Windows
Analysis Report
Faisal Ahmad.pdf
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 60% |
Signatures
Classification
- System is w10x64_ra
- Acrobat.exe (PID: 2480 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\F aisal Ahma d.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) - AcroCEF.exe (PID: 5576 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 5584 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=21 60 --field -trial-han dle=1600,i ,116909759 2669078044 5,56590531 3809485030 7,131072 - -disable-f eatures=Ba ckForwardC ache,Calcu lateNative WinOcclusi on,WinUseB rowserSpel lChecker / prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | Classification label: |
Source: | Initial sample: |
Source: | File created: |
Source: | File created: |
Source: | Key opened: |
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: |
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: |
Source: | Process information queried: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 1 Spearphishing Link | 2 Exploitation for Client Execution | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 Process Discovery | Remote Services | Data from Local System | 2 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | 1 System Information Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
bg.microsoft.map.fastly.net | 199.232.214.172 | true | false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
54.144.73.197 | unknown | United States | 14618 | AMAZON-AESUS | false | |
2.19.126.163 | unknown | European Union | 16625 | AKAMAI-ASUS | false | |
184.28.88.176 | unknown | United States | 16625 | AKAMAI-ASUS | false | |
23.203.104.175 | unknown | United States | 16625 | AKAMAI-ASUS | false | |
172.64.41.3 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
2.16.202.123 | unknown | European Union | 16625 | AKAMAI-ASUS | false |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1500511 |
Start date and time: | 2024-08-28 15:41:29 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 24 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | stream |
Analysis stop reason: | Timeout |
Sample name: | Faisal Ahmad.pdf |
Detection: | CLEAN |
Classification: | clean1.winPDF@18/47@0/66 |
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe
- Excluded IPs from analysis (whitelisted): 184.28.88.176, 54.144.73.197, 107.22.247.231, 18.207.85.246, 34.193.227.236, 172.64.41.3, 162.159.61.3, 52.165.164.15
- Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, fe3.delivery.mp.microsoft.com, ocsp.digicert.com, slscr.update.microsoft.com, ssl-delivery.adobe.com.edgekey.net, glb.cws.prod.dcat.dsp.trafficmanager.net, ctldl.windowsupdate.com, p13n.adobe.io, geo2.adobe.com, fe3cr.delivery.mp.microsoft.com
- Not all processes where analyzed, report is missing behavior information
- VT rate limit hit for: Faisal Ahmad.pdf
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.166381740220626 |
Encrypted: | false |
SSDEEP: | |
