Windows
Analysis Report
RadProCalculatorUpdates.pdf
Overview
General Information
Detection
Score: | 2 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- Acrobat.exe (PID: 5148 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\R adProCalcu latorUpdat es.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) - AcroCEF.exe (PID: 6176 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 3116 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --user-d ata-dir="C :\Users\us er\AppData \Local\CEF \User Data " --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=20 84 --field -trial-han dle=1540,i ,164826451 8854123452 7,68871693 1816560184 9,131072 - -disable-f eatures=Ba ckForwardC ache,Calcu lateNative WinOcclusi on,WinUseB rowserSpel lChecker / prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | DNS query: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | IP Address: |
Source: | HTTP traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 3 Exploitation for Client Execution | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 System Information Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 13 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
3% | ReversingLabs |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
x1.i.lencr.org | unknown | unknown | false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
104.126.112.182 | unknown | United States | 16625 | AKAMAI-ASUS | false |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1524333 |
Start date and time: | 2024-10-02 17:32:32 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 9s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowspdfcookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 9 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | RadProCalculatorUpdates.pdf |
Detection: | CLEAN |
Classification: | clean2.winPDF@14/48@1/1 |
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 184.28.88.176, 52.202.204.11, 54.227.187.23, 52.5.13.197, 23.22.254.206, 162.159.61.3, 172.64.41.3, 93.184.221.240, 2.23.197.184, 2.19.126.149, 2.19.126.143
- Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, fs.microsoft.com, e8652.dscx.akamaiedge.net, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, acroipm2.adobe.com.edgesuite.net, wu.ec.azureedge.net, ctldl.windowsupdate.com, p13n.adobe.io, wu.azureedge.net, acroipm2.adobe.com, fe3cr.delivery.mp.microsoft.com, ocsp.digicert.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, hlb.apr-52dd2-0.edgecastdns.net, geo2.adobe.com, wu-b-net.trafficmanager.net, crl.root-x1.letsencrypt.org.edgekey.net
- VT rate limit hit for: RadProCalculatorUpdates.pdf
Time | Type | Description |
---|---|---|
11:33:45 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
104.126.112.182 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
AKAMAI-ASUS | Get hash | malicious | LummaC, PrivateLoader, Stealc, Vidar | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | LummaC, Stealc, Vidar | Browse |
| ||
Get hash | malicious | Babadeda | Browse |
| ||
Get hash | malicious | LummaC | Browse |
| ||
