Windows
Analysis Report
1099-NEC.pdf
Overview
General Information
Detection
Score: | 48 |
Range: | 0 - 100 |
Confidence: | 100% |
Signatures
Classification
- System is w10x64_ra
Acrobat.exe (PID: 6264 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\1 099-NEC.pd f" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) AcroCEF.exe (PID: 6448 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) AcroCEF.exe (PID: 6684 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=22 56 --field -trial-han dle=1580,i ,510175341 0508339001 ,150370255 0300661407 3,131072 - -disable-f eatures=Ba ckForwardC ache,Calcu lateNative WinOcclusi on,WinUseB rowserSpel lChecker / prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
- cleanup
- • AV Detection
- • Software Vulnerabilities
- • Networking
- • System Summary
- • Data Obfuscation
- • Hooking and other Techniques for Hiding and Protection
- • Malware Analysis System Evasion
Click to jump to signature section
AV Detection |
---|
Source: | ReversingLabs: |
Source: | DNS query: |
Source: | TCP traffic: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | Classification label: |
Source: | File created: |
Source: | File created: |
Source: | Key opened: |
Source: | ReversingLabs: |
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: |
Source: | Window detected: |
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: |
Source: | Process information queried: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 3 Exploitation for Client Execution | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 Process Discovery | Remote Services | Data from Local System | 2 Non-Application Layer Protocol | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | 1 System Information Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Ingress Tool Transfer | Automated Exfiltration | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
13% | ReversingLabs | Document-PDF.Phishing.Generic | ||
2% | Virustotal | Browse |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
bg.microsoft.map.fastly.net | 199.232.210.172 | true | false | high | |
e8652.dscx.akamaiedge.net | 23.209.209.135 | true | false | high | |
x1.i.lencr.org | unknown | unknown | false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
23.209.209.135 | e8652.dscx.akamaiedge.net | United States | 23693 | TELKOMSEL-ASN-IDPTTelekomunikasiSelularID | false | |
34.237.241.83 | unknown | United States | 14618 | AMAZON-AESUS | false | |
2.19.104.203 | unknown | European Union | 16625 | AKAMAI-ASUS | false | |
23.203.104.175 | unknown | United States | 16625 | AKAMAI-ASUS | false | |
199.232.210.172 | bg.microsoft.map.fastly.net | United States | 54113 | FASTLYUS | false | |
172.64.41.3 | unknown | United States | 13335 | CLOUDFLARENETUS | false |
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1640804 |
Start date and time: | 2025-03-17 18:48:07 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 16 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | stream |
Analysis stop reason: | Timeout |
Sample name: | 1099-NEC.pdf |
Detection: | MAL |
Classification: | mal48.winPDF@17/42@1/63 |
Cookbook Comments: |
|
- Exclude process from analysis
