Edit tour

Windows Analysis Report
Invoice1-1706517.pdf

Overview

General Information

Sample name:Invoice1-1706517.pdf
Analysis ID:1646900
MD5:5af5ee83faae160ffab3cd5c8cd28117
SHA1:40c1f5fa7e36d118aaf8b467f455eb1c6189eaf6
SHA256:53924aaf790a371a77f5fe5bc1c85ed924e4c26762eea55911845744692274a8
Infos:

Detection

Score:52
Range:0 - 100
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
AI detected landing page (webpage, office document or email)

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64_ra
  • Acrobat.exe (PID: 6772 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Downloads\olqdGAHTJO\Invoice1-1706517.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)
    • AcroCEF.exe (PID: 3712 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
      • AcroCEF.exe (PID: 3916 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2152 --field-trial-handle=1588,i,10350777957244938752,4534852645935009283,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
  • cleanup
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Source: Invoice1-1706517.pdfVirustotal: Detection: 10%Perma Link
Source: Invoice1-1706517.pdfReversingLabs: Detection: 15%

Phishing

barindex
Source: PDF documentJoe Sandbox AI: Page contains button: 'Open' Source: 'PDF document'
Source: PDF documentJoe Sandbox AI: PDF document contains prominent button: 'open'
Source: classification engineClassification label: mal52.winPDF@17/20@0/31
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.2608
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2025-03-24 07-17-12-456.log
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA
Source: Invoice1-1706517.pdfVirustotal: Detection: 10%
Source: Invoice1-1706517.pdfReversingLabs: Detection: 15%
Source: unknownProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Downloads\olqdGAHTJO\Invoice1-1706517.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2152 --field-trial-handle=1588,i,10350777957244938752,4534852645935009283,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: unknownProcess created: C:\Windows\System32\msiexec.exe C:\Windows\system32\msiexec.exe /V
Source: C:\Windows\System32\msiexec.exeProcess created: C:\Windows\System32\msiexec.exe C:\Windows\System32\MsiExec.exe -Embedding 7B3BEE6CDECBEF3450775F63F34A7404
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2152 --field-trial-handle=1588,i,10350777957244938752,4534852645935009283,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: Invoice1-1706517.pdfInitial sample: PDF keyword /JS count = 0
Source: Invoice1-1706517.pdfInitial sample: PDF keyword /JavaScript count = 0
Source: Invoice1-1706517.pdfInitial sample: PDF keyword /EmbeddedFile count = 0
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Browser Extensions
1
Process Injection
1
Masquerading
OS Credential Dumping1
System Information Discovery
Remote ServicesData from Local SystemData ObfuscationExfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaJunk DataExfiltration Over BluetoothNetwork Denial of Service

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
Invoice1-1706517.pdf11%VirustotalBrowse
Invoice1-1706517.pdf16%ReversingLabsDocument-PDF.Trojan.ScamX
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
No contacted domains info
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs
IPDomainCountryFlagASNASN NameMalicious
23.51.56.185
unknownUnited States
4788TMNET-AS-APTMNetInternetServiceProviderMYfalse
3.219.243.226
unknownUnited States
14618AMAZON-AESUSfalse
23.47.168.24
unknownUnited States
16625AKAMAI-ASUSfalse
172.64.41.3
unknownUnited States
13335CLOUDFLARENETUSfalse
Joe Sandbox version:42.0.0 Malachite
Analysis ID:1646900
Start date and time:2025-03-24 12:16:05 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultwindowsinteractivecookbook.jbs
Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:14
Number of new started drivers analysed:0
Number of existing processes analysed:0
Number of existing drivers analysed:0
Number of injected processes analysed:0
Technologies:
  • EGA enabled
Analysis Mode:stream
Analysis stop reason:Timeout
Sample name:Invoice1-1706517.pdf
Detection:MAL
Classification:mal52.winPDF@17/20@0/31
Cookbook Comments:
  • Found application associated with file extension: .pdf
  • Exclude process from analysis (whitelisted): SgrmBroker.exe, svchost.exe
  • Excluded IPs from analysis (whitelisted): 184.31.69.3
  • Excluded domains from analysis (whitelisted): fs.microsoft.com
  • Not all processes where analyzed, report is missing behavior information
  • Report size getting too big, too many NtCreateKey calls found.
