D6BA25EC139525740C40D5F085A2BA2204FE821BD89EE454BB4FBF557C9FB5BD81C1208746763A0A86E91318FE5E
                                Malicious:false
                                Preview:SQLite format 3......@ ..........................................................................c.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:SQLite Rollback Journal
                                Category:dropped
                                Size (bytes):8720
                                Entropy (8bit):1.8302247571434582
                                Encrypted:false
                                SSDEEP:48:7MdWcRVbjVpOV6cV6+VZeVZvVZCVZW/Vk/Vhjv2ubCs22LZZPBBvPxc1qll2GL7U:7EZnrFIZptAqVms4
                                MD5:6F1D82DB5CE787B6424B48B9629BB123
                                SHA1:36A4667F7880B3F7BE62FC9AA58608E9EC6DCA45
                                SHA-256:443006892359B903EBFE6777EAD6C14E59F5FFA9AB56DDAE4FCD5720A0A2E51D
                                SHA-512:5C0435E4F0D47F46F1B8F153B29D148BF2E3BD827C66B8B9049E018593B8D5D630F290B2EFBAD23B536C1A6B17213DFB609B29B2C936D81A74EA72A0E4B36791
                                Malicious:false
                                Preview:.... .c.....*3........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................v.../.././././.-.-.-.-.-.-.-.-.-.-.-.-.-.-........................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:data
                                Category:dropped
                                Size (bytes):66726
                                Entropy (8bit):5.392739213842091
                                Encrypted:false
                                SSDEEP:768:RNOpblrU6TBH44ADKZEgv9hGKqUjMcVbeBxrj05qGVNfag9Yyu:6a6TZ44ADEvDRqUAcaxrjUNCaK
                                MD5:3D25F271E5D5231FABED8116F8B48235
                                SHA1:69265C44FDD644AD77C95B3AB0F4A39981A9D76E
                                SHA-256:14F4983D786708F8FF98B7552503A17AA1E54536A258E039EFB2AFE1B2B6CFBB
                                SHA-512:6915D49ABD17B0549E3271D988849DCB701BEA03396C1B787169D783B49EF6F8F34DBC26B4D2080D809E4AD64DCB629BAFB7B04D93C51EF093557214E5A528F8
                                Malicious:false
                                Preview:4.397.90.FID.2:o:..........:F:AgencyFB-Reg.P:Agency FB.L:$.........................."F:Agency FB.#.96.FID.2:o:..........:F:AgencyFB-Bold.P:Agency FB Bold.L:%.........................."F:Agency FB.#.84.FID.2:o:..........:F:Algerian.P:Algerian.L:$..........................RF:Algerian.#.95.FID.2:o:..........:F:ArialNarrow.P:Arial Narrow.L:$.........................."F:Arial Narrow.#.109.FID.2:o:..........:F:ArialNarrow-Italic.P:Arial Narrow Italic.L:$.........................."F:Arial Narrow.#.105.FID.2:o:..........:F:ArialNarrow-Bold.P:Arial Narrow Bold.L:%.........................."F:Arial Narrow.#.118.FID.2:o:..........:F:ArialNarrow-BoldItalic.P:Arial Narrow Bold Italic.L:%.........................."F:Arial Narrow.#.77.FID.2:o:..........:F:ArialMT.P:Arial.L:$.........................."F:Arial.#.91.FID.2:o:..........:F:Arial-ItalicMT.P:Arial Italic.L:$.........................."F:Arial.#.87.FID.2:o:..........:F:Arial-BoldMT.P:Arial Bold.L:$.........................."F:Arial.#.100.FID.2
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                Category:dropped
                                Size (bytes):246
                                Entropy (8bit):3.5162684137903053
                                Encrypted:false
                                SSDEEP:6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K8QOOltiNYN9:Qw946cPbiOxDlbYnuRKZOOX0YH
                                MD5:45C327897F697D737D6AD714F2F55462
                                SHA1:6F01F32455519517282AC0A253705615B6D3C87F
                                SHA-256:FC80D7520618BCA4780D9E63792EB30E7CDD722FD2DE82ED56B07AAD7A98705E
                                SHA-512:84DF568AADFBBCA3D1F93A170CB927BB3179282B404502A22D6CA6DA02DF7254CA93E084D4668B7234D2E6CD6030A11A631849A42FA814AD2D42912CF83E85E6
                                Malicious:false
                                Preview:..E.r.r.o.r. .2.7.1.1...T.h.e. .s.p.e.c.i.f.i.e.d. .F.e.a.t.u.r.e. .n.a.m.e. .(.'.A.R.M.'.). .n.o.t. .f.o.u.n.d. .i.n. .F.e.a.t.u.r.e. .t.a.b.l.e.......=.=.=. .L.o.g.g.i.n.g. .s.t.o.p.p.e.d.:. .2.0./.1.1./.2.0.2.4. . .0.3.:.3.8.:.2.7. .=.=.=.....
