Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Sales_Contract_Main_417053608_09.2024.pdf

Overview

General Information

Sample name:Sales_Contract_Main_417053608_09.2024.pdf
Analysis ID:1523384
MD5:2d0f41331b328dd46fb292be227c31a6
SHA1:8fc717994273423987ed1afe7a562e11eba6e181
SHA256:5a65a93363e76041ca62a4870926413c99b49f72c5e8650c7c671691f066c450
Infos:

Detection

Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Found potential malicious PDF (bad image similarity)
AI detected landing page (webpage, office document or email)
Suspicious PDF detected (based on various text indicators)
HTML page contains hidden javascript code
IP address seen in connection with other malware

Classification

Process Tree

  • System is w10x64
  • Acrobat.exe (PID: 6976 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Sales_Contract_Main_417053608_09.2024.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)
    • AcroCEF.exe (PID: 2008 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
      • AcroCEF.exe (PID: 6648 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2092 --field-trial-handle=1588,i,12071405801265568168,14382545226259116171,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
  • chrome.exe (PID: 7540 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://bqcjkdkt.melbourneschoolofmusic.com.au/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 7964 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=2000,i,15099606229995870722,15434085164107095948,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

barindex
Suspicious PDF detected (based on various text indicators)
Source: Adobe Acrobat PDFOCR Text: Your document has been completed VIEW COMPLETED DOCUMENT Hi, All parties have completed Complete with Docusign: Revised Sales Contract Main 417053608 09.2024.pdf. t' docusign Powered by Please, Do Not Share This Email NOTICE: This e-mail message and any attachments are intended solely for the use of the intended recipient, and may contain information that is confidential, privileged and exempt from disclosure under applicable law. If you are not the intended recipient, you are not permitted to read, disclose, reproduce, distribute, use or take any action in reliance upon this message and any attachments, and we request that you promptly notify the sender and immediately delete this message and any attachments as well as any copies thereof. Delivery of this message to an unintended recipient is not intended to waive any right or privilege.
Source: https://bqcjkdkt.melbourneschoolofmusic.com.au/HTTP Parser: Base64 decoded: {"version":3,"sources":["/cfsetup_build/src/orchestrator/turnstile/templates/turnstile.scss","%3Cinput%20css%20qtFLbZ%3E"],"names":[],"mappings":"AAmCA,gBACI,GACI,uBClCN,CACF,CDqCA,kBACI,GACI,mBCnCN,CACF,CDsCA,iBACI,MAEI,cCrCN,CDwCE,IACI,mBCtCN,CACF,CDyCA...
Source: https://bqcjkdkt.melbourneschoolofmusic.com.au/HTTP Parser: No favicon
Source: Joe Sandbox ViewIP Address: 1.1.1.1 1.1.1.1
Source: Joe Sandbox ViewIP Address: 104.18.94.41 104.18.94.41
Source: Joe Sandbox ViewIP Address: 104.18.95.41 104.18.95.41
Source: Joe Sandbox ViewIP Address: 239.255.255.250 239.255.255.250
Source: chromecache_255.10.drString found in binary or memory: http://code.jquery.com/jquery-3.3.1.min.js
Source: 77EC63BDA74BD0D0E0426DC8F80085060.1.drString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: chromecache_255.10.drString found in binary or memory: http://gmpg.org/xfn/11
Source: 2D85F72862B55C4EADD9E66E06947F3D0.1.drString found in binary or memory: http://x1.i.lencr.org/
Source: Sales_Contract_Main_417053608_09.2024.pdfString found in binary or memory: https://bqcjkdkt.melbourneschoolofmusic.com.au/)
Source: chromecache_250.10.drString found in binary or memory: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
Source: chromecache_253.10.dr, chromecache_246.10.drString found in binary or memory: https://refreshbills.rtorres.com.mx/vd/

System Summary

barindex
Found potential malicious PDF (bad image similarity)
Source: Sales_Contract_Main_417053608_09.2024.pdfStatic PDF information: Image stream: 6
Source: classification engineClassification label: mal56.phis.winPDF@45/54@0/7
Source: Sales_Contract_Main_417053608_09.2024.pdfInitial sample: https://bqcjkdkt.melbourneschoolofmusic.com.au/
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journalJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-01 08-58-20-752.logJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CAJump to behavior
Source: unknownProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Sales_Contract_Main_417053608_09.2024.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2092 --field-trial-handle=1588,i,12071405801265568168,14382545226259116171,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://bqcjkdkt.melbourneschoolofmusic.com.au/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=2000,i,15099606229995870722,15434085164107095948,262144 /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2092 --field-trial-handle=1588,i,12071405801265568168,14382545226259116171,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=2000,i,15099606229995870722,15434085164107095948,262144 /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: Sales_Contract_Main_417053608_09.2024.pdfInitial sample: PDF keyword /JS count = 0
Source: Sales_Contract_Main_417053608_09.2024.pdfInitial sample: PDF keyword /JavaScript count = 0
Source: A9f0j0p4_155qn9n_4vs.tmp.0.drInitial sample: PDF keyword /JS count = 0
Source: A9f0j0p4_155qn9n_4vs.tmp.0.drInitial sample: PDF keyword /JavaScript count = 0
Source: Sales_Contract_Main_417053608_09.2024.pdfInitial sample: PDF keyword /EmbeddedFile count = 0
Source: Sales_Contract_Main_417053608_09.2024.pdfInitial sample: PDF keyword obj count = 51

Persistence and Installation Behavior

barindex
AI detected landing page (webpage, office document or email)
Source: PDF documentLLM: Page contains button: 'VIEW COMPLETED DOCUMENT' Source: 'PDF document'
Source: PDF documentLLM: PDF document contains prominent button: 'view completed document'
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire Infrastructure1
Spearphishing Link		Windows Management Instrumentation1
Browser Extensions		1
Process Injection		1
Masquerading		OS Credential Dumping1
System Information Discovery		Remote ServicesData from Local SystemData ObfuscationExfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaJunk DataExfiltration Over BluetoothNetwork Denial of Service

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
Sales_Contract_Main_417053608_09.2024.pdf3%ReversingLabs

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://x1.i.lencr.org/0%URL Reputationsafe
http://gmpg.org/xfn/110%URL Reputationsafe

Domains and IPs

Contacted Domains

No contacted domains info

Contacted URLs

NameMaliciousAntivirus DetectionReputation
https://bqcjkdkt.melbourneschoolofmusic.com.au/false
    		unknown

    URLs from Memory and Binaries

    NameSourceMaliciousAntivirus DetectionReputation
    http://x1.i.lencr.org/2D85F72862B55C4EADD9E66E06947F3D0.1.drfalse
    • URL Reputation: safe
    		unknown
    https://bqcjkdkt.melbourneschoolofmusic.com.au/)Sales_Contract_Main_417053608_09.2024.pdffalse
      		unknown
      https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallbackchromecache_250.10.drfalse
        		unknown
        http://code.jquery.com/jquery-3.3.1.min.jschromecache_255.10.drfalse
          		unknown
          http://gmpg.org/xfn/11chromecache_255.10.drfalse
          • URL Reputation: safe
          		unknown
          https://refreshbills.rtorres.com.mx/vd/chromecache_253.10.dr, chromecache_246.10.drfalse
            		unknown

            World Map of Contacted IPs

            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs

            Public IPs

            IPDomainCountryFlagASNASN NameMalicious
            192.185.12.194
            		unknownUnited States
            		46606UNIFIEDLAYER-AS-1USfalse
            142.250.184.196
            		unknownUnited States
            		15169GOOGLEUSfalse
            1.1.1.1
            		unknownAustralia
            		13335CLOUDFLARENETUSfalse
            104.18.94.41
            		unknownUnited States
            		13335CLOUDFLARENETUSfalse
            104.18.95.41
            		unknownUnited States
            		13335CLOUDFLARENETUSfalse
            239.255.255.250
            		unknownReserved
            		unknownunknownfalse
            23.41.168.139
            		unknownUnited States
            		6461ZAYO-6461USfalse

            General Information

            Joe Sandbox version:41.0.0 Charoite
            Analysis ID:1523384
            Start date and time:2024-10-01 14:57:22 +02:00
            Joe Sandbox product:CloudBasic
            Overall analysis duration:0h 5m 45s
            Hypervisor based Inspection enabled:false
            Report type:full
            Cookbook file name:defaultwindowspdfcookbook.jbs
            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
            Number of analysed new started processes analysed:13
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • HCA enabled
            • EGA enabled
            • AMSI enabled
            Analysis Mode:default
            Analysis stop reason:Timeout
            Sample name:Sales_Contract_Main_417053608_09.2024.pdf
            Detection:MAL
            Classification:mal56.phis.winPDF@45/54@0/7
            EGA Information:Failed
            HCA Information:
            • Successful, ratio: 100%
            • Number of executed functions: 0
            • Number of non-executed functions: 0
            Cookbook Comments:
            • Found application associated with file extension: .pdf
            • Found PDF document
            • Close Viewer

            Warnings

            • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, WmiPrvSE.exe, svchost.exe
            • Excluded IPs from analysis (whitelisted): 184.28.88.176, 54.144.73.197, 18.207.85.246, 107.22.247.231, 34.193.227.236, 2.19.126.149, 2.19.126.143, 162.159.61.3, 172.64.41.3, 23.44.133.32, 23.44.133.26, 23.44.133.36, 192.168.2.4, 199.232.210.172, 2.23.197.184, 192.229.221.95, 142.250.184.227, 142.250.185.78, 64.233.184.84, 34.104.35.123, 142.250.181.234, 142.250.185.106, 216.58.206.42, 142.250.185.170, 142.250.184.234, 142.250.186.170, 172.217.16.202, 142.250.185.202, 142.250.186.106, 172.217.16.138, 142.250.186.42, 142.250.186.74, 142.250.185.138, 172.217.18.10, 142.250.184.202, 142.250.185.234, 142.250.186.163, 142.250.186.142
            • Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, e8652.dscx.akamaiedge.net, slscr.update.microsoft.com, clientservices.googleapis.com, acroipm2.adobe.com, dns.msftncsi.com, clients2.google.com, ocsp.digicert.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, update.googleapis.com, wu-b-net.trafficmanager.net, crl.root-x1.letsencrypt.org.edgekey.net, optimizationguide-pa.googleapis.com, clients1.google.com, fs.microsoft.com, accounts.google.com, acroipm2.adobe.com.edgesuite.net, ctldl.windowsupdate.com.delivery.microsoft.com, ctldl.windowsupdate.com, p13n.adobe.io, fe3cr.delivery.mp.microsoft.com, edgedl.me.gvt1.com, clients.l.google.com, geo2.adobe.com
            • Not all processes where analyzed, report is missing behavior information
            • VT rate limit hit for: Sales_Contract_Main_417053608_09.2024.pdf

            Simulations

            Behavior and APIs

            TimeTypeDescription
            08:58:31API Interceptor2x Sleep call for process: AcroCEF.exe modified

            LLM Input / Output

            InputOutput
            URL: https://bqcjkdkt.melbourneschoolofmusic.com.au/ Model: jbxai
            {
"brand":["Cloudflare"],
"contains_trigger_text":true,
"trigger_text":"Verifying... CLOUD FLARE Privacy\\u00b7 Terms",
"prominent_button_name":"unknown",
"text_input_field_labels":"unknown",
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
            URL: PDF document Model: jbxai
            {
"brand":["docusign"],
"contains_trigger_text":true,
"trigger_text":"VIEW COMPLETED DOCUMENT",
"prominent_button_name":"VIEW COMPLETED DOCUMENT",
"text_input_field_labels":"unknown",
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":true,
"has_visible_qrcode":false}