Get hash | malicious | LummaC | Browse |
| ||
Get hash | malicious | LummaC | Browse |
| ||
Get hash | malicious | LummaC, Go Injector, LummaC Stealer | Browse |
| ||
Get hash | malicious | LummaC | Browse |
| ||
Get hash | malicious | LummaC | Browse |
|
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.114127738267403 |
Encrypted: | false |
SSDEEP: | 6:W6C3+q2P92nKuAl9OmbnIFUt8B6eAZZmw+B6eANVkwO92nKuAl9OmbjLJ:E+v4HAahFUt8iZ/+iNV5LHAaSJ |
MD5: | D8FD6DA1D01D08939EA863EE03D2401D |
SHA1: | 58A49F70D8C7555C3850B53D2CE6EE7FA671DC51 |
SHA-256: | 01EF428FE30DE3DC4AB6D5E7DCD8F4A692C747419EF78B1D66E572448037A355 |
SHA-512: | 687A57D60CE00CD8FFDF2A9600D6CCFEE6BFACB33B6A2CF96779A21511D1916A30C3513D7E23F7CBAA4E892E5936B3C5E4AEDEEDB0A20CEFF48CFACDE5D554C1 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.114127738267403 |
Encrypted: | false |
SSDEEP: | 6:W6C3+q2P92nKuAl9OmbnIFUt8B6eAZZmw+B6eANVkwO92nKuAl9OmbjLJ:E+v4HAahFUt8iZ/+iNV5LHAaSJ |
MD5: | D8FD6DA1D01D08939EA863EE03D2401D |
SHA1: | 58A49F70D8C7555C3850B53D2CE6EE7FA671DC51 |
SHA-256: | 01EF428FE30DE3DC4AB6D5E7DCD8F4A692C747419EF78B1D66E572448037A355 |
SHA-512: | 687A57D60CE00CD8FFDF2A9600D6CCFEE6BFACB33B6A2CF96779A21511D1916A30C3513D7E23F7CBAA4E892E5936B3C5E4AEDEEDB0A20CEFF48CFACDE5D554C1 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 338 |
Entropy (8bit): | 5.126835753036727 |
Encrypted: | false |
SSDEEP: | 6:W6zIq2P92nKuAl9Ombzo2jMGIFUt8B6/vZZmw+B6AFkwO92nKuAl9Ombzo2jMmLJ:BIv4HAa8uFUt8k/+r5LHAa8RJ |
MD5: | 689E75E9832B342AB1E3FFC56A3E6820 |
SHA1: | DBE97310982387967D3279501509742D2799218D |
SHA-256: | B0C6BB2494D6E7408A51FA79C6E9E0CB43DC7B1CBAB37AD0707665C93AE99F2E |
SHA-512: | 470FFFC1030F6AADAD8A457A54BCA57EB6F7E090D7C8A799EACCC9F6394C122367471899C1E2F5C1C03BEDEA92257884FA9021FCC738C949688FCFA3F8F4E34C |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 338 |
Entropy (8bit): | 5.126835753036727 |
Encrypted: | false |
SSDEEP: | 6:W6zIq2P92nKuAl9Ombzo2jMGIFUt8B6/vZZmw+B6AFkwO92nKuAl9Ombzo2jMmLJ:BIv4HAa8uFUt8k/+r5LHAa8RJ |
MD5: | 689E75E9832B342AB1E3FFC56A3E6820 |
SHA1: | DBE97310982387967D3279501509742D2799218D |
SHA-256: | B0C6BB2494D6E7408A51FA79C6E9E0CB43DC7B1CBAB37AD0707665C93AE99F2E |
SHA-512: | 470FFFC1030F6AADAD8A457A54BCA57EB6F7E090D7C8A799EACCC9F6394C122367471899C1E2F5C1C03BEDEA92257884FA9021FCC738C949688FCFA3F8F4E34C |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\1ded9e02-845e-4d3f-be2b-db1aa5314bfd.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 508 |
Entropy (8bit): | 5.0593484360334875 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sq/sBdOg2Hj2caq3QYiubxnP7E4TfF+:Y2sRdsldMH13QYhbxP7np+ |
MD5: | 55D63ABA9062B03570C6709A9C012392 |
SHA1: | F0D88CDB182C1CB86CB2E35505E627592990A848 |
SHA-256: | AD1FAD4F63AE32D4A0535ABD5D0241EE6F6D9B0FA241D0D683EF1FCFA2AFBC15 |
SHA-512: | BE5BCC03F8DCBBBC553BA75C9ED8B51C7CD983E399154538CADAD43FED5C4E88EF5F8B49DF71FEF6140E8B50A2C7DCB1F4AA23B8B4563811019C494C05EE2E85 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 508 |
Entropy (8bit): | 5.047195090775108 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqnT/sBdOg2HXcaq3QYiubxnP7E4TfF+:Y2sRdsgTAdMHW3QYhbxP7np+ |