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:Zip data (MIME type "application/vnd.adobe.air-ucf-package+zip"?)
                                Category:dropped
                                Size (bytes):144514
                                Entropy (8bit):7.992637131260696
                                Encrypted:true
                                SSDEEP:3072:OvjeSq37BcXWpJ/PwBI4lsRMoZVaJctHtTx8EOyhnL:Cjc7BcePUsSSt38snL
                                MD5:BA1716D4FB435DA6C47CE77E3667E6A8
                                SHA1:AF6ADF9F1A53033CF28506F33975A3D1BC0C4ECF
                                SHA-256:AD771EC5D244D9815762116D5C77BA53A1D06CEBA42D348160790DBBE4B6769D
                                SHA-512:65249DB52791037E9CC0EEF2D07A9CB1895410623345F2646D7EA4ED7001F7273C799275C3342081097AF2D231282D6676F4DBC4D33C5E902993BE89B4A678FD
                                Malicious:false
                                Preview:PK.........D.Y...>)...).......mimetypeapplication/vnd.adobe.air-ucf-package+zipPK.........D.Y.+.`............message.xml.]is.8...[.....Oq.'...S...g.X+;....%X."U$.....}.P.%....8.tl. ...../..}......A.......,...a...r.....=..i{......0H..v.g.c0.3~....G.b....,.BvJ.'./.`xJ]..O./.!K...XG?.$.,=.Z...q.f~...,..:b.Pl..f..|....,.A.....Z..a<.C._..../G|....q.....~.?...G.............y+.. ...s.,.2...^uon..:....~....C....i.>.<hy..x..?....F.w..4e.|.'...#?..a......i...W.".+...'.......,..6..... ..}.........llj.>.3v.."..CdA.".....v...4H..C]>........4..$.O........9._..C{(....A~.k...f.x8.<... l!..}...ol.q.......2.s.Y..&:....>...l.S..w.t^D.C....]0......L...z[`J<.....L.1t-.Z.n..7.)...aj;.0.r|.._.V......JWT.>.p.?s....boN.....X.jkN.9..3jN.9..t...o..c.nX4......0.D.....Cv .....!k..........d.1B....=3.Bq.E.bo.....6..r..6@.b...T......Ig...(..(K].:...#..k..q2G."o.Tz...qJ.......;?|~..1...J...RA...'..*C...T...dNMZ.3.z-..LCI..I..-.,.Y.J.....m.KY}.Lw......G........-.(E....b..^..}..