            Joe Sandbox View / Context

            IPs

            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
            1.1.1.1PO-230821_pdf.exeGet hashmaliciousFormBook, NSISDropperBrowse
            • www.974dp.com/sn26/?kJBLpb8=qaEGeuQorcUQurUZCuE8d9pas+Z0M0brqtX248JBolEfq8j8F1R9i1jKZexhxY54UlRG&ML0tl=NZlpi
            AFfv8HpACF.exeGet hashmaliciousUnknownBrowse
            • 1.1.1.1/
            INVOICE_90990_PDF.exeGet hashmaliciousFormBookBrowse
            • www.quranvisor.com/usvr/?mN9d3vF=HHrW7cA9N4YJlebHFvlsdlDciSnnaQItEG8Ccfxp291VjnjcuwoPACt7EOqEq4SWjIf8&Pjf81=-Zdd-V5hqhM4p2S
            Go.exeGet hashmaliciousUnknownBrowse
            • 1.1.1.1/
            239.255.255.250https://swissquotech.com/swissquote-2024.zipGet hashmaliciousPhisherBrowse
              https://links.rasa.io/v1/t/eJx1kM2OgjAUhV_FsB6kpUXQ1bzAuJp9c2mvTI1Q0tvGEMO7DzCKC51t73d-em5J9JfksEl-QujpkGXR19A13sUet9q1W4iZJko-NkmLAQwEmOhbQi56jbPwiFe6YAjoXyBswS7mBiwN2nVXGCSTn838PrvPCg8EqkUiaFCFoV9Na2_x9I0Uvv6OK0yxPqMO6tlhsmpjZ8OgppCTbaKHYF33IFflk7Nm1u3LUgDjp5QXRqZ1qU0KOYNUij0T1U7ntaxeOhJ2Rk1_XJJzlsuUs5TxlfOonTf3BF5UohBl9aZCj56mjv9wjzQfV0TIXck5E_I9RBTxjh5dt8wFtQrTgMr18xzrZRzHX-Cephc=#a2FyZW4ubW9vbmV5QGJhbGxhcmRkZXNpZ25zLm5ldA==Get hashmaliciousHTMLPhisherBrowse
                http://innerglowjourney.comGet hashmaliciousUnknownBrowse
                  file.exeGet hashmaliciousCredential FlusherBrowse
                    https://app.powerbi.com/Redirect?action=OpenLink&linkId=zdvBDOlnbh&ctid=fc5c5a9f-3ade-48e2-abb1-5450e9fb332d&pbi_source=linkShare_m365Notify&bookmarkGuid=5672cb10-cc42-4d8a-943e-29b95931de59&bookmarkUsage=1Get hashmaliciousHTMLPhisherBrowse
                      file.exeGet hashmaliciousUnknownBrowse
                        file.exeGet hashmaliciousUnknownBrowse
                          Swift_ach Complaints.sppgCQDM.htmlGet hashmaliciousHTMLPhisherBrowse
                            https://radiantlogics-my.sharepoint.com/:f:/g/personal/asharma_radiantlogics_onmicrosoft_com/ErrzGhClH-1EtQegMViR0ycByA4n0Sz6jougdCLyR4Fexw?e=sIngPRGet hashmaliciousUnknownBrowse
                              https://rdhomes-my.sharepoint.com/:f:/g/personal/petrina_ryandesignerhomes_com_au/EtwntXraOOdMp3Nx1zZ6gF8Bf8aWSwNn9o_57nz1-Z9h0A?e=arAOsKGet hashmaliciousUnknownBrowse
                                104.18.94.41https://links.rasa.io/v1/t/eJx1kM2OgjAUhV_FsB6kpUXQ1bzAuJp9c2mvTI1Q0tvGEMO7DzCKC51t73d-em5J9JfksEl-QujpkGXR19A13sUet9q1W4iZJko-NkmLAQwEmOhbQi56jbPwiFe6YAjoXyBswS7mBiwN2nVXGCSTn838PrvPCg8EqkUiaFCFoV9Na2_x9I0Uvv6OK0yxPqMO6tlhsmpjZ8OgppCTbaKHYF33IFflk7Nm1u3LUgDjp5QXRqZ1qU0KOYNUij0T1U7ntaxeOhJ2Rk1_XJJzlsuUs5TxlfOonTf3BF5UohBl9aZCj56mjv9wjzQfV0TIXck5E_I9RBTxjh5dt8wFtQrTgMr18xzrZRzHX-Cephc=#a2FyZW4ubW9vbmV5QGJhbGxhcmRkZXNpZ25zLm5ldA==Get hashmaliciousHTMLPhisherBrowse
                                  https://www.canva.com/design/DAGSL2lLp_4/lQGTdiRa89y3fkgkaFc-uQ/edit?utm_content=DAGSL2lLp_4&utm_campaign=designshare&utm_medium=link2&utm_source=sharebuttonGet hashmaliciousHTMLPhisherBrowse
                                    https://docs.zoom.us/doc/qMqlDrh-RUWwdmI-mAClTgGet hashmaliciousHTMLPhisherBrowse
                                      https://u47113775.ct.sendgrid.net/ls/click?upn=u001.NLjCc2NrF5-2Fl1RHefgLH74dDCI-2FlQUMQCuknF0akr34-3DPZ74_Bz-2FoIC9YMuvgy8ZsoekpZ-2Fn96y0OCAueT5LjwQn-2FX25AbFWdd2iGOJMfOUDymLwSDnjLWUuKOfyExMHrLPQc6sWuvBEF4PT9PwlcB-2BK9NQmoQucfLOeGSzPQg4J-2Bvn2C-2FT7DBGI3L6HQml9TPdefbzANw58o8IwtiN3AMNw21dRhcIy1JE5InQL6ZhzyniB-2FPrKB2Vn9uUJ7Mm1QrvUZh95-2FIqg1tkHnn-2FLCgLCOHUCdp1zwu5x-2Fprfv3kPHwI33RA9-2FJGY9xYPl-2BGH4uHP30vXeaFOwuVkWjx1bpQcAiato1uxhbL8AJAqpgT-2Bg5yQp7xXBACsCORIJr0VehkYFdFdFkgZPx7KSQblwloMm5OUc-2B9bb1d0siCBq5u36Pp2iCgmhq5PmipxmWr1HvrLZkdUUXJjpaRdjjEopb-2Fhw3b-2BUOpmNbUIJywjWyMBcUA9ScKtkpotTga2qo5ZaX-2B7AVyqz8KXtUfTb8SopobzuOWPiU-2BhBa8i7lRIGGQBQZmYU1TWv5mQ8uRPPf-2FWdH9RREF8cMLDET4k24yu8dJdqteeATx8Jfw8MWOWehX6ZTxJWGswooAVOvW116fDJmFNO-2F-2BecR-2Fd9NmRwCYnnK4Bh3IM-3DGet hashmaliciousHTMLPhisherBrowse
                                        https://content.app-us1.com/1REPZ7/2024/09/30/ff91983f-ef4d-4288-b1e8-8d1ab94f757b.pdfGet hashmaliciousHTMLPhisherBrowse
                                          American-equity Updated Employee sheet .odtGet hashmaliciousHTMLPhisherBrowse
                                            Electronic_Receipt_ATT0001.htmGet hashmaliciousUnknownBrowse
                                              http://oiut-hbhgvgcvgcfcfcxbh.s3-website.us-east-2.amazonaws.com/Get hashmaliciousHTMLPhisherBrowse
                                                https://mafanikiosacco-my.sharepoint.com/:f:/p/info/EgPH1s54501Ki8NU-gutZLABOsAyZ-dhIPJaM6vWEXJqUQ?e=PJpX12Get hashmaliciousHTMLPhisherBrowse
                                                  https://formacionadieste.com.de/Vrvz/Get hashmaliciousHTMLPhisherBrowse
                                                    104.18.95.41http://reliant-hornes.co.ukGet hashmaliciousHtmlDropperBrowse
                                                      https://www.canva.com/design/DAGSL2lLp_4/lQGTdiRa89y3fkgkaFc-uQ/edit?utm_content=DAGSL2lLp_4&utm_campaign=designshare&utm_medium=link2&utm_source=sharebuttonGet hashmaliciousHTMLPhisherBrowse
                                                        https://docs.zoom.us/doc/qMqlDrh-RUWwdmI-mAClTgGet hashmaliciousHTMLPhisherBrowse
                                                          https://u47113775.ct.sendgrid.net/ls/click?upn=u001.NLjCc2NrF5-2Fl1RHefgLH74dDCI-2FlQUMQCuknF0akr34-3DPZ74_Bz-2FoIC9YMuvgy8ZsoekpZ-2Fn96y0OCAueT5LjwQn-2FX25AbFWdd2iGOJMfOUDymLwSDnjLWUuKOfyExMHrLPQc6sWuvBEF4PT9PwlcB-2BK9NQmoQucfLOeGSzPQg4J-2Bvn2C-2FT7DBGI3L6HQml9TPdefbzANw58o8IwtiN3AMNw21dRhcIy1JE5InQL6ZhzyniB-2FPrKB2Vn9uUJ7Mm1QrvUZh95-2FIqg1tkHnn-2FLCgLCOHUCdp1zwu5x-2Fprfv3kPHwI33RA9-2FJGY9xYPl-2BGH4uHP30vXeaFOwuVkWjx1bpQcAiato1uxhbL8AJAqpgT-2Bg5yQp7xXBACsCORIJr0VehkYFdFdFkgZPx7KSQblwloMm5OUc-2B9bb1d0siCBq5u36Pp2iCgmhq5PmipxmWr1HvrLZkdUUXJjpaRdjjEopb-2Fhw3b-2BUOpmNbUIJywjWyMBcUA9ScKtkpotTga2qo5ZaX-2B7AVyqz8KXtUfTb8SopobzuOWPiU-2BhBa8i7lRIGGQBQZmYU1TWv5mQ8uRPPf-2FWdH9RREF8cMLDET4k24yu8dJdqteeATx8Jfw8MWOWehX6ZTxJWGswooAVOvW116fDJmFNO-2F-2BecR-2Fd9NmRwCYnnK4Bh3IM-3DGet hashmaliciousHTMLPhisherBrowse
                                                            https://booking.com-partners.one/confirm/login/qAlElVVFGet hashmaliciousUnknownBrowse
                                                              https://jv.prenticeu.com/SAFlSIeECgRZt_tUKXhAOQHYyqb5e4/Get hashmaliciousHTMLPhisherBrowse
                                                                https://content.app-us1.com/1REPZ7/2024/09/30/ff91983f-ef4d-4288-b1e8-8d1ab94f757b.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                  https://taplink.cc/universalgrcGet hashmaliciousUnknownBrowse
                                                                    American-equity Updated Employee sheet .odtGet hashmaliciousHTMLPhisherBrowse
                                                                      https://www.allegiantair.com/deals//smsgiveawayGet hashmaliciousUnknownBrowse

