Windows
Analysis Report
SCB_eStatement2617793.pdf
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 60% |
Signatures
Classification
- System is w10x64_ra
- Acrobat.exe (PID: 3868 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\S CB_eStatem ent2617793 .pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) - AcroCEF.exe (PID: 6792 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 7124 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=15 72 --field -trial-han dle=1556,i ,570473320 8102373305 ,130650806 5968818965 1,131072 - -disable-f eatures=Ba ckForwardC ache,Calcu lateNative WinOcclusi on,WinUseB rowserSpel lChecker / prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: |
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | Classification label: |
Source: | File created: |
Source: | File created: |
Source: | Key opened: |
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: |
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: |
Source: | Process information queried: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 1 Exploitation for Client Execution | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 Process Discovery | Remote Services | Data from Local System | 1 Non-Application Layer Protocol | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | 1 System Information Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
x1.i.lencr.org | unknown | unknown | false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
2.23.197.184 | unknown | European Union | 1273 | CWVodafoneGroupPLCEU | false | |
184.28.88.176 | unknown | United States | 16625 | AKAMAI-ASUS | false | |
18.207.85.246 | unknown | United States | 14618 | AMAZON-AESUS | false | |
199.232.210.172 | unknown | United States | 54113 | FASTLYUS | false | |
172.64.41.3 | unknown | United States | 13335 | CLOUDFLARENETUS | false |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1523261 |
Start date and time: | 2024-10-01 11:24:20 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 15 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | stream |
Analysis stop reason: | Timeout |
Sample name: | SCB_eStatement2617793.pdf |
Detection: | CLEAN |
Classification: | clean1.winPDF@17/25@3/53 |
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe
- Excluded IPs from analysis (whitelisted): 184.28.88.176, 199.232.210.172, 18.207.85.246, 54.144.73.197, 34.193.227.236, 107.22.247.231, 172.64.41.3, 162.159.61.3, 2.23.197.184
- Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, fs.microsoft.com, e8652.dscx.akamaiedge.net, slscr.update.microsoft.com, ssl-delivery.adobe.com.edgekey.net, ctldl.windowsupdate.com, p13n.adobe.io, geo2.adobe.com, crl.root-x1.letsencrypt.org.edgekey.net
- Not all processes where analyzed, report is missing behavior information
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 290 |
Entropy (8bit): | 5.20417347208597 |
Encrypted: | false |
SSDEEP: | |
MD5: | A76FBA534A8550772D282DC0E05BD120 |
SHA1: | E580209CAD17495C66B793A3F5FF6A822B8936B2 |
SHA-256: | 3A68C08149B3483CD6BBA1415D365CDA924F887F2887FC83772E5D7E4B159373 |
SHA-512: | 76A3F96D4BE641B948AF03E68D72AA1F34A23B6CBAF8D3A716236A2ED24F1B76E1BB84CAD967CE45DC26786277AD16BC00D770BA8BBCF60565A46884AB863212 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 334 |
Entropy (8bit): | 5.172746297899892 |
Encrypted: | false |
SSDEEP: | |
MD5: | E25B28E98D405BF98A511A9CC686246D |
