Edit tour
Windows
Analysis Report
Jones junction_SKM_U78WWW333.pdf.pdf
Overview
General Information
| Sample name: | Jones junction_SKM_U78WWW333.pdf.pdf |
| Analysis ID: | 1501912 |
| MD5: | 4097ac8785b2bf28a32c585eade9c5ae |
| SHA1: | 8d743e47545de5d632d6a0d66d63dca20adcf2ec |
| SHA256: | df6943d73d42bce8dfaa0e3852cff5080ab28329ba71435e9a44023e2633ab1b |
 | |
Detection
| Score: | 0 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 60% |
Signatures
Stores files to the Windows start menu directory
Classification
- System is w10x64_ra
Acrobat.exe (PID: 6892 cmdline: "C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\J ones junct ion_SKM_U7 8WWW333.pd f.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) 
AcroCEF.exe (PID: 7128 cmdline: "C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 6176 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=21 44 --field -trial-han dle=1564,i ,145064396 2068976118 8,45262340 9462374575 8,131072 - -disable-f eatures=Ba ckForwardC ache,Calcu lateNative WinOcclusi on,WinUseB rowserSpel lChecker / prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
- Acrobat.exe (PID: 1468 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\J ones junct ion_SKM_U7 8WWW333.pd f.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) - AcroCEF.exe (PID: 7612 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 6392 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=21 64 --field -trial-han dle=1632,i ,800514418 2979918003 ,281016345 6647013345 ,131072 -- disable-fe atures=Bac kForwardCa che,Calcul ateNativeW inOcclusio n,WinUseBr owserSpell Checker /p refetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
chrome.exe (PID: 680 cmdline: "C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 3512 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2072 --fi eld-trial- handle=199 2,i,954998 4474951649 099,400019 4092925133 157,262144 /prefetch :8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
⊘No yara matches
⊘No Sigma rule has matched
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
There are no malicious signatures, click here to show all signatures.
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Classification label: | ||
| Source: | Initial sample: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | Key opened: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Window detected: | ||
| Source: | Initial sample: | ||
| Source: | Initial sample: | ||
| Source: | Initial sample: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information set: | ||
| Source: | Process information queried: | ||
| Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Gather Victim Identity Information | Acquire Infrastructure | 1 Spearphishing Link | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 Process Discovery | Remote Services | Data from Local System | 2 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
| Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | 1 System Information Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
| Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 2 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| plus.l.google.com | 142.250.185.174 | true | false | unknown | |
| play.google.com | 216.58.212.174 | true | false | unknown | |
| www.google.com | 142.250.186.68 | true | false | unknown | |
| apis.google.com | unknown | unknown | false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 142.250.186.68 | www.google.com | United States | 15169 | GOOGLEUS | false | |
| 142.250.185.99 | unknown | United States | 15169 | GOOGLEUS | false | |
| 142.250.185.206 | unknown | United States | 15169 | GOOGLEUS | false | |
| 1.1.1.1 | unknown | Australia | 13335 | CLOUDFLARENETUS | false | |
| 52.202.204.11 | unknown | United States | 14618 | AMAZON-AESUS | false | |
| 172.217.16.138 | unknown | United States | 15169 | GOOGLEUS | false | |
| 74.125.133.84 | unknown | United States | 15169 | GOOGLEUS | false | |
| 184.28.88.176 | unknown | United States | 16625 | AKAMAI-ASUS | false | |
| 95.101.54.195 | unknown | European Union | 34164 | AKAMAI-LONGB | false | |
| 216.58.206.67 | unknown | United States | 15169 | GOOGLEUS | false | |
| 142.250.185.138 | unknown | United States | 15169 | GOOGLEUS | false | |
| 239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
| 142.250.185.174 | plus.l.google.com | United States | 15169 | GOOGLEUS | false | |
| 23.200.196.138 | unknown | United States | 2860 | NOS_COMUNICACOESPT | false | |
| 216.58.212.174 | play.google.com | United States | 15169 | GOOGLEUS | false | |
| 199.232.210.172 | unknown | United States | 54113 | FASTLYUS | false | |
| 172.64.41.3 | unknown | United States | 13335 | CLOUDFLARENETUS | false |
| IP |
|---|
| 192.168.2.16 |
| Joe Sandbox version: | 40.0.0 Tourmaline |