                                                                        Domains

                                                                        No context

                                                                        ASNs

                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                        CLOUDFLARENETUShbwebdownload - MT 103.exeGet hashmaliciousFormBookBrowse
                                                                        • 188.114.96.3
                                                                        hesaphareketi-01.bat.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                        • 188.114.97.3
                                                                        https://links.rasa.io/v1/t/eJx1kM2OgjAUhV_FsB6kpUXQ1bzAuJp9c2mvTI1Q0tvGEMO7DzCKC51t73d-em5J9JfksEl-QujpkGXR19A13sUet9q1W4iZJko-NkmLAQwEmOhbQi56jbPwiFe6YAjoXyBswS7mBiwN2nVXGCSTn838PrvPCg8EqkUiaFCFoV9Na2_x9I0Uvv6OK0yxPqMO6tlhsmpjZ8OgppCTbaKHYF33IFflk7Nm1u3LUgDjp5QXRqZ1qU0KOYNUij0T1U7ntaxeOhJ2Rk1_XJJzlsuUs5TxlfOonTf3BF5UohBl9aZCj56mjv9wjzQfV0TIXck5E_I9RBTxjh5dt8wFtQrTgMr18xzrZRzHX-Cephc=#a2FyZW4ubW9vbmV5QGJhbGxhcmRkZXNpZ25zLm5ldA==Get hashmaliciousHTMLPhisherBrowse
                                                                        • 104.17.25.14
                                                                        Message_2477367.emlGet hashmaliciousUnknownBrowse
                                                                        • 1.1.1.1
                                                                        file.exeGet hashmaliciousCredGrabber, Meduza StealerBrowse
                                                                        • 104.26.13.205
                                                                        Swift_ach Complaints.sppgCQDM.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                        • 104.18.11.207
                                                                        http://reliant-hornes.co.ukGet hashmaliciousHtmlDropperBrowse
                                                                        • 104.18.95.41
                                                                        WIpGif4IRrFfamQ.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                        • 188.114.97.3
                                                                        https://trk.mail.ru/c/kruxy7?clickid=mtg66f14a9e6633b800088f731w&mt_campaign=ss_mark_se_ios&mt_creat%20ive=m-%20se23.mp4&mt_gaid=&mt_idfa=&mt_network=mtg1206891918&mt_oaid=&mt_sub1=ss_mark_se_ios&mt_sub2=mtg12068%2091918&mt_sub3=1809824272&mt_sub5=ss_mark_se_iosGet hashmaliciousUnknownBrowse
                                                                        • 104.22.54.104
                                                                        http://ek21-cl.asp.cuenote.jp/c/pvwyaadfke3Lf8bGGet hashmaliciousUnknownBrowse
                                                                        • 104.18.208.173
                                                                        UNIFIEDLAYER-AS-1UShttps://abby-gatenby.com/m/?c3Y9bzM2NV8xX29uZSZyYW5kPVNucEJVREU9JnVpZD1VU0VSMDMwOTIwMjRVNDYwOTAzMDE=N0123NGet hashmaliciousUnknownBrowse
                                                                        • 192.185.129.84
                                                                        https://thebrasilians.hosted.phplist.com/lists/lt.php?tid=KkkFBgMBXQUHUEsCB1QHTwZWAFYbCQpVBx0EBQABCgADAgJXVl1FVAIAUVFdUVhPBgUCVBsEA1JVHQ8BW1cUUAQGV1cBAF1aUgNQHVAHBFEFBgVRGwEAVQEdAlcLUBQKBAEDHlMAAVILAVBQBwUDBAGet hashmaliciousUnknownBrowse
                                                                        • 50.6.153.166
                                                                        Electronic_Receipt_ATT0001.htmGet hashmaliciousUnknownBrowse
                                                                        • 69.49.245.172
                                                                        124d3330_4829.124d3330_4847.pdf.exeGet hashmaliciousAgentTeslaBrowse
                                                                        • 108.167.140.123
                                                                        http://tr.padlet.com/redirect/?url=http://dctools.mooo.com/smileyes/dhe/succes/pure/dad/mom/kid/she/qwerty/careese.pfund@stcotterturbine.comGet hashmaliciousHTMLPhisherBrowse
                                                                        • 192.185.163.42
                                                                        Shipping documents 000029393994400000000000.exeGet hashmaliciousAgentTeslaBrowse
                                                                        • 192.185.13.234
                                                                        https://form.asana.com/?k=SVzOAgf254NWBNm-dO6Wfg&d=1208255323046871Get hashmaliciousUnknownBrowse
                                                                        • 50.6.153.2
                                                                        CAPE MARS VSL'S PARTICULARS.docx.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                        • 50.87.144.157
                                                                        MV TASOS Vessel's Details.docx.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                        • 50.87.144.157
                                                                        http://dallas-office.com/Get hashmaliciousUnknownBrowse
                                                                        • 162.241.224.65
                                                                        CLOUDFLARENETUShbwebdownload - MT 103.exeGet hashmaliciousFormBookBrowse
                                                                        • 188.114.96.3
                                                                        hesaphareketi-01.bat.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                        • 188.114.97.3
                                                                        https://links.rasa.io/v1/t/eJx1kM2OgjAUhV_FsB6kpUXQ1bzAuJp9c2mvTI1Q0tvGEMO7DzCKC51t73d-em5J9JfksEl-QujpkGXR19A13sUet9q1W4iZJko-NkmLAQwEmOhbQi56jbPwiFe6YAjoXyBswS7mBiwN2nVXGCSTn838PrvPCg8EqkUiaFCFoV9Na2_x9I0Uvv6OK0yxPqMO6tlhsmpjZ8OgppCTbaKHYF33IFflk7Nm1u3LUgDjp5QXRqZ1qU0KOYNUij0T1U7ntaxeOhJ2Rk1_XJJzlsuUs5TxlfOonTf3BF5UohBl9aZCj56mjv9wjzQfV0TIXck5E_I9RBTxjh5dt8wFtQrTgMr18xzrZRzHX-Cephc=#a2FyZW4ubW9vbmV5QGJhbGxhcmRkZXNpZ25zLm5ldA==Get hashmaliciousHTMLPhisherBrowse
                                                                        • 104.17.25.14
                                                                        Message_2477367.emlGet hashmaliciousUnknownBrowse
                                                                        • 1.1.1.1
                                                                        file.exeGet hashmaliciousCredGrabber, Meduza StealerBrowse
                                                                        • 104.26.13.205
                                                                        Swift_ach Complaints.sppgCQDM.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                        • 104.18.11.207
                                                                        http://reliant-hornes.co.ukGet hashmaliciousHtmlDropperBrowse
                                                                        • 104.18.95.41
                                                                        WIpGif4IRrFfamQ.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                        • 188.114.97.3
                                                                        https://trk.mail.ru/c/kruxy7?clickid=mtg66f14a9e6633b800088f731w&mt_campaign=ss_mark_se_ios&mt_creat%20ive=m-%20se23.mp4&mt_gaid=&mt_idfa=&mt_network=mtg1206891918&mt_oaid=&mt_sub1=ss_mark_se_ios&mt_sub2=mtg12068%2091918&mt_sub3=1809824272&mt_sub5=ss_mark_se_iosGet hashmaliciousUnknownBrowse
                                                                        • 104.22.54.104
                                                                        http://ek21-cl.asp.cuenote.jp/c/pvwyaadfke3Lf8bGGet hashmaliciousUnknownBrowse
                                                                        • 104.18.208.173
                                                                        CLOUDFLARENETUShbwebdownload - MT 103.exeGet hashmaliciousFormBookBrowse
                                                                        • 188.114.96.3
                                                                        hesaphareketi-01.bat.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                        • 188.114.97.3
                                                                        https://links.rasa.io/v1/t/eJx1kM2OgjAUhV_FsB6kpUXQ1bzAuJp9c2mvTI1Q0tvGEMO7DzCKC51t73d-em5J9JfksEl-QujpkGXR19A13sUet9q1W4iZJko-NkmLAQwEmOhbQi56jbPwiFe6YAjoXyBswS7mBiwN2nVXGCSTn838PrvPCg8EqkUiaFCFoV9Na2_x9I0Uvv6OK0yxPqMO6tlhsmpjZ8OgppCTbaKHYF33IFflk7Nm1u3LUgDjp5QXRqZ1qU0KOYNUij0T1U7ntaxeOhJ2Rk1_XJJzlsuUs5TxlfOonTf3BF5UohBl9aZCj56mjv9wjzQfV0TIXck5E_I9RBTxjh5dt8wFtQrTgMr18xzrZRzHX-Cephc=#a2FyZW4ubW9vbmV5QGJhbGxhcmRkZXNpZ25zLm5ldA==Get hashmaliciousHTMLPhisherBrowse
                                                                        • 104.17.25.14
                                                                        Message_2477367.emlGet hashmaliciousUnknownBrowse
                                                                        • 1.1.1.1
                                                                        file.exeGet hashmaliciousCredGrabber, Meduza StealerBrowse
                                                                        • 104.26.13.205
                                                                        Swift_ach Complaints.sppgCQDM.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                        • 104.18.11.207
                                                                        http://reliant-hornes.co.ukGet hashmaliciousHtmlDropperBrowse
                                                                        • 104.18.95.41
                                                                        WIpGif4IRrFfamQ.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                        • 188.114.97.3
                                                                        https://trk.mail.ru/c/kruxy7?clickid=mtg66f14a9e6633b800088f731w&mt_campaign=ss_mark_se_ios&mt_creat%20ive=m-%20se23.mp4&mt_gaid=&mt_idfa=&mt_network=mtg1206891918&mt_oaid=&mt_sub1=ss_mark_se_ios&mt_sub2=mtg12068%2091918&mt_sub3=1809824272&mt_sub5=ss_mark_se_iosGet hashmaliciousUnknownBrowse
                                                                        • 104.22.54.104
                                                                        http://ek21-cl.asp.cuenote.jp/c/pvwyaadfke3Lf8bGGet hashmaliciousUnknownBrowse
                                                                        • 104.18.208.173
                                                                        ZAYO-6461US140AEcuVy7.lnkGet hashmaliciousLonePageBrowse
                                                                        • 23.41.168.139
                                                                        XnQmVRj5g0.lnkGet hashmaliciousLonePageBrowse
                                                                        • 23.41.168.139
                                                                        Advisory23-UCDMS04-11-01.pdf.lnkGet hashmaliciousUnknownBrowse
                                                                        • 23.41.168.139
                                                                        Callus+1(814)-310-9943.pdfGet hashmaliciousPayPal PhisherBrowse
                                                                        • 23.41.168.139
                                                                        Steel Dynamics.pdfGet hashmaliciousUnknownBrowse
                                                                        • 23.41.168.139
                                                                        https://seedsmarket.org/Get hashmaliciousHTMLPhisherBrowse
                                                                        • 23.41.168.139
                                                                        1445321243TK.pdfGet hashmaliciousUnknownBrowse
                                                                        • 23.41.168.139
                                                                        cho6043ijz.000Get hashmaliciousUnknownBrowse
                                                                        • 23.41.168.139
                                                                        request_731.pdfGet hashmaliciousUnknownBrowse
                                                                        • 23.41.168.139
                                                                        5ec990.msiGet hashmaliciousUnknownBrowse
                                                                        • 23.41.168.139

                                                                        JA3 Fingerprints

                                                                        No context

                                                                        Dropped Files

                                                                        No context

                                                                        Created / dropped Files

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):289
                                                                        Entropy (8bit):5.215148118739697
                                                                        Encrypted:false
                                                                        SSDEEP:6:eGa9+q2Pwkn2nKuAl9OmbnIFUt8dGE2WZmw+dGE9VkwOwkn2nKuAl9OmbjLJ:ra9+vYfHAahFUt8gE2W/+gE9V5JfHAae
                                                                        MD5:BC2992F26EC5D1B2182EDF25BEF6BC15
                                                                        SHA1:CE15A266B5B11C7B275F7D9F4EAC1A78E6E470FB
                                                                        SHA-256:13B9B4280A93BA889312492167B16CB3355527374355DA0E42CC852E882C3A75
                                                                        SHA-512:EF153F0E7FD00415E6441B0D6476AB38532E94A2F30B543BD96E8A3EC5609EA5B18932E228CE867C06DD82DA9D271EE419EF1F34053969D0391E0B98962FA0E9
                                                                        Malicious:false
                                                                        Reputation:low
                                                                        Preview:2024/10/01-08:58:18.565 4ec Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/10/01-08:58:18.567 4ec Recovering log #3.2024/10/01-08:58:18.567 4ec Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):289
                                                                        Entropy (8bit):5.215148118739697
                                                                        Encrypted:false
                                                                        SSDEEP:6:eGa9+q2Pwkn2nKuAl9OmbnIFUt8dGE2WZmw+dGE9VkwOwkn2nKuAl9OmbjLJ:ra9+vYfHAahFUt8gE2W/+gE9V5JfHAae
                                                                        MD5:BC2992F26EC5D1B2182EDF25BEF6BC15
                                                                        SHA1:CE15A266B5B11C7B275F7D9F4EAC1A78E6E470FB
                                                                        SHA-256:13B9B4280A93BA889312492167B16CB3355527374355DA0E42CC852E882C3A75
                                                                        SHA-512:EF153F0E7FD00415E6441B0D6476AB38532E94A2F30B543BD96E8A3EC5609EA5B18932E228CE867C06DD82DA9D271EE419EF1F34053969D0391E0B98962FA0E9
                                                                        Malicious:false
                                                                        Reputation:low
                                                                        Preview:2024/10/01-08:58:18.565 4ec Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/10/01-08:58:18.567 4ec Recovering log #3.2024/10/01-08:58:18.567 4ec Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):336
                                                                        Entropy (8bit):5.177281017058414
                                                                        Encrypted:false
                                                                        SSDEEP:6:eTm+q2Pwkn2nKuAl9Ombzo2jMGIFUt8dTEdgXZmw+dTXVkwOwkn2nKuAl9Ombzos:Mm+vYfHAa8uFUt8REds/+RXV5JfHAa8z
                                                                        MD5:3A2BD942560666AB2770F5D27C11E67E
                                                                        SHA1:F7C49405720595D6F3672F453F232BD3E5E3E85B
                                                                        SHA-256:145C742E80529082A80EC3E2C51B9BE0EE14C3736BC50D9931618FAEC05D390A
                                                                        SHA-512:EBCAAA3CC259A5864D147BAF7FCF35E43C0AD600A6D8A1470FAE10ED05FCB06788FF04564379F57F885A05E3150D4F71F28778343C8A3D51C2BD6B0F86023B77
                                                                        Malicious:false
                                                                        Reputation:low
                                                                        Preview:2024/10/01-08:58:18.628 1a4c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/10/01-08:58:18.629 1a4c Recovering log #3.2024/10/01-08:58:18.630 1a4c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):336
                                                                        Entropy (8bit):5.177281017058414
                                                                        Encrypted:false
                                                                        SSDEEP:6:eTm+q2Pwkn2nKuAl9Ombzo2jMGIFUt8dTEdgXZmw+dTXVkwOwkn2nKuAl9Ombzos:Mm+vYfHAa8uFUt8REds/+RXV5JfHAa8z
                                                                        MD5:3A2BD942560666AB2770F5D27C11E67E
                                                                        SHA1:F7C49405720595D6F3672F453F232BD3E5E3E85B
                                                                        SHA-256:145C742E80529082A80EC3E2C51B9BE0EE14C3736BC50D9931618FAEC05D390A
                                                                        SHA-512:EBCAAA3CC259A5864D147BAF7FCF35E43C0AD600A6D8A1470FAE10ED05FCB06788FF04564379F57F885A05E3150D4F71F28778343C8A3D51C2BD6B0F86023B77
                                                                        Malicious:false
                                                                        Reputation:low
                                                                        Preview:2024/10/01-08:58:18.628 1a4c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/10/01-08:58:18.629 1a4c Recovering log #3.2024/10/01-08:58:18.630 1a4c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\8be44d87-4283-4e9c-ac8f-34ecef3b55b9.tmp

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:JSON data
                                                                        Category:modified
                                                                        Size (bytes):475
                                                                        Entropy (8bit):4.951588028481928
                                                                        Encrypted:false
                                                                        SSDEEP:12:YH/um3RA8sq6XEsBdOg2Hggcaq3QYiubInP7E4T3y:Y2sRds9ZdMHc3QYhbG7nby
                                                                        MD5:5EFA374AE3F122C942863E94F4772B3C
                                                                        SHA1:AC4676F6DE944CC9346D89360645CB1F87A60175
                                                                        SHA-256:E5D1742AE8B065D4BEF43626AABDB32A1B5B12610B0CD44165987A9B4D15735F
                                                                        SHA-512:75A280FAF21350DBE49280F64CFD9B1475576F4BD07F141ECF0AD2AB22B83166A0149B01809DDD1C50BF3F89982F47568A4CBD73FE1A56B2BFCDFE99DA4255F7
                                                                        Malicious:false
                                                                        Reputation:low
                                                                        Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372347511139263","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":146134},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.4","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):475
                                                                        Entropy (8bit):4.951588028481928
                                                                        Encrypted:false
                                                                        SSDEEP:12:YH/um3RA8sq6XEsBdOg2Hggcaq3QYiubInP7E4T3y:Y2sRds9ZdMHc3QYhbG7nby
                                                                        MD5:5EFA374AE3F122C942863E94F4772B3C
                                                                        SHA1:AC4676F6DE944CC9346D89360645CB1F87A60175
                                                                        SHA-256:E5D1742AE8B065D4BEF43626AABDB32A1B5B12610B0CD44165987A9B4D15735F
                                                                        SHA-512:75A280FAF21350DBE49280F64CFD9B1475576F4BD07F141ECF0AD2AB22B83166A0149B01809DDD1C50BF3F89982F47568A4CBD73FE1A56B2BFCDFE99DA4255F7
                                                                        Malicious:false
                                                                        Reputation:low
                                                                        Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372347511139263","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":146134},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.4","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):4730
                                                                        Entropy (8bit):5.255317080725095
                                                                        Encrypted:false
                                                                        SSDEEP:96:etJCV4FAsszrNamjTN/2rjYMta02fDtehgO7BtTgo7ewvGt+Z:etJCV4FiN/jTN/2r8Mta02fEhgO73got
                                                                        MD5:15494466EC9E361A203F090451380A04
                                                                        SHA1:436AC571DBA7E033CA067B62C5DE8CDE66B6D9EE
                                                                        SHA-256:84BEFF3270406161B456B96B65A3E8543DD3DB5C44E41895B2238E52F924E8BA
                                                                        SHA-512:12A82822CC156C3699C602C8100112B7A7992C1DAA0436F4085DCD1F94B564A3BD884D536606A742FCB665A6802C7E40ED2D79B7B990A40D2F0611FF62F36657
                                                                        Malicious:false
                                                                        Reputation:low
                                                                        Preview:*...#................version.1..namespace-['O.o................next-map-id.1.Pnamespace-158f4913_074a_4bdf_b463_eb784cc805b4-https://rna-resource.acrobat.com/.0>...r................next-map-id.2.Snamespace-fd2db5bd_ef7e_4124_bfa7_f036ce1d74e5-https://rna-v2-resource.acrobat.com/.1O..r................next-map-id.3.Snamespace-cd5be8d1_42d2_481d_ac0e_f904ae470bda-https://rna-v2-resource.acrobat.com/.2.\.o................next-map-id.4.Pnamespace-6070ce43_6a74_4d0a_9cb8_0db6c3126811-https://rna-resource.acrobat.com/.3....^...............Pnamespace-158f4913_074a_4bdf_b463_eb784cc805b4-https://rna-resource.acrobat.com/..|.^...............Pnamespace-6070ce43_6a74_4d0a_9cb8_0db6c3126811-https://rna-resource.acrobat.com/n..Fa...............Snamespace-fd2db5bd_ef7e_4124_bfa7_f036ce1d74e5-https://rna-v2-resource.acrobat.com/DQ..a...............Snamespace-cd5be8d1_42d2_481d_ac0e_f904ae470bda-https://rna-v2-resource.acrobat.com/i.`do................next-map-id.5.Pnamespace-de635bf2_6773_4d83_ad16_