MD5: | 2A107DC302FD31E3FA91E91A12000B5A |
SHA1: | 2320ADDC385C0ADAD5959F9EFA612B1E8F27C906 |
SHA-256: | 17ED4C9EDBF6A5F157E0BF07255C5081C7E72E4FFAE1E6F453B06645901AD079 |
SHA-512: | 927FBCDCCF52CFD03D080470054F0B7F7A45747EC00C72AA069B592F5D811F101167CCC901C9687E6812F1AB7C6BDABF73BD7EC6793C1B1B5F8A6AAB7853635B |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 335 |
Entropy (8bit): | 5.117958978144074 |
Encrypted: | false |
SSDEEP: | |
MD5: | 8A91489ACA2D49E82267B0A601C15D51 |
SHA1: | B3DC8B92F353DA3259FF4DE6A705ED2899EEB0C1 |
SHA-256: | 6060FCE3F6348E540758EC574B11D81B1E52182C29276F8C7C9A2D73AA9D274C |
SHA-512: | 87C3C250623789A7DC4DFC6EE12E57F89F97904413DA1CD584ECB67E9F32A52CE7B80AE54CD6D992C3BDAD3EAED1275CA7FFD9893FA33DFF4C6D5581875501A6 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3D9EBA638B994F6FC3BEA4AB1A506BF1 |
SHA1: | 98195EEF76FC884B5FA2D39125354AEDEFAA26C8 |
SHA-256: | FF628C141FAEE6915035541625F029D56A15F96C77D552064B5AB410E2F1ABE8 |
SHA-512: | A6BB3E610B0D558F4DEF48E405042CB2DD30CA61A43433F0D017A54837C9E871388882C7B65782C47706BEBA945747475B91EC161510718D77E999DA46034E1D |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\b36f83a8-564f-47be-87af-6d9764bf788f.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 476 |
Entropy (8bit): | 4.957166499751261 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3D9EBA638B994F6FC3BEA4AB1A506BF1 |
SHA1: | 98195EEF76FC884B5FA2D39125354AEDEFAA26C8 |
SHA-256: | FF628C141FAEE6915035541625F029D56A15F96C77D552064B5AB410E2F1ABE8 |
SHA-512: | A6BB3E610B0D558F4DEF48E405042CB2DD30CA61A43433F0D017A54837C9E871388882C7B65782C47706BEBA945747475B91EC161510718D77E999DA46034E1D |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 6495 |
Entropy (8bit): | 5.249171094893655 |
Encrypted: | false |
SSDEEP: | |
MD5: | 10999ECD316C79D3AD5D5170280E2EF2 |
SHA1: | FBB18F3FA5145A7576032DC0F3186C6F616C9D5A |
SHA-256: | 4FD89FD388839CBD510BE0AE2DF021EC4153ED05471646BCAFC5E31001BB0D6B |
SHA-512: | 5BD696913FDA4A9451F1A7E88C373E23300DE84312FB8FB1E7D172B67A8DF7F9BB9645C037FB896CDD84580F6EB2AE8A1464C2CE819BA7D56DE28ED0BADF956C |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 323 |
Entropy (8bit): | 5.158357223607275 |
Encrypted: | false |
SSDEEP: | |
MD5: | 465EF03CAABB1DB2A282FBA2A252A9E6 |
SHA1: | 38A9A42D6C7E74C818F12AB849F0D4BE57714F85 |
SHA-256: | FC28DC603FAD7B1C3D03E7D0C5A7663CF19604023CD6A0F2BBB668535AE02A07 |
SHA-512: | 6AEF6394679DC0AB98131FA9495F972194C7DE44D6D628572CE238A6802504EE2F0CB9C224B2A0A71AC7C18B43B4F8F19EEB4E458F3863EDCE7AED7924A76567 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 54 |
Entropy (8bit): | 4.434809492623761 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4EEC23DCD60815EAF8280F4672745886 |
SHA1: | 20C8C96F5B695670C83FB6641B8FB9AC6462831A |
SHA-256: | A59904A39B75C4637C1C46D865788CD05B8DCD6C31B88E8942051C24F2AEFC51 |