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:ASCII text, with very long lines (393)
                                Category:dropped
                                Size (bytes):16525
                                Entropy (8bit):5.359827924713262
                                Encrypted:false
                                SSDEEP:384:yNDmLJAZYTtvEcrd/GVMimVRMTzpCeb9sJVPbvHktuFKr4Bnk2DfNSNq8iwyhZ9u:bAPaRH9E3/
                                MD5:06DEAEDB81D09FD8FB5FF668D8E09CB2
                                SHA1:28A02BCBD5975117B97A08AFB049F2C94F334726
                                SHA-256:D98DE785425112A2D7A41B16073812FA4FA4955F2D5139AE87C9A5FBC4717D64
                                SHA-512:948E3B56E5A8D818A5FE9D74B82A898F7264909ADF2C49E5D096CB90F4D28ED95990545A4857933F0E06D493AA0F6D41F6109C74B44BC0E4B84346B519681936
                                Malicious:false
                                Preview:SessionID=c98ebd97-9477-4d7e-bd0c-12efa5f01bab.1696586972755 Timestamp=2023-10-06T12:09:32:755+0200 ThreadID=6536 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------".SessionID=c98ebd97-9477-4d7e-bd0c-12efa5f01bab.1696586972755 Timestamp=2023-10-06T12:09:32:756+0200 ThreadID=6536 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found".SessionID=c98ebd97-9477-4d7e-bd0c-12efa5f01bab.1696586972755 Timestamp=2023-10-06T12:09:32:756+0200 ThreadID=6536 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!".SessionID=c98ebd97-9477-4d7e-bd0c-12efa5f01bab.1696586972755 Timestamp=2023-10-06T12:09:32:756+0200 ThreadID=6536 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1".SessionID=c98ebd97-9477-4d7e-bd0c-12efa5f01bab.1696586972755 Timestamp=2023-10-06T12:09:32:756+0200 ThreadID=6536 Component=ngl-lib_NglAppLib Description="SetConfig:
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:ASCII text, with very long lines (393), with CRLF line terminators
                                Category:dropped
                                Size (bytes):15114
                                Entropy (8bit):5.336566987942526
                                Encrypted:false
                                SSDEEP:384:m6mLmmgEK03Hr9JnKFMTDWhogTA0qUkUUUCUkU1UxUrUNUVULUMU5oxo+/t6C110:ql8HXxHG6g+mAvqO1Nd8YTA/AUM
                                MD5:A8DBC473B7E94436EA9569190CC1E4FE
                                SHA1:B38D1620D8046714A31B3EF900E1C752DFF42B33
                                SHA-256:ED31035A57E23588B65E859031EFB4EA3610C52FFD132324EA7888F360F6CA01
                                SHA-512:DD119CDED765A5996C8512CE7358A54914CBD62C6D81324959C098D06C74DDB5B2FBE8D8A6DDBF1E9AD82ACE87DA6F0AF0C877ACFA376AA39682F78D78BB065D
                                Malicious:false
                                Preview:SessionID=a0f05436-657e-4c57-a205-4979104cbe2c.1732091901713 Timestamp=2024-11-20T03:38:21:713-0500 ThreadID=2896 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------"..SessionID=a0f05436-657e-4c57-a205-4979104cbe2c.1732091901713 Timestamp=2024-11-20T03:38:21:715-0500 ThreadID=2896 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found"..SessionID=a0f05436-657e-4c57-a205-4979104cbe2c.1732091901713 Timestamp=2024-11-20T03:38:21:715-0500 ThreadID=2896 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!"..SessionID=a0f05436-657e-4c57-a205-4979104cbe2c.1732091901713 Timestamp=2024-11-20T03:38:21:715-0500 ThreadID=2896 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1"..SessionID=a0f05436-657e-4c57-a205-4979104cbe2c.1732091901713 Timestamp=2024-11-20T03:38:21:715-0500 ThreadID=2896 Component=ngl-lib_NglAppLib Description="SetConf
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:ASCII text, with CRLF line terminators
                                Category:dropped
                                Size (bytes):35721
                                Entropy (8bit):5.420983985650666
                                Encrypted:false
                                SSDEEP:192:fcbmI6ccb9cb+IqccbdcbIIl3cbXcbWIS+cb4cbIIJzcbScbdKIjLcbh:g6sqGlVS/Jazjo
                                MD5:E9917CC18F353AC0A4357C1B6DC509D0
                                SHA1:D0AC7D8E137EDC334D4A728C14020B52D04617A0