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:ASCII text
Category:dropped
Size (bytes):292
Entropy (8bit):5.21467399881718
Encrypted:false
SSDEEP:
MD5:849881E3C6F7FC7AFA014B47CB7239D2
SHA1:11AB5B1FD3F74419040348854D0BC44DFD92C2EA
SHA-256:9465B479FE0B3A960045BF3511A9E885119D12DF8D96DA15235D13763D442EDA
SHA-512:1CB28335D4BD181A61CCCA6C8B4C26B58E39D7221A3FE3F54DEFF66C439133074482EC4E7B659764A6A90F66319E1A4C1B2C98B7993297BBF15732144D74840F
Malicious:false
Reputation:unknown
Preview:2025/03/24-07:17:10.733 14a8 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2025/03/24-07:17:10.736 14a8 Recovering log #3.2025/03/24-07:17:10.737 14a8 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:ASCII text
Category:dropped
Size (bytes):336
Entropy (8bit):5.178879754621804
Encrypted:false
SSDEEP:
MD5:C2CD829A8AC897E6C47B2FF45CD0EAC3
SHA1:E42609716D801CCE61D51C9B41A47B267D4836CE
SHA-256:B0EE61DAA5F1A6747FB1DAB33B4BA9D9B3DF8198B6999403BF336642E855D938
SHA-512:94C8609191B7E8E4AE10A7D48D613BC45A28166F97300CA5A8642C5D8406F53B4D4CB371D7F5015A8E51AF7BC621F686305018B4C82D2C3713C8D6B6B0AF69AB
Malicious:false
Reputation:unknown
Preview:2025/03/24-07:17:10.617 1a64 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2025/03/24-07:17:10.621 1a64 Recovering log #3.2025/03/24-07:17:10.621 1a64 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:JSON data
Category:dropped
Size (bytes):0
Entropy (8bit):0.0
Encrypted:false
SSDEEP:
MD5:3CE9EB5F4A252FB4949181DB5E0C1580
SHA1:6D15F0E04E2D2F1C345FAF4EF1DC9E84755FA031
SHA-256:68C403F7A915F6994F755B99EA5BAA06F238A72EEBFC605A84A8566D0EDF196F
SHA-512:FFB72488A00A55353D945428B709732AC4C70616047EEC1A722177CFA42CBD44C1D4C82489F52341AFEAF24EAC2FB0A85818511CF24328803D4C38991C54EA5D
Malicious:false
Reputation:unknown
Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13387375042063235","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":102021},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.18","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:JSON data
Category:dropped
Size (bytes):476
Entropy (8bit):4.973362940811232
Encrypted:false
SSDEEP:
MD5:3CE9EB5F4A252FB4949181DB5E0C1580
SHA1:6D15F0E04E2D2F1C345FAF4EF1DC9E84755FA031
SHA-256:68C403F7A915F6994F755B99EA5BAA06F238A72EEBFC605A84A8566D0EDF196F
SHA-512:FFB72488A00A55353D945428B709732AC4C70616047EEC1A722177CFA42CBD44C1D4C82489F52341AFEAF24EAC2FB0A85818511CF24328803D4C38991C54EA5D
Malicious:false
Reputation:unknown
Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13387375042063235","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":102021},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.18","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:data
Category:dropped
Size (bytes):7504
Entropy (8bit):5.24201942487674
Encrypted:false
SSDEEP:
MD5:25792E3B35B4A507546415F1F68B9D6D
SHA1:E99B3C249EC1D935C11C44790DD50CFE62387F5E
SHA-256:4881C3A0B881892453981D4D700A3D1F3A4EA4BA3256E833FF8D513E526ED2E5
SHA-512:3B2C70FE4E660317CCC98FA392B0077D0E4BE7B11E1C72D218CCA58D8F59F52EF4B5EF0962C7E9527B5A6CB389221C2B1941238378CBFB52A9C3DC2F7AA44938
Malicious:false
Reputation:unknown