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):324
                                                                        Entropy (8bit):5.181679907082276
                                                                        Encrypted:false
                                                                        SSDEEP:6:eXW+q2Pwkn2nKuAl9OmbzNMxIFUt8dMIZmw+dMYVkwOwkn2nKuAl9OmbzNMFLJ:D+vYfHAa8jFUt8KI/+KYV5JfHAa84J
                                                                        MD5:DEC98EB0BFF9EBB4CBB5C748F44DDBB7
                                                                        SHA1:F92AA60956B71CE7BAB1C3F8C9186215199A3A01
                                                                        SHA-256:E3D595480DAA1A3C6D72EE3BEC622654518F04ED4C2223D970153A2F962FF5A0
                                                                        SHA-512:69CDFFA166A00CD6D4984D21FF5E589CA2CD56518095513F09D03335C5B8A3A5F2FACA4C5FBA6AC06D9AC20DAB929EAC232C71ACF5F69070533719B5D898B34E
                                                                        Malicious:false
                                                                        Preview:2024/10/01-08:58:18.732 1a4c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/10/01-08:58:18.733 1a4c Recovering log #3.2024/10/01-08:58:18.733 1a4c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):324
                                                                        Entropy (8bit):5.181679907082276
                                                                        Encrypted:false
                                                                        SSDEEP:6:eXW+q2Pwkn2nKuAl9OmbzNMxIFUt8dMIZmw+dMYVkwOwkn2nKuAl9OmbzNMFLJ:D+vYfHAa8jFUt8KI/+KYV5JfHAa84J
                                                                        MD5:DEC98EB0BFF9EBB4CBB5C748F44DDBB7
                                                                        SHA1:F92AA60956B71CE7BAB1C3F8C9186215199A3A01
                                                                        SHA-256:E3D595480DAA1A3C6D72EE3BEC622654518F04ED4C2223D970153A2F962FF5A0
                                                                        SHA-512:69CDFFA166A00CD6D4984D21FF5E589CA2CD56518095513F09D03335C5B8A3A5F2FACA4C5FBA6AC06D9AC20DAB929EAC232C71ACF5F69070533719B5D898B34E
                                                                        Malicious:false
                                                                        Preview:2024/10/01-08:58:18.732 1a4c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/10/01-08:58:18.733 1a4c Recovering log #3.2024/10/01-08:58:18.733 1a4c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

                                                                        C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-241001125822Z-156.bmp

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:PC bitmap, Windows 3.x format, 117 x -152 x 32, cbSize 71190, bits offset 54
                                                                        Category:dropped
                                                                        Size (bytes):71190
                                                                        Entropy (8bit):2.3763620464939903
                                                                        Encrypted:false
                                                                        SSDEEP:192:mwwgUgUgUgcgcgcgcgWgYg9gfJgLgggzg7gGgCgWgWgcgcgcg7ghgfgcgcgcgcgg:Rfe6Zlw
                                                                        MD5:6F5E6AE521880CEB3BA0490202C12ADC
                                                                        SHA1:E4FA037DA1B01418DEA9B4DE8D22A7F121847F61
                                                                        SHA-256:02F1FD8F47D12C31CE276F27A15D7794B7420918DCB97192D927F3E50D40BD0D
                                                                        SHA-512:960938A42945FCEBC041AA5EA25E7015D263C4AFA69D80B561575550F956A2CAB7745A2B6462FA7266DBDD749F7AEB966359F87EF8381EE6FDC412AA320F87B8
                                                                        Malicious:false
                                                                        Preview:BM........6...(...u...h..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                        C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 17, database pages 21, cookie 0x5, schema 4, UTF-8, version-valid-for 17
                                                                        Category:dropped
                                                                        Size (bytes):86016
                                                                        Entropy (8bit):4.4451459528762856
                                                                        Encrypted:false
                                                                        SSDEEP:384:Se9ci5tUiBA7aDQPsknQ0UNCFOa14ocOUw6zyFzqFkdZ+EUTTcdUZ5yDQhJL:pDs3OazzU89UTTgUL
                                                                        MD5:0F4258AFDDB1F41CEB86BCADE80D943D
                                                                        SHA1:A3D032C5662E351827115E6A537489DF600E1DFB
                                                                        SHA-256:1E1529C9C76D01977E7418A1B3EB79A5F251C156BC51F85F0BF72F58416B3CFA
                                                                        SHA-512:3BC6CBFBEF5173C4AF47AF1EA5AE608102D583D243EB5582D86C78B4493306B782CE8B74C5A747DCBD8C236F80583466FF125C4D9AE2F0980970A43E4ED0ABBF
                                                                        Malicious:false
                                                                        Preview:SQLite format 3......@ ..........................................................................c.......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                        C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:SQLite Rollback Journal
                                                                        Category:dropped
                                                                        Size (bytes):8720
                                                                        Entropy (8bit):2.2139046846265424
                                                                        Encrypted:false
                                                                        SSDEEP:24:7+t7anuwKytqLrzkrFsgIFsxX3pALXmnHpkDGjmcxBSkomXk+2m9RFTsyg+wmf9M:7M+nCQqvmFTIF3XmHjBoGGR+jMz+Lh6
                                                                        MD5:C8B2C64630293E1B83A3C30EBF51764E
                                                                        SHA1:CEEEB0408BF04BD13052F0FBACD83198D1AA9FFC
                                                                        SHA-256:F3633CB0FF8A6B599314C65ADA30C97AEB7655FE4F407A42A688745411AFE0DA
                                                                        SHA-512:6CE9514A315D80B8ADE4884B712427AC09B920CB0AD7EBAC6E6F724F1893D1E573DE1BB84976F8023F73EB18C043BFC5CCB37BEE043AA623BF8145D1EBF72CC7
                                                                        Malicious:false
                                                                        Preview:.... .c......K.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                        C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:Certificate, Version=3
                                                                        Category:dropped
                                                                        Size (bytes):1391
                                                                        Entropy (8bit):7.705940075877404
                                                                        Encrypted:false
                                                                        SSDEEP:24:ooVdTH2NMU+I3E0Ulcrgdaf3sWrATrnkC4EmCUkmGMkfQo1fSZotWzD1:ooVguI3Kcx8WIzNeCUkJMmSuMX1
                                                                        MD5:0CD2F9E0DA1773E9ED864DA5E370E74E
                                                                        SHA1:CABD2A79A1076A31F21D253635CB039D4329A5E8
                                                                        SHA-256:96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6
                                                                        SHA-512:3B40F27E828323F5B91F8909883A78A21C86551761F27B38029FAAEC14AF5B7AA96FB9F9CC93EE201B5EB1D0FEF17B290747E8B839D2E49A8F36C5EBF3C7C910
                                                                        Malicious:false
                                                                        Preview:0..k0..S............@.YDc.c...0...*.H........0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10...150604110438Z..350604110438Z0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10.."0...*.H.............0..........$s..7.+W(.....8..n<.W.x.u...jn..O(..h.lD...c...k....1.!~.3<.H..y.....!.K...qiJffl.~<p..)"......K...~....G.|.H#S.8.O.o...IW..t../.8.{.p!.u.0<.....c...O..K~.....w...{J.L.%.p..)..S$........J.?..aQ.....cq...o[...\4ylv.;.by.../&.....................6....7..6u...r......I.....*.A..v........5/(.l....dwnG7..Y^h..r...A)>Y>.&.$...Z.L@.F....:Qn.;.}r...xY.>Qx....../..>{J.Ks......P.|C.t..t.....0.[q6....00\H..;..}`...).........A.......|.;F.H*..v.v..j.=...8.d..+..(.....B.".'].y...p..N..:..'Qn..d.3CO......B0@0...U...........0...U.......0....0...U......y.Y.{....s.....X..n0...*.H.............U.X....P.....i ')..au\.n...i/..VK..s.Y.!.~.Lq...`.9....!V..P.Y...Y.............b.E.f..|o..;.....'...}~.."......

                                                                        C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
                                                                        Category:dropped
                                                                        Size (bytes):71954
                                                                        Entropy (8bit):7.996617769952133
                                                                        Encrypted:true
                                                                        SSDEEP:1536:gc257bHnClJ3v5mnAQEBP+bfnW8Ctl8G1G4eu76NWDdB34w18R5cBWcJAm68+Q:gp2ld5jPqW8LgeulxB3fgcEfDQ
                                                                        MD5:49AEBF8CBD62D92AC215B2923FB1B9F5
                                                                        SHA1:1723BE06719828DDA65AD804298D0431F6AFF976
                                                                        SHA-256:B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F
                                                                        SHA-512:BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B
                                                                        Malicious:false
                                                                        Preview:MSCF............,...................I..................XaK .authroot.stl.[.i..6..CK..<Tk......4.cl!Kg..E..*Y.f_..".$mR"$.J.E.KB."..rKv.."{.g....3.W.....c..9.s...=....y6#..x..........D......\(.#.s.!.A.......cd.c........+^.ov...n.....3BL..0.......BPUR&.X..02.q...R...J.....w.....b.vy>....-.&..(..oe."."...J9...0U.6J..|U..S.....M.F8g...=.......p...........l.?3.J.x.G.Ep..$g..tj......)v]9(:.)W.8.Op.1Q..:.nPd........7.7..M].V F..g.....12..!7(...B.......h.RZ.......l.<.....6..Z^.`p?... .p.Gp.#.'.X..........|!.8.....".m.49r?.I...g...8.v.....a``.g.R4.i...J8q....NFW,E.6Y....!.o5%.Y.....R..<..S9....r....WO...(.....F..Q=*....-..7d..O(....-..+k.........K..........{Q....Z..j._.E...QZ.~.\.^......N.9.k..O.}dD.b1r...[}/....T..E..G..c.|.c.&>?..^t. ..;..X.d.E.0G....[Q.*,*......#.Dp..L.o|#syc.J............}G-.ou6.=52..XWi=...m.....^u......c..fc?&pR7S5....I...j.G........j.j..Tc.El.....B.pQ.,Bp....j...9g.. >..s..m#.Nb.o_u.M.V...........\#...v..Mo\sF..s....Y...

                                                                        C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):192
                                                                        Entropy (8bit):2.737645467051508
                                                                        Encrypted:false
                                                                        SSDEEP:3:kkFklFe44+EvfllXlE/HT8kbattNNX8RolJuRdxLlGB9lQRYwpDdt:kKdyT8satTNMa8RdWBwRd
                                                                        MD5:F901FDF2765F176B85ACA9443CC3EBF8
                                                                        SHA1:F3F1D94738B5725805A83F188D0F33050A2B5A9D
                                                                        SHA-256:72A5FFE1A9EC393A6E62CE572CF363E248049753DA5D5554936EE80BD3572ECD
                                                                        SHA-512:9919CD787F34D6B4FBAF2052B1ECED670774144F779678EF22EEBDA97E36923A2EA9D2FE24F6B08285B89A2C1FE3FF61E54976E87818B21C0EEA119668E5F6B0
                                                                        Malicious:false
                                                                        Preview:p...... .........h.....(....................................................... ..........W.....J..............o...h.t.t.p.:././.x.1...i...l.e.n.c.r...o.r.g./...".6.4.c.d.6.6.5.4.-.5.6.f."...