MD5: | 70321A46A77A3C2465E2F031754B3E06 |
SHA1: | 5E7E713285D36F12ACFC68A34D8A34FD33C96B34 |
SHA-256: | 344DA48DA0F9A5CC258E10D6C28086B7718CBE596CDC3D7A2A61C8F5FD781248 |
SHA-512: | E885342B270FE3D538F17F8F80B9ED061B30EE55624177BD81F5C65C033160D71559D60872BC0F99C0C93FAE29F9D09FD5042B68D83CD538154D1335BAC8205D |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State~RF61a3ba.TMP (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 508 |
Entropy (8bit): | 5.047195090775108 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqnT/sBdOg2HXcaq3QYiubxnP7E4TfF+:Y2sRdsgTAdMHW3QYhbxP7np+ |
MD5: | 70321A46A77A3C2465E2F031754B3E06 |
SHA1: | 5E7E713285D36F12ACFC68A34D8A34FD33C96B34 |
SHA-256: | 344DA48DA0F9A5CC258E10D6C28086B7718CBE596CDC3D7A2A61C8F5FD781248 |
SHA-512: | E885342B270FE3D538F17F8F80B9ED061B30EE55624177BD81F5C65C033160D71559D60872BC0F99C0C93FAE29F9D09FD5042B68D83CD538154D1335BAC8205D |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\cab57eb1-b1f4-4918-895a-8f128a86844e.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 508 |
Entropy (8bit): | 5.047195090775108 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqnT/sBdOg2HXcaq3QYiubxnP7E4TfF+:Y2sRdsgTAdMHW3QYhbxP7np+ |
MD5: | 70321A46A77A3C2465E2F031754B3E06 |
SHA1: | 5E7E713285D36F12ACFC68A34D8A34FD33C96B34 |
SHA-256: | 344DA48DA0F9A5CC258E10D6C28086B7718CBE596CDC3D7A2A61C8F5FD781248 |
SHA-512: | E885342B270FE3D538F17F8F80B9ED061B30EE55624177BD81F5C65C033160D71559D60872BC0F99C0C93FAE29F9D09FD5042B68D83CD538154D1335BAC8205D |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4509 |
Entropy (8bit): | 5.2334214679829305 |
Encrypted: | false |
SSDEEP: | 96:QqBpCqGp3Al+NehBmkID2w6bNMhugoKTNY+No/KTNcygLPGLLU423l3tb28jZ:rBpJGp3AoqBmki25ZEVoKTNY+NoCTNLi |
MD5: | E9DBC33297689064330A90EEBE0DF5C6 |
SHA1: | C126FCE080647A9C6631C6E8C7491B30A4164CCD |
SHA-256: | AC89C86F7F2E5B86A946C761BB54E23E21CCB82A25F5A67891E0F367C5745F2E |
SHA-512: | BFF902DD283B1AE886BEF740D6C929D5A30DF8B34ACA61C5B1A0EC560EF92CE04EF07C6A4699FA763A079E249DEC6CD3AEB13F7AACC22133F069911226EC3126 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 326 |
Entropy (8bit): | 5.0845380684105645 |
Encrypted: | false |
SSDEEP: | 6:W6EL6q2P92nKuAl9OmbzNMxIFUt8B6EahZmw+B6EjxzkwO92nKuAl9OmbzNMFLJ:uWv4HAa8jFUt8bah/+bjx5LHAa84J |
MD5: | C89AA092ECFB2591DACA3A4EE600EBCE |
SHA1: | 341F1A8B07E99F86CD7E35F1A92842B793C0D5F7 |
SHA-256: | 14F283403768F0541EB7C39FD228EF64A9E9E04FA080DC66D15D6BF43AB6CDC2 |
SHA-512: | 7710EFFC08BAFEA3C508D60C87A9457CF4D78F9281CD090F4CE118CF7A5540B28A90442C2804C693CFF06B41D7C53999A2A057FA3FD3618DF8FA06F20D4A7D61 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 326 |
Entropy (8bit): | 5.0845380684105645 |
Encrypted: | false |
SSDEEP: | 6:W6EL6q2P92nKuAl9OmbzNMxIFUt8B6EahZmw+B6EjxzkwO92nKuAl9OmbzNMFLJ:uWv4HAa8jFUt8bah/+bjx5LHAa84J |
MD5: | C89AA092ECFB2591DACA3A4EE600EBCE |
SHA1: | 341F1A8B07E99F86CD7E35F1A92842B793C0D5F7 |
SHA-256: | 14F283403768F0541EB7C39FD228EF64A9E9E04FA080DC66D15D6BF43AB6CDC2 |