Preview:*...#................version.1..namespace-...o................next-map-id.1.Pnamespace-5767294d_7b9a_47c6_b1e0_955ef27d1acf-https://rna-resource.acrobat.com/.0=..Nr................next-map-id.2.Snamespace-0be79751_1d4a_40c3_9b57_40751dcd8802-https://rna-v2-resource.acrobat.com/.1....r................next-map-id.3.Snamespace-90f7539d_81d9_41c2_b2e3_1ee7ed96c7c7-https://rna-v2-resource.acrobat.com/.2S.<.o................next-map-id.4.Pnamespace-1700ec5e_d769_43b7_97b8_3e6ca674d396-https://rna-resource.acrobat.com/.3...^...............Pnamespace-5767294d_7b9a_47c6_b1e0_955ef27d1acf-https://rna-resource.acrobat.com/D..#^...............Pnamespace-1700ec5e_d769_43b7_97b8_3e6ca674d396-https://rna-resource.acrobat.com/....a...............Snamespace-0be79751_1d4a_40c3_9b57_40751dcd8802-https://rna-v2-resource.acrobat.com/B[_.a...............Snamespace-90f7539d_81d9_41c2_b2e3_1ee7ed96c7c7-https://rna-v2-resource.acrobat.com/.^..r................next-map-id.5.Snamespace-cc1e5959_9927_4cd0_b606_
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:ASCII text
Category:dropped
Size (bytes):324
Entropy (8bit):5.22320503163001
Encrypted:false
SSDEEP:
MD5:F1446AEDF2C9A1EF69625E508C2810B9
SHA1:D25795F14C36C6FD94E34E601632ACE0BA93B29E
SHA-256:F43255FE9A9E4D44BE40F52ABC24DD2288FCD3DBC70A09F323F9AA834F2DDC2B
SHA-512:18DDB8EBDDF4C247F9CE2C207FAB858E64667DE7B87BE09BB17AF0707AC251375A09A18CEC318BD8A0216BD2918D1659974853C36B5D83E4B1037FF3CFBE788D
Malicious:false
Reputation:unknown
Preview:2025/03/24-07:17:10.787 1a64 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2025/03/24-07:17:10.789 1a64 Recovering log #3.2025/03/24-07:17:10.791 1a64 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:PC bitmap, Windows 3.x format, 164 x -126 x 32, cbSize 82710, bits offset 54
Category:dropped
Size (bytes):82710
Entropy (8bit):1.2272662388702138
Encrypted:false
SSDEEP:
MD5:98F06D06F95BE5918A05315393F18BDF
SHA1:37E3683B0A201DB8E67E2341002E04152E145A9C
SHA-256:DEBA64094F095542C8C7D2FD63C311A724D644802201B8CF3660B531CFCAE3F2
SHA-512:80A45505F1B613B6172A32F52BC8C8AFE3DF8412499AD08116B356B8E081AA70F41A39144F4B91C10A5CD14F26943C34DF48E22A19AE1D0A6FEC63B42B255C01
Malicious:false
Reputation:unknown
Preview:BM.C......6...(............. ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 15, database pages 21, cookie 0x5, schema 4, UTF-8, version-valid-for 15
Category:dropped
Size (bytes):86016
Entropy (8bit):4.44493244761583
Encrypted:false
SSDEEP:
MD5:E5D025D8BED39EC6DD5FB50A681D770E
SHA1:C2D0A9150BE8E17E2ACD2E5F8486CC0317BEE953
SHA-256:1E6B12D9825C3901BDD20A2E249081D8E22723C6599228D97E2F87F62BDBD360
SHA-512:678D2753ADF7247DF09730F56DF97E689B605FEC4DF1442887BDC9BC13122F757830446C21B1E97D8797E0EC6DC2A9F1CD561FE34CBF1954CBE9BF797CED7DC3
Malicious:false
Reputation:unknown
Preview:SQLite format 3......@ ..........................................................................c.......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:SQLite Rollback Journal
Category:dropped
Size (bytes):8720
Entropy (8bit):3.7723706733050495
Encrypted:false
SSDEEP:
MD5:1BA2418667CD9B087192BB53D73EFC47
SHA1:D9A35B6601112F3A7E35EDCBA588368231C5DAD8
SHA-256:3619EF0606A1B86ABAEC244B27C22764EF599B39341A683CA939B67A4E11C436
SHA-512:7D76C66EDFB5D942F3A46FF1D07735A0F2D65E3318B81EB40BC4FE0B33408C92DB65EB5724E9CA4D4B41557F87937F2DEFC37D78205B8A5C4AD217394D1F2932
Malicious:false
Reputation:unknown