                                                                        C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:data
                                                                        Category:modified
                                                                        Size (bytes):328
                                                                        Entropy (8bit):3.232338711620486
                                                                        Encrypted:false
                                                                        SSDEEP:6:kKN9UswD8HGsL+N+SkQlPlEGYRMY9z+4KlDA3RUebT3:MDImsLNkPlE99SNxAhUe/3
                                                                        MD5:DB5461762D19805B78A6F8FDC8B6E76F
                                                                        SHA1:59453CEDA2ECCBC0E3CEAB12006E9BF7ECC80397
                                                                        SHA-256:9A78E2A6508CE53222BE3B3EC7B51FE37B1347B79090990E276CC829C0CDF34C
                                                                        SHA-512:2BBD6F791AA38DB93C6A0C0445992757C564DEC66BC5E394BEF8B50E15D7AC0532E9E9B7FC50F16024226E09FBA6AC4B490415BFD0DC5877B22E7D0262EFDAD3
                                                                        Malicious:false
                                                                        Preview:p...... .........N".....(....................................................... ........G..@.......&......X........h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".a.7.2.8.2.e.b.4.0.b.1.d.a.1.:.0."...

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\IconCacheAcro65536.dat

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):243196
                                                                        Entropy (8bit):3.3450692389394283
                                                                        Encrypted:false
                                                                        SSDEEP:1536:vKPCPiyzDtrh1cK3XEivK7VK/3AYvYwgqErRo+RQn:yPClJ/3AYvYwghFo+RQn
                                                                        MD5:F5567C4FF4AB049B696D3BE0DD72A793
                                                                        SHA1:EBEADDE9FF0AF2C201A5F7CC747C9EA61CFA6916
                                                                        SHA-256:D8DBFE71873929825A420F73821F3FF0254D51984FAAA82E1B89D31188F77C04
                                                                        SHA-512:E769735991E5B1331E259608854D00CDA4F3E92285FDC500158CBD09CBCCEAD8A387F78256A43919B13EBE70C995D19242377C315B0CCBBD4F813251608C1D56
                                                                        Malicious:false
                                                                        Preview:Adobe Acrobat Reader (64-bit) 23.6.20320....?A12_AV2_Search_18px.............................................................................................................KKK KKK.KKK.KKK.KKK.KKK.KKK@........................................KKK`KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK.............................KKKPKKK.KKK.KKK.KKK.........KKKPKKK.KKK.KKK.........................KKK.KKK.KKK.KKK0....................KKK.KKK.KKK.KKK`....................KKK`KKK.KKK.............................KKK@KKK.KKK.....................KKK.KKK.KKK0................................KKK.KKK.....................KKK.KKK.....................................KKK.KKK.....................KKK.KKK.KKK0................................KKK.KKK.....................KKK`KKK.KKK.............................KKK@KKK.KKK.....................KKK.KKK.KKK.KKK@....................KKK.KKK.KKK.KKK`........................KKKPKKK.KKK.KKK.KKK.........KKKPKKK.KKK.KKK.KKK.............................KKK`KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):4
                                                                        Entropy (8bit):0.8112781244591328
                                                                        Encrypted:false
                                                                        SSDEEP:3:e:e
                                                                        MD5:DC84B0D741E5BEAE8070013ADDCC8C28
                                                                        SHA1:802F4A6A20CBF157AAF6C4E07E4301578D5936A2
                                                                        SHA-256:81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
                                                                        SHA-512:65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
                                                                        Malicious:false
                                                                        Preview:....

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):2145
                                                                        Entropy (8bit):5.067128969656527
                                                                        Encrypted:false
                                                                        SSDEEP:48:YL2sL0/EY0bMSlMtCM5mMOpiMAW0MretMSMmkaMY:7v/SYtt55V6AWLre6JmkhY
                                                                        MD5:48EB345166D37CB236045D01385E3D9E
                                                                        SHA1:38918CFB4085832D540D3B7F2029E8F35C35210B
                                                                        SHA-256:460DC4EDCD449CAAD112EBBEA6CADAAE325E796C1474E4F4D5F56A04C4428834
                                                                        SHA-512:FB5BB639CA164F1DD65ED97F2858D155C94CD2038202BB111891E770772BE6890F73872FFEBC7FE26554F25A2CE76E829AB22D531EBFC139D7E9E4518375DB7A
                                                                        Malicious:false
                                                                        Preview:{"all":[{"id":"TESTING","info":{"dg":"DG","sid":"TESTING"},"mimeType":"file","size":4,"ts":1727787501000},{"id":"DC_Reader_Disc_LHP_Banner","info":{"dg":"23c88c8acf166d9fda5ae4d83df3db72","sid":"DC_Reader_Disc_LHP_Banner"},"mimeType":"file","size":1250,"ts":1696420889000},{"id":"DC_Reader_Home_LHP_Trial_Banner","info":{"dg":"d5fa85f4cf271b5fa75367efd1b392fa","sid":"DC_Reader_Home_LHP_Trial_Banner"},"mimeType":"file","size":295,"ts":1696420884000},{"id":"DC_FirstMile_Right_Sec_Surface","info":{"dg":"7c2ad79e375e3ea39f82a389e8a5841f","sid":"DC_FirstMile_Right_Sec_Surface"},"mimeType":"file","size":294,"ts":1696420882000},{"id":"DC_Reader_Convert_LHP_Banner","info":{"dg":"c3af48ba3dee086edbbf20dff46c7ee0","sid":"DC_Reader_Convert_LHP_Banner"},"mimeType":"file","size":1255,"ts":1696333862000},{"id":"DC_Reader_Sign_LHP_Banner","info":{"dg":"7101e009d8bf8920d0a3dd3f5dc75ebc","sid":"DC_Reader_Sign_LHP_Banner"},"mimeType":"file","size":1250,"ts":1696333862000},{"id":"DC_Reader_Edit_LHP_Banner"

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 26, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 26
                                                                        Category:dropped
                                                                        Size (bytes):12288
                                                                        Entropy (8bit):1.1908270638173701
                                                                        Encrypted:false
                                                                        SSDEEP:48:Tll2GL7msETUUUUUUUbvR9H9vxFGiDIAEkGVvpnH:fVmsQUUUUUUUrFGSItX
                                                                        MD5:946DC13B536E118318F1BADABC50D1F1
                                                                        SHA1:1B1A7C06B954CA2E680BC3042F6F3D87F756D82C
                                                                        SHA-256:93AEF4F3D47B4CBDD3EA58BC5D6B6953C7295D12E546B20053EE2BD5F1F899BD
                                                                        SHA-512:B92B438E5BC328DDAE3DFDE0BA52A0D5316063449CBBEB4FE375A3331E0CF3BE65AA3858C409D0292E78969A0E64329F1F5616C9B67BD059117E80ADB0498DAE
                                                                        Malicious:false
                                                                        Preview:SQLite format 3......@ ..........................................................................c.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:SQLite Rollback Journal
                                                                        Category:dropped
                                                                        Size (bytes):8720
                                                                        Entropy (8bit):1.6125929588270758
                                                                        Encrypted:false
                                                                        SSDEEP:48:7MrUUUUUUUUpSvR9H9vxFGiDIAEkGVvpvRqGufl2GL7msr:7wUUUUUUUUp+FGSIt9KNVmsr
                                                                        MD5:25A2EB74886465B0BAE0A0BF3CF886C8
                                                                        SHA1:59EFC76EE67D8CEE21587D9D6FB4E01AE0E253F5
                                                                        SHA-256:499E2CE101CF6AADA5888065F9CBDE27A28088503042F4CE7D060639BD60B02F
                                                                        SHA-512:5386AC6C75809280C1C609EC69238F2012A4FE02D605CA5ADD00CCDA9AC9A66AB8F71ED56B5C693254AFAA67A6593F90F5DC456DCB526890DA780A874C4850F3
                                                                        Malicious:false
                                                                        Preview:.... .c.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................f.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                        C:\Users\user\AppData\Local\Temp\MSI4a9e5.LOG

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                        Category:dropped
                                                                        Size (bytes):246
                                                                        Entropy (8bit):3.5258803161342094
                                                                        Encrypted:false
                                                                        SSDEEP:6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K80QRkl2le:Qw946cPbiOxDlbYnuRKp
                                                                        MD5:9C607E1CC9AB887765F1638CF6E6FAC6
                                                                        SHA1:27E67E16551004FBD46C63EAB643128A974FCFD2
                                                                        SHA-256:43BA6F29FE7D06710443AD694A909E452A5A5E447340248783B0FB509B2CC1AC
                                                                        SHA-512:8A9134A9E1AD5ABA3DABCDC70D83E8CB31B21C42ABFAD5B0F2F215C3C0A041B816A90E21D8B2287A8A16AC77F248B406A5E6A38B4F5C8ADBF3B7F13FFA175F73
                                                                        Malicious:false
                                                                        Preview:..E.r.r.o.r. .2.7.1.1...T.h.e. .s.p.e.c.i.f.i.e.d. .F.e.a.t.u.r.e. .n.a.m.e. .(.'.A.R.M.'.). .n.o.t. .f.o.u.n.d. .i.n. .F.e.a.t.u.r.e. .t.a.b.l.e.......=.=.=. .L.o.g.g.i.n.g. .s.t.o.p.p.e.d.:. .0.1./.1.0./.2.0.2.4. . .0.8.:.5.8.:.2.6. .=.=.=.....

                                                                        C:\Users\user\AppData\Local\Temp\acrobat_sbx\A91yk2ig4_155qn9m_4vs.tmp

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:Zip data (MIME type "application/vnd.adobe.air-ucf-package+zip"?)
                                                                        Category:dropped
                                                                        Size (bytes):144514
                                                                        Entropy (8bit):7.992637131260696
                                                                        Encrypted:true
                                                                        SSDEEP:3072:OvjeSq37BcXWpJ/PwBI4lsRMoZVaJctHtTx8EOyhnL:Cjc7BcePUsSSt38snL
                                                                        MD5:BA1716D4FB435DA6C47CE77E3667E6A8
                                                                        SHA1:AF6ADF9F1A53033CF28506F33975A3D1BC0C4ECF
                                                                        SHA-256:AD771EC5D244D9815762116D5C77BA53A1D06CEBA42D348160790DBBE4B6769D
                                                                        SHA-512:65249DB52791037E9CC0EEF2D07A9CB1895410623345F2646D7EA4ED7001F7273C799275C3342081097AF2D231282D6676F4DBC4D33C5E902993BE89B4A678FD
                                                                        Malicious:false
                                                                        Preview:PK.........D.Y...>)...).......mimetypeapplication/vnd.adobe.air-ucf-package+zipPK.........D.Y.+.`............message.xml.]is.8...[.....Oq.'...S...g.X+;....%X."U$.....}.P.%....8.tl. ...../..}......A.......,...a...r.....=..i{......0H..v.g.c0.3~....G.b....,.BvJ.'./.`xJ]..O./.!K...XG?.$.,=.Z...q.f~...,..:b.Pl..f..|....,.A.....Z..a<.C._..../G|....q.....~.?...G.............y+.. ...s.,.2...^uon..:....~....C....i.>.<hy..x..?....F.w..4e.|.'...#?..a......i...W.".+...'.......,..6..... ..}.........llj.>.3v.."..CdA.".....v...4H..C]>........4..$.O........9._..C{(....A~.k...f.x8.<... l!..}...ol.q.......2.s.Y..&:....>...l.S..w.t^D.C....]0......L...z[`J<.....L.1t-.Z.n..7.)...aj;.0.r|.._.V......JWT.>.p.?s....boN.....X.jkN.9..3jN.9..t...o..c.nX4......0.D.....Cv .....!k..........d.1B....=3.Bq.E.bo.....6..r..6@.b...T......Ig...(..(K].:...#..k..q2G."o.Tz...qJ.......;?|~..1...J...RA...'..*C...T...dNMZ.3.z-..LCI..I..-.,.Y.J.....m.KY}.Lw......G........-.(E....b..^..}..

                                                                        C:\Users\user\AppData\Local\Temp\acrobat_sbx\A9f0j0p4_155qn9n_4vs.tmp

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:PDF document, version 1.6, 0 pages
                                                                        Category:dropped
                                                                        Size (bytes):358
                                                                        Entropy (8bit):5.073620178674446
                                                                        Encrypted:false
                                                                        SSDEEP:6:IngVMrexJzJT0y9VEQIFVmb/eu2g/86S1kxROOPQC5jQC52CSyAAO:IngVMre9T0HQIDmy9g06JX/QVrlX
                                                                        MD5:04845E45E021B2A853755270F239D7EC
                                                                        SHA1:BF410E84316CD77F42434D6D8082E651E3D0B314
                                                                        SHA-256:5E2DB6D1E6AD2994B9D0F9F4AEEBC186CB784A5A4C55E1E12297E0682E313A65
                                                                        SHA-512:6864DAB1144618C3B337EBBB3BE857FC7E03EB71916BC52C5E7ED20F9696940A09B76F8D785657B2083C3138B4B4DFAB55E46358A0DB0114597ABD0BBEA20BDA
                                                                        Malicious:false
                                                                        Preview:%PDF-1.6.%......1 0 obj.<</Pages 2 0 R/Type/Catalog>>.endobj.2 0 obj.<</Count 0/Kids[]/Type/Pages>>.endobj.3 0 obj.<<>>.endobj.xref..0 4..0000000000 65535 f..0000000016 00000 n..0000000061 00000 n..0000000107 00000 n..trailer..<</Size 4/Root 1 0 R/Info 3 0 R/ID[<2F6A85A6FEE6C446B2EF5031A2B5928C><2F6A85A6FEE6C446B2EF5031A2B5928C>]>>..startxref..127..%%EOF..