(whitelisted): SIHClient.exe - Excluded IPs from analysis (wh
itelisted): 2.19.104.203, 34.2 37.241.83, 50.16.47.176, 54.22 4.241.105, 18.213.11.84 - Excluded domains from analysis
(whitelisted): e4578.dscg.aka maiedge.net, ssl-delivery.adob e.com.edgekey.net, p13n.adobe. io, geo2.adobe.com - Not all processes where analyz
ed, report is missing behavior information
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 290 |
Entropy (8bit): | 5.2353164163401 |
Encrypted: | false |
SSDEEP: | |
MD5: | 76FB1F3C9BD0011294D1A65720B1AE09 |
SHA1: | 1806AAAC0E2CF5C8407E7D8EB52B6AFA7B5D77CD |
SHA-256: | 43081666AE22784F24B4C918D127AED2A38F46922574C2739AB168A3DD882105 |
SHA-512: | 5E5CD74D10D0795D063D20F4C56B53B6CEE9E6ED235F826595832D5BAF78D3FD9D0C029D21E3CAD02BA4ED3F329A09D8E2A59816DEA075278D9110B32DC89BBF |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 334 |
Entropy (8bit): | 5.18699483763827 |
Encrypted: | false |
SSDEEP: | |
MD5: | 6E9C3B3B66A8F6A98C52918CBEE723E7 |
SHA1: | 468208DC34BCC75DEED35055395B85877385A1BF |
SHA-256: | 8D4E11A6B955727180257490CB734223D2F0D66CBAB72B194D435C804B3845F9 |
SHA-512: | C8F2225C73A75766C1F8EA677522F6E2E9DE5130628D3CE36192D32D4878A0BE7FDC5E3CAC689DF0DF95A27B6346AB4C9AA14595674281F6D24F975CF24F0D49 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 403 |
Entropy (8bit): | 4.953858338552356 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4C313FE514B5F4E7E89329630909F8DC |
SHA1: | 916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56 |
SHA-256: | 1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873 |
SHA-512: | 1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 403 |
Entropy (8bit): | 4.987029717098883 |
Encrypted: | false |
SSDEEP: | |
MD5: | ABF47203BCA9A24EC6E1ADA3F4E50B29 |
SHA1: | A43335E8DD77776E4A661AFCFE4CDDF226435D8E |
SHA-256: | 1C839358A0A132742D50423F4A4B37F4B1B341AC8AA399A16A24D6461FD2BE77 |
SHA-512: | 2EEF7DA5945E01AEC77357E6493C72F8311A748E3F8B7372638AA762F1FA560F347A160EE5B67978B2F60D750729FD3485258F535F28B20986D6CBDE54720DD9 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4C313FE514B5F4E7E89329630909F8DC |
SHA1: | 916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56 |
SHA-256: | 1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873 |
SHA-512: | 1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4C313FE514B5F4E7E89329630909F8DC |
SHA1: | 916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56 |
SHA-256: | 1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873 |
SHA-512: | 1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4099 |
Entropy (8bit): | 5.231812377897927 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5778D0E780E3B02283A981D8ECC9A188 |
SHA1: | 0FEE5B6BE2B2DB7CDE4116517D43AC724FCB2BA7 |
SHA-256: | 98E9D154EBCC3B04278202C1D73926B62F6DA3046E66D66E079BAEB89186EECD |
SHA-512: | 5CA38E2AA2B32867BE1206E1B0C3F978B834BAC0EFA86DC26AAC62BC97392BCA18E88E35D490140AAAA1544E4654D1396186EDF117E4E6EE9824C1DB98BB8BEC |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 322 |
Entropy (8bit): | 5.209464313501848 |
Encrypted: | false |
SSDEEP: | |
MD5: | 9980686456BE6AA01506CA4EBDC37B14 |
SHA1: | 8D90D5F04FB757A672672FAC9D60AAAEBA987FE1 |