SHA-512: | 2EEA9F4CDD53FA7072E6364809D6962DA02C936930494EB08FB42C09E155A24F1EEC824A68118C14E45E8C54ABA75FC186C8DB3BC5B86B761788F020AC47728E |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.18897684320964 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5D7815108E333AAB7E97F96A4676E7DC |
SHA1: | A2DF2DE87BD198D71D6B0C29C5DA61FC9A297757 |
SHA-256: | 1EF05A1A040AB11AB84141574AE074924FCE17C8D7F839E7C7E9FE58854A777D |
SHA-512: | 0D0C46252A69665951D52651DD7B8F1057560825271CD2E4C0D798AE09AE72C56DFB738E8FD2F8EC9931DA314612A32F68E0AA2B389E24CCAAAE90DB00C0AFC9 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\000001.dbtmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16 |
Entropy (8bit): | 3.2743974703476995 |
Encrypted: | false |
SSDEEP: | |
MD5: | 46295CAC801E5D4857D09837238A6394 |
SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 126 |
Entropy (8bit): | 3.6123534208443075 |
Encrypted: | false |
SSDEEP: | |
MD5: | A05963DD9E2C7C3F13C18A9245AD5934 |
SHA1: | 15A87493591860C6C22499DF3A705ACB3CB466BD |
SHA-256: | F40B7EF0FE0B676871403B8DD21CE42AF8E482DC8B81F09D93CB2C48CCD112B4 |
SHA-512: | E67833950A3DB8D4C27FC851C7DF9AEBB85699024F805E98A2951E9E9FC3B606F10EAD23CE0A3B97484A18A9A52520540FB29787178BFEB9FBD8D46D0AA492A2 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\CURRENT (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 46295CAC801E5D4857D09837238A6394 |
SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 303 |
Entropy (8bit): | 5.132932991310727 |
Encrypted: | false |
SSDEEP: | |
MD5: | CF8FE8DD646EC8BF7CE04F64D1CA2EBA |
SHA1: | 45128030C5B6A55205D963309AA78EBD710CA150 |
SHA-256: | 631FBEC0BD93F04E2DB0A42E2F714F24B7FAF9C04128F6C563010C623DF21502 |
SHA-512: | 49EE7DFB1216F41E9BECA3A16BAE61005286C6C64376B761B2762B69DE136D24618BDD275B543FA23AFC98B47D186427344DDC8E38C6F9977C039F0170EBA773 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\MANIFEST-000001
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 41 |
Entropy (8bit): | 4.704993772857998 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5AF87DFD673BA2115E2FCF5CFDB727AB |
SHA1: | D5B5BBF396DC291274584EF71F444F420B6056F1 |
SHA-256: | F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4 |
SHA-512: | DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240828134204Z-173.bmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71190 |
Entropy (8bit): | 2.251681951951923 |
Encrypted: | false |
SSDEEP: | |
MD5: | 91C0BB4939623FC62B416ACC3B6A0577 |
SHA1: | 5CEE1F77118B48432F525563F9D73D10D95395E5 |
SHA-256: | BBE25407A1713451C14616CFA475279C6F91DFF21170F76247E02AE3416B3B05 |
SHA-512: | F491BC75E8CAB0F17B623D1E80625915983FA59283D093EB97AD36557E3689EE84A14B6B553DFBBC2A5CA55C09A43518ABABFB58C75CD23E3DC330FF0BAC8893 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 86016 |
Entropy (8bit): | 4.444962276179201 |
Encrypted: | false |
SSDEEP: | |
MD5: | C31CDC2B0E5F8FB2EC3210C858262AC9 |
SHA1: | 5B9C329F2D5D5D794EE93C39577D58A69EA5970A |
SHA-256: | 1576093453C65B9A871FAA65BCF9E4498286F16C242F0C85A07D629287F802A5 |