Preview:.... .c.....L..C...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................T...[...b...r...t...}.....L..............................................................................................................................................................................................................................................................................................................................................................................................................................................................
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:PostScript document text
Category:dropped
Size (bytes):185099
Entropy (8bit):5.182478651346149
Encrypted:false
SSDEEP:
MD5:94185C5850C26B3C6FC24ABC385CDA58
SHA1:42F042285037B0C35BC4226D387F88C770AB5CAA
SHA-256:1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808
SHA-512:652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344
Malicious:false
Reputation:unknown
Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Reg.FamilyName:Agency FB.StyleName:Regular.MenuName:Agency FB.StyleBits:0.WeightClass:400.WidthClass:3.AngleClass:0.FullName:Agency FB.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB.FileLength:58920.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Bold.FamilyName:Agency FB.StyleName:Bold.MenuName:Agency FB.StyleBits:2.WeightClass:700.WidthClass:3.AngleClass:0.FullName:Agency FB Bold.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB Bold.FileLength:60656.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB Bold.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Algerian.FamilyName:Algerian.StyleName:Regular.MenuName:Algerian.StyleBits:0.We
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:PostScript document text
Category:dropped
Size (bytes):0
Entropy (8bit):0.0
Encrypted:false
SSDEEP:
MD5:94185C5850C26B3C6FC24ABC385CDA58
SHA1:42F042285037B0C35BC4226D387F88C770AB5CAA
SHA-256:1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808
SHA-512:652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344
Malicious:false
Reputation:unknown
Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Reg.FamilyName:Agency FB.StyleName:Regular.MenuName:Agency FB.StyleBits:0.WeightClass:400.WidthClass:3.AngleClass:0.FullName:Agency FB.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB.FileLength:58920.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Bold.FamilyName:Agency FB.StyleName:Bold.MenuName:Agency FB.StyleBits:2.WeightClass:700.WidthClass:3.AngleClass:0.FullName:Agency FB Bold.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB Bold.FileLength:60656.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB Bold.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Algerian.FamilyName:Algerian.StyleName:Regular.MenuName:Algerian.StyleBits:0.We
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:data
Category:dropped
Size (bytes):4
Entropy (8bit):0.8112781244591328
Encrypted:false
SSDEEP:
MD5:DC84B0D741E5BEAE8070013ADDCC8C28
SHA1:802F4A6A20CBF157AAF6C4E07E4301578D5936A2
SHA-256:81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
SHA-512:65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
Malicious:false
Reputation:unknown
Preview:....