                                SHA-256:7DDAF411425D972D67455D20B1BF5DF7A7E873B9613AC4D2759CC0B581480EDF
                                SHA-512:09480A2A0640CB2B0B1EC3EB6C7A547728198211D8587F09F93D7CAE688325473CCA2794CE4D5DE1E042D33B2ECF6FE2B2D83B98B9F7DE4AF206BE45C84F6E9D
                                Malicious:false
                                Preview:06-10-2023 11:44:59:.---2---..06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 : ***************************************..06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 : ***************************************..06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 : ******** Starting new session ********..06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 : Starting NGL..06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 : Setting synchronous launch...06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 ::::: Configuring as AcrobatReader1..06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 : NGLAppVersion 23.6.20320.6..06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 : NGLAppMode NGL_INIT..06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 : AcroCEFPath, NGLCEFWorkflowModulePath - C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1 C:\Program Files\Adobe\Acrobat DC\Acrobat\NGL\cefWorkflow..06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 : isNGLExternalBrowserDisabled - No..06-10-2023 11:44:59:.Closing File..06-10-
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
                                Category:dropped
                                Size (bytes):1419751
                                Entropy (8bit):7.976496077007677
                                Encrypted:false
                                SSDEEP:24576:/xaWL07oXGZGwYIGNPJwdpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:JaWLxXGZGwZGM3mlind9i4ufFXpAXkru
                                MD5:0A347312E361322436D1AF1D5145D2AB
                                SHA1:1D6C06A274705F8A295F62AD90CF8CA27555C226
                                SHA-256:094501B3CA4E93F626ABFCAE800645C533B61409DC3D1D233F4D053CE6A124D7
                                SHA-512:9856C231513B47DD996488DF19EEE44DBB320E55432984C0C041EF568B6EC5C05F5340831132890D1D162E0505CA243D579582EDB9157CF722A86EC8CE2FEAFE
                                Malicious:false
                                Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 160932
                                Category:dropped
                                Size (bytes):543911
                                Entropy (8bit):7.977303608379539
                                Encrypted:false
                                SSDEEP:12288:ONh3P65+Tegs6121D1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9UZ+bvHs:O3Pjegf121DMNB1DofjgJJJJm94+g
                                MD5:5B21A6981E55EF9576D169BBED44BCDB
                                SHA1:B3A14100B7E7C2C01D61B010A54937952D111E20
                                SHA-256:9555E661370D1DC26605DAE88BDBC1ABA68038C769BF6E354A256B1A1C4C110E
                                SHA-512:FCA72A5131D8780A17DF65BBFF37FBA88DBEA3B7AE991C3D893B21B9E6C1EED44DC12945C8DA39DE471FAC5013BE71D43E5BBB892994742BC33EF5934469B1B1
                                Malicious:false
                                Preview:...........kWT..0...W`.........b..@..nn........5.._..I.R3I..9g.x....s.\+.J......F...P......V]u......t....jK...C.fD..]..K....;......y._.U..}......S.........7...Q.............W.D..S.....y......%..=.....e..^.RG......L..].T.9.y.zqm.Q]..y..(......Q]..~~..}..q...@.T..xI.B.L.a.6...{..W..}.mK?u...5.#.{...n...........z....m^.6!.`.....u...eFa........N....o..hA-..s.N..B.q..{..z.{=..va4_`5Z........3.uG.n...+...t...z.M."2..x.-...DF..VtK.....o]b.Fp.>........c....,..t..an[............5.1.(}..q.q......K3.....[>..;e..f.Y.........mV.cL...]eF..7.e.<.._.o\.S..Z...`..}......>@......|.......ox.........h.......o....-Yj=.s.g.Cc\.i..\..A.B>.X..8`...P......[..O...-.g...r..u\...k..7..#E....N}...8.....(..0....w....j.......>.L....H.....y.x3...[>..t......0..z.qw..]X..i8..w.b..?0.wp..XH.A.[.....S..g.g..I.A.15.0?._n.Q.]..r8.....l..18...(.].m...!|G.1...... .3.`./....`~......G.............|..pS.e.C....:o.u_..oi.:..|....joi...eM.m.K...2%...Z..j...VUh..9.}.....