SHA-512: | 4127AD7826017C9792F28E08C97281768FEACA8F43BF411507406B60F51C8F020881062579E9C2B3D7F4367E239F22DE3D08A40684B347E017965B26834637A2 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 3.769519777450736 |
Encrypted: | false |
SSDEEP: | |
MD5: | 48D0706ADE828610C098A3946961D8B6 |
SHA1: | 67E9AB6314C2A77FAFC8654B298CEC9244D84FFA |
SHA-256: | 6A9B1E3839A87D5D5B7420F8CC8FB23D12DEA5843972AC3D4043A9095494CF98 |
SHA-512: | 75AC2F2261FE47F76EE2321562F241CCCEE09FE562499BEEC7943F709D972ABEF5FF75DB40C7281272E1901776738BD646956CA0A36BAC07E8230207BD2F4795 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71954 |
Entropy (8bit): | 7.996617769952133 |
Encrypted: | true |
SSDEEP: | |
MD5: | 49AEBF8CBD62D92AC215B2923FB1B9F5 |
SHA1: | 1723BE06719828DDA65AD804298D0431F6AFF976 |
SHA-256: | B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F |
SHA-512: | BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 893 |
Entropy (8bit): | 7.366016576663508 |
Encrypted: | false |
SSDEEP: | |
MD5: | D4AE187B4574036C2D76B6DF8A8C1A30 |
SHA1: | B06F409FA14BAB33CBAF4A37811B8740B624D9E5 |
SHA-256: | A2CE3A0FA7D2A833D1801E01EC48E35B70D84F3467CC9F8FAB370386E13879C7 |
SHA-512: | 1F44A360E8BB8ADA22BC5BFE001F1BABB4E72005A46BC2A94C33C4BD149FF256CCE6F35D65CA4F7FC2A5B9E15494155449830D2809C8CF218D0B9196EC646B0C |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 328 |
Entropy (8bit): | 3.1196963549884558 |
Encrypted: | false |
SSDEEP: | |
MD5: | 7C46DA4EC96CD017D47A4C39E454B88A |
SHA1: | 67B8D2C57C730468236F866EF68D510A19A06E94 |
SHA-256: | 9C0ADBDA7CFEB7FB7E40354E04E5880E7CC1F86161E94407D96871355FD8AC1E |
SHA-512: | C5C7F288002CC066B3E601938046B5CB7C0D6DCCDB892F57EE6CCF8DADEF775608A6A07371F247728A630C59FB8BCDA99F37AD4A55039B4DC5E36F24AC670CFA |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 252 |
Entropy (8bit): | 3.034404395079139 |
Encrypted: | false |
SSDEEP: | |
MD5: | 777D63DCB36696183FC8A785C12FCEE3 |
SHA1: | 7A0C28D0D4330F027EC5BD8ED35B21A7B859F0BB |
SHA-256: | 42F2AC854ABCF5B8055DA9AD563845D002C6B810AFACF3E0CB26495DA00C8AF0 |
SHA-512: | 3E37B839491BE29D5D281147D8F756E48FB3575887A82DDBEA172479EE2A1BC96BEDB124E0D652CF79ED0D6CCBF45EAD4C3046B3D625AA4D8DE0241F84F2BD3C |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.3673462906371405 |
Encrypted: | false |
SSDEEP: | |
MD5: | EDB9487088F959E7AD42C442D33876CE |
SHA1: | 9DD096591CE4BE8DC61ABFE406EE910D16C57AF3 |
SHA-256: | 0B932C60E502AB54F8E1929B9F330E5734B40262C11F8C9182CBB518252028BB |
SHA-512: | AC88DDB5779A974C94CDF51CB65C4F717E64DA3323A1634427BA98E230C13A83AF3E9B45BE9849B42B1636ED67D1000E3B02EC932A949DFD52ECF6EF843A6AAF |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.314735646290133 |
Encrypted: | false |
SSDEEP: | |
MD5: | C91872FC007BD759D51EF143D21E7A00 |
SHA1: | 9F927CBE8A59A26C24C434A981F52F23FE67E25C |
SHA-256: | 906E9ED6AFE5F41BCAD409301F3E6B7A6B540D5CAF177C3C5BC28C1CF66FB135 |
SHA-512: | 7111EBDCE3759B6BA4B84A4E0F31330FD7846C174FC6FBF247F650A5AB873E906ABDDFB9C00B51FB6B1C221E67F19B014DF88416D5E51024070FE4885174170A |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.2932839628161386 |