SHA-256: | 4CBDFAC41B819A9A55544A471B5F609965EF301E9AC261EF03C638D1CE76F993 |
SHA-512: | 2D3A3FCFA33CCCF6486A02EA398C555B1F1EACCF91D88AF264CE45E208DE97241E6B0A4E608977DEF31A8F236B3265600201D50E8FD8EB2E3A848B81F01CC2CB |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 65110 |
Entropy (8bit): | 2.286948423009873 |
Encrypted: | false |
SSDEEP: | |
MD5: | F2D04FC7A5B3A3F5D795433F876C1D05 |
SHA1: | F531731CE1EA6EAA621D814F5B48F0EDAFE4D40E |
SHA-256: | CFB2609F69F47D8AF19851AF2D636907F0FECE08D0E49C71E408F3FB5FEFFBF5 |
SHA-512: | 94AB3CA3EF6D90DAF96DB2D4F0868FCB11D54F0CB2B4DB39F41CF32154B0B38000CDDA02D9F4FE41F7B1CF484414A993F8343398B7CAAA93F312C7786D74DEE1 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 57344 |
Entropy (8bit): | 3.291927920232006 |
Encrypted: | false |
SSDEEP: | |
MD5: | A4D5FECEFE05F21D6F81ACF4D9A788CF |
SHA1: | 1A9AC236C80F2A2809F7DE374072E2FCCA5A775C |
SHA-256: | 83BE4623D80FFB402FBDEC4125671DF532845A3828A1B378D99BD243A4FD8FF2 |
SHA-512: | FF106C6B9E1EA4B1F3E3AB01FAEA21BA24A885E63DDF0C36EB0A8C3C89A9430FE676039C076C50D7C46DC4E809F6A7E35A4BFED64D9033FEBD6121AC547AA5E9 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16928 |
Entropy (8bit): | 1.2136676166591915 |
Encrypted: | false |
SSDEEP: | |
MD5: | AE43FF6684669212707BF1844615BA1A |
SHA1: | B4415F5EBA749C186D73E79C353CFC9963AF7CF9 |
SHA-256: | E914D8E4D6C0C9EEF066E8AD0467E7061F51F8FFC03C83DD5E97C9211B6AB163 |
SHA-512: | 36E4BDDE7E26C9074669C8FE57201DD52851F725A3854A0087A8EE738C489DEFC3C4CE49895B4C3B45FEC21229A894C56F21372C291DDB3F77F43489B0776D5B |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1391 |
Entropy (8bit): | 7.705940075877404 |
Encrypted: | false |
SSDEEP: | |
MD5: | 0CD2F9E0DA1773E9ED864DA5E370E74E |
SHA1: | CABD2A79A1076A31F21D253635CB039D4329A5E8 |
SHA-256: | 96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6 |
SHA-512: | 3B40F27E828323F5B91F8909883A78A21C86551761F27B38029FAAEC14AF5B7AA96FB9F9CC93EE201B5EB1D0FEF17B290747E8B839D2E49A8F36C5EBF3C7C910 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 73305 |
Entropy (8bit): | 7.996028107841645 |
Encrypted: | true |
SSDEEP: | |
MD5: | 83142242E97B8953C386F988AA694E4A |
SHA1: | 833ED12FC15B356136DCDD27C61A50F59C5C7D50 |
SHA-256: | D72761E1A334A754CE8250E3AF7EA4BF25301040929FD88CF9E50B4A9197D755 |
SHA-512: | BB6DA177BD16D163F377D9B4C63F6D535804137887684C113CC2F643CEAB4F34338C06B5A29213C23D375E95D22EF417EAC928822DFB3688CE9E2DE9D5242D10 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 192 |
Entropy (8bit): | 2.756901573172974 |
Encrypted: | false |
SSDEEP: | |
MD5: | 65F170B101940FE93C9BA3EA0F94C206 |
SHA1: | 0C042EB6AD209ADF0EF2244632418B5F6763804A |
SHA-256: | D9AFC4E83BCE0D3053CF44BC5B50BDCF7976E25825C696B030A37C55294E214E |
SHA-512: | 0AF9475EAEC517438324C4724280CA21C57B3BB775408683EF00FD9FB4F5833C48E5BDB28AE9E8F92105E39B6A0BD165AE070CC571FFE135758D23587737C0A4 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 330 |
Entropy (8bit): | 3.273411065443351 |
Encrypted: | false |
SSDEEP: | |
MD5: | 204161AEA3BDCAC7D4C08B41E11D8C1E |
SHA1: | D4E2B3B287F83A273E7D55FED7D48696E027A8F0 |
SHA-256: | 29471700416B01E7ED57FC6F51B76CE9EC54BB929A445D76F2C215E47E4FBC22 |