SHA1: | 9BEA17C40F7BF0D4CD13ADDD9D23DC742E8321F4 |
SHA-256: | 5D9F8EE4EDB360A4EAB3D78EA1E99E0CC115E6A452CDED21E6068BEAD3CA1057 |
SHA-512: | 526E44DA462DD0AEC96ED5408ACBD40AF7508A16582A1F67231E3B8741CB96CD92286C96E6BDEAD53160F796D1CD93ADFDD0C44F37B161C0A51A461A9E2B116D |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\08e80925-4d2c-4a31-8dbf-ff36dbece99f.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 403 |
Entropy (8bit): | 4.977455795138775 |
Encrypted: | false |
SSDEEP: | |
MD5: | 77B9D8547A4867464E62D80A835C8EE1 |
SHA1: | 0A26045EA065D4BE874B33E6ECE9F56874BC2EFF |
SHA-256: | C6285924DFBE6D1389BBC7C4A83D01052FF09AEC8A834700BE94048650B016B3 |
SHA-512: | D79A551CBD7641D4755C5B67A5AF3DF05C07EFFBDD65D78B7AA25D923A6BD5B43CE02D6AA310973890813A94B04DEE79F454E2DF5A67B5B7D6C15BD8DEE8EE23 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4C313FE514B5F4E7E89329630909F8DC |
SHA1: | 916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56 |
SHA-256: | 1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873 |
SHA-512: | 1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State~RF3f8700.TMP (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4C313FE514B5F4E7E89329630909F8DC |
SHA1: | 916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56 |
SHA-256: | 1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873 |
SHA-512: | 1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\c115604d-6ce5-4f61-9612-142709f92f6c.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 403 |
Entropy (8bit): | 4.953858338552356 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4C313FE514B5F4E7E89329630909F8DC |
SHA1: | 916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56 |
SHA-256: | 1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873 |
SHA-512: | 1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4099 |
Entropy (8bit): | 5.2309183764723945 |
Encrypted: | false |
SSDEEP: | |
MD5: | CF422696F84A75CBB38AD249BC76D609 |
SHA1: | C52C2321982BD1C12630B27DEB4CA0C60D12EDDA |
SHA-256: | 0B20B2D2F92A9F1D5432244A36956585A6E0497294C612E3CBE7ECD41DF4AAB7 |
SHA-512: | 82A3311CF047B7C366B95DCE53CDBA1172D8C2BDD27D47F1DA443934541CA80EC3DCAEF741C5C26B41DF93E74BBCB5B9DEFBDC6EB3A2C8D6A5AA668EB3EAADFC |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 322 |
Entropy (8bit): | 5.191786960731154 |
Encrypted: | false |
SSDEEP: | |
MD5: | A6C6490FC38EE55079990AB3E7087645 |
SHA1: | C3EE56E543454FD43EC63D273C5DB379A3285DC8 |
SHA-256: | 4A66EFADF5CBCCBB3D40A820F7EF24DBF7FB1727A6C8DEE1C7385D2BE5DF7F29 |
SHA-512: | BC3BB0D426D50D9362ED9299E2FA790814FC5A75AE9A5A7666BC2D26DA245EB6915030A1FCC4F30C5C2F9C8E8E3AD35EAECB13B506D4200B088105C87283672C |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 57344 |
Entropy (8bit): | 3.291927920232006 |
Encrypted: | false |
SSDEEP: | |
MD5: | A4D5FECEFE05F21D6F81ACF4D9A788CF |
SHA1: | 1A9AC236C80F2A2809F7DE374072E2FCCA5A775C |
SHA-256: | 83BE4623D80FFB402FBDEC4125671DF532845A3828A1B378D99BD243A4FD8FF2 |
SHA-512: | FF106C6B9E1EA4B1F3E3AB01FAEA21BA24A885E63DDF0C36EB0A8C3C89A9430FE676039C076C50D7C46DC4E809F6A7E35A4BFED64D9033FEBD6121AC547AA5E9 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16928 |
Entropy (8bit): | 1.2145163032630126 |
Encrypted: | false |
SSDEEP: | |
MD5: | 6B8683740E75E0E515C3098B3A65B7B6 |
SHA1: | 089A52B9D9AB3F209CCB1495DA517A64F1DCD6CB |
SHA-256: | 15653D1A16EAED5E24FE358B29F063EC2B12F442EB436D8EBE5217D697B957CA |