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
                                Category:dropped
                                Size (bytes):758601
                                Entropy (8bit):7.98639316555857
                                Encrypted:false
                                SSDEEP:12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg
                                MD5:3A49135134665364308390AC398006F1
                                SHA1:28EF4CE5690BF8A9E048AF7D30688120DAC6F126
                                SHA-256:D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B
                                SHA-512:BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5
                                Malicious:false
                                Preview:...........kWT..0...W`.........b..@..nn........5.._..I.R3I..9g.x....s.\+.J......F...P......V]u......t....jK...C.fD..]..K....;......y._.U..}......S.........7...Q.............W.D..S.....y......%..=.....e..^.RG......L..].T.9.y.zqm.Q]..y..(......Q]..~~..}..q...@.T..xI.B.L.a.6...{..W..}.mK?u...5.#.{...n...........z....m^.6!.`.....u...eFa........N....o..hA-..s.N..B.q..{..z.{=..va4_`5Z........3.uG.n...+...t...z.M."2..x.-...DF..VtK.....o]b.Fp.>........c....,..t..an[............5.1.(}..q.q......K3.....[>..;e..f.Y.........mV.cL...]eF..7.e.<.._.o\.S..Z...`..}......>@......|.......ox.........h.......o....-Yj=.s.g.Cc\.i..\..A.B>.X..8`...P......[..O...-.g...r..u\...k..7..#E....N}...8.....(..0....w....j.......>.L....H.....y.x3...[>..t......0..z.qw..]X..i8..w.b..?0.wp..XH.A.[.....S..g.g..I.A.15.0?._n.Q.]..r8.....l..18...(.].m...!|G.1...... .3.`./....`~......G.............|..pS.e.C....:o.u_..oi.:..|....joi...eM.m.K...2%...Z..j...VUh..9.}.....
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
                                Category:dropped
                                Size (bytes):386528
                                Entropy (8bit):7.9736851559892425
                                Encrypted:false
                                SSDEEP:6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m
                                MD5:5C48B0AD2FEF800949466AE872E1F1E2
                                SHA1:337D617AE142815EDDACB48484628C1F16692A2F
                                SHA-256:F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE
                                SHA-512:44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324
                                Malicious:false
                                Preview:...........]s[G. Z...{....;...J$%K&..%.[..k...S....$,.`. )Z..m........a.......o..7.VfV...S..HY}Ba.<.NUVVV~W.].;qG4..b,N..#1.=1.#1..o.Fb.........IC.....Z...g_~.OO.l..g.uO...bY.,[..o.s.D<..W....w....?$4..+..%.[.?..h.w<.T.9.vM.!..h0......}..H..$[...lq,....>..K.)=..s.{.g.O...S9".....Q...#...+..)>=.....|6......<4W.'.U.j$....+..=9...l.....S..<.\.k.'....{.1<.?..<..uk.v;.7n.!...g....."P..4.U........c.KC..w._G..u..g./.g....{'^.-|..h#.g.\.PO.|...]x..Kf4..s..............+.Y.....@.K....zI..X......6e?[..u.g"{..h.vKbM<.?i6{%.q)i...v..<P8P3.......CW.fwd...{:@h...;........5..@.C.j.....a.. U.5...].$.L..wW....z...v.......".M.?c.......o..}.a.9..A..%V..o.d....'..|m.WC.....|.....e.[W.p.8...rm....^..x'......5!...|......z..#......X_..Gl..c..R..`...*.s-1f..]x......f...g...k........g....... ).3.B..{"4...!r....v+As...Zn.]K{.8[..M.r.Y..........+%...]...J}f]~}_..K....;.Z.[..V.&..g...>...{F..{I..@~.^.|P..G.R>....U..../HY...(.z.<.~.9OW.Sxo.Y
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
                                Category:dropped
                                Size (bytes):1407294
                                Entropy (8bit):7.97605879016224
                                Encrypted:false
                                SSDEEP:24576:/M7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R077WLaGZjZwYIGNPJe:RB3mlind9i4ufFXpAXkrfUs03WLaGZje
                                MD5:716C2C392DCD15C95BBD760EEBABFCD0