Encrypted: | false |
SSDEEP: | |
MD5: | E14F4D00950B02AF31A9C960AB71DF85 |
SHA1: | C8EC7EECEC4D3DE3922A18187BFF470656BE03FB |
SHA-256: | AA83B58AF139E26CAC47BD0D0C3CF517D1C8321410DC79C7C60A76E3CEFC95C0 |
SHA-512: | CE3A5315A3EA9FA746F0CE2BCEF9485DD73976C90A23E60F5867FDB10F92F23D9A2C68E4D176E630913818C3FB336E4A4D85AE8F63B1BC1530A04B8750DA9096 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.353582525429415 |
Encrypted: | false |
SSDEEP: | |
MD5: | 00368A0070638BCACB57BB9FDC88A538 |
SHA1: | 75FF2E6537D824FCE56B76F280FDFFF8903E983C |
SHA-256: | 9A2A5CF81EE9351E0392C10CFC1E3A2BC3E3F4A731B05D647C4B66F2675E63D6 |
SHA-512: | 3B6540A52290FF01F9A9CB9D56BF5AEE233A201E27F749648D4A948BB9960DD70BB56A654C5C9EE6F060BF95C2D911C612AA7E8EE7C0EF37FA552D0D7801CA7F |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1063 |
Entropy (8bit): | 5.670541728403347 |
Encrypted: | false |
SSDEEP: | |
MD5: | EAC81FEFF562D800F8C6E7F143F6AC29 |
SHA1: | 6C6E8D28A10C92A310FB4CBC0971B7BC644C9A99 |
SHA-256: | 1441C3F709C1EEAEA949205FBB5CDEB645F4D7483304ECAB571D556781DB3546 |
SHA-512: | 55E165483DD76E4D4F16A23A7241C470099FDE3A625795D55CAB1B732A8DB6D5825E747065F6CA60F138AAA34540A74E1AFFD5B5D73BD31C4384AFF97922C37E |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1050 |
Entropy (8bit): | 5.660956058034994 |
Encrypted: | false |
SSDEEP: | |
MD5: | C9EEBD159A3734105728279BAE9E5C95 |
SHA1: | C7E234691482565705F535E21F8F31129C61BD13 |
SHA-256: | 7E4A0FA6997641801F9E0E67F82228F0FA611584FCE042441505AA0FDC3BB468 |
SHA-512: | 81D8DD8B6B7B2F89CF947979E144E405FE1C0E23372B41BB3A2C2EDC0AF297A532614788BAD25F35497EBBF0BFF72C99135F1E0A586BD8DDE9511847E4A11262 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.304991955069017 |
Encrypted: | false |
SSDEEP: | |
MD5: | FE8DA637B09A39EA8045ED726BBCA7F0 |
SHA1: | 541D365ACB2E8FFC1100EDF319560232FCEB97C6 |
SHA-256: | AEDBA0A562AB880B6B6B30AD88DF46712D3C150AAA3B623C3DBD096740AF219B |
SHA-512: | E146D671E00756D50C719D008FE29F462C0496A25AA0AD0B5836E3FE1D3FA16558577C75F5D2B571A665C2F2C1ABF13ECA618241FA2233A19ED85FEACB0243D1 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1038 |
Entropy (8bit): | 5.6539987802970435 |
Encrypted: | false |
SSDEEP: | |
MD5: | A624C084013FEF0DB9DFAD36E09A12C0 |
SHA1: | CA8B4D9CBE9F5FE8E68CCD80DC18320F51AFE102 |
SHA-256: | AEE78591FA5664D4DAFFB0B40AD8293E4DBAE4604858DF98AF0C9E64EE3D9C2C |
SHA-512: | 56D95249159E7209F6F78C40DAA118C9DA332A73FFEE8D86C2DE9431F7CF0B59F488BBA6D5FF15326F6B735ADB138B7387F8FA55E4974653711A683D3DCBDA68 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1164 |
Entropy (8bit): | 5.700942809135441 |
Encrypted: | false |
SSDEEP: | |
MD5: | 492DBA054BB961510BB0D259522B09F2 |
SHA1: | D028EE74554E10D6B18EB7D4BF0F0C81CF34ABA5 |
SHA-256: | 72A413F8990BF78EF214E5C88E12DC5C8D5D96FB62868ADB20CCB4D01E6E0AAB |
SHA-512: | 0AF7BA2F4E0061C479288D2556AF9889720FCEF1758EDA9795F068D5D2F1C042ECBF82D56B6A5784F0063000C906C1F678106A81E3997963ACC793BDEF7C87C1 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.310976589930979 |