SHA-512: | 517AE2105C1053BAD598A1A97B4AEF1158937FE4831443F222B31F0E101AFD366E4F1066FE1C83428DD206415878C35DA8DC5EE78A54D4CE61AD1333F4B1A033 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1391 |
Entropy (8bit): | 7.705940075877404 |
Encrypted: | false |
SSDEEP: | |
MD5: | 0CD2F9E0DA1773E9ED864DA5E370E74E |
SHA1: | CABD2A79A1076A31F21D253635CB039D4329A5E8 |
SHA-256: | 96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6 |
SHA-512: | 3B40F27E828323F5B91F8909883A78A21C86551761F27B38029FAAEC14AF5B7AA96FB9F9CC93EE201B5EB1D0FEF17B290747E8B839D2E49A8F36C5EBF3C7C910 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71954 |
Entropy (8bit): | 7.996617769952133 |
Encrypted: | true |
SSDEEP: | |
MD5: | 49AEBF8CBD62D92AC215B2923FB1B9F5 |
SHA1: | 1723BE06719828DDA65AD804298D0431F6AFF976 |
SHA-256: | B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F |
SHA-512: | BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 192 |
Entropy (8bit): | 2.7381013623686155 |
Encrypted: | false |
SSDEEP: | |
MD5: | 2AC3ACF587C5831E62C3DEB8ED27B68D |
SHA1: | A0400C0ABE2AB958ED1D0EA70747E2A25A203BDF |
SHA-256: | 4A25290A62C30E5B1846F363C35D9ED5066674AC82C69F0C56C2E319090B6D81 |
SHA-512: | 195E0307A6E82D1675759D96EC4B1224D5CD5A4802466638292BBD3EF3BCC70FDB4B45162CB0337C23AFCCCCB62E8A8B9A5266AEA30FEE98CC5CD2CD22AC8B3F |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 328 |
Entropy (8bit): | 3.2421047741749685 |
Encrypted: | false |
SSDEEP: | |
MD5: | A3E6EA4AAA5BEDB42BB4FC097F60119E |
SHA1: | 5A036F07BB6D76AC93DB768BFD96F27741FAB4D9 |
SHA-256: | 49B3591BA7B08766AF444ADFBB244237BEE3401E33D6B539085B2FF40B5B178B |
SHA-512: | 30D194B5892AA3084BD35132F13B8F3390A5D814B768773483A6CDCE070494839D467CE3D52CBC3B958A575B33667D7F5E4BE99933AC0A08FF2B7AAB4C3E2051 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2145 |
Entropy (8bit): | 5.082894712993486 |
Encrypted: | false |
SSDEEP: | |
MD5: | C6D6EEA8FEEC82454E1878364EFB9418 |
SHA1: | 300E8426B0529EBADB30532A88F47B055A9D70CA |
SHA-256: | 2860A1EA05BB3B69BE87C70A95A3B6970E6C16C454BB57B9CA54F0B361DC576C |
SHA-512: | 385718F800A9490E4AE4E9A73AA3EB1CD7AD8710928017CF76CCDA9CFD4AF6B5C02C68DE256D65203E984D48BCF31A4FB33456DE73C5896686D615231CAFA346 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 0.9888914689510376 |
Encrypted: | false |
SSDEEP: | |
MD5: | 1BC5CC90993B4C68A9274D9B4FF4A9D6 |
SHA1: | B5FF959B7CA8A6437950CF154DF9503FD2686EED |
SHA-256: | E91C7BE4390B5B089AB69A181607472935052DDF119594D6F59B57599992F5DD |
SHA-512: | BB88851656630490F6F37052792E821C795DB8379C9CF08950523A3F032C0D0575F65EBC559C5158CFE2774976F5DDB0FF892735AC694417BD1749BD108F8609 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.3451204074552408 |
Encrypted: | false |
SSDEEP: | |
MD5: | 55EA2ED843E5587466A35533B49C07F1 |
SHA1: | 08991AC0DAC73C40EF3C10618A3DBE7899C14C16 |
SHA-256: | D4AB8E23CB1022F966837A4F5372BD0AA99D8B4F31C3FA76884657947532C92A |
SHA-512: | B44F2CF74C34BDEBB97BC792EA85E7125EDABEC38CB551D5EF8FA26FDDAE28D5F7B0B86834EE4D675B4797EDD5797AA5A97A340E1196F8542C5B60A6322FC31D |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.509620153532583 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3A5984FB9C31AF488032F7F348C619F0 |
SHA1: | 54214834BC920B2578A7F4B50472E5544A39B5AA |
SHA-256: | E038B21B0A72B8434D4480E90C1ED6BA82985CFA6FBBB360AC4F7A76E91DFFB8 |