SHA-512: | 7710EFFC08BAFEA3C508D60C87A9457CF4D78F9281CD090F4CE118CF7A5540B28A90442C2804C693CFF06B41D7C53999A2A057FA3FD3618DF8FA06F20D4A7D61 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-241002153336Z-161.bmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71190 |
Entropy (8bit): | 1.6810282003340726 |
Encrypted: | false |
SSDEEP: | 192:EKTFiEiqbVLwIgc0F5xxejLepVOb7+cQH:VLWJBpc/9QH |
MD5: | 347D88AEB7B5324FA50C5784E6A8B4F2 |
SHA1: | 0CCE3B42760A7D5321EE93D4EB55A73CD18AB647 |
SHA-256: | D09AEE97D356B1C6A5FBA75855BB3110D9F4985575C9251B852C386B7CA1FCA0 |
SHA-512: | C7114D14DF51AF81CE1273B23C265C97BBF17DB94DE51FB99680035EB661079267ABCB2DE4DED97DB95338A367B4902AC3C4E3AB11ECB3E824F1EEF3FC0027AB |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1391 |
Entropy (8bit): | 7.705940075877404 |
Encrypted: | false |
SSDEEP: | 24:ooVdTH2NMU+I3E0Ulcrgdaf3sWrATrnkC4EmCUkmGMkfQo1fSZotWzD1:ooVguI3Kcx8WIzNeCUkJMmSuMX1 |
MD5: | 0CD2F9E0DA1773E9ED864DA5E370E74E |
SHA1: | CABD2A79A1076A31F21D253635CB039D4329A5E8 |
SHA-256: | 96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6 |
SHA-512: | 3B40F27E828323F5B91F8909883A78A21C86551761F27B38029FAAEC14AF5B7AA96FB9F9CC93EE201B5EB1D0FEF17B290747E8B839D2E49A8F36C5EBF3C7C910 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71954 |
Entropy (8bit): | 7.996617769952133 |
Encrypted: | true |
SSDEEP: | 1536:gc257bHnClJ3v5mnAQEBP+bfnW8Ctl8G1G4eu76NWDdB34w18R5cBWcJAm68+Q:gp2ld5jPqW8LgeulxB3fgcEfDQ |
MD5: | 49AEBF8CBD62D92AC215B2923FB1B9F5 |
SHA1: | 1723BE06719828DDA65AD804298D0431F6AFF976 |
SHA-256: | B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F |
SHA-512: | BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 192 |
Entropy (8bit): | 2.7569015731729736 |
Encrypted: | false |
SSDEEP: | 3:kkFkl5FSFjllXfllXlE/HT8kmfh1NNX8RolJuRdxLlGB9lQRYwpDdt:kK9lIT8R7NMa8RdWBwRd |
MD5: | 640CE885567FFC4F3C7F5E3922EA9669 |
SHA1: | 206E21039C051BA88C1C037F7CB8E4698F97CE6B |
SHA-256: | EF515BEFA7B4BD81E218E5DF27405EB83C0CF4455FFF69E7D8D0FA372860DD71 |
SHA-512: | CC44A87881AEB9E3ACDC569C398F5803A7A15421EBB80893AD6B1DDCD206580A302348857670686CA5E8ECA5F9AF9F43390F65ECA12C1FF878B5ED9C10F98DEC |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 328 |
Entropy (8bit): | 3.150184159866505 |
Encrypted: | false |
SSDEEP: | 6:kKth/99UswDLL+N+SkQlPlEGYRMY9z+4KlDA3RUebT3:MDnLNkPlE99SNxAhUe/3 |
MD5: | 0480E19D2238A104889E8B496AEEC314 |
SHA1: | E8A134FB78E4926D0679830416ACB265F74A0174 |
SHA-256: | AB1F895AE6DE83F66C123EA82A674477A13C9C28EB51AC0A8B9F4ABF1DF5838B |
SHA-512: | 17232B07557BEB4D51EB9E318C4D8D6D640E81CF3CBBED07F4FC81E73831B08AAFE34799CF49BFB8385AA6B09C7501C6E9DE0BFD86D0079C5F3B11E3394BD5D2 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 227002 |
Entropy (8bit): | 3.392780893644728 |
Encrypted: | false |
SSDEEP: | 1536:WKPC4iyzDtrh1cK3XEivK7VK/3AYvYwgF/rRoL+sn:DPCaJ/3AYvYwglFoL+sn |
MD5: | 87EDBEE38F56C20298F25D5D3D4D1B5C |
SHA1: | 7F904E9615AC3186A87472EF366DD8202855B0B7 |
SHA-256: | A46B56D3ABCC137D1872DDF20EED4BCD7D04518282282ADB32DDCCF70D7FFBA6 |