Encrypted: | false |
SSDEEP: | |
MD5: | DEB2E7EC4A1FEC1414FF25CA3404558E |
SHA1: | 6EF4F99F5EE168D8F5580C90ED18771BF00348A6 |
SHA-256: | 439885E536ED966A581968D1F59FE7F99F6C2998E16C93042F0090647AECBD9E |
SHA-512: | 4CA288A365D6BD71D84B56C4DD8550FB8E620A889E4B072AEF44FAAEA9A5A5350CB332A91131A7B3ADD2B9A12A970E646023FD7EC9E58954A312C533D66A0535 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1395 |
Entropy (8bit): | 5.776629471148682 |
Encrypted: | false |
SSDEEP: | |
MD5: | 6DC0DB3D9DE0BD86EA5EFB5BDEC92732 |
SHA1: | 2E8ECBF590EE5748C370D44B198EE446D6DA5551 |
SHA-256: | 03F192B38F470B99575D803B3052E31B69DE56B5C1645D36A40E8D6D812C1357 |
SHA-512: | DBEAE5C52B1F720BA2307E65A451DA4215E7589A168C09FDE097634C9B0001AC9D4DC3C6C5572CF2F8467D0A44B1FDE7772CA91AA97AD39F27623B875145B852 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.294448247124217 |
Encrypted: | false |
SSDEEP: | |
MD5: | A32A6646475F9578A32E8DBB6C36A58E |
SHA1: | F6459ADF28A1E03DF1876E3AFC2EE55F06132D77 |
SHA-256: | C7A16E856219727FF9A1C57103D000E806A7BAB58BC55680AD9B76FF3597B6E6 |
SHA-512: | 770AE3141F919220EECD7428848892D0EBBAF8813FDDA3FB3FBF69AAA8C5C845071770CC38A4D1E9DAEA312190861D8821EA40F24567217848888422D93FE293 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.296273398804093 |
Encrypted: | false |
SSDEEP: | |
MD5: | B6B3763DD081A5084D8E0CF45DAED9AC |
SHA1: | F84A61CE3A70FA4F945AE0E484EB7441C36E1AF9 |
SHA-256: | 8359025F82DCABEA8A378FA2B1B7528EA16A94D2BAC2F76E2F6F4E9A596D5DC0 |
SHA-512: | 4EF834174BE9033FBDC813473C5B991C16ACFB4BF178ED5E1B971CD600C252B3DFE4877E8A8C76867D0977FE74326AB62603C1F2DBFE1A5DA9EB2DE4AA88D70D |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1058 |
Entropy (8bit): | 5.659371265664117 |
Encrypted: | false |
SSDEEP: | |
MD5: | 6BAB69A28CEE049F225ADA9FBE88DD5A |
SHA1: | C5C24D7EAE991C612ABA3AC49FD4216A4335C758 |
SHA-256: | 7ADED39C3FF4921F7327B78B76FD59CD931916AEEBCC0BF72EEA50C1B966D5F3 |
SHA-512: | B689187910FCB973864DE732408370248B6127A1AAE085CCD258DF72461E1302F13E64E00256CC90438C70E74A94E8E4D6B8D8297C6158EC42E71A898DB991B0 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 286 |
Entropy (8bit): | 5.272958692001218 |
Encrypted: | false |
SSDEEP: | |
MD5: | B9E49FFFD375CE6E13A0D0CB33B3AC6D |
SHA1: | 2C4232D8BEC76FBB8F5152E8572DC7175EB2721F |
SHA-256: | A2B0B23497DE1FD09766FB8D788364849EF07F03370BE32E94461F932D37F5EB |
SHA-512: | BA0E60D4CD05F908FD33523C026B35B701B4828382F088B9A89EAA167C3E020CB10D861B486A76A6ECB741E97C569595EF578E5A7CEAB7964EB6BF89251A898A |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 782 |
Entropy (8bit): | 5.37136918970748 |
Encrypted: | false |
SSDEEP: | |
MD5: | 58B61F1909521E1A7AD37BE5AED5C989 |
SHA1: | D4585AF339C892172C6F4F9066538F11C3A26541 |
SHA-256: | 4EA98BC755BC5968D86C697EC9ADB84388BAFA72125F9AA4C279334B5FE5F18B |