SHA-512: | E50FC6FDB38B404153E48E988F1E59C1E7D7F497353897BBC95BAB3ACD8239E528B8586B2212F66CD8A99E3B15F74718FE4A3530F4264D01CF0DAD35FD064F58 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.376857786720243 |
Encrypted: | false |
SSDEEP: | |
MD5: | 83C34E026CDEE8ECECE3FB7B91AF8F76 |
SHA1: | D0E233008710238514A97562D8229E3AF68F3575 |
SHA-256: | 054AC50DBF72C1C66E1FE5CAC7FDA801AE53DBA966B94D545D2EC7D662BEC90C |
SHA-512: | 8B1C888D14D938735C4E78AC17D4246BA655E802AEE70EF062E5B0AD19E4B87804C0DDAE2AFEE447A08910E62D4CB38CE199697938999EC8304E3268ADBB8A81 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.3244634531241815 |
Encrypted: | false |
SSDEEP: | |
MD5: | AAC065A802AE81101643B9410C6EAFDD |
SHA1: | E42F38673C70896239712FE0548C67410A9F0436 |
SHA-256: | A50FB4D89286813C9BC6D1FCAAC1FBB6929BCEBF1F451393CC4BA62A65361245 |
SHA-512: | DB00B65DA5309B2F4E6F83CD85DF75D8FADDD2E78C0229D1205A09A598AAADCBA7D4D8DCC95ED891CEA71B51FFDEC59C7929B069F3B8334C5AE74FD4770CADD7 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.30328452816978 |
Encrypted: | false |
SSDEEP: | |
MD5: | E1B9F8497976DF37677CF575BA71C1EB |
SHA1: | 00191E202AD7B37028EA0B4167A08715844018C1 |
SHA-256: | 98AAAD01615362525F71952AAB63A39404ABFA374E4F55081F72B758449ACE10 |
SHA-512: | C8BE1C00BA54087DEDEC43CE316A18C321F77F0E311355EA743CB15E7D15C91F8E76DF428AD864D488250F67ED41446FF7BEC443221A1B9FEEA9DC8638C34022 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.365711463194679 |
Encrypted: | false |
SSDEEP: | |
MD5: | B3670A9F8D98ED74E6F1FE7CA769701C |
SHA1: | 755848C287C8163679BA73ED125E56EEA17776E0 |
SHA-256: | 4302914CE2BA231375BB2DAC511B6C95CBB475450FA97F97F7F0661136B6BD4F |
SHA-512: | B6DEC402393E535FFB4465CF0849FC84FE6AF0582214CDB63E5386A753AFA9F06BED834E1107C0F0290028095A87F9FC5BEB8AB69D61CA219CC5A4343292ACE2 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2113 |
Entropy (8bit): | 5.8407317113260095 |
Encrypted: | false |
SSDEEP: | |
MD5: | FDB24AF5973F834ABABC29D58F65F6FF |
SHA1: | 0C38EDD7E60939A2E0C73509C07AF941CA85CAF0 |
SHA-256: | 9B07A2563A73FAEC0585B06992D6365D4ECAA5954ACEF05E440C16AFE81E8807 |
SHA-512: | 37AAF67F6EEAE7935A62B8CB9B1862764062367F6AB10BB03AACFC4CB3748A9B98D71A7A9C023CFF08FFDE79EC0A29A87ADF17F540DEE7006C6CE5D590BC04D6 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.312214076797873 |
Encrypted: | false |
SSDEEP: | |
MD5: | 7B65B98506679C5311ED1DA8B0B05B65 |
SHA1: | 39A9D47D9134D7C70E7D269D2F7BFA0FA0963664 |
SHA-256: | B19F1A919EFB96D5844ED552AD0384F828120B8B123A17BF5A53D1E4277D70C7 |
SHA-512: | EA88908B2272D51B723F850C7D4C359221234271E1BFF8FB754C75F6077D53A12C15B7CAAC6B47DF2AA195F774EDD622C8986A5020AB0D8EA8A1AA3EA9BE7F3C |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.314157217740227 |
Encrypted: | false |
SSDEEP: | |
MD5: | 1EC139495F4B15A8B3F3835DAFB80079 |
SHA1: | 63F7FA077B1AC4A6FE6F84430828C4FCC7A43AED |
SHA-256: | 6279027B016966FDC7B8DCF2CD1181920FAC719A901B4DAD16E046C7BA60C031 |
SHA-512: | 1FD37A64FD019B5F35D9AF33D3838678F4692FD70BAF9F3B3425C7C3235D6CC39E7465D3899392279FF090B77531653292FCB74EF4503CB26E0FB38D48376D8D |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2064 |