| Analysis ID: | 1501912 |
| Start date and time: | 2024-08-30 18:24:17 +02:00 |
| Joe Sandbox product: | CloudBasic |
| Overall analysis duration: | |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
| Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
| Number of analysed new started processes analysed: | 25 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | stream |
| Analysis stop reason: | Timeout |
| Sample name: | Jones junction_SKM_U78WWW333.pdf.pdf |
| Detection: | CLEAN |
| Classification: | clean0.winPDF@58/64@6/106 |
| Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 184.28.88.176
- Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, ssl-delivery.adobe.com.edgekey.net, ctldl.windowsupdate.com, geo2.adobe.com
- Not all processes where analyzed, report is missing behavior information
- VT rate limit hit for: Jones junction_SKM_U78WWW333.pdf.pdf
| Input | Output |
|---|---|
| URL: PDF document Model: jbxai | {
"brand":["Microsoft"],
"contains_trigger_text":false,
"prominent_button_name":"Open",
"text_input_field_labels":["unknown"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false} |
 |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 290 |
| Entropy (8bit): | 5.200716070246812 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 99C2B717AF235F3BBD07D20B3516446F |
| SHA1: | CAF465572710E86D90F841B21060F13BA661F8EA |
| SHA-256: | 7FBCFF92B62C9EB7AC8E8FDFCE6A14E2A9111DAE19BC5E8FDDA6D073DFD50C7D |
| SHA-512: | 09593EE740A40369B3E5DF702DE5541DAB8458394A173C86B37D3B91803D4CF2E497CAA296D8141E1BC1BE9BAFA3E8308F23D711B0569BF62C137FD395B81187 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 0 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 99C2B717AF235F3BBD07D20B3516446F |
| SHA1: | CAF465572710E86D90F841B21060F13BA661F8EA |
| SHA-256: | 7FBCFF92B62C9EB7AC8E8FDFCE6A14E2A9111DAE19BC5E8FDDA6D073DFD50C7D |
| SHA-512: | 09593EE740A40369B3E5DF702DE5541DAB8458394A173C86B37D3B91803D4CF2E497CAA296D8141E1BC1BE9BAFA3E8308F23D711B0569BF62C137FD395B81187 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 334 |
| Entropy (8bit): | 5.187256495712107 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 59F150F50AA7E1BD3E6629B7BE26A108 |
| SHA1: | 1F330A2122947540528B3CF26AC89FB5179B8F88 |
| SHA-256: | BFC2DDD567CDE24B304C5382F540DA66BA8B69974076F3D72AB31D53A46F3F80 |
| SHA-512: | 074D3F4EE5B7C85C209B2F94463FBF12CF1B2C361F00EEFBC57B2E838D7D70644410403E014634456419FC0EACAE34EB7A02311082405FDBA4D12C3AE4BCFEB8 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 0 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 59F150F50AA7E1BD3E6629B7BE26A108 |
| SHA1: | 1F330A2122947540528B3CF26AC89FB5179B8F88 |
| SHA-256: | BFC2DDD567CDE24B304C5382F540DA66BA8B69974076F3D72AB31D53A46F3F80 |
| SHA-512: | 074D3F4EE5B7C85C209B2F94463FBF12CF1B2C361F00EEFBC57B2E838D7D70644410403E014634456419FC0EACAE34EB7A02311082405FDBA4D12C3AE4BCFEB8 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\206fcf85-af0a-4fbf-8899-9f98a0128568.tmp
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | modified |
| Size (bytes): | 403 |
| Entropy (8bit): | 4.953858338552356 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 4C313FE514B5F4E7E89329630909F8DC |
| SHA1: | 916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56 |
| SHA-256: | 1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873 |
| SHA-512: | 1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 0 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 4C313FE514B5F4E7E89329630909F8DC |
| SHA1: | 916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56 |
| SHA-256: | 1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873 |
| SHA-512: | 1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State~RF6c81f4.TMP (copy)
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 0 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 4C313FE514B5F4E7E89329630909F8DC |
| SHA1: | 916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56 |
| SHA-256: | 1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873 |
| SHA-512: | 1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\c61d57a3-a38f-4794-ad47-00abac576656.tmp
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | modified |
| Size (bytes): | 403 |
| Entropy (8bit): | 4.981922964021605 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 00727DE3D5D1B8994A648A31044F952E |
| SHA1: | E2AF7AEDE1C950EF14C8E37ED1C0BAA5138C5765 |
| SHA-256: | B3325432809A7DF5406CFD57F031558222672A85E3B7E6F6D894892FCFE7C974 |
| SHA-512: | F5006AA3ABC9DC6774CD711EF6DCA05D99D042246F2DD8C31746FFF461A808E0CB96994C8651479ED53C1DAA3FA3A4361A1CFE6D15681EE60232C4AE957885CB |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4730 |
| Entropy (8bit): | 5.237314660940442 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 6A5E54480253AD91FFF004F1DD679A04 |