SHA-512: | BBEBC1FCD5BC9AE042DD5782425BA8C47BF3EAC283B2487FC4E3FF6BF8101306DAB081E5135594165D4DC1AC120FF125AADBC5B3FFE7C646183C04DF77865E0D |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.329956283260954 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXrSEH6DJQ+x+FIbRI6XVW7+0YGVVKoAvJM3g98kUwPeUkwRe9:YvXKXrSEaDJQpYpW7F5GMbLUkee9 |
MD5: | 4793335010F86F9B14C70CA999F38664 |
SHA1: | 3659CC60D532A70F3A65BE0917BFFA773F212A9F |
SHA-256: | 25AC5C016D79322C855B4B5D640B03E51705F63E035C384CF1081F9CD810D6BF |
SHA-512: | F032EB623186AB40D1264074DA86FA2C9426E7063166988B3B7162DC2D31F48DAE1DB80CB0F58EE72FC2037D5D0E4433E332E810C9EA2E75078A1077193ADF66 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.270311757742123 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXrSEH6DJQ+x+FIbRI6XVW7+0YGVVKoAvJfBoTfXpnrPeUkwRe9:YvXKXrSEaDJQpYpW7F5GWTfXcUkee9 |
MD5: | C929DDBFC4FB2A2150390F6FA0ECAAEA |
SHA1: | 55A9D836728FF45CE10A507D30765282BC6695F6 |
SHA-256: | 719E461A49971AF38334CA5D4A4E3511C1B69CC46DCB5DCB1AA00B87312F0ABB |
SHA-512: | 41F49E278BFD32E068EF4CF9E3A7E308227CA6768235ABC2C8CF60E1EB50DD5869DCDCF0F56BB2F79565BB3F4611C14BBF058962AD517583A488CC6C92AC75BC |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.2490179719690016 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXrSEH6DJQ+x+FIbRI6XVW7+0YGVVKoAvJfBD2G6UpnrPeUkwRe9:YvXKXrSEaDJQpYpW7F5GR22cUkee9 |
MD5: | 0D86D0734722734EA0796C2B1EB2EA0D |
SHA1: | 03118B871E969D7982A029D13A79327D6B8624C8 |
SHA-256: | C3B9A9B17A148E168D6C1C0BD409B8727B081E58C383779599B32854C84707FC |
SHA-512: | D13749B871D4ED58ACC4367FF258F192DBD7E869FB64030009709D6E5778DA25ACFB614F9D7A8D89C4A737F832272BEF7334FCEFE5ECAE47127AED49A412370B |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.307676981860286 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXrSEH6DJQ+x+FIbRI6XVW7+0YGVVKoAvJfPmwrPeUkwRe9:YvXKXrSEaDJQpYpW7F5GH56Ukee9 |
MD5: | 3212252CBECE179C255E7977355E9069 |
SHA1: | 06B3B987AD33456BF70EBB34B24528F024861FBD |
SHA-256: | D5E1DB66EE493FF529B4A6D3A8A31EF4FF63F7F4C5EDB23CA6EF6991F5215385 |
SHA-512: | 28BBCB0B980AD835B0F930C3502238EA05D9E762D911551E3CD84D96ABA16EF44458D97C8E2824E68EF08151F3543A0439664F55CDD0BDFB6D130E7AFC26E50C |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1063 |
Entropy (8bit): | 5.663894704110167 |
Encrypted: | false |
SSDEEP: | 24:Yv6XhWJQKiApLgEFqciGennl0RCmK8czOCY4w2oE:YvoWJkAhgLtaAh8cvYvW |
MD5: | 60EDA5A97D0031DC093486FBD64F82E4 |
SHA1: | F15DE37BC46B49796A65C906B9D8E1BC7A81F30D |
SHA-256: | E19F84A7CD64B1CD9E75F15AC5E4A9FF5279A6EC705049CD8AF756E05D944897 |
SHA-512: | 29E73CF8523ED6E3AA7BD7A4B19EDD95C4D616A6A6162988E1C655EECF09B599560BE4902208717DFFAE78B8F2715BB2589E96C7D06D7C818BA9AB09D5017D63 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1050 |
Entropy (8bit): | 5.648853878952549 |
Encrypted: | false |
SSDEEP: | 24:Yv6XhWJQKiSVLgEF0c7sbnl0RCmK8czOCYHflEpwiVoE:YvoWJkSFg6sGAh8cvYHWpwY |
MD5: | F9029B8C608503B940E79225D9486DDB |
SHA1: | BC794ADDD2AFD3A3753C4D106ED1E2729A243450 |
SHA-256: | D579E4A5E4A7F9B41ABFF5937B9189F0EF8D3819B83DEEEA69640FE2C14F5423 |