SHA-512: | 7214A36074899334F80475F4F6E276016E75440E1ECB5E3AC4430E43BAAB2B231FD93432AC1E8C815EF28E1478D639D9E16C532D87B1AE2CDF4AC6AFC48FE096 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-01 05-24-51-967.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.353642815103214 |
Encrypted: | false |
SSDEEP: | |
MD5: | 91F06491552FC977E9E8AF47786EE7C1 |
SHA1: | 8FEB27904897FFCC2BE1A985D479D7F75F11CEFC |
SHA-256: | 06582F9F48220653B0CB355A53A9B145DA049C536D00095C57FCB3E941BA90BB |
SHA-512: | A63E6E0D25B88EBB6602885AB8E91167D37267B24516A11F7492F48876D3DDCAE44FFC386E146F3CF6EB4FA6AF251602143F254687B17FCFE6F00783095C5082 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 29752 |
Entropy (8bit): | 5.415599230121993 |
Encrypted: | false |
SSDEEP: | |
MD5: | 03D68F4D8EEFEB896514AD128D12996C |
SHA1: | 75CC61C15C1752B9AA76F54A898F15BBA0A23009 |
SHA-256: | EFCCE3F6ACB731999C766BA521C6D0CF12F6DDD2FE5DC35B73000376EAD94F1E |
SHA-512: | 99B46AB1316CFF3C7F52547206283121189FDAD6AA800982A1ED9B4DCDBCE55B2659A85CD623C48B5454FDCB92EA8CA930C66287A868A794BEA4E210BACB0F2C |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | |
MD5: | 22B260CB8C51C0D68C6550E4B061E25A |
SHA1: | DF9A5999C58A8D5ADBB3F8D1111EAB9E4778637E |
SHA-256: | DAB1231CC22DAB591EBB91C853E3EE41C10D3DA85D2EFAB67E9A52CCB3A3A5A0 |
SHA-512: | 503218D83C511A7F7CEA8BC171921D1435664B964F01A8C77DC0F4D0196DD2815D9444DA98278E1369552D004E9B091DD9B89663209F0C52ACB97FCE6AFFE7A9 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | |
MD5: | 1A39CAAE4C5F8AD2A98F0756FFCBA562 |
SHA1: | 279F2B503A0B10E257674D31532B01EA7DE0473F |
SHA-256: | 57D198C7BDB9B002B8C9C1E1CCFABFE81C00FE0A1E30A237196A7C133237AA95 |
SHA-512: | 73D083E92FB59C92049AF8DC31A0AA2F38755453FFB161D18A1C4244747EE88B7A850F7951FC10F842AE65F6CC8F6164231DB6261777EC5379B337CB379BEF99 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3A49135134665364308390AC398006F1 |
SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Reputation: | unknown |
Preview: |
File type: | |
Entropy (8bit): | 7.969729833822299 |
TrID: |
|
File name: | SCB_eStatement2617793.pdf |
File size: | 88'061 bytes |
MD5: | d48c21ea6ef85c24c0e8f019b20cc1fd |
SHA1: | c2c6c9440f9e28e0ebf191bd7aa0a6f849b5ab89 |
SHA256: | 0daf918e7f54dcff17bb09623c8749cca64648e1b1b8c70cbd1801e114f76fcf |
SHA512: | d6421bfad6bfd17d65840022fa59501089ec159a0339b1587160e148343ed414bf0c665db68e46006c8f936fd72e92c3dbf269b7e3e474b743313f6b5c0a314f |
SSDEEP: | 1536:LCzdjYb5n/PpGu8ctkj32tjc4tciFre7ggR3AC65t37RjHtsB6JoznP2Pu:LCzRYb5/PL81j32Zhi3A15h7RjH2BiIf |
TLSH: | 9D830134D616EC5CD8C24296493A322C878FF3F7B5EE19E0286C47A29324D53E5276E7 |
File Content Preview: | %PDF-1.3.%.....1 0 obj<</Pages 2 0 R/PageMode/UseNone/ViewerPreferences<</PageLayout/SinglePage/NonFullScreenPageMode/UseNone/FitWindow true>>/Type/Catalog>>.endobj.2 0 obj<</CropBox 3 0 R/MediaBox 4 0 R/Kids[5 0 R]/Count 1/Type/Pages>>.endobj.4 0 obj[0 0 |
Icon Hash: | 62cc8caeb29e8ae0 |
General | |
---|---|
Header: | %PDF-1.3 |
Total Entropy: | 7.969730 |
Total Bytes: | 88061 |
Stream Entropy: | 7.997841 |
Stream Bytes: | 82524 |
Entropy outside Streams: | 5.041894 |
Bytes outside Streams: | 5537 |
Number of EOF found: | 1 |
Bytes after EOF: |
Name | Count |
---|---|
obj | 41 |
endobj | 41 |
stream | 11 |
endstream | 11 |
xref | 1 |
trailer | 1 |
startxref | 1 |
/Page | 1 |
/Encrypt | 1 |
/ObjStm | 0 |
/URI | 0 |
/JS | 0 |
/JavaScript | 0 |
/AA | 0 |
/OpenAction | 0 |
/AcroForm | 0 |
/JBIG2Decode | 0 |
/RichMedia | 0 |
/Launch | 0 |
/EmbeddedFile | 0 |