SHA-512: | 6BFB86AE934C9CD77A2F593646C8E2D26AA4BCB3DFE2D2E739F89953E3651D4359583258C5054DD8B93ECA48EDC5756D472D04C52B0FF766336CF79E03797A9A |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2818 |
Entropy (8bit): | 5.125736249274585 |
Encrypted: | false |
SSDEEP: | |
MD5: | C6B1A210FE8DC1C62EC0A8912AD1BE09 |
SHA1: | 0804545004AD9AF6940291500E76D08AF45CED85 |
SHA-256: | 14B0DD0EEAA022B58DE7BF35154370FD732401F61CC179A33F3FE27DA25EE7CF |
SHA-512: | 977EDA35051F44A11D7F765A0E46F03C1715971CC42044525FF33F82F57DB80661591C50224111BBB8B44ACA0817E25E6DB53D2D0A73A672C0A509651D29DDDD |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 1.355858454200379 |
Encrypted: | false |
SSDEEP: | |
MD5: | 44A06650CEBB1509326A2EB5563A7ACF |
SHA1: | 0EF64C38546DC5307E40CEF7AC5B2166819565D1 |
SHA-256: | 1510201A058E983CC1510AAD8579657AE515EF4FDE79AACEA7ACA5D133700E0F |
SHA-512: | 0CDA3C6DE4DCAAA4A08DC07DFC05A42D0F2551E5CBED5B6F1B95372C3B5C4F0C46DA741729202D73BE2B4E081138B9C38D77633174986783AB1BFD5493FECF0A |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.8258614602150298 |
Encrypted: | false |
SSDEEP: | |
MD5: | 8B86804DE9FE1E690D2E7D836CEA3CBE |
SHA1: | 4FCA9A555619D78970096D1DAB3E02A6CFC7522E |
SHA-256: | 566CDFB6D5FBCE6250042E6E26CCFF35AD438DAD98F6A54E2266DA408297DA50 |
SHA-512: | 92DBB34FB314E8D7CDC9EF30AE068B2A8EB7C041F70D501ECC7309BE1D9CCF6F6011D0536393D5E50CCAAEB4D08070EDF79756B85E689642586AA27ADBDEEEB3 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.5193370621730837 |
Encrypted: | false |
SSDEEP: | |
MD5: | C0C402A3ADB9BFAC78D80F1B87A3ABA0 |
SHA1: | DDEA158E1A06D263EB79B4AAA38752C61B7B4004 |
SHA-256: | 672F6D80E25851448E80398BA4A64C047D2FEE08D4236C28C41ECBC6A1356DAB |
SHA-512: | D1CE7C458ACD09BA65C28887A77378F6560BE2D2988608F8E32B6B0923898FAD67822991B85EFBB24D324924E9894989E6DC3F32C1262F50D23288D5C22AEBFF |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-08-28 09-42-01-940.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.359827924713262 |
Encrypted: | false |
SSDEEP: | |
MD5: | 06DEAEDB81D09FD8FB5FF668D8E09CB2 |
SHA1: | 28A02BCBD5975117B97A08AFB049F2C94F334726 |
SHA-256: | D98DE785425112A2D7A41B16073812FA4FA4955F2D5139AE87C9A5FBC4717D64 |
SHA-512: | 948E3B56E5A8D818A5FE9D74B82A898F7264909ADF2C49E5D096CB90F4D28ED95990545A4857933F0E06D493AA0F6D41F6109C74B44BC0E4B84346B519681936 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 15114 |
Entropy (8bit): | 5.353437079075563 |
Encrypted: | false |
SSDEEP: | |
MD5: | 8F87EE910DE290E12213F212AC3B3A56 |
SHA1: | ED1FF2D441150A9975152C1CA93482E9906F0CD1 |
SHA-256: | 56E59D6B3273C5899BCFFA57DAC1BD4E3ADA359E91D324E214D74ED2A6EBC9C4 |
SHA-512: | 9117A0D66A9139EC22AA0FBE61278126D85B36B3F1C5A5A3ABB2AA11E7FC59D949424CA4C61ABEB430257254576356CBB501F3DB9EEB234F1B6D6757FE20BEEC |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 35721 |
Entropy (8bit): | 5.421563216202355 |
Encrypted: | false |
SSDEEP: | |
MD5: | 46AA6A46E3B8EC94AD88E10A9EFE009F |
SHA1: | 0B6E04FB79C29B2421B08CBC4403EDDA35AF5F66 |
SHA-256: | 698A2467B2E5A23673217BAA858A92B398624ADD2DDAD80373453D94C8E7E2E4 |