| SHA1: | EFE282551310FF7609B1B9FBD34AA718BF07430B |
| SHA-256: | B84B4CC715999407A4A1BAEBA2BBBD6C82D58A69ABB4F5CCA929E82DCE7E212B |
| SHA-512: | F361D78FF667512729B4D2A4D66CBC7C5AEE72D5726EA2484792F6556BD32FB46B527FC804E2E7F328585F6216F905912AA21F11CC662175CD042B7F03D25388 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 322 |
| Entropy (8bit): | 5.158688308573662 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3A4A15CC34C0D8F80CBBDEF30D5A924C |
| SHA1: | 3E4DB63C821ED9DBE2932987C8D21596772F1BD1 |
| SHA-256: | 140A7534F8B4712FFD57DC34AB192AA16F03A3FB908B73CA60EC8D8505507816 |
| SHA-512: | 2E41C376E6DE88E655EB9A77DEB7DEF7953ABA8CA6974677ED8F8F3FA1C2EA32026943F1CDD7DB36710446B0C97289554F7F2C2B0EF920B999ECBEDAC97B6244 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 0 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3A4A15CC34C0D8F80CBBDEF30D5A924C |
| SHA1: | 3E4DB63C821ED9DBE2932987C8D21596772F1BD1 |
| SHA-256: | 140A7534F8B4712FFD57DC34AB192AA16F03A3FB908B73CA60EC8D8505507816 |
| SHA-512: | 2E41C376E6DE88E655EB9A77DEB7DEF7953ABA8CA6974677ED8F8F3FA1C2EA32026943F1CDD7DB36710446B0C97289554F7F2C2B0EF920B999ECBEDAC97B6244 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 131072 |
| Entropy (8bit): | 0.013272805055910936 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | DE2CA83549438D0D9A8DEA864EABF016 |
| SHA1: | BF50E51A27B58805181FF466752C948E42F1B9D3 |
| SHA-256: | 743B9469C69F7EF27850A31A9F616733A42758003D8C1C719EC4038FC90A175B |
| SHA-512: | A86DD3B1A2DCCF6F3653A6D9164978879E236E4F65CE5FE873BCC63119D03CF487BFDA7573651ECEB3CB98FE0C80E4DBD453009188A5F00D61C75FF9B23AFFF3 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 57344 |
| Entropy (8bit): | 3.291927920232006 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | A4D5FECEFE05F21D6F81ACF4D9A788CF |
| SHA1: | 1A9AC236C80F2A2809F7DE374072E2FCCA5A775C |
| SHA-256: | 83BE4623D80FFB402FBDEC4125671DF532845A3828A1B378D99BD243A4FD8FF2 |
| SHA-512: | FF106C6B9E1EA4B1F3E3AB01FAEA21BA24A885E63DDF0C36EB0A8C3C89A9430FE676039C076C50D7C46DC4E809F6A7E35A4BFED64D9033FEBD6121AC547AA5E9 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16928 |
| Entropy (8bit): | 1.2153212610554929 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | E40E3AB566FC01CABBC35BFFF648E56B |
| SHA1: | 5A649D3A7755FBF70707B8832030D4FB14B93109 |
| SHA-256: | 68A1B8C475E03C6CEE9F81C7675B98734A2ABA453B7B306D0FE9B6657DF4249B |
| SHA-512: | A94BCF572C2EFA45D7ECC620202AD3094A2317E578399A47CCC46D34C010626440F5086103396AF147B51D7D8EDDA71F7FDF7116ED535C557B226D2A2C0843D2 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506 
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 71954 |
| Entropy (8bit): | 7.996617769952133 |
| Encrypted: | true |
| SSDEEP: | |
| MD5: | 49AEBF8CBD62D92AC215B2923FB1B9F5 |
| SHA1: | 1723BE06719828DDA65AD804298D0431F6AFF976 |
| SHA-256: | B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F |
| SHA-512: | BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 893 |
| Entropy (8bit): | 7.366016576663508 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | D4AE187B4574036C2D76B6DF8A8C1A30 |
| SHA1: | B06F409FA14BAB33CBAF4A37811B8740B624D9E5 |
| SHA-256: | A2CE3A0FA7D2A833D1801E01EC48E35B70D84F3467CC9F8FAB370386E13879C7 |
| SHA-512: | 1F44A360E8BB8ADA22BC5BFE001F1BABB4E72005A46BC2A94C33C4BD149FF256CCE6F35D65CA4F7FC2A5B9E15494155449830D2809C8CF218D0B9196EC646B0C |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | modified |
| Size (bytes): | 328 |
| Entropy (8bit): | 3.2394988199912085 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 177485C7CEEC17BC8FE15CE53D0ECDB0 |
| SHA1: | 07FD7E530DF9D3D4AC9662320D912DC6C66D4585 |
| SHA-256: | 36BE8F3B21F994543265A42DE6471714725A0A0266CB2026522771065584320B |
| SHA-512: | 89F3231AF04F0823411C0F07A983499A715EC4E607C35EA7A3B3EB2F2AB9CDBB34B05031790E569CCBBA649D38FB38AB70A5B2D519A54539DB5B782F5D457D55 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 252 |
| Entropy (8bit): | 3.0234723018165854 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 00AE0A48CE881264BE6510D58789E2EF |
| SHA1: | 5808471BE7AFB72886D621F5182B5C51CB4E2903 |
| SHA-256: | 1A3915452BED1DCC37AC42C74CDC9B4DF5EED3E4D7622CE7AE5FB91BC03795EA |
| SHA-512: | 1061C1F64774BA69C73502734207D8A3D3A82C3FC889987B79BDF71154FA4DB574890FFF6511B6F69F82E64E039D460FE4F64E895877435D6B66117327E23B56 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 185099 |
| Entropy (8bit): | 5.182478651346149 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
| SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
| SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
| SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 0 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
| SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
| SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
| SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 228344 |
| Entropy (8bit): | 3.3887012903255123 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 7B372554D3A6C8B32C761EA0B62AB1E5 |
| SHA1: | AE5BB68BE73134D28E1141E31899AC94A1CF9EA3 |
| SHA-256: | 4D3A13F7465BAF79509EA4E18EDB77C2AA16B79856C1C2E0187D34A63770164D |
| SHA-512: | 0B64D2D9C34E59377FC5AC7AF751F3530C04E2DAF88689384AD8FFB83E2CA22491F2BA7FEFF2887789D2F8499CC67B3190FBCC4CC76535A1F5A107FE615A48C9 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 295 |
| Entropy (8bit): | 5.374504271030294 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 25425715373621812E746086902EF150 |
| SHA1: | 4055600B4AF03D82B5CA15C412F5977ED0E23935 |
| SHA-256: | ACFE7877A65C35F9731513E01DAF19F66486BAC98A7333F80BC425A508577760 |
| SHA-512: | CD99DEDA572358826BA99C7B97FCD8DCDF7D6363546BA12A9F722924493FEE3234BE97131A18A373D621E0353B8C13769F9EF337AD6747F088DB259AD33855AE |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 294 |
| Entropy (8bit): | 5.32116064890452 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | B1B5528BAB42AD2846FA9389F78A079E |
| SHA1: | 815506DDE96239BF432C259A00E143CAFF9BD087 |
| SHA-256: | 799D67B5AA6F75A92535CA0076E26BE14334F8C3D3BDB88E127F284F47F4ADB2 |
| SHA-512: | C57D1BACAA4B8BBF71046CA25B39B8952EEF9E7023CDA76F059E884259AAE770E64EF0537F47D6234D7F9B2782FD5275CA3ED644303841B8AF8DE4C3925C1D2B |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 294 |
| Entropy (8bit): | 5.299708965430526 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | CCAF0F1D58BF07247025A83B5E90513F |
| SHA1: | 9808FD256560E27809A878794C5A7EC4F0222705 |
| SHA-256: | 3C31383FE76EF6F11EDA4ADC1B55B4CED06C158782D75926A7BBA4FB8B33C102 |
| SHA-512: | 2B68D33AEC9471AA6B8AF2411A6CEB82428DD334AD2E6842A5212CA2680127796354C665F59C277FE81CB23FDD229C2618BBF63D9051BD8AFCDAF4BF0F72DD93 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 285 |
| Entropy (8bit): | 5.363275368006837 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 1D4133D7607F5E7544EC1778FFC5CCC2 |
| SHA1: | 0D92B11AB6A9E815245F6ADCF5AF3DAF73157521 |
| SHA-256: | 8D0B2F3CD3C5DBBDD6FC197BCC630C5C7C997EAF9188301F10EA5F9890B1319E |
| SHA-512: | C917061ED146EFD78D4DA4B86FBC51CBFE5C7D43001DAA68921D86685B2C4CD2B6C5AC11A7AD87EC14890171EFEDDD95C0BD8F53B9AB914B6253EA35755A163E |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1063 |
| Entropy (8bit): | 5.6675870872231835 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | ABE071269750A73C1156AB7EA14638B8 |
| SHA1: | EED45B69DDBEA3615F23952047C2C880932D7582 |
| SHA-256: | CFAACF6370376239DB428251D0F8F988EB92F204F8E338D8F9F98EEBD7325072 |
| SHA-512: | 28CBB0430635C9B1F0803537A90CE1D22E34A3E9D52C96B5C5640BBDC2FED9D22417678E2478538C2B6A10A49E1005D368357A525D1F7490C4B1829303203495 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1050 |
| Entropy (8bit): | 5.65268006345258 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | F8098BCF388A4F95A8D3D70CFAD73740 |
| SHA1: | FF4E482B089CD1C6ECC2629F11DF893D4133A650 |
| SHA-256: | 56B5991A1DDEEAF1C7C20E2DA999A44A45C09B6D045C14EE013520A474C80D0D |
| SHA-512: | 059269273053A23A08F6CBCE029108783D38A7D1282D78450A49129C3D959A5F17DD4BA061791840892DAEEC7873A51073D13090B4197E8A5B8F2C3500BB6EB3 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 292 |
| Entropy (8bit): | 5.312653945600021 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 82F83C488C5A1B70E1EDBB9234516ED8 |
| SHA1: | DB6FB15A66D6BD890903E7FC1F403721C5EF58BA |
| SHA-256: | 08CDB6C0A2F943A8E037E87E0975B518F677BCD6973AE6D884F5DDB614F3F4B5 |
| SHA-512: | 5FD8992914300B6CA644F04AA5B98794CA9FC6F967233C05843AE6E646FB74FB002E4D6758A4CB1C5AECB81AAC03A1A51532038A7A2D1554ADF0E0AFE90941B4 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1038 |
| Entropy (8bit): | 5.647111425391184 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 8EEB35CCC60F3115D4786021D58DF72B |
| SHA1: | E35031C45B8143D1A33C1858FB5B9F5345F4E8CF |
| SHA-256: | A769D8EBAA5EA4C4A6B2E78F1F08DA033E9704812B1DB451C526A2FBEE828726 |
| SHA-512: | C36BB581F1D4AEB729BC85CB31B8C10DB05E0F9321DB7F651CD6CE74A750CC419C6937B0CE3BCBDCB7F6959A0FB9A2E3464EA1B65B929C64B417BA967ADD891E |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1164 |
| Entropy (8bit): | 5.699135426416551 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | D977C11C1E517DB8B869091E9E0BB3A6 |
| SHA1: | 4E3FBB374AB2F41D96B2B58C3E0B330C6DA5DF5D |
| SHA-256: | 3659CF29B9D09476A8F0B92C09C11D9C462A16E6ACD7D4BBB10D9DDE56063012 |
| SHA-512: | 07A049663A11767D7AE1EB2351A9B07FF15FE9CD105443E7D264806BEDA37753B50A8432928061B990ED15DE79179EE0AA7FEE545FC31FB2DBD99F43161C247B |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 289 |