                                SHA1:4B4CE9C6AED6A7F809236B2DAFA9987CA886E603
                                SHA-256:DD3E6CFC38DA1B30D5250B132388EF73536D00628267E7F9C7E21603388724D8
                                SHA-512:E164702386F24FF72111A53DA48DC57866D10DAE50A21D4737B5687E149FF9D673729C5D2F2B8DA9EB76A2E5727A2AFCFA5DE6CC0EEEF7D6EBADE784385460AF
                                Malicious:false
                                Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:data
                                Category:dropped
                                Size (bytes):98682
                                Entropy (8bit):6.445287254681573
                                Encrypted:false
                                SSDEEP:1536:0tlkIi4M2MXZcFVZNt0zfIagnbSLDII+D61S8:03kf4MlpyZN+gbE8pD61L
                                MD5:7113425405A05E110DC458BBF93F608A
                                SHA1:88123C4AD0C5E5AFB0A3D4E9A43EAFDF7C4EBAAF
                                SHA-256:7E5C3C23B9F730818CDC71D7A2EA01FE57F03C03118D477ADB18FA6A8DBDBC46
                                SHA-512:6AFE246B0B5CD5DE74F60A19E31822F83CCA274A61545546BDA90DDE97C84C163CB1D4277D0F4E0F70F1E4DE4B76D1DEB22992E44030E28EB9E56A7EA2AB5E8D
                                Malicious:false
                                Preview:0...u0...\...0...*.H........0i1.0...U....US1.0...U....DigiCert, Inc.1A0?..U...8DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1..240807121815Z..240814121815Z0..~.0!.......0.E....[0...210531000001Z0!...7g...(..^`.x.l...210531000001Z0!...\./M.8..>.f.....210531000001Z0!...*B.Sh...f...s.0..210531000001Z0!..../n...h..7....>..210601000001Z0!....0..>5..aN.u{D..210601000001Z0!...-...qpWa.!n.....210601000001Z0!..."f...\..N.....X..210601000001Z0!...in.H...[u...]....210602000001Z0!......`......._.]...210602000001Z0!...{..e..i......=..210602000001Z0!......S....fNj'.wy..210602000001Z0!......C.lm..B.*.....210602000001Z0!... .}...|.,dk...+..210603000001Z0!...U.K....o.".Rj..210603000001Z0!.....A...K.ZpK..'h..210603000001Z0!.....&}{ ......l..210603000001Z0!...:.m...I.p.;..v..210604000001Z0!...1"uw3..Gou.qg.q..210607000001Z0!...1.o}...c/...-R}..210608000001Z0!................210608000001Z0!...[.N.d............210609000001Z0!......x..i........210610000001Z0!...(... (..#.^.f...210
                                Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                File Type:data
                                Category:dropped
                                Size (bytes):737
                                Entropy (8bit):7.501268097735403
                                Encrypted:false
                                SSDEEP:12:yeRLaWQMnFQlRKfdFfBy6T6FYoX0fH8PkwWWOxPLA3jw/fQMlNdP8LOUa:y2GWnSKfdtw46FYfP1icPLHCfa
                                MD5:5274D23C3AB7C3D5A4F3F86D4249A545
                                SHA1:8A3778F5083169B281B610F2036E79AEA3020192
                                SHA-256:8FEF0EEC745051335467846C2F3059BD450048E744D83EBE6B7FD7179A5E5F97
                                SHA-512:FC3E30422A35A78C93EDB2DAD6FAF02058FC37099E9CACD639A079DF70E650FEC635CF7592FFB069F23E90B47B0D7CF3518166848494A35AF1E10B50BB177574
                                Malicious:false
                                Preview:0...0.....0...*.H........0b1.0...U....US1.0...U....DigiCert Inc1.0...U....www.digicert.com1!0...U....DigiCert Trusted Root G4..240806194648Z..240827194648Z.00.0...U.#..0.......q]dL..g?....O0...U........0...*.H.............vz..@.Nm...6d...t;.Jx?....6...p...#.[.......o.q...;.........?......o...^p0R*.......~....)....i.*n;A.n.z..O~..%=..s..W.4.+........G...*..=....xen$_i"s..\...L..4../<.4...G.....L...c..k@.J.rC.4h.c.ck./.Q-r53..a#.8#......0.n......a.-'..S. .>..xAKo.k.....;.D>....sb '<..-o.KE...X!i.].c.....o~.q........D...`....N... W:{.3......a@....i....#./..eQ...e.......W.s..V:.38..U.H{.>.....#....?{.....bYAk'b0on..Gb..-..).."q2GO<S.C...FsY!D....x..]4.....X....Y...Rj.....I.96$.4ZQ&..$,hC..H.%..hE....