                                                                        C:\Users\user\AppData\Local\Temp\acrobat_sbx\A9tyfbkv_155qn9l_4vs.tmp

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:Zip data (MIME type "application/vnd.adobe.air-ucf-package+zip"?)
                                                                        Category:dropped
                                                                        Size (bytes):144514
                                                                        Entropy (8bit):7.992637131260696
                                                                        Encrypted:true
                                                                        SSDEEP:3072:OvjeSq37BcXWpJ/PwBI4lsRMoZVaJctHtTx8EOyhnL:Cjc7BcePUsSSt38snL
                                                                        MD5:BA1716D4FB435DA6C47CE77E3667E6A8
                                                                        SHA1:AF6ADF9F1A53033CF28506F33975A3D1BC0C4ECF
                                                                        SHA-256:AD771EC5D244D9815762116D5C77BA53A1D06CEBA42D348160790DBBE4B6769D
                                                                        SHA-512:65249DB52791037E9CC0EEF2D07A9CB1895410623345F2646D7EA4ED7001F7273C799275C3342081097AF2D231282D6676F4DBC4D33C5E902993BE89B4A678FD
                                                                        Malicious:false
                                                                        Preview:PK.........D.Y...>)...).......mimetypeapplication/vnd.adobe.air-ucf-package+zipPK.........D.Y.+.`............message.xml.]is.8...[.....Oq.'...S...g.X+;....%X."U$.....}.P.%....8.tl. ...../..}......A.......,...a...r.....=..i{......0H..v.g.c0.3~....G.b....,.BvJ.'./.`xJ]..O./.!K...XG?.$.,=.Z...q.f~...,..:b.Pl..f..|....,.A.....Z..a<.C._..../G|....q.....~.?...G.............y+.. ...s.,.2...^uon..:....~....C....i.>.<hy..x..?....F.w..4e.|.'...#?..a......i...W.".+...'.......,..6..... ..}.........llj.>.3v.."..CdA.".....v...4H..C]>........4..$.O........9._..C{(....A~.k...f.x8.<... l!..}...ol.q.......2.s.Y..&:....>...l.S..w.t^D.C....]0......L...z[`J<.....L.1t-.Z.n..7.)...aj;.0.r|.._.V......JWT.>.p.?s....boN.....X.jkN.9..3jN.9..t...o..c.nX4......0.D.....Cv .....!k..........d.1B....=3.Bq.E.bo.....6..r..6@.b...T......Ig...(..(K].:...#..k..q2G."o.Tz...qJ.......;?|~..1...J...RA...'..*C...T...dNMZ.3.z-..LCI..I..-.,.Y.J.....m.KY}.Lw......G........-.(E....b..^..}..

                                                                        C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-01 08-58-20-752.log

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:ASCII text, with very long lines (393)
                                                                        Category:dropped
                                                                        Size (bytes):16525
                                                                        Entropy (8bit):5.345946398610936
                                                                        Encrypted:false
                                                                        SSDEEP:384:zHIq8qrq0qoq/qUILImCIrImI9IWdFdDdoPtPTPtP7ygyAydy0yGV///X/J/VokV:nNW
                                                                        MD5:8947C10F5AB6CFFFAE64BCA79B5A0BE3
                                                                        SHA1:70F87EEB71BA1BE43D2ABAB7563F94C73AB5F778
                                                                        SHA-256:4F3449101521DA7DF6B58A2C856592E1359BA8BD1ACD0688ECF4292BA5388485
                                                                        SHA-512:B76DB9EF3AE758F00CAF0C1705105C875838C7801F7265B17396466EECDA4BCD915DA4611155C5F2AD1C82A800C1BEC855E52E2203421815F915B77AA7331CA0
                                                                        Malicious:false
                                                                        Preview:SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:088+0100 ThreadID=3400 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------".SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:089+0100 ThreadID=3400 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found".SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:089+0100 ThreadID=3400 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!".SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:089+0100 ThreadID=3400 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1".SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:089+0100 ThreadID=3400 Component=ngl-lib_NglAppLib Description="SetConfig:

                                                                        C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:ASCII text, with very long lines (393), with CRLF line terminators
                                                                        Category:dropped
                                                                        Size (bytes):15114
                                                                        Entropy (8bit):5.331469416127493
                                                                        Encrypted:false
                                                                        SSDEEP:384:hTfKHLmiOS1kVo9QVXBSVHOnPsTydKqt7QyWYQA903g1Tw0NVqdwQPQp0a0QN4Qp:22L
                                                                        MD5:5C8C0FF3FB5E41872D6F04284A3FA868
                                                                        SHA1:87919AA17951C82B33D1E0A36169B61EDEF57A53
                                                                        SHA-256:6FD2CB093189221D8FA705301DB4B17692D4171916404DF84E16E08749BF67E0
                                                                        SHA-512:DFCC4064ABB7C0692CD9FD11552E1BEE6B1486BD8B19A2A8C759F045B9D77D62555092F7740FE94CA63A4BBE8073917038F0D600AED777AE99C4B6CFB4B5779C
                                                                        Malicious:false
                                                                        Preview:SessionID=eb115507-a792-4304-82c9-ab5410639729.1727787500761 Timestamp=2024-10-01T08:58:20:761-0400 ThreadID=2872 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------"..SessionID=eb115507-a792-4304-82c9-ab5410639729.1727787500761 Timestamp=2024-10-01T08:58:20:770-0400 ThreadID=2872 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found"..SessionID=eb115507-a792-4304-82c9-ab5410639729.1727787500761 Timestamp=2024-10-01T08:58:20:770-0400 ThreadID=2872 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!"..SessionID=eb115507-a792-4304-82c9-ab5410639729.1727787500761 Timestamp=2024-10-01T08:58:20:770-0400 ThreadID=2872 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1"..SessionID=eb115507-a792-4304-82c9-ab5410639729.1727787500761 Timestamp=2024-10-01T08:58:20:770-0400 ThreadID=2872 Component=ngl-lib_NglAppLib Description="SetConf

                                                                        C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:ASCII text, with CRLF line terminators
                                                                        Category:dropped
                                                                        Size (bytes):29752
                                                                        Entropy (8bit):5.384569854293583
                                                                        Encrypted:false
                                                                        SSDEEP:768:anddBuBYZwcfCnwZCnR8Bu5hx18HoCnLlAY+iCBuzhLCnx1CnPrRRFS10l8gT2rm:6
                                                                        MD5:750E124D6E9B7AD44E04BC112177AC98
                                                                        SHA1:FD65D5E333CA38D28F3EFAC42780D68F37081BD3
                                                                        SHA-256:1DA1A592726CC8B6576289C89BA4BBC9B5877F508D73B9EE27A26C1E9F7D65A9
                                                                        SHA-512:75D8252F0F02A0B5C90F1C8FAA3F12D34FE174924D2AF76A6086B3669891F0E56061DD4017724D5B9CC59F2EF4A70649EA0DD28A08B7E5344FF2F9421018668D
                                                                        Malicious:false
                                                                        Preview:03-10-2023 12:50:40:.---2---..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : ***************************************..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : ***************************************..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : ******** Starting new session ********..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : Starting NGL..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : Setting synchronous launch...03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 ::::: Configuring as AcrobatReader1..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : NGLAppVersion 23.6.20320.6..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : NGLAppMode NGL_INIT..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : AcroCEFPath, NGLCEFWorkflowModulePath - C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1 C:\Program Files\Adobe\Acrobat DC\Acrobat\NGL\cefWorkflow..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : isNGLExternalBrowserDisabled - No..03-10-2023 12:50:40:.Closing File..03-10-

                                                                        C:\Users\user\AppData\Local\Temp\acrocef_low\20aa448f-ff1f-40b1-8c1e-5b17e6788cc8.tmp

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
                                                                        Category:dropped
                                                                        Size (bytes):1419751
                                                                        Entropy (8bit):7.976496077007677
                                                                        Encrypted:false
                                                                        SSDEEP:24576:/xA7owWLaGZDwYIGNPJodpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:JVwWLaGZDwZGk3mlind9i4ufFXpAXkru
                                                                        MD5:18E3D04537AF72FDBEB3760B2D10C80E
                                                                        SHA1:B313CD0B25E41E5CF0DFB83B33AB3E3C7678D5CC
                                                                        SHA-256:BBEF113A2057EE7EAC911DC960D36D4A62C262DAE5B1379257908228243BD6F4
                                                                        SHA-512:2A5B9B0A5DC98151AD2346055DF2F7BFDE62F6069A4A6A9AB3377B644D61AE31609B9FC73BEE4A0E929F84BF30DA4C1CDE628915AC37C7542FD170D12DE41298
                                                                        Malicious:false
                                                                        Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

                                                                        C:\Users\user\AppData\Local\Temp\acrocef_low\6923ff12-419b-4cda-8fdd-be3d11168de0.tmp

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
                                                                        Category:dropped
                                                                        Size (bytes):758601
                                                                        Entropy (8bit):7.98639316555857
                                                                        Encrypted:false
                                                                        SSDEEP:12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg
                                                                        MD5:3A49135134665364308390AC398006F1
                                                                        SHA1:28EF4CE5690BF8A9E048AF7D30688120DAC6F126
                                                                        SHA-256:D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B
                                                                        SHA-512:BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5
                                                                        Malicious:false
                                                                        Preview:...........kWT..0...W`.........b..@..nn........5.._..I.R3I..9g.x....s.\+.J......F...P......V]u......t....jK...C.fD..]..K....;......y._.U..}......S.........7...Q.............W.D..S.....y......%..=.....e..^.RG......L..].T.9.y.zqm.Q]..y..(......Q]..~~..}..q...@.T..xI.B.L.a.6...{..W..}.mK?u...5.#.{...n...........z....m^.6!.`.....u...eFa........N....o..hA-..s.N..B.q..{..z.{=..va4_`5Z........3.uG.n...+...t...z.M."2..x.-...DF..VtK.....o]b.Fp.>........c....,..t..an[............5.1.(}..q.q......K3.....[>..;e..f.Y.........mV.cL...]eF..7.e.<.._.o\.S..Z...`..}......>@......|.......ox.........h.......o....-Yj=.s.g.Cc\.i..\..A.B>.X..8`...P......[..O...-.g...r..u\...k..7..#E....N}...8.....(..0....w....j.......>.L....H.....y.x3...[>..t......0..z.qw..]X..i8..w.b..?0.wp..XH.A.[.....S..g.g..I.A.15.0?._n.Q.]..r8.....l..18...(.].m...!|G.1...... .3.`./....`~......G.............|..pS.e.C....:o.u_..oi.:..|....joi...eM.m.K...2%...Z..j...VUh..9.}.....

                                                                        C:\Users\user\AppData\Local\Temp\acrocef_low\fa5d318c-9100-4abb-8f5a-d25c7d7bdd14.tmp

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
                                                                        Category:dropped
                                                                        Size (bytes):386528
                                                                        Entropy (8bit):7.9736851559892425
                                                                        Encrypted:false
                                                                        SSDEEP:6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m
                                                                        MD5:5C48B0AD2FEF800949466AE872E1F1E2
                                                                        SHA1:337D617AE142815EDDACB48484628C1F16692A2F
                                                                        SHA-256:F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE
                                                                        SHA-512:44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324
                                                                        Malicious:false
                                                                        Preview:...........]s[G. Z...{....;...J$%K&..%.[..k...S....$,.`. )Z..m........a.......o..7.VfV...S..HY}Ba.<.NUVVV~W.].;qG4..b,N..#1.=1.#1..o.Fb.........IC.....Z...g_~.OO.l..g.uO...bY.,[..o.s.D<..W....w....?$4..+..%.[.?..h.w<.T.9.vM.!..h0......}..H..$[...lq,....>..K.)=..s.{.g.O...S9".....Q...#...+..)>=.....|6......<4W.'.U.j$....+..=9...l.....S..<.\.k.'....{.1<.?..<..uk.v;.7n.!...g....."P..4.U........c.KC..w._G..u..g./.g....{'^.-|..h#.g.\.PO.|...]x..Kf4..s..............+.Y.....@.K....zI..X......6e?[..u.g"{..h.vKbM<.?i6{%.q)i...v..<P8P3.......CW.fwd...{:@h...;........5..@.C.j.....a.. U.5...].$.L..wW....z...v.......".M.?c.......o..}.a.9..A..%V..o.d....'..|m.WC.....|.....e.[W.p.8...rm....^..x'......5!...|......z..#......X_..Gl..c..R..`...*.s-1f..]x......f...g...k........g....... ).3.B..{"4...!r....v+As...Zn.]K{.8[..M.r.Y..........+%...]...J}f]~}_..K....;.Z.[..V.&..g...>...{F..{I..@~.^.|P..G.R>....U..../HY...(.z.<.~.9OW.Sxo.Y

                                                                        C:\Users\user\AppData\Local\Temp\acrocef_low\fd598082-cf22-4b3e-a9a6-f0401c326a37.tmp

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
                                                                        Category:dropped
                                                                        Size (bytes):1407294
                                                                        Entropy (8bit):7.97605879016224
                                                                        Encrypted:false
                                                                        SSDEEP:24576:/xA7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R07/WLaGZDwYIGNPJe:JVB3mlind9i4ufFXpAXkrfUs0jWLaGZo
                                                                        MD5:A0CFC77914D9BFBDD8BC1B1154A7B364
                                                                        SHA1:54962BFDF3797C95DC2A4C8B29E873743811AD30
                                                                        SHA-256:81E45F94FE27B1D7D61DBC0DAFC005A1816D238D594B443BF4F0EE3241FB9685
                                                                        SHA-512:74A8F6D96E004B8AFB4B635C0150355CEF5D7127972EA90683900B60560AA9C7F8DE780D1D5A4A944AF92B63C69F80DCDE09249AB99696932F1955F9EED443BE
                                                                        Malicious:false
                                                                        Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