| Entropy (8bit): | 5.316396198138578 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | C2BB6CD2F76EE20315F11EE6E845F07C |
| SHA1: | 87638C118F4FF9471E27F026B98E3E51EE2D4B4C |
| SHA-256: | 80C0CCF78C8DE393B8CC597EC958116D0402B267C20BCC187E8A05C9AE32FC9B |
| SHA-512: | 316F891602069DD9F7C2009F662A8626E4127498CE4FF897D6209E7D5E40E7008F511FED762EF78B14521CC261594420C36086DC396E0BC5CB1B4B24130A0B84 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1395 |
| Entropy (8bit): | 5.773641833769065 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 604C077EC3FB885EA3EB4569989B6BE9 |
| SHA1: | BBD0871AE7225F9834491505B4E35286E72B4ABD |
| SHA-256: | CE99677B563D4A58FEB2A9BF481344870C26EEB5A2DBFA0D08D732042027E0CF |
| SHA-512: | C0AAAFF04AB2AB1F91D1D83B6260F53FE7E760899548C9A1D6D2C7D85CD9561984D3220C3C0EB82D4E9B363D29709CA88444C036AD8E260D5C5AC9CC75D4B2BC |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 291 |
| Entropy (8bit): | 5.29983060716544 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3CF5319A9493AE9D786B759FD86D4B64 |
| SHA1: | C6B76C579317E35616D94755767B0AC424B5503F |
| SHA-256: | 904D46F5BEFF938CDEBE0DA71CA5EFD869B3506DECB9BFE32886A0623E931E83 |
| SHA-512: | F2874E347E96769A24A4653CD0548621495850BFB2211F72BF9E4D39A9CC9728AD4D6001F67460E0CD48F652256EEE488EE0B158A94193252974DB56EEAF08B2 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 287 |
| Entropy (8bit): | 5.303438875346494 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 96B2C7690A0967AD111B9D1B19F07AE9 |
| SHA1: | 12855788A6CCD582798C4370D2B823A37642ACAA |
| SHA-256: | 613A6CAC6E977C686E303CC3AC05EB1438E73D4C2582EA646B13BE1A32778320 |
| SHA-512: | 81B24E9FADD48128CF33C8552A6C5871972EFD07953FAD9F8C4EC45897DBA0DD11E78D4064B5632C6B61C74D852E0FE6842CBCC5F9BF7533FDD79D64546D4226 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1058 |
| Entropy (8bit): | 5.655811486022133 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 15297030ABD8B99E0C5966A0AA411C1A |
| SHA1: | 6AF1FD4733F629BBBD8137B65F22F5174628651B |
| SHA-256: | 5ED2E7118A3C0170B04C8616699B35C4A33A1DE79F0CACD08F7B63F078DAD25B |
| SHA-512: | 075A84D83B74D5CF411D11D1CCBFFB61FA9A0DF95AA19FBE3BF1CCAA004879494E89967292F010C0D2A3C3BCF7BA67B79FB0DADDBB848F02BAA5483BB27ED917 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 286 |
| Entropy (8bit): | 5.2791335091767975 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 27C28521CFCF63A08F3FC66AFCE3EFBC |
| SHA1: | CDB7E819B59C44FD5A9D2D5E64A69321FDEEC504 |
| SHA-256: | 319DE9874D261A25BC12437B045D8C9574C683BD90E0A548CFC06A4868B5983F |
| SHA-512: | 19DC6FC3BE5FA96B82BADDBDCA2EC9FC98A18B308FDA49F9935707CC195486178325D314205152736C0821B9BA835CBB404C66A037BAE45FA526779ADF3BFA8C |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 782 |
| Entropy (8bit): | 5.369698484186468 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 404F4C773300C5165A95C9E49C9D6791 |
| SHA1: | D202AAB50A233465272DAD7464DEDE3D3AF66D31 |
| SHA-256: | 7B8B8529A7A84C5593F72A61CE41FDA86C6E10F420B8CB876D6F63ECF44011F2 |
| SHA-512: | 6F83644F162A247E8B3FC995C07424F93FE059B8438AAA38223E1B1AB947428F634D9B3F43C7D5C77086F14F94F9110DCCA7073EC30DAD627BDEDD86D240EFB4 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4 |
| Entropy (8bit): | 0.8112781244591328 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
| SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
| SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
| SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2818 |
| Entropy (8bit): | 5.125969583608183 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | A0F9DF9F59C7C80EC81253A333B75F61 |
| SHA1: | D6C8DE7F0D46495DE70E619D122567D609637CC4 |
| SHA-256: | 94BD20CA6594C26E5C23C19A9B0920E7F0265FB89CD5E3F37DE397742E986FBE |
| SHA-512: | 5636E7E1E5CFA4F615F1F05C051198D9A6E971059F677E004CB7BF048583308A49C9003C457E9FC0BB28499D5433396B72E192B68C90852AD2B6746D6051F0EB |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 12288 |
| Entropy (8bit): | 0.9880441027441973 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | BC2CCBB046340FEE59A693E8D0812F03 |
| SHA1: | A502EACC3C00BE1CA65EAD1CF211D4B65D45B97C |
| SHA-256: | 46AAFBFB4A0A7DC155C2E223EA4C68FBF8C77EC9F5DAA43E5C242E3EA93AD5AA |
| SHA-512: | CAFA33097446BFCD7F929D536531150BE5EF7D2F7CE68F4BDECAB5A77AE8149EB9841C7AE3D2D1A90A670D61084971FEAFC3BF43BCD61DC98240906BAB53BE2D |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8720 |
| Entropy (8bit): | 1.3433637319072158 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 96D38569B75DD7195B44E83D0BF19C2E |
| SHA1: | DD6900BFB813D4FEFB9D33459D552FB1B61E5DF7 |
| SHA-256: | 7EAC3BD504CEE689A6092930BB31686FFBD5EC53A447C25D15FC8A1F4172F2B3 |
| SHA-512: | FA878AD29D5B1BC1B1E8D2896793D08F545DB096E271BFE505B3470F321D9FFCE22352EFE46A4E7B06A0570979BD5E964594C351B1CF937AB06133BCE0102287 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 246 |