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:JSON data
Category:dropped
Size (bytes):2145
Entropy (8bit):5.067322220515658
Encrypted:false
SSDEEP:
MD5:A2DB5718141AB5D9EA2EDBD02681ECAC
SHA1:E05E65556012D33753A0636E278B7C664FD37AE5
SHA-256:ECE461941C7C9439BB2445A920B6AA6451D100B26C4CF2E30DB3EEFE575AA475
SHA-512:2256CED76D1351BE0B10701F528221CB3E4075DDE108C1D628B192D2BABA9F1C039F0132B8574037BE2FB9B9D5C27DFED56F98B46A94A30A2546CB3F44B1D3C4
Malicious:false
Reputation:unknown
Preview:{"all":[{"id":"TESTING","info":{"dg":"DG","sid":"TESTING"},"mimeType":"file","size":4,"ts":1742815033000},{"id":"DC_Reader_Home_LHP_Trial_Banner","info":{"dg":"01eb7911f211f4693beb5a79b2a18854","sid":"DC_Reader_Home_LHP_Trial_Banner"},"mimeType":"file","size":295,"ts":1696588827000},{"id":"DC_Reader_Disc_LHP_Banner","info":{"dg":"900e573f0ab53de19954c021a335b146","sid":"DC_Reader_Disc_LHP_Banner"},"mimeType":"file","size":1250,"ts":1696588827000},{"id":"DC_FirstMile_Right_Sec_Surface","info":{"dg":"7514c236efca6af335037a3a44f16d18","sid":"DC_FirstMile_Right_Sec_Surface"},"mimeType":"file","size":294,"ts":1696588820000},{"id":"Edit_InApp_Aug2020","info":{"dg":"86e22ceb9cad2eeb0f3b25cdd1ad5290","sid":"Edit_InApp_Aug2020"},"mimeType":"file","size":782,"ts":1696587289000},{"id":"DC_Reader_Edit_LHP_Banner","info":{"dg":"27dcde2e0480584fb77b8d55dd8c344e","sid":"DC_Reader_Edit_LHP_Banner"},"mimeType":"file","size":1230,"ts":1696587289000},{"id":"DC_Reader_Convert_LHP_Banner","info":{"dg":"a37
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 28, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 28
Category:dropped
Size (bytes):12288
Entropy (8bit):1.457578548105811
Encrypted:false
SSDEEP:
MD5:EA8C74A2954DBB6142FF60C48C836A20
SHA1:A5A5D40651EBF0A719474EA1B160A1B626C3D3AA
SHA-256:DBB8EB807D0FCB7D69C9DFA9DE62F7D5003A3132F2F3030D9C94995D029D332A
SHA-512:5113F84ADD547579B5D9978E909EB146819FFDAE1FC7CDF7955D80647AF3C99F1EC5B8F33A7BBF83251F86EB54AC1011D47A315FD4C596C054549EF5D8A5F8CC
Malicious:false
Reputation:unknown
Preview:SQLite format 3......@ ..........................................................................c.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:SQLite Rollback Journal
Category:dropped
Size (bytes):8720
Entropy (8bit):1.9621837300963902
Encrypted:false
SSDEEP:
MD5:4D82B450171D37FCCFD0F1215FD47CFB
SHA1:464FA791288D245814EEEC1300CF1144F40E77EF
SHA-256:7F88E1910E5003DD4AD661C8CA43FC6A722F624B190E2C921EF44950496058FA
SHA-512:5B1F3D2E8DC01185FDB0BF88962C9318D24A94D4E05E4B2EA8CFFBCC772D0EC3A4D39075843CE7F91D0EB91DF27801519097D8A73519132FC9B77EE85FE849B7
Malicious:false
Reputation:unknown
Preview:.... .c......@............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................^..^.^.^.^.^.^.^..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:dropped
Size (bytes):246
Entropy (8bit):3.5146815864506182
Encrypted:false
SSDEEP:
MD5:27482B744D30C610067D67C97C8008CA
SHA1:98EB5DF74459C5E29D25D9175C4D16DFF01D305B
SHA-256:BD7841840CA3100F19F4FAC38C264309C3D24DEE58DA7B37125569F912B443B4
SHA-512:BC62AFC7857A12760324DACEB24F913504AFA3383C9C2432C3B66865A1F55D48B649FEB1F88BAF5811BEC682CB7074257A08BD294A3070B2E5A45024710596AE
Malicious:false
Reputation:unknown
Preview:..E.r.r.o.r. .2.7.1.1...T.h.e. .s.p.e.c.i.f.i.e.d. .F.e.a.t.u.r.e. .n.a.m.e. .(.'.A.R.M.'.). .n.o.t. .f.o.u.n.d. .i.n. .F.e.a.t.u.r.e. .t.a.b.l.e.......=.=.=. .L.o.g.g.i.n.g. .s.t.o.p.p.e.d.:. .2.4./.0.3./.2.0.2.5. . .0.7.:.1.7.:.1.7. .=.=.=.....