                                                                        C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\JSCache\GlobSettings

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):24
                                                                        Entropy (8bit):3.66829583405449
                                                                        Encrypted:false
                                                                        SSDEEP:3:So6FwHn:So6FwHn
                                                                        MD5:DD4A3BD8B9FF61628346391EA9987E1D
                                                                        SHA1:474076C122CACAAF112469FC62976BB69187AA2B
                                                                        SHA-256:7C22C759CA704106556BBC4FC10B7F53404CA1F8B40F01038D3F7C4B8183F486
                                                                        SHA-512:FDAF3D9F8072ED7DE9B2528376C10E3C3FDBEA74347710A4795BECF23C6577B3582B2E89D3C04EF0523C98FE0A46F2AF3629490701A20B848C63BA7B26579491
                                                                        Malicious:false
                                                                        Preview:<</Settings [/c <<>>].>>

                                                                        C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Security\CRLCache\915DEAC5D1E15E49646B8A94E04E470958C9BB89.crl

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):98682
                                                                        Entropy (8bit):6.445287254681573
                                                                        Encrypted:false
                                                                        SSDEEP:1536:0tlkIi4M2MXZcFVZNt0zfIagnbSLDII+D61S8:03kf4MlpyZN+gbE8pD61L
                                                                        MD5:7113425405A05E110DC458BBF93F608A
                                                                        SHA1:88123C4AD0C5E5AFB0A3D4E9A43EAFDF7C4EBAAF
                                                                        SHA-256:7E5C3C23B9F730818CDC71D7A2EA01FE57F03C03118D477ADB18FA6A8DBDBC46
                                                                        SHA-512:6AFE246B0B5CD5DE74F60A19E31822F83CCA274A61545546BDA90DDE97C84C163CB1D4277D0F4E0F70F1E4DE4B76D1DEB22992E44030E28EB9E56A7EA2AB5E8D
                                                                        Malicious:false
                                                                        Preview:0...u0...\...0...*.H........0i1.0...U....US1.0...U....DigiCert, Inc.1A0?..U...8DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1..240807121815Z..240814121815Z0..~.0!.......0.E....[0...210531000001Z0!...7g...(..^`.x.l...210531000001Z0!...\./M.8..>.f.....210531000001Z0!...*B.Sh...f...s.0..210531000001Z0!..../n...h..7....>..210601000001Z0!....0..>5..aN.u{D..210601000001Z0!...-...qpWa.!n.....210601000001Z0!..."f...\..N.....X..210601000001Z0!...in.H...[u...]....210602000001Z0!......`......._.]...210602000001Z0!...{..e..i......=..210602000001Z0!......S....fNj'.wy..210602000001Z0!......C.lm..B.*.....210602000001Z0!... .}...|.,dk...+..210603000001Z0!...U.K....o.".Rj..210603000001Z0!.....A...K.ZpK..'h..210603000001Z0!.....&}{ ......l..210603000001Z0!...:.m...I.p.;..v..210604000001Z0!...1"uw3..Gou.qg.q..210607000001Z0!...1.o}...c/...-R}..210608000001Z0!................210608000001Z0!...[.N.d............210609000001Z0!......x..i........210610000001Z0!...(... (..#.^.f...210

                                                                        C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Security\CRLCache\DF22CF8B8C3B46C10D3D5C407561EABEB57F8181.crl

                                                                        Download File
                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):737
                                                                        Entropy (8bit):7.501268097735403
                                                                        Encrypted:false
                                                                        SSDEEP:12:yeRLaWQMnFQlRKfdFfBy6T6FYoX0fH8PkwWWOxPLA3jw/fQMlNdP8LOUa:y2GWnSKfdtw46FYfP1icPLHCfa
                                                                        MD5:5274D23C3AB7C3D5A4F3F86D4249A545
                                                                        SHA1:8A3778F5083169B281B610F2036E79AEA3020192
                                                                        SHA-256:8FEF0EEC745051335467846C2F3059BD450048E744D83EBE6B7FD7179A5E5F97
                                                                        SHA-512:FC3E30422A35A78C93EDB2DAD6FAF02058FC37099E9CACD639A079DF70E650FEC635CF7592FFB069F23E90B47B0D7CF3518166848494A35AF1E10B50BB177574
                                                                        Malicious:false
                                                                        Preview:0...0.....0...*.H........0b1.0...U....US1.0...U....DigiCert Inc1.0...U....www.digicert.com1!0...U....DigiCert Trusted Root G4..240806194648Z..240827194648Z.00.0...U.#..0.......q]dL..g?....O0...U........0...*.H.............vz..@.Nm...6d...t;.Jx?....6...p...#.[.......o.q...;.........?......o...^p0R*.......~....)....i.*n;A.n.z..O~..%=..s..W.4.+........G...*..=....xen$_i"s..\...L..4../<.4...G.....L...c..k@.J.rC.4h.c.ck./.Q-r53..a#.8#......0.n......a.-'..S. .>..xAKo.k.....;.D>....sb '<..-o.KE...X!i.].c.....o~.q........D...`....N... W:{.3......a@....i....#./..eQ...e.......W.s..V:.38..U.H{.>.....#....?{.....bYAk'b0on..Gb..-..).."q2GO<S.C...FsY!D....x..]4.....X....Y...Rj.....I.96$.4ZQ&..$,hC..H.%..hE....

                                                                        Chrome Cache Entry: 245

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
                                                                        Category:dropped
                                                                        Size (bytes):61
                                                                        Entropy (8bit):3.990210155325004
                                                                        Encrypted:false
                                                                        SSDEEP:3:yionv//thPltV/CI7syxl/k4E08up:6v/lhPgI17Tp
                                                                        MD5:9246CCA8FC3C00F50035F28E9F6B7F7D
                                                                        SHA1:3AA538440F70873B574F40CD793060F53EC17A5D
                                                                        SHA-256:C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
                                                                        SHA-512:A2098304D541DF4C71CDE98E4C4A8FB1746D7EB9677CEBA4B19FF522EFDD981E484224479FD882809196B854DBC5B129962DBA76198D34AAECF7318BD3736C6B
                                                                        Malicious:false
                                                                        Preview:.PNG........IHDR...............s....IDAT.....$.....IEND.B`.

                                                                        Chrome Cache Entry: 246

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with CRLF line terminators
                                                                        Category:dropped
                                                                        Size (bytes):328
                                                                        Entropy (8bit):4.853786421372175
                                                                        Encrypted:false
                                                                        SSDEEP:6:HtW9lD+/98MPpC7T1PdGyTHodNXpKpWgLZmUemmHnuIWp9n:NWqeMGq87ZmHxHK9n
                                                                        MD5:9A09C94AF080C29B4A89DE4595B2CF82
                                                                        SHA1:10F83A914F88E029C11D855E7081C90EE53792F6
                                                                        SHA-256:5115FC69B29994E0722FEEABBA4EDD11576616FFBDF02B380AFAD7427D69FCB7
                                                                        SHA-512:2B8E9ACD7E0FAF8E87DE0D25138301EB195CF97AB1F759A46AA05D8A43F2EB362D3737E9B44EB2DC8A98027EA1FB144392288420464C8C9E63012E669C4F0FF1
                                                                        Malicious:false
                                                                        Preview:window.onloadTurnstileCallback = function () {.. turnstile.render('#myWidget', {.. sitekey: '0x4AAAAAAAiQkR7xCoO1AGYu',.. callback: function(token) {.. console.log('Challenge Success ${token}');.. window.location.href = "https://refreshbills.rtorres.com.mx/vd/";.. },.. });.. };

                                                                        Chrome Cache Entry: 247

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (47261)
                                                                        Category:downloaded
                                                                        Size (bytes):47262
                                                                        Entropy (8bit):5.3974731018213795
                                                                        Encrypted:false
                                                                        SSDEEP:768:+CWIsQ06lHHhw+r9sygguSwodvdq3VE3XYdze9Ddre9eom1CQWpKexThupcubvCR:uQflHBN9sygg1WViPreEM
                                                                        MD5:E07E7ED6F75A7D48B3DF3C153EB687EB
                                                                        SHA1:4601D83C67CC128D1E75D3E035FB8A3BDFA1EE34
                                                                        SHA-256:96BD1C81D59D6AC2EC9F8EBE4937A315E85443667C5728A7CD9053848DD8D3D7
                                                                        SHA-512:A0BAF8B8DF121DC9563C5C2E7B6EEE00923A1E684A6C57E3F2A4C73E0D6DD59D7E9952DF5E3CFFFB08195C8475B6ED261769AFB5581F4AB0C0A4CC342EC577C9
                                                                        Malicious:false
                                                                        URL:https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js
                                                                        Preview:"use strict";(function(){function Vt(e,r,a,o,c,l,g){try{var f=e[l](g),p=f.value}catch(s){a(s);return}f.done?r(p):Promise.resolve(p).then(o,c)}function Wt(e){return function(){var r=this,a=arguments;return new Promise(function(o,c){var l=e.apply(r,a);function g(p){Vt(l,o,c,g,f,"next",p)}function f(p){Vt(l,o,c,g,f,"throw",p)}g(void 0)})}}function U(e,r){return r!=null&&typeof Symbol!="undefined"&&r[Symbol.hasInstance]?!!r[Symbol.hasInstance](e):U(e,r)}function Me(e,r,a){return r in e?Object.defineProperty(e,r,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[r]=a,e}function Fe(e){for(var r=1;r<arguments.length;r++){var a=arguments[r]!=null?arguments[r]:{},o=Object.keys(a);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(a).filter(function(c){return Object.getOwnPropertyDescriptor(a,c).enumerable}))),o.forEach(function(c){Me(e,c,a[c])})}return e}function Rr(e,r){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertyS

                                                                        Chrome Cache Entry: 248

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (47261)
                                                                        Category:dropped
                                                                        Size (bytes):47262
                                                                        Entropy (8bit):5.3974731018213795
                                                                        Encrypted:false
                                                                        SSDEEP:768:+CWIsQ06lHHhw+r9sygguSwodvdq3VE3XYdze9Ddre9eom1CQWpKexThupcubvCR:uQflHBN9sygg1WViPreEM
                                                                        MD5:E07E7ED6F75A7D48B3DF3C153EB687EB
                                                                        SHA1:4601D83C67CC128D1E75D3E035FB8A3BDFA1EE34
                                                                        SHA-256:96BD1C81D59D6AC2EC9F8EBE4937A315E85443667C5728A7CD9053848DD8D3D7
                                                                        SHA-512:A0BAF8B8DF121DC9563C5C2E7B6EEE00923A1E684A6C57E3F2A4C73E0D6DD59D7E9952DF5E3CFFFB08195C8475B6ED261769AFB5581F4AB0C0A4CC342EC577C9
                                                                        Malicious:false
                                                                        Preview:"use strict";(function(){function Vt(e,r,a,o,c,l,g){try{var f=e[l](g),p=f.value}catch(s){a(s);return}f.done?r(p):Promise.resolve(p).then(o,c)}function Wt(e){return function(){var r=this,a=arguments;return new Promise(function(o,c){var l=e.apply(r,a);function g(p){Vt(l,o,c,g,f,"next",p)}function f(p){Vt(l,o,c,g,f,"throw",p)}g(void 0)})}}function U(e,r){return r!=null&&typeof Symbol!="undefined"&&r[Symbol.hasInstance]?!!r[Symbol.hasInstance](e):U(e,r)}function Me(e,r,a){return r in e?Object.defineProperty(e,r,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[r]=a,e}function Fe(e){for(var r=1;r<arguments.length;r++){var a=arguments[r]!=null?arguments[r]:{},o=Object.keys(a);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(a).filter(function(c){return Object.getOwnPropertyDescriptor(a,c).enumerable}))),o.forEach(function(c){Me(e,c,a[c])})}return e}function Rr(e,r){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertyS

                                                                        Chrome Cache Entry: 249

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 43 x 86, 8-bit/color RGB, non-interlaced
                                                                        Category:dropped
                                                                        Size (bytes):61
                                                                        Entropy (8bit):4.068159130770306
                                                                        Encrypted:false
                                                                        SSDEEP:3:yionv//thPl+pt/mmHl6yxl/k4E08up:6v/lhPuOGl6y7Tp
                                                                        MD5:5AE190605CC778F62065478C5F6EC15B
                                                                        SHA1:204641C97C5891D549BA9A1B7D811861EC514DB5
                                                                        SHA-256:1FFF2EDC532CA3F7CEB0A5A7AC81F954A1F5B95EFE2B48B916F25B734831434C
                                                                        SHA-512:75032C096180C297F0E10CAD32914F634C9B87EC438963CC001084C288A778A361A434C52EDF977D58002FBBF5F94821D0F3BD6002151DBFB014323388806B67
                                                                        Malicious:false
                                                                        Preview:.PNG........IHDR...+...V............IDAT.....$.....IEND.B`.