Entropy (8bit): | 5.82198532224348 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4BE4D05803A91D15DC853FD7E735128C |
SHA1: | E533F2CA65C84B3F6DD02F64B6972974AD161A15 |
SHA-256: | 293CDC38D1CC7D12A81587D96E65D0B73D64CF20C02448C25E35C80031524AE2 |
SHA-512: | 50FC8DC3AA9F9E373A22A323BB08B1922A3E6E1FE168E0A41085D8077D8ED34E8A16BAB6A4572DA2DA3FBED17AE41B898A17A61071E7AEACF4AE2AB6A1BCA4CC |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.337500804914369 |
Encrypted: | false |
SSDEEP: | |
MD5: | A9D0378DAB2D93D2190E5D045C40F483 |
SHA1: | 2F4514AF17F551F018F2283E6447222276162DC7 |
SHA-256: | 02A20069522EDD8E321ACE9CB258776E7F815E33BF111D8154EF3389C8CC4B75 |
SHA-512: | 798EE2F6106E4165C6BA654E0553247F2E4F60B154A56AD1005DFF5659761D3033893C49820E6CFB181DEDD270D70ED19110A26460647789626CF328AB06694F |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.318227280146619 |
Encrypted: | false |
SSDEEP: | |
MD5: | 63760BA8C0F2FFFCD3739D1F6DEDE1F4 |
SHA1: | B740D54A46BBC7FD6C00D2ABC13F73E18AC8BA79 |
SHA-256: | F5969CE47D69B98131CCD51C8736A714A6387848FCAA727A4FFF4DE39EF3F458 |
SHA-512: | FE7D7A5A588B9A97F2161F1ED17E860961F8A1245AC0EC31C83D099BEBB2DF391FCE92D41A7287367D23F55CD72DA4277C49E2186D6EBC6EEC56660017E8BCF7 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 284 |
Entropy (8bit): | 5.305179909409436 |
Encrypted: | false |
SSDEEP: | |
MD5: | 034F56CD5ECA9BE53434B1C269324F03 |
SHA1: | A0643D0218F235EDB8858908C3EE1727DEA63FB6 |
SHA-256: | E629F34024738D8507362DCB8B425C9E65EE487DEB76A7996751E3747D2C4173 |
SHA-512: | 8910D4CC49BEF15481701E720B80F9B75D917B3507EE87E7804832EBE1644158C440D5933241CF26FEB2C18DE0A057257EDE474EACB85131363FEFAA6D55944B |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.301649104417413 |
Encrypted: | false |
SSDEEP: | |
MD5: | 17A72B240924C37FA49009AC27FB3864 |
SHA1: | 41C023F3A569141CB3DB121D65A14C420EFAC38C |
SHA-256: | E00D386DC750058F2F33E14C8AA0D9AB7EDAFC0748CAC06E173303C58124E360 |
SHA-512: | CC90D17FC304A314943723ECBB1A64E58616AF5634C7E2DB6837F0B2BFDC9BB6545EF67FEFB25CB94527FA1DA7A5DFE9D4780FB8267E9A21DFF22F6E7F345C80 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.304968336896809 |
Encrypted: | false |
SSDEEP: | |
MD5: | 38C564F143E51C6EEA0E10301F423BF6 |
SHA1: | 976B669A9F86CC17DA454980D3289CD32966BADE |
SHA-256: | 2CD594D9144B733F711212EC564D3496AE931C8A16D14C8956B64DA374F40677 |
SHA-512: | 5137FFCBB030D3CD8E90B86DE9747146C820278DB077903AC7666B35FEA13DDBC927BD2674E433FE431824AF6EE23493469CD960CD51337158139783EABB7F3F |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2012 |
Entropy (8bit): | 5.835601666206011 |
Encrypted: | false |
SSDEEP: | |
MD5: | 1722EF0AB659ACCEA05145684C9C2279 |
SHA1: | 1443CF7EB42C71D2DEB124AB139C771B1E071F03 |
SHA-256: | 4BA63C7BF6F66295F88CD6749B3613DED3495AF69BE95E9ADE16DDF13283BA32 |
SHA-512: | AB20133349BE4EE1921BD421AEAA459D226A3C7275B342C07C31119A776A50EDBF712A7185E9011617BBD5A2918626B1F209F97175AB8513523A81A2B8BF18F2 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 286 |
Entropy (8bit): | 5.281264186467303 |
Encrypted: | false |
SSDEEP: | |
MD5: | 412ECEDFDD99EE0CD1C64499341A9880 |
SHA1: | B577B5CDFA41B797CBA41E9F9F4A76100596EB8C |
SHA-256: | 12F593041BE63FA8FB7A68FAEB5BBABD6BC1624D635B84893978C2559B788DF2 |