SHA-512: | 56D0BD6CC533E145D9FEFF6F6B4E1C4D9ABF868DD30D571F422D148CC257425B75F0A62D3C7C8216FCB7DB18372537C40AAE9D17DE6AFE9D1748E8757A224D60 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | |
MD5: | 8B9FA2EC5118087D19CFDB20DA7C4C26 |
SHA1: | E32D6A1829B18717EF1455B73E88D36E0410EF93 |
SHA-256: | 4782624EA3A4B3C6EB782689208148B636365AA8E5DAF00814FA9AB722259CBD |
SHA-512: | 662F8664CC3F4E8356D5F5794074642DB65565D40AC9FEA323E16E84EBD4F961701460A1310CC863D1AB38849E84E2142382F5DB88A0E53F97FF66248230F7B9 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | |
MD5: | E787F9888A1628BE8234F19E8EE26D68 |
SHA1: | 44D5180C06ADBBDAADDBCE350CE4DEC997CD83E5 |
SHA-256: | 3A09F3799148DA49F039A35AEDD22F368FB35B8D6022C4691C10606F704DAF80 |
SHA-512: | EE9B602898706CC0F33AA570E29A79A58ED748E1B738D74DF0C8C8DF193E23421B47AC8C862623ED774289D94FA90662A4CC436B80479D6420433D81752E9CA9 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3A49135134665364308390AC398006F1 |
SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 543911 |
Entropy (8bit): | 7.977303608379539 |
Encrypted: | false |
SSDEEP: | |
MD5: | 956BEC2EB32005025184F904D9622D32 |
SHA1: | C6A9A8B3F7A7AB8122FB00457C0F83D4A77F21AF |
SHA-256: | DEFD4ADB96BA87467278B6B06980FDAB1EE460D971B62ED05A89FF32983784EF |
SHA-512: | 3A32B169312E5886D8C3029BF15AD291C41AF9FB03AE7D9B1A3CAB74E95C7AAAF3E384F2432BDB8F815075B11F30D4FF083271802B41616C9060E268EB3B5D3D |
Malicious: | false |
Reputation: | unknown |
Preview: |
File type: | |
Entropy (8bit): | 7.8805512303209575 |
TrID: |
|
File name: | Faisal Ahmad.pdf |
File size: | 157'813 bytes |
MD5: | 5542eb9a328dabc039eb82c911ec2952 |
SHA1: | 4b9cf91bec4cf36c54af40b0ec5c8ae71016571e |
SHA256: | fe7dbe67590f1bd9e360ec098514983d8c8f9ac04482b7951181c058128d32e2 |
SHA512: | a7b8d6d804fd03ff1c38f5c44ccb5ab5605a7662f6bd7e8bd6ff71de9ece67a5eceee2ae54c33517513dc677d29dedf2a461b41a048e4232cfa45966adc0c588 |
SSDEEP: | 1536:H0l4Y6lu1ZGhYKf4sEibEm8GgI2kF5Gemdr4StioqrXR88F5m2QMfE2ho9F+8/ts:HvunCrfe6h8pBeg8rE2W+81cwM8VACQ |
TLSH: | 3AF3DF24899EBCCEE39657C60B1F3C0AB46DB232A1D4419536ADC74347A0F6FA22715F |
File Content Preview: | %PDF-1.7..%......1 0 obj..<</Type/Catalog/Pages 2 0 R/Lang(en) /StructTreeRoot 54 0 R/Outlines 44 0 R/MarkInfo<</Marked true>>/Metadata 321 0 R/ViewerPreferences 322 0 R>>..endobj..2 0 obj..<</Type/Pages/Count 3/Kids[ 3 0 R 39 0 R 41 0 R] >>..endobj..3 0 |
Icon Hash: | 62cc8caeb29e8ae0 |
General | |
---|---|
Header: | %PDF-1.7 |
Total Entropy: | 7.880551 |
Total Bytes: | 157813 |
Stream Entropy: | 7.977779 |
Stream Bytes: | 139085 |
Entropy outside Streams: | 5.001776 |
Bytes outside Streams: | 18728 |
Number of EOF found: | 2 |
Bytes after EOF: |
Name | Count |
---|---|
obj | 85 |
endobj | 85 |
stream | 16 |
endstream | 16 |
xref | 2 |
trailer | 2 |
startxref | 2 |
/Page | 3 |
/Encrypt | 0 |
/ObjStm | 1 |
/URI | 2 |
/JS | 0 |
/JavaScript | 0 |
/AA | 0 |
/OpenAction | 0 |
/AcroForm | 0 |
/JBIG2Decode | 0 |
/RichMedia | 0 |
/Launch | 0 |
/EmbeddedFile | 0 |