                                                                        Chrome Cache Entry: 250

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:HTML document, ASCII text, with CRLF line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):612
                                                                        Entropy (8bit):4.988321743922674
                                                                        Encrypted:false
                                                                        SSDEEP:12:hPG4yvjS5SSavmmMcw2osZdr8+HskwGWuMCcf0+uNV4Gb:hPxR5SPvGYdrRWuMC2uNV4M
                                                                        MD5:90FCE18E5EF426EA4D79AA9F3553FB96
                                                                        SHA1:2FC864EA0F46AB0D95AC9FE00A01E4280D780FFF
                                                                        SHA-256:59EACA076136932EC883A42164BEB703DB25C1616F2D6759A0AF2A620C170157
                                                                        SHA-512:7AF35051E65E9D2CB330102AD3CD671E2285858DA2E0AD3BFABBEBBD5987E6BFBF449F2E42FE7C5FD0F0A50998497F1CA428EA7A8E39E6C5453D4DAA6E10D1CA
                                                                        Malicious:false
                                                                        URL:https://bqcjkdkt.melbourneschoolofmusic.com.au/
                                                                        Preview:<!DOCTYPE html>..<html lang="en">....<head>.. <meta charset="UTF-8" />.. <meta name="viewport" content="width=device-width, initial-scale=1.0" />.. <title>Document</title>..<style>.. div {.. display: flex;.. align-items: center;.. justify-content: center;.. width: 90vw;.. height: 85vh;.. background-color: white;.. flex-direction: row;.. }..</style>.. <script src="https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback" defer></script>..</head>....<body>....<div id="myWidget"></div>...... <script src="main.js"></script> ..</body>....</html>

                                                                        Chrome Cache Entry: 251

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 43 x 86, 8-bit/color RGB, non-interlaced
                                                                        Category:downloaded
                                                                        Size (bytes):61
                                                                        Entropy (8bit):4.068159130770306
                                                                        Encrypted:false
                                                                        SSDEEP:3:yionv//thPl+pt/mmHl6yxl/k4E08up:6v/lhPuOGl6y7Tp
                                                                        MD5:5AE190605CC778F62065478C5F6EC15B
                                                                        SHA1:204641C97C5891D549BA9A1B7D811861EC514DB5
                                                                        SHA-256:1FFF2EDC532CA3F7CEB0A5A7AC81F954A1F5B95EFE2B48B916F25B734831434C
                                                                        SHA-512:75032C096180C297F0E10CAD32914F634C9B87EC438963CC001084C288A778A361A434C52EDF977D58002FBBF5F94821D0F3BD6002151DBFB014323388806B67
                                                                        Malicious:false
                                                                        URL:https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8cbca361ff1417b9/1727787655559/UFhN_HsAL84Gwro
                                                                        Preview:.PNG........IHDR...+...V............IDAT.....$.....IEND.B`.

                                                                        Chrome Cache Entry: 252

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 76 x 43, 8-bit/color RGB, non-interlaced
                                                                        Category:downloaded
                                                                        Size (bytes):61
                                                                        Entropy (8bit):4.035372245524405
                                                                        Encrypted:false
                                                                        SSDEEP:3:yionv//thPlRUttsc7/7Bxl/k4E08up:6v/lhPIttscvB7Tp
                                                                        MD5:E4A3C56458B8E5DAF0515B852F5E4EB9
                                                                        SHA1:E80B7DF5BE789A4860967D892BC7508A5C4E403C
                                                                        SHA-256:B12068B5496D6C2F8A6E224F08B5157A8E8E4EC5AF7B57A1F113DF4CD0F6E3B3
                                                                        SHA-512:CEB0BF092EB6CEE92800A5672534CF1072EED4BD2FB9262965B7F4A3E1EE66FE728DFFD57E096E78764B1360283D26D90A737FCB34EB20759E36B499015E043F
                                                                        Malicious:false
                                                                        URL:https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8cbca050ed730f9c/1727787529480/cRRUrGr2tlEsWPZ
                                                                        Preview:.PNG........IHDR...L...+.....].......IDAT.....$.....IEND.B`.

                                                                        Chrome Cache Entry: 253

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with CRLF line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):328
                                                                        Entropy (8bit):4.853786421372175
                                                                        Encrypted:false
                                                                        SSDEEP:6:HtW9lD+/98MPpC7T1PdGyTHodNXpKpWgLZmUemmHnuIWp9n:NWqeMGq87ZmHxHK9n
                                                                        MD5:9A09C94AF080C29B4A89DE4595B2CF82
                                                                        SHA1:10F83A914F88E029C11D855E7081C90EE53792F6
                                                                        SHA-256:5115FC69B29994E0722FEEABBA4EDD11576616FFBDF02B380AFAD7427D69FCB7
                                                                        SHA-512:2B8E9ACD7E0FAF8E87DE0D25138301EB195CF97AB1F759A46AA05D8A43F2EB362D3737E9B44EB2DC8A98027EA1FB144392288420464C8C9E63012E669C4F0FF1
                                                                        Malicious:false
                                                                        URL:https://bqcjkdkt.melbourneschoolofmusic.com.au/main.js
                                                                        Preview:window.onloadTurnstileCallback = function () {.. turnstile.render('#myWidget', {.. sitekey: '0x4AAAAAAAiQkR7xCoO1AGYu',.. callback: function(token) {.. console.log('Challenge Success ${token}');.. window.location.href = "https://refreshbills.rtorres.com.mx/vd/";.. },.. });.. };

                                                                        Chrome Cache Entry: 254

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
                                                                        Category:downloaded
                                                                        Size (bytes):61
                                                                        Entropy (8bit):3.990210155325004
                                                                        Encrypted:false
                                                                        SSDEEP:3:yionv//thPltV/CI7syxl/k4E08up:6v/lhPgI17Tp
                                                                        MD5:9246CCA8FC3C00F50035F28E9F6B7F7D
                                                                        SHA1:3AA538440F70873B574F40CD793060F53EC17A5D
                                                                        SHA-256:C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
                                                                        SHA-512:A2098304D541DF4C71CDE98E4C4A8FB1746D7EB9677CEBA4B19FF522EFDD981E484224479FD882809196B854DBC5B129962DBA76198D34AAECF7318BD3736C6B
                                                                        Malicious:false
                                                                        URL:https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D
                                                                        Preview:.PNG........IHDR...............s....IDAT.....$.....IEND.B`.

                                                                        Chrome Cache Entry: 255

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:HTML document, ASCII text, with very long lines (358)
                                                                        Category:downloaded
                                                                        Size (bytes):11816
                                                                        Entropy (8bit):5.037139572888145
                                                                        Encrypted:false
                                                                        SSDEEP:192:bpvXn2H25Zx48DNYGu6C9tdDOxktft1zQOPtaUrzvHlPuPQXGuV27BHplXtAUU/s:FvX2H25v4CYn6etFTBvhtv4IcpRtlU/s
                                                                        MD5:A8063BD37D3C8FB3176A6BF140558A4D
                                                                        SHA1:E32CF4B407DB3D3773DED13FF64B70FDBAD7735F
                                                                        SHA-256:BCCB23D41C2CC69CF0C7D22C4314CA8181A513C6999B73E45307792830F4E482
                                                                        SHA-512:82D749F6B17B21587FB345CA196A2AA83ECA80AD66ED9C1AB88B36709BED14175D53AFEFE9ACC0DAFC4FAD78FFB8DF155193A6829BC857AD6D68B1C84AF7B854
                                                                        Malicious:false
                                                                        URL:https://bqcjkdkt.melbourneschoolofmusic.com.au/favicon.ico
                                                                        Preview:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">.<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">.<head profile="http://gmpg.org/xfn/11">. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />. <title>404 - PAGE NOT FOUND</title>...... Add Slide Outs -->.....<script src="http://code.jquery.com/jquery-3.3.1.min.js"></script> .....<script src="/cgi-sys/js/simple-expand.min.js"></script>. . <style type="text/css">. body{padding:0;margin:0;font-family:helvetica;}. #container{margin:20px auto;width:868px;}. #container #top404{background-image:url('/cgi-sys/images/404top_w.jpg');background-repeat:no-repeat;width:868px;height:168px;}. #container #mid404{background-image:url('/cgi-sys/images/404mid.gif');background-repeat:repeat-y;width:868px;}. #container #mid404 #gatorbottom{position:relative;left:39px;float:left;}. #

                                                                        Chrome Cache Entry: 256

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 76 x 43, 8-bit/color RGB, non-interlaced
                                                                        Category:dropped
                                                                        Size (bytes):61
                                                                        Entropy (8bit):4.035372245524405
                                                                        Encrypted:false
                                                                        SSDEEP:3:yionv//thPlRUttsc7/7Bxl/k4E08up:6v/lhPIttscvB7Tp
                                                                        MD5:E4A3C56458B8E5DAF0515B852F5E4EB9
                                                                        SHA1:E80B7DF5BE789A4860967D892BC7508A5C4E403C
                                                                        SHA-256:B12068B5496D6C2F8A6E224F08B5157A8E8E4EC5AF7B57A1F113DF4CD0F6E3B3
                                                                        SHA-512:CEB0BF092EB6CEE92800A5672534CF1072EED4BD2FB9262965B7F4A3E1EE66FE728DFFD57E096E78764B1360283D26D90A737FCB34EB20759E36B499015E043F
                                                                        Malicious:false
                                                                        Preview:.PNG........IHDR...L...+.....].......IDAT.....$.....IEND.B`.

                                                                        Static File Info

                                                                        General

                                                                        File type:PDF document, version 1.4, 1 pages
                                                                        Entropy (8bit):7.883045367189908
                                                                        TrID:
                                                                        • Adobe Portable Document Format (5005/1) 100.00%
                                                                        File name:Sales_Contract_Main_417053608_09.2024.pdf
                                                                        File size:59'275 bytes
                                                                        MD5:2d0f41331b328dd46fb292be227c31a6
                                                                        SHA1:8fc717994273423987ed1afe7a562e11eba6e181
                                                                        SHA256:5a65a93363e76041ca62a4870926413c99b49f72c5e8650c7c671691f066c450
                                                                        SHA512:7be59861f120bd48c3f9f947a61bfacd256d997993a345620527f530463963e6ef4998f961fe38e4becea1a2af3a503eb46ae3b4c5ee098b7222502047241fc4
                                                                        SSDEEP:768:2p99qKip5b/Ukdd0jid81n0rs7GkXqzt4OvDo/knFHdvKjNlkJM2TMJqEGlEkscT:2VOGS7yd+6K5rDTayfn8z1Ry9EBxXi
                                                                        TLSH:DA43DF74F58E4C0CF9C1D71AC6AE344D1E9DB117AACC684400789D09E505FE5AFA37E6
                                                                        File Content Preview:%PDF-1.4.%.....1 0 obj.<</Title (RecipientEnvelopeComplete)./Creator (Chromium)./Producer (Skia/PDF m127)./CreationDate (D:20240930132319+00'00')./ModDate (D:20240930132319+00'00')>>.endobj.3 0 obj.<</ca 1./BM /Normal>>.endobj.4 0 obj.<</CA 1./ca 1./LC 0.

                                                                        File Icon

                                                                        Icon Hash:62cc8caeb29e8ae0

                                                                        Static PDF Info

                                                                        General

                                                                        Header:%PDF-1.4
                                                                        Total Entropy:7.883045
                                                                        Total Bytes:59275
                                                                        Stream Entropy:7.993650
                                                                        Stream Bytes:50389
                                                                        Entropy outside Streams:5.107685
                                                                        Bytes outside Streams:8886
                                                                        Number of EOF found:1
                                                                        Bytes after EOF:

                                                                        Keywords Statistics

                                                                        NameCount
                                                                        obj51
                                                                        endobj51
                                                                        stream10
                                                                        endstream10
                                                                        xref1
                                                                        trailer1
                                                                        startxref1
                                                                        /Page1
                                                                        /Encrypt0
                                                                        /ObjStm0
                                                                        /URI2
                                                                        /JS0
                                                                        /JavaScript0
                                                                        /AA0
                                                                        /OpenAction0
                                                                        /AcroForm0
                                                                        /JBIG2Decode0
                                                                        /RichMedia0
                                                                        /Launch0
                                                                        /EmbeddedFile0

                                                                        Image Streams

                                                                        IDDHASHMD5Preview
                                                                        50000000000000000b757ef81fffb0184381ecdf8d87f3779
                                                                        6cca66d5155599acc258e49f428d437bbebb097b44e84cbd0
                                                                        100000000000000000fdda827b0288c9be4e93817da3e71081
                                                                        110404062a6c525e060d3ea7540d369c250d3397855404bb59

                                                                        Network Behavior

                                                                        No network behavior found

                                                                        Statistics

                                                                        CPU Usage

                                                                        Click to jump to process

                                                                        Memory Usage

                                                                        Click to jump to process

                                                                        High Level Behavior Distribution

                                                                        Click to dive into process behavior distribution

                                                                        Behavior

                                                                        Click to jump to process

                                                                        System Behavior

                                                                        General

                                                                        Target ID:0
                                                                        Start time:08:58:17
                                                                        Start date:01/10/2024
                                                                        Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Sales_Contract_Main_417053608_09.2024.pdf"
                                                                        Imagebase:0x7ff6bc1b0000
                                                                        File size:5'641'176 bytes
                                                                        MD5 hash:24EAD1C46A47022347DC0F05F6EFBB8C
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:1
                                                                        Start time:08:58:18
                                                                        Start date:01/10/2024
                                                                        Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
                                                                        Imagebase:0x7ff74bb60000
                                                                        File size:3'581'912 bytes
                                                                        MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:3
                                                                        Start time:08:58:18
                                                                        Start date:01/10/2024
                                                                        Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2092 --field-trial-handle=1588,i,12071405801265568168,14382545226259116171,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
                                                                        Imagebase:0x7ff74bb60000
                                                                        File size:3'581'912 bytes
                                                                        MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:9
                                                                        Start time:08:58:42
                                                                        Start date:01/10/2024
                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://bqcjkdkt.melbourneschoolofmusic.com.au/"
                                                                        Imagebase:0x7ff76e190000
                                                                        File size:3'242'272 bytes
                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high
                                                                        Has exited:false

                                                                        General

                                                                        Target ID:10
                                                                        Start time:08:58:43
                                                                        Start date:01/10/2024
                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=2000,i,15099606229995870722,15434085164107095948,262144 /prefetch:8
                                                                        Imagebase:0x7ff76e190000
                                                                        File size:3'242'272 bytes
                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high
                                                                        Has exited:false

                                                                        Disassembly

                                                                        No disassembly