SHA-512: | 0AEB3CE33D77747EBF36749221EB9DB9060C391B1FEF31A7F48D5301BC72D513B6023FE585D8483A3112CC82E085E703E8860909FC25260126862C84C28C1B6C |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 282 |
Entropy (8bit): | 5.28756299899114 |
Encrypted: | false |
SSDEEP: | |
MD5: | AB50564B5D4C6E7BF6A7C8FDD5DB2053 |
SHA1: | 09D9B390A53BD15696D07E60FA6518808C83AA80 |
SHA-256: | 097A03697E02927E1F0D32BBF24323BC0CABC8F12111AF710B4F03FE96C9A5C1 |
SHA-512: | 7B940A9E946955E71F2F38A05D8F56C605D6CA3833EDEB6AB83062C39F7EA03D18DE246102F33BABD81F4C855AC4075866F9605C7208046E4FF7CFBAB35E0A64 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2815 |
Entropy (8bit): | 5.129414817958812 |
Encrypted: | false |
SSDEEP: | |
MD5: | 1C65B6A23215AC32EC38CC7882702D72 |
SHA1: | 8F347E7F168E83AF2AD3C6B3BD8D228AB9D1EBE4 |
SHA-256: | D145209DA16A76A6B3AA5F7AD2431B661AEA8060DC9544321DDBDA33BBEE940F |
SHA-512: | 84624BA53D1B95C695E82B7B551E5198B4D866577AFC98838689FEE497CC894AED13DD858727B7532B281F793045228A906A3D8CF59A8FF565CA025EE894313D |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 0.9888396234248434 |
Encrypted: | false |
SSDEEP: | |
MD5: | 6FA0635663CF04A92616BB0F45BD854D |
SHA1: | A93FF61D451F601D86D30D93167D20FDEF7B8254 |
SHA-256: | 9712B52F0217AA39F33C9EE20B5E83B3D8B1863BAAC1CD996110A8DDA9989DBD |
SHA-512: | E2A697631CE5018528A193651B7F2F4F08F310F6042B9CE474D251DC4683947CCF27ADCE80D23ADCCDB967B944ACFD2DBA81B04AD92FF4195FFA3D6AA9086EBA |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.3430879221421368 |
Encrypted: | false |
SSDEEP: | |
MD5: | 9C5B8CF7713CD0CDC5876CF7D40C6080 |
SHA1: | 99D488D780F365766ECE9EAF8A725A23F41D86D0 |
SHA-256: | FCFE9112C7189E1F4FDC689D458E8C04739C9BC75420B1BD27C6EE4392BFE160 |
SHA-512: | 0E3620BEAD97B8447DA5E55D8DE62B5AF7751DDBA9E9A8C09A9067B6805C80AB50198B2225C1AEB7E37A72E62B47BA696EE303773DCED27FC93C2E6F36EA942A |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.534010397435022 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3C91249FD3ADDA8231BA929DFE951735 |
SHA1: | 5E8F5BB86B8F146A7DADBBD60E5B289DC67A2E82 |
SHA-256: | C44E1D9AE514305CB06055438DD75F1998FAC61B18A436B25D56FED814CCE1C9 |
SHA-512: | 3E952328EF44EAB1A34AB04BC045F03778138C0E6E6090815CB47CDC72BB5CBAB02959111A23A72D5627A238639A5F04943E9276125DC3F398C4EEF11142E1C3 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.353642815103214 |
Encrypted: | false |
SSDEEP: | |
MD5: | 91F06491552FC977E9E8AF47786EE7C1 |
SHA1: | 8FEB27904897FFCC2BE1A985D479D7F75F11CEFC |
SHA-256: | 06582F9F48220653B0CB355A53A9B145DA049C536D00095C57FCB3E941BA90BB |
SHA-512: | A63E6E0D25B88EBB6602885AB8E91167D37267B24516A11F7492F48876D3DDCAE44FFC386E146F3CF6EB4FA6AF251602143F254687B17FCFE6F00783095C5082 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 15114 |
Entropy (8bit): | 5.369246755424175 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5EC36C145A73DD9AAEF3E74E13C55FAB |
SHA1: | 383A91EDA796DE6B3FE363397C2F7D14BBE4C856 |
SHA-256: | 6E5EB5227CE7AD5FAE2481664A4BC30A204586414246D181311B29574B8EAEEB |
SHA-512: | CD7A3E0ED51C47A09ED5AA88101FAF3E1CD4C6EA7570A56135F2AFAD8DF261E3EF04D4060503B10FD5E3AF170712C8691FB283F5D1FA3B97AD8EDE5E0A092E4B |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 29752 |