                                File type:PDF document, version 1.4
                                Entropy (8bit):7.962174827002139
                                TrID:
                                • Adobe Portable Document Format (5005/1) 100.00%
                                File name:Resume - Ms. Kyi Kyi Oo.pdf
                                File size:9'115'944 bytes
                                MD5:1c41f617e44bc8e620cc682573cb8363
                                SHA1:c1a10c8aab66733f910546b09d5f4b1fb0d3d5e1
                                SHA256:ec74560f1c40aadec1a061cc796411806aef5d32eff94a855fa679196fad15a4
                                SHA512:b41a21015bd1eb592166f821629ce880034b0d3b41377c93434287f0fea2abef7c2a65c7106090b389df2dfe0578bc01a818c21f91809e8966c48fbc6e4a10b3
                                SSDEEP:196608:vjXwQYpfPiUZaafLbHLic8gaSJOfEePKVujH/:rnYNcArilg9OfEeFf
                                TLSH:7A96E063857CC8ABCE4783F47E725FEF514F764BF0D961F681150E9E2100E6A6AAE021
                                File Content Preview:%PDF-1.4..%......1 0 obj..<<../Type /Page../MediaBox [ 0 0 595.56 842.04 ]../Resources << /ExtGState << /GS7 2 0 R /GS33 3 0 R >> /XObject << /Image5..4 0 R /Image8 5 0 R /Image10 6 0 R /Image12 7 0 R /Image14 8 0 R /Image16..9 0 R /Image18 10 0 R /Image2
                                Icon Hash:62cc8caeb29e8ae0

                                General

                                Header:%PDF-1.4
                                Total Entropy:7.962175
                                Total Bytes:9115944
                                Stream Entropy:7.974754
                                Stream Bytes:8768898
                                Entropy outside Streams:5.046128
                                Bytes outside Streams:347046
                                Number of EOF found:1
                                Bytes after EOF:
                                NameCount
                                obj2386
                                endobj2386
                                stream1655
                                endstream1655
                                xref1
                                trailer1
                                startxref1
                                /Page13
                                /Encrypt0
                                /ObjStm0
                                /URI14
                                /JS1
                                /JavaScript0
                                /AA0
                                /OpenAction0
                                /AcroForm0
                                /JBIG2Decode0
                                /RichMedia0
                                /Launch0
                                /EmbeddedFile0

                                Image Streams

                                IDDHASHMD5Preview
                                4200050000000000066f675af31d3ef437f11854d7efad846
                                2920005000000000006ba743666d860dc80d74344fbc11290f
                                582556932b24d4d9287f5e63a34baa778390d77ef092b99ce
                                30a2556933334d49b23013a5e754ed760d78c5b61f689f5a64
                                690480089c4e47bbc17e4169abafbf703cbc436a4722f82ce
                                TimestampSource PortDest PortSource IPDest IP
                                Nov 20, 2024 09:38:32.944820881 CET49716443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:38:32.944873095 CET4434971623.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:32.944972038 CET49716443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:38:32.949414015 CET49717443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:38:32.949459076 CET4434971723.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:32.949538946 CET49717443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:38:32.949711084 CET49716443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:38:32.949738979 CET4434971623.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:32.949876070 CET49717443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:38:32.949891090 CET4434971723.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:33.502475977 CET4434971723.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:33.503079891 CET49717443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:38:33.503108978 CET4434971723.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:33.504621029 CET4434971723.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:33.504700899 CET49717443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:38:33.507538080 CET49717443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:38:33.507689953 CET4434971723.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:33.507863998 CET49717443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:38:33.507874966 CET4434971723.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:33.532269001 CET4434971623.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:33.532785892 CET49716443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:38:33.532814026 CET4434971623.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:33.533914089 CET4434971623.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:33.533999920 CET49716443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:38:33.534387112 CET49716443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:38:33.534454107 CET4434971623.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:33.553097010 CET49717443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:38:33.585076094 CET49716443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:38:33.585113049 CET4434971623.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:33.615015030 CET4434971723.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:33.615115881 CET4434971723.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:33.615190983 CET49717443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:38:33.615766048 CET49717443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:38:33.615789890 CET4434971723.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:33.633111954 CET49716443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:38:52.531671047 CET4434971623.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:52.531760931 CET4434971623.47.168.24192.168.2.17