| Entropy (8bit): | 3.529459928009153 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 52AB2E7DB31D54B740F34D1F05894393 |
| SHA1: | 4B60F6D0AC4D16B6E50498CFFD6F43DD3E3A518C |
| SHA-256: | 4F4073D614C3FBB479BF1FE6D62AC0D3E457FC7F6674D790742BD9DC634A14E2 |
| SHA-512: | F349791A402D99B1F6317632C3E4D9E95E8182A4CFB8AC64BB88184191344A4C1511663BCB9A3E0709DC0B41CD089AC8DC6989420DFAF45535B38C6404E45C5A |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-08-30 12-24-48-530.log
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16525 |
| Entropy (8bit): | 5.353642815103214 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 91F06491552FC977E9E8AF47786EE7C1 |
| SHA1: | 8FEB27904897FFCC2BE1A985D479D7F75F11CEFC |
| SHA-256: | 06582F9F48220653B0CB355A53A9B145DA049C536D00095C57FCB3E941BA90BB |
| SHA-512: | A63E6E0D25B88EBB6602885AB8E91167D37267B24516A11F7492F48876D3DDCAE44FFC386E146F3CF6EB4FA6AF251602143F254687B17FCFE6F00783095C5082 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-08-30 12-26-12-470.log
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16529 |
| Entropy (8bit): | 5.327831555414171 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 8BEF950AF7B62E85F99E7E7BCB640CFD |
| SHA1: | BDABF832AB03BF0839ADF60750414548E34CF1D2 |
| SHA-256: | 872C133F2B60E7092FC40999D3E646033BCE654DB850E333F0F92AC5B2F95EAF |
| SHA-512: | 721B93DBBA873099BD014A26E533ED7A1F73DECA1C52AF99F6DBC56454CD43A1DCE78199D8940E44845EFB6E23F10602C71E048497AB12CA7D15CC749E40FA50 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16603 |
| Entropy (8bit): | 5.345309098504707 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | B872D288DD626606C1894A8C8437E324 |
| SHA1: | 9E6CBA3D43E5E2659D333BC6194E2D872DAA5B0B |
| SHA-256: | 533F99CEDB1A978CFFF3B3AC43DB1CC6E0AED3E8F1B0CD1BB93DBE47FE892FFE |
| SHA-512: | E70D97983ADA31D00CDB41B51C01DD5A60140FF7D41F7E57919F763425905A377C50EF35214AB90FD35E9864C4414578C9F7CB10EE4651C829C8782768EB9FC4 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 29845 |
| Entropy (8bit): | 5.417535626402447 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 21A7D608D20C9B960CF29D68CB5737F1 |
| SHA1: | 56029058C1936D26C9AEC8AB66CA77B14A9633B0 |
| SHA-256: | 138ADAC9CFE24E0C348B95A973DD0E7C04123ECF729AD70E8741F444E55605FD |
| SHA-512: | FA0CBE10DC80A9CCCFC1C34991DC78C9EF3362BCAB51A8D3D71451B6A16DAE2F7BF6C08835013C5521B804C128149F73464F8B900D7E487483009557B639695C |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1419751 |
| Entropy (8bit): | 7.976496077007677 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | E1FE9FA2454D30CD849F2060D8FED227 |
| SHA1: | 5B5A33E386D7A2254DB5934F688C1F1A72A9D6C9 |
| SHA-256: | 4B0AD0558FB8C3D63817011FCA33E51A9E9C46A91407B705C4E5150AE4E5A3E4 |
| SHA-512: | C81A8B39C571531DC52A71E34188D3C95797B69E82A74896019723E0217A00D58367118886DDEEEC4AEAAF8A80931BA22459104847E2B0D8A77070BFEE3BE7F1 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 386528 |
| Entropy (8bit): | 7.9736851559892425 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
| SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
| SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
| SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1407294 |
| Entropy (8bit): | 7.97605879016224 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 1D64D25345DD73F100517644279994E6 |
| SHA1: | DE807F82098D469302955DCBE1A963CD6E887737 |
| SHA-256: | 0A05C4CE0C4D8527D79A3C9CEE2A8B73475F53E18544622E4656C598BC814DFC |
| SHA-512: | C0A37437F84B4895A7566E278046CFD50558AD84120CA0BD2EAD2259CA7A30BD67F0BDC4C043D73257773C607259A64B6F6AE4987C8B43BB47241F3C78EB9416 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1407294 |
| Entropy (8bit): | 7.97605879016224 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 22B260CB8C51C0D68C6550E4B061E25A |
| SHA1: | DF9A5999C58A8D5ADBB3F8D1111EAB9E4778637E |
| SHA-256: | DAB1231CC22DAB591EBB91C853E3EE41C10D3DA85D2EFAB67E9A52CCB3A3A5A0 |
| SHA-512: | 503218D83C511A7F7CEA8BC171921D1435664B964F01A8C77DC0F4D0196DD2815D9444DA98278E1369552D004E9B091DD9B89663209F0C52ACB97FCE6AFFE7A9 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1407294 |
| Entropy (8bit): | 7.97605879016224 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 408F8BA5ED5014C1E10FA19D75C944A6 |
| SHA1: | 87595F69D692B4D785AAFAD71394426879C7980F |
| SHA-256: | FFFE47EBC7E157F63F4BE40AC0B2DCD73A5DCDF57B9D03FEA3EB99212A7EC16F |
| SHA-512: | 01B286CA276C6B4302AC6ABA30466CE2048F6AC7FA5ACD7DCA375541C91339CEE94377B783A3A7710D10C315CA062CAE79DD2A073406D1C3C76AC4787DA5A793 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 758601 |
| Entropy (8bit): | 7.98639316555857 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3A49135134665364308390AC398006F1 |
| SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
| SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
| SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 36 |
| Entropy (8bit): | 4.294653473544341 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5C6B932A79952B4B27833691305E61DB |
| SHA1: | 09804DB0986A989C2C49CDCEA563567FB4C7B1A0 |
| SHA-256: | DEE5A5925227B125F4AC6D9B70A277E6EC8494FFC73D1CCE9E08CC7A78D6208A |
| SHA-512: | 4FAA9585BB10156D5DEA3B62D3A3A1BFA92430BA6E1E3381FC4C76C3071C85E53D5CBCE0016DBA1D1F9EA1B7AF37B4A4EFBAF4F3106B7D958B6E2E90AA0DF059 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 54 |
| Entropy (8bit): | 3.7119196645733785 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 6A614A7743B0C781AAECA60448E861D6 |
| SHA1: | 67B7DF5EBEB4527E4C31F3F9B7E52A0581DC4B6D |
| SHA-256: | 9703120DC62C2C3F843BAD5B1E77594682CA7820F0345AE0BBD73021C1427146 |
| SHA-512: | 3A45B27ED6F3AAA8C2113FBB21637675CC91D1239754447A7032D1A86CB1E7381575B28F992E5FFC9986354C2B9C173C614F1F703CA4C2BEE63AB3BC6ED909A6 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2673 |
| Entropy (8bit): | 3.985937594185914 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 42F5810495C081AB9249DA7A7AA9C88A |
| SHA1: | 4CD502EC456E1F543ADCEFFFF2DF4FB8DF56FB24 |
| SHA-256: | 567715F75E02703BAF82047AD006A051480C7BF8DC7517F3D42FE1B5116CE252 |
| SHA-512: | A88368BB35E9DE2BBC499DD0CB1BD99DE2EFF4688AC6BCBC38ABA0A3618306203B1A4FCFE9282F9BC7B1398B1C3637B9DDA82E077A2DF942B3C18AA356857F9C |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2675 |
| Entropy (8bit): | 4.004943467896725 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | F9F38E3158F71516CB6F69110132BF26 |
| SHA1: | A8226CD80EC87B928CED9CBA334520EC5CB25582 |
| SHA-256: | E8FC626D7F4B0CF0349F5A9A0C3ECBA16A3E18BA04834CB79B40598F684979E2 |
| SHA-512: | 2F2BDFECECBE24E7B3E85AFDAA2ADC48A9D57B90CF1312114390C2358226D63C7210AED85751D775FF30A911D745D4776FF22B84D83DC1D4305055698F96C553 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2689 |
| Entropy (8bit): | 4.010683557160974 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 2F6ACDA66679FF36392CD8A5D81DFDF3 |
| SHA1: | D906C56107EDEAA7F67F2FF3B9B70FB4DC686D78 |
| SHA-256: | 1509602217C07B98CF471D01EB16827577516006EB9E0F4D690ED7CA7C00D6A8 |
| SHA-512: | 3D428429FF9E61F7BD24F6F675AE194CB0CE97491B3ACACCAE8E6F94505BAF187AD8772E6CA90EFC4AB4DE4BE6E052C90CF4C259EACC929559BDF4FE13A476AC |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2677 |
| Entropy (8bit): | 4.000805493054587 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 4C3C343B0E69FD4E4B681C02D6434F40 |
| SHA1: | FAEBA56782152D01D98507085B139EE37F793F07 |
| SHA-256: | BBF63470683BE39BD93B22B06A9E54EC6104C80E18840C2B06AE115314F4118B |
| SHA-512: | C1F955441247A67FF9605B4EA6CEC26E7BCAEFF224DF0A638A80F2B72D41DFD759B2D48311FAF5594B553EBC7CA50E7519D1CE7AF8EA80AAEC044F1364A1B1D4 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2677 |
| Entropy (8bit): | 3.992276547851413 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | AA5013D4EBACC46A1220192886E9E20D |
| SHA1: | A2EF2706B6AEC82CF96D1149E54A8CFF7A5DF829 |
| SHA-256: | 74C89E4625CFE80C753E78EC9C2275C3992AD09A37CBC79450A2FAECFAD1E7EB |
| SHA-512: | 7AFA7FE9BC6DB0D5F9F64B7623D04B366778595A6BE07AA1C302C5284A15F9DBAB6BAF7D9DB4F10CC7A551D7AC6AF8AA18923ED0E01541539A24B15CA9AF89F0 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2679 |
| Entropy (8bit): | 4.000840740046177 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | C897C3E848C1FEFBA4EAD9CAFE211CA9 |
| SHA1: | DA951A6516D54DF890D6FCE4E415BB12F1D37FAF |
| SHA-256: | 09CD4451252ABDB0EB0336C115A67ADADA22A5E8A800DE77A0140D4682297EEA |
| SHA-512: | A9A4CDB4A85454B4C76288F28DC46DAA8792E8E1A82CA80AA4C44F045CB6D1B39E4D4C795FF7A05ECF981C57EF43DBCE0D829EBFBE9CEFD66D7F00AD1AFC9D95 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 126460 |
| Entropy (8bit): | 5.4944976484967345 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 1B556C73C5FC0411A5FA9D71277D8F7C |
| SHA1: | 190D8E5AD5ADB5976211753197BA4B95935B154B |
| SHA-256: | A79A9AC26A3FACC35971D3ECAA13E2A6B12E666FCBC4AEE6ED857039E81E5E48 |
| SHA-512: | D579216F67DC7C0FC5EDEE463892BC6A045866969251A21CE93403908CEC2C9E889250696E983ABDB2D46F7EAECD3F3055C4428838EE47BDD4789A38667A4495 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | "https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.h-1D-JOvizc.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo_3dbjO7NaEjkPT0PwzLRJUFrcOJQ/cb=gapi.loaded_0" |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 807 |
| Entropy (8bit): | 5.125541001253858 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 814232F7D9F8043197E66F21AABFF535 |
| SHA1: | 5D79653D5EEF28B63875A658D8CB47C5DE4F4F9E |
| SHA-256: | C36D4D3B9B3BDD1340C8401F26C250A37A57BFF18B42C608AD0E7BDB3B96E309 |