Entropy (8bit): | 5.424658700516149 |
Encrypted: | false |
SSDEEP: | |
MD5: | 7BC9FC0918FBBEB4921FAEC29EF70148 |
SHA1: | D0614919C8D04A2B48722665F1E2841318174F2C |
SHA-256: | EE68B31528893F263C1658AB3D976837B4A8CA93507A7AC68E1ACC5A89FB287B |
SHA-512: | A7CC8DFB99BD93388D4098FC9537DCC1A080D832A1620BEFBBFB7BD2D0D8BFA711BCD70B80A05C056E579011A5E3F16CA6D5C91D2013CB8DC5EB8C95F69A6D8B |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | |
MD5: | A0CFC77914D9BFBDD8BC1B1154A7B364 |
SHA1: | 54962BFDF3797C95DC2A4C8B29E873743811AD30 |
SHA-256: | 81E45F94FE27B1D7D61DBC0DAFC005A1816D238D594B443BF4F0EE3241FB9685 |
SHA-512: | 74A8F6D96E004B8AFB4B635C0150355CEF5D7127972EA90683900B60560AA9C7F8DE780D1D5A4A944AF92B63C69F80DCDE09249AB99696932F1955F9EED443BE |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | |
MD5: | 732C4E8507E4D875CFE981D71D21E2DD |
SHA1: | E7D7F6AD262BD324742DC268F3A5B500AB2EA283 |
SHA-256: | 7D24D933CAD1A56D78F9CA6AB4F0CE2481BE9AFA663B64EE177BF6E2E1B18715 |
SHA-512: | C51FCF5C69D56F6555CFFE1D13946B379D06E5C6DA721A5764DAD63E6215C9C3B868CC20D328A1C1B691661AFC27509C0D6C90F36F05885EBC1C48F648E509E8 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | |
MD5: | F6CACB4A8F3328CA8C06812420C0337E |
SHA1: | 184589C5954FE73E4DF5569A0D0E2F85189917DF |
SHA-256: | 91E9A938AF33129F4DD910E38980BEAC9C64982E76458D75B92CB03B0FBCDFD6 |
SHA-512: | 78D790967B665A9EC54C92ECB89336A67D8ED7B385B25AC465A28F31BF88D7DFC1A2FAE4791BEE33E48CE5EF783C1C9169D1C905E9CFCA090FF54C71335FA0A0 |
Malicious: | false |
Reputation: | unknown |
Preview: |
File type: | |
Entropy (8bit): | 5.6861504822482205 |
TrID: |
|
File name: | 1099-NEC.pdf |
File size: | 40'895 bytes |
MD5: | b77cf9ae7bea425d8a5d42eacee9d226 |
SHA1: | ee9c30b16aee8039e681b26c5d6297be6497c723 |
SHA256: | 1b1a8d3ff270bb9a5b3f1aa59453c3f7d509eaa65e4df517493d236b7acdb903 |
SHA512: | 8ddab66e3a4259d1900016267f71f0bb727b6304c7ece1d4529cfd32eb55f25d013dd839828e86829b4d029741331e674e612e3051430481a4b631914018f26a |
SSDEEP: | 384:PXwVVcX8YbmWG3cdW0nwcP3r+8cQe1nva3:/xMYbWWjPCTQe1i3 |
TLSH: | C70392174C0D8E539068C7E4BF861D5C3B662A1EEC8279FF346E4ECA7F681525C8912B |
File Content Preview: | %PDF-1.5.%.....2 0 obj.<<./Metadata 4 0 R./Names <<./JavaScript 5 0 R.>>./OpenAction 6 0 R./Pages 7 0 R./Type /Catalog.>>.endobj.4 0 obj.<<./Length 2866./Subtype /XML./Type /Metadata.>>.stream.<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?>.<x:xmpme |
Icon Hash: | 62cc8caeb29e8ae0 |
General | |
---|---|
Header: | %PDF-1.5 |
Total Entropy: | 5.686150 |
Total Bytes: | 40895 |
Stream Entropy: | 5.609810 |
Stream Bytes: | 39823 |
Entropy outside Streams: | 5.381436 |
Bytes outside Streams: | 1072 |
Number of EOF found: | 1 |
Bytes after EOF: |
Name | Count |
---|---|
obj | 7 |
endobj | 7 |
stream | 6 |
endstream | 6 |
xref | 0 |
trailer | 0 |
startxref | 1 |
/Page | 0 |
/Encrypt | 0 |
/ObjStm | 1 |
/URI | 0 |
/JS | 0 |
/JavaScript | 1 |
/AA | 0 |
/OpenAction | 1 |
/AcroForm | 0 |
/JBIG2Decode | 0 |
/RichMedia | 0 |
/Launch | 0 |
/EmbeddedFile | 0 |
ID | DHASH | MD5 | Preview |
---|---|---|---|
13 | 07d0d00fc0000000 | 95b5ec6c3030a06ad34666be16194964 |