                                Nov 20, 2024 09:38:52.531841040 CET49716443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:39:37.537538052 CET49716443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:39:37.537559986 CET4434971623.47.168.24192.168.2.17
                                Nov 20, 2024 09:40:22.538741112 CET49716443192.168.2.1723.47.168.24
                                Nov 20, 2024 09:40:22.538827896 CET4434971623.47.168.24192.168.2.17
                                TimestampSource PortDest PortSource IPDest IP
                                Nov 20, 2024 09:38:32.967487097 CET5532453192.168.2.171.1.1.1
                                Nov 20, 2024 09:39:58.723014116 CET53632791.1.1.1192.168.2.17
                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                Nov 20, 2024 09:38:32.967487097 CET192.168.2.171.1.1.10xff1Standard query (0)x1.i.lencr.orgA (IP address)IN (0x0001)false
                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                Nov 20, 2024 09:38:32.976305008 CET1.1.1.1192.168.2.170xff1No error (0)x1.i.lencr.orgcrl.root-x1.letsencrypt.org.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                Nov 20, 2024 09:38:56.520535946 CET1.1.1.1192.168.2.170xfd71No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                Nov 20, 2024 09:38:56.520535946 CET1.1.1.1192.168.2.170xfd71No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                Nov 20, 2024 09:39:20.575519085 CET1.1.1.1192.168.2.170x5204No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                Nov 20, 2024 09:39:20.575519085 CET1.1.1.1192.168.2.170x5204No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                Nov 20, 2024 09:39:44.664021015 CET1.1.1.1192.168.2.170xcbaeNo error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                Nov 20, 2024 09:39:44.664021015 CET1.1.1.1192.168.2.170xcbaeNo error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                • armmf.adobe.com
                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                0192.168.2.174971723.47.168.244436416C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                TimestampBytes transferredDirectionData
                                2024-11-20 08:38:33 UTC475OUTGET /onboarding/smskillreader.txt HTTP/1.1
                                Host: armmf.adobe.com
                                Connection: keep-alive
                                Accept-Language: en-US,en;q=0.9
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) ReaderServices/23.6.20320 Chrome/105.0.0.0 Safari/537.36
                                Sec-Fetch-Site: same-origin
                                Sec-Fetch-Mode: no-cors
                                Sec-Fetch-Dest: empty
                                Accept-Encoding: gzip, deflate, br
                                If-None-Match: "78-5faa31cce96da"
                                If-Modified-Since: Mon, 01 May 2023 15:02:33 GMT
                                2024-11-20 08:38:33 UTC198INHTTP/1.1 304 Not Modified
                                Content-Type: text/plain; charset=UTF-8
                                Last-Modified: Mon, 01 May 2023 15:02:33 GMT
                                ETag: "78-5faa31cce96da"
                                Date: Wed, 20 Nov 2024 08:38:33 GMT
                                Connection: close


                                Click to jump to process

                                Click to jump to process

                                Click to dive into process behavior distribution

                                Click to jump to process

                                Target ID:1
                                Start time:03:38:17
                                Start date:20/11/2024
                                Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                Wow64 process (32bit):false
                                Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Resume - Ms. Kyi Kyi Oo.pdf"
                                Imagebase:0x7ff67a970000
                                File size:5'641'176 bytes
                                MD5 hash:24EAD1C46A47022347DC0F05F6EFBB8C
                                Has elevated privileges:true
                                Has administrator privileges:true
                                Programmed in:C, C++ or other language
                                Reputation:high
                                Has exited:false

                                Target ID:6
                                Start time:03:38:18
                                Start date:20/11/2024
                                Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                Wow64 process (32bit):false
                                Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
                                Imagebase:0x7ff759e30000
                                File size:3'581'912 bytes
                                MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                                Has elevated privileges:true
                                Has administrator privileges:true
                                Programmed in:C, C++ or other language
                                Reputation:high
                                Has exited:false

                                Target ID:7
                                Start time:03:38:19
                                Start date:20/11/2024
                                Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                Wow64 process (32bit):false
                                Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1608 --field-trial-handle=1560,i,10592316759477976454,9644130627290774418,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
                                Imagebase:0x7ff759e30000
                                File size:3'581'912 bytes
                                MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                                Has elevated privileges:true
                                Has administrator privileges:true
                                Programmed in:C, C++ or other language
                                Reputation:high
                                Has exited:false

                                No disassembly