| SHA-512: | 6BDD76871D782C2567DECF5A69ACB43D35276509FD691C8116E0C02A5D50272B6C938CAD00D32CF99A29E9A341BABC947BE7EBBCC338B1CDB5B617C277F99A37 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 171590 |
| Entropy (8bit): | 5.559233860613889 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | ECD76486E52F2A2B974F9930460DD1EB |
| SHA1: | D6D255F6C370E6F53FAF1901B6DC9DD0FCF3AA74 |
| SHA-256: | 2DA9A99A2418659D223A7FD16D05F46A311A05CB89D3A3C949C08D1B612FCB7C |
| SHA-512: | B756EDD0D8D0FB991372E2850D8E65A71CE479FC8804E0FD26EB5A60A1BB50C78278C89BBC1B5915E32D590F057C82F31FB7445C6102FBD3FACD8D6AFB21C2C8 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | "https://www.gstatic.com/og/_/js/k=og.qtm.en_US.t7HFqwm59-4.2019.O/rt=j/m=q_dnp,qmd,qcwid,qapid,qald,qads,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTv09DM0eg4IoESYVaSRhn20aI9TbQ" |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 29 |
| Entropy (8bit): | 3.9353986674667634 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 6FED308183D5DFC421602548615204AF |
| SHA1: | 0A3F484AAA41A60970BA92A9AC13523A1D79B4D5 |
| SHA-256: | 4B8288C468BCFFF9B23B2A5FF38B58087CD8A6263315899DD3E249A3F7D4AB2D |
| SHA-512: | A2F7627379F24FEC8DC2C472A9200F6736147172D36A77D71C7C1916C0F8BDD843E36E70D43B5DC5FAABAE8FDD01DD088D389D8AE56ED1F591101F09135D02F5 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://www.google.com/async/newtab_promos |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 5162 |
| Entropy (8bit): | 5.347368272924798 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 4730593243135D6B031CC9B22DD81A65 |
| SHA1: | D76A23DEA3B63396BC8E6B6DCE4804BAB49DC143 |
| SHA-256: | 926D84437727A80C3E9389992FF62B14C757B3836968FEFC64E4ED35E7414CB0 |
| SHA-512: | C06480310DAC4B4EF187671FF5E0122337AAB9AE1E2391FB1BA772D2AE2D5A57432D00D8A28E05FB80616AEB5DF05819419222C5EE285F75F5DC8137E93E9A01 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | "https://www.gstatic.com/og/_/ss/k=og.qtm.oS1xTAEm0Kw.L.W.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTut2uOtBM_spQkQSjXDMoIyrj9aPA" |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 135268 |
| Entropy (8bit): | 5.437473817683815 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 45406472CF656FC5628D2205F3E8AF64 |
| SHA1: | 4E2B068FCF55A41EEB3CFADAB0C93218F9372BCD |
| SHA-256: | 68E8EF6077D42498346922F3147F141A84910F4CB9E25B20E7FF3B9B2D170FC7 |
| SHA-512: | 225ECF317A88F1895A9060008D5AC7D86B8483FE1848084E75162B4F947CB0A0B5EE3B58B218A42BAC868F313982B58508A42B91D3C5D249B196C1089FAF22FF |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 1660 |
| Entropy (8bit): | 4.301517070642596 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 554640F465EB3ED903B543DAE0A1BCAC |
| SHA1: | E0E6E2C8939008217EB76A3B3282CA75F3DC401A |
| SHA-256: | 99BF4AA403643A6D41C028E5DB29C79C17CBC815B3E10CD5C6B8F90567A03E52 |
| SHA-512: | 462198E2B69F72F1DC9743D0EA5EED7974A035F24600AA1C2DE0211D978FF0795370560CBF274CCC82C8AC97DC3706C753168D4B90B0B81AE84CC922C055CFF0 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg |
| Preview: |
| File type: | |
| Entropy (8bit): | 7.062801056072083 |
| TrID: |
|
| File name: | Jones junction_SKM_U78WWW333.pdf.pdf |
| File size: | 65'521 bytes |
| MD5: | 4097ac8785b2bf28a32c585eade9c5ae |
| SHA1: | 8d743e47545de5d632d6a0d66d63dca20adcf2ec |
| SHA256: | df6943d73d42bce8dfaa0e3852cff5080ab28329ba71435e9a44023e2633ab1b |
| SHA512: | d31a3c17e21bd1ee1b1f1a95c2bb0e4f19c1d1109ba73cf148b8270cda4a8ee0f17372993ce18391d8924769d426da31a27ef6aee53330c6a007902188ad965f |
| SSDEEP: | 768:aFG7q/Htr/CCTY6K8Gc8Hp/KeDfNf+U0xHVfDaJuSqk4V:Totrs6KcIRNGU0NVbaJfk |
| TLSH: | 61537CB7D89262D9C7534FF2DC6695A9154910F11F2371630EACE981BCBEA448B4ECC3 |
| File Content Preview: | %PDF-1.44.............. ! . ..... . . . . . . ........ . u 36y M D= } V2Q - ; u Q7t (z ": > k2yJR X O- a ^k & L T? j|h o ] _ SyRz kx]:^P^` @52"W ` ; l?0 i S23 8% :|{ U t\ |
 | |
| Icon Hash: | 62cc8caeb29e8ae0 |
General | |
|---|---|
| Header: | %PDF-1.44Ã |
| Total Entropy: | 7.062801 |
| Total Bytes: | 65521 |
| Stream Entropy: | 6.973390 |
| Stream Bytes: | 55339 |
| Entropy outside Streams: | 5.187327 |
| Bytes outside Streams: | 10182 |
| Number of EOF found: | 1 |
| Bytes after EOF: | |
| Name | Count |
|---|---|
| obj | 33 |
| endobj | 33 |
| stream | 11 |
| endstream | 11 |
| xref | 1 |
| trailer | 1 |
| startxref | 1 |
| /Page | 1 |
| /Encrypt | 0 |
| /ObjStm | 0 |
| /URI | 2 |
| /JS | 0 |
| /JavaScript | 0 |
| /AA | 0 |
| /OpenAction | 0 |
| /AcroForm | 0 |
| /JBIG2Decode | 0 |
| /RichMedia | 0 |
| /Launch | 0 |
| /EmbeddedFile | 0 |
Image Streams |
|---|
| ID | DHASH | MD5 | Preview |
|---|---|---|---|
| 9 | a280a2a2a2a280a2 | fe16912dea72e40d5c6020b6d5927b3a |  |
| 15 | a280a0a0a0a080a2 | 5ce1d0cae96a7ea68fcf10fdd37bcb4e |  |
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node