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:ASCII text, with very long lines (393)
Category:dropped
Size (bytes):16525
Entropy (8bit):5.352085917943317
Encrypted:false
SSDEEP:
MD5:E89CDF7025B70E5A72FFC801BADFB345
SHA1:2C55C26FD5231BEBD6531BDB7962D12BE288A1BB
SHA-256:2A90DFB97133E5C0219784D1C4A94C0DC45AE4787C40CFE6894A59D94C4FB88C
SHA-512:22621DFF9C688C4B0BB3237350959B4357C65D1796834FC23E6636B4975BE942A969F7DB05E8FC10102DEBF93ED662BE28FC649B2456EB4B659EC84BF8E93621
Malicious:false
Reputation:unknown
Preview:SessionID=47371133-08fd-4d2c-bf7b-052dd86a3818.1696588820356 Timestamp=2023-10-06T12:40:20:356+0200 ThreadID=1312 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------".SessionID=47371133-08fd-4d2c-bf7b-052dd86a3818.1696588820356 Timestamp=2023-10-06T12:40:20:356+0200 ThreadID=1312 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found".SessionID=47371133-08fd-4d2c-bf7b-052dd86a3818.1696588820356 Timestamp=2023-10-06T12:40:20:356+0200 ThreadID=1312 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!".SessionID=47371133-08fd-4d2c-bf7b-052dd86a3818.1696588820356 Timestamp=2023-10-06T12:40:20:356+0200 ThreadID=1312 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1".SessionID=47371133-08fd-4d2c-bf7b-052dd86a3818.1696588820356 Timestamp=2023-10-06T12:40:20:356+0200 ThreadID=1312 Component=ngl-lib_NglAppLib Description="SetConfig:
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):35721
Entropy (8bit):5.407671064978233
Encrypted:false
SSDEEP:
MD5:576892AB97644F0D51E22B60EDCF0AA9
SHA1:069513BA7823498DE12AE31615FD7E1386353FD4
SHA-256:CDEDABDD34895960FAAB105F9071B9E62BCF381A33E116304191017784866340
SHA-512:751C46CF88649AEE6238DA3FC5353E55EFF6B57B37DC7BE1FE01D368FCC9F4C9EEDFA2B52CB7A60132B0B9D1D942B8A01CFAC533F4EAFF540647371467988DE1
Malicious:false
Reputation:unknown
Preview:06-10-2023 12:14:34:.---2---..06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 : ***************************************..06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 : ***************************************..06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 : ******** Starting new session ********..06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 : Starting NGL..06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 : Setting synchronous launch...06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 ::::: Configuring as AcrobatReader1..06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 : NGLAppVersion 23.6.20320.6..06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 : NGLAppMode NGL_INIT..06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 : AcroCEFPath, NGLCEFWorkflowModulePath - C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1 C:\Program Files\Adobe\Acrobat DC\Acrobat\NGL\cefWorkflow..06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 : isNGLExternalBrowserDisabled - No..06-10-2023 12:14:34:.Closing File..06-10-
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
Category:dropped
Size (bytes):386528
Entropy (8bit):7.9736851559892425
Encrypted:false
SSDEEP:
MD5:5C48B0AD2FEF800949466AE872E1F1E2
SHA1:337D617AE142815EDDACB48484628C1F16692A2F
SHA-256:F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE
SHA-512:44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324
Malicious:false
Reputation:unknown
Preview:...........]s[G. Z...{....;...J$%K&..%.[..k...S....$,.`. )Z..m........a.......o..7.VfV...S..HY}Ba.<.NUVVV~W.].;qG4..b,N..#1.=1.#1..o.Fb.........IC.....Z...g_~.OO.l..g.uO...bY.,[..o.s.D<..W....w....?$4..+..%.[.?..h.w<.T.9.vM.!..h0......}..H..$[...lq,....>..K.)=..s.{.g.O...S9".....Q...#...+..)>=.....|6......<4W.'.U.j$....+..=9...l.....S..<.\.k.'....{.1<.?..<..uk.v;.7n.!...g....."P..4.U........c.KC..w._G..u..g./.g....{'^.-|..h#.g.\.PO.|...]x..Kf4..s..............+.Y.....@.K....zI..X......6e?[..u.g"{..h.vKbM<.?i6{%.q)i...v..<P8P3.......CW.fwd...{:@h...;........5..@.C.j.....a.. U.5...].$.L..wW....z...v.......".M.?c.......o..}.a.9..A..%V..o.d....'..|m.WC.....|.....e.[W.p.8...rm....^..x'......5!...|......z..#......X_..Gl..c..R..`...*.s-1f..]x......f...g...k........g....... ).3.B..{"4...!r....v+As...Zn.]K{.8[..M.r.Y..........+%...]...J}f]~}_..K....;.Z.[..V.&..g...>...{F..{I..@~.^.|P..G.R>....U..../HY...(.z.<.~.9OW.Sxo.Y
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
Category:dropped
Size (bytes):1407294
Entropy (8bit):7.97605879016224
Encrypted:false
SSDEEP:
MD5:8B9FA2EC5118087D19CFDB20DA7C4C26
SHA1:E32D6A1829B18717EF1455B73E88D36E0410EF93
SHA-256:4782624EA3A4B3C6EB782689208148B636365AA8E5DAF00814FA9AB722259CBD
SHA-512:662F8664CC3F4E8356D5F5794074642DB65565D40AC9FEA323E16E84EBD4F961701460A1310CC863D1AB38849E84E2142382F5DB88A0E53F97FF66248230F7B9
Malicious:false
Reputation:unknown
Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
Category:dropped
Size (bytes):758601
Entropy (8bit):7.98639316555857
Encrypted:false
SSDEEP:
MD5:BC2B4B8EFC05ACC59FBE8E09760D53DC
SHA1:621852ED2EE8264AAC1B25DBABDD6692C44429CE
SHA-256:2375BBCC12DC3ECDFAEDA891AD37689377C73FEB8E52AB4520D93CF116D20646
SHA-512:3870DCB73F44284F4F3008C4A96A59A482DB18900BD39029F34A7B8D27AF9BCD9B5E6F6F47E2834C81B9A7E3409280B5E8ECAFD080BB09B9841FF1003F6C22F7
Malicious:false
Reputation:unknown
Preview:...........kWT..0...W`.........b..@..nn........5.._..I.R3I..9g.x....s.\+.J......F...P......V]u......t....jK...C.fD..]..K....;......y._.U..}......S.........7...Q.............W.D..S.....y......%..=.....e..^.RG......L..].T.9.y.zqm.Q]..y..(......Q]..~~..}..q...@.T..xI.B.L.a.6...{..W..}.mK?u...5.#.{...n...........z....m^.6!.`.....u...eFa........N....o..hA-..s.N..B.q..{..z.{=..va4_`5Z........3.uG.n...+...t...z.M."2..x.-...DF..VtK.....o]b.Fp.>........c....,..t..an[............5.1.(}..q.q......K3.....[>..;e..f.Y.........mV.cL...]eF..7.e.<.._.o\.S..Z...`..}......>@......|.......ox.........h.......o....-Yj=.s.g.Cc\.i..\..A.B>.X..8`...P......[..O...-.g...r..u\...k..7..#E....N}...8.....(..0....w....j.......>.L....H.....y.x3...[>..t......0..z.qw..]X..i8..w.b..?0.wp..XH.A.[.....S..g.g..I.A.15.0?._n.Q.]..r8.....l..18...(.].m...!|G.1...... .3.`./....`~......G.............|..pS.e.C....:o.u_..oi.:..|....joi...eM.m.K...2%...Z..j...VUh..9.}.....
Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
Category:dropped
Size (bytes):1419751
Entropy (8bit):7.976496077007677
Encrypted:false
SSDEEP:
MD5:B8A9C4994406DB4C1F6B58698B9AA2BA
SHA1:FC6963A1AC3D5236A6A330CE025502FFE9DFC3A7
SHA-256:BB4ED912472A007034FA79E1E659367E3C9F8129464E18B3086283B857D9605E
SHA-512:A6A92D62951EBF13F074B0ED087824DF8246FE24425546E46DB48BA9005EDF3CD9AC3E5A7F88493F3C5DD2A02F96B1801317CA519C4E87444D3BB9B51DBE397F
Malicious:false
Reputation:unknown
Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.
File type:PDF document, version 1.6
Entropy (8bit):7.930185340136312
TrID:
  • Adobe Portable Document Format (5005/1) 100.00%
File name:Invoice1-1706517.pdf
File size:52'890 bytes
MD5:5af5ee83faae160ffab3cd5c8cd28117
SHA1:40c1f5fa7e36d118aaf8b467f455eb1c6189eaf6
SHA256:53924aaf790a371a77f5fe5bc1c85ed924e4c26762eea55911845744692274a8
SHA512:b3ccb22463c36126ac9ba60596bba193c5adf917b4712bbb37cdf47602aedbe2e76029f3fd595a4ef2469bb39f50420cc2545bbda1ccdf0a662047385a602972
SSDEEP:1536:oaZC54j2Aup+lgekiqCAltX3/MCgPnTn9dz:HZCSaAusSi+XvjETn9dz
TLSH:973302ACA854DC8CDDE469B6204043CE42DF6C3B9FD617322ECBA3419E8930AB5D4DA4
File Content Preview:%PDF-1.6.%.....2 0 obj.<<./Lang <FEFF0045004E002D00550053>./MarkInfo 4 0 R./Metadata 5 0 R./PageLayout /OneColumn./Pages 6 0 R./StructTreeRoot 7 0 R./Type /Catalog./AcroForm 8 0 R.>>.endobj.5 0 obj.<<./Subtype /XML./Type /Metadata./Filter /FlateDecode./Le

General

Header:%PDF-1.6
Total Entropy:7.930185
Total Bytes:52890
Stream Entropy:7.929924
Stream Bytes:51800
Entropy outside Streams:5.203096
Bytes outside Streams:1090
Number of EOF found:1
Bytes after EOF:
NameCount
obj9
endobj9
stream7
endstream7
xref0
trailer0
startxref1
/Page0
/Encrypt0
/ObjStm1
/URI0
/JS0
/JavaScript0
/AA0
/OpenAction0
/AcroForm1
/JBIG2Decode0
/RichMedia0
/Launch0
/EmbeddedFile0
IDDHASHMD5Preview
3211313038394f373699a66323ff5e1bcbb778db6bfb3b60cf