SHA-512: | 18A0D41B71DE62C8E1EF2BEA3DC35B490090A5F13716E05F3AD9D9FEE5AAF8A5D555936AD981FFB2AA81EB971F1E6C052431A37BB593E1B8DC32863881B4435B |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.254390329690633 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXrSEH6DJQ+x+FIbRI6XVW7+0YGVVKoAvJfQ1rPeUkwRe9:YvXKXrSEaDJQpYpW7F5GY16Ukee9 |
MD5: | A4A1398695EDBCE7C4B34E6655E304B2 |
SHA1: | 798F1EA9EC18E4445E7146469364382B203A7F70 |
SHA-256: | 2815D37882970A4395CAE27823D2ED63246EDB875D9BCB3E29DD396742CC6478 |
SHA-512: | E1D2CE1AA6B7337DB23481AC9EAFC8F774351B487157E7110AFA5691BC318B6BAAAF429391EE403B0111791B033F235DFFEA869E6A626BBA077881CB673EF4D9 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1038 |
Entropy (8bit): | 5.644697229868642 |
Encrypted: | false |
SSDEEP: | 24:Yv6XhWJQKi/2LgEF7cciAXs0nl0RCmK8czOCAPtciBoE:YvoWJk/ogc8hAh8cvA7 |
MD5: | E94A83DE76EFC3236576AD6C35549F47 |
SHA1: | 5982F8DFF278F2BF9AE63344C21B7BC4FDB58126 |
SHA-256: | CE3AEDAB3295FCBF506651B9A1B83A7A7AFD777763903C706B233F6A1218D8C3 |
SHA-512: | BE6900158CE70962BEC3D5ADCC980BCDB53BCDA159238D5522AB6796B4688D154A3EDEC44E2D309717CF9EEB8D37DA3E600251D8AA96FD163E02CFB7B97B7318 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1164 |
Entropy (8bit): | 5.694520197486624 |
Encrypted: | false |
SSDEEP: | 24:Yv6XhWJQKiTKLgEfIcZVSkpsn264rS514ZjBrwloJTmcVIsrSK5oE:YvoWJkTEgqprtrS5OZjSlwTmAfSKP |
MD5: | AA9C73398E61A436CF0DF64C1B8A2AA1 |
SHA1: | 41058D0E298EB2916BD2674A2B8B8796BD302D5E |
SHA-256: | 3E86A36E8E662796381D8DD32563607ACBE1504F11B9FE8E8D7869B422DC1709 |
SHA-512: | ED69FBA38FA751BCC86305E89076C9EDA69D3541015AC7D260506517E9AA8AAB468FBFD9DEC76ED393799A3F0587E697DCF8166DDB411B52C5E5C4D762E682AB |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.260405504506839 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXrSEH6DJQ+x+FIbRI6XVW7+0YGVVKoAvJfYdPeUkwRe9:YvXKXrSEaDJQpYpW7F5Gg8Ukee9 |
MD5: | 78B3855736D467FD88802F100A5C554E |
SHA1: | 63E99BC80EF138ED69F78562F5606CAC5CD0F99F |
SHA-256: | 51DFCB9EE00AEBA11AE0893A94A7120CABC35D8E27FF857014BDAC0EB34C0154 |
SHA-512: | 83C34D443525D3D706440339177048C16E20E75D84348A0251D10BEA8B07B5FA4C97837F46661DCB201B095E5CD15C03E0044633144D2AE415002DA532DCED34 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1395 |
Entropy (8bit): | 5.769317172490375 |
Encrypted: | false |
SSDEEP: | 24:Yv6XhWJQKiurLgEGOc93W2JeFmaR7CQzttgBcu141CjrWpHfRzVCV9FJNQE:YvoWJkuHgDv3W2aYQfgB5OUupHrQ9FJP |
MD5: | E579CFDD0ECBE6D0E51C97E36B852593 |
SHA1: | 5610120E531D9299A57A648ACBDCB0FFC9C1DF8E |
SHA-256: | 21EB30A04C01C22082837307A60830277B7D2AF33B1CABAE5A8D7C14DC02AD37 |
SHA-512: | 4625C26C46F0D0678BDE58933089374F7A3B6D5EFA53D95EB09ECA4092727817E720F79DDAB9DD1EC9D6854DD4578FBC564E03438A93529741E82EE3765AE811 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.244224729297494 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXrSEH6DJQ+x+FIbRI6XVW7+0YGVVKoAvJfbPtdPeUkwRe9:YvXKXrSEaDJQpYpW7F5GDV8Ukee9 |
MD5: | AFAB2A96C6B5F8A27AFC11E5A9977A5B |
SHA1: | 6B1729D013478ED95ECA9F21A1657F4E40C90759 |
SHA-256: | 04A57EDA61041591E7EFC1413FB9FDBE3F636B2B717E99E62813DA8FF703EAD2 |
SHA-512: | BD5DFDC1916A8115044F17D7D92DFF28332B6FF928CB1E0515E4CE6121DC72987864F8C0F14920091CE9516703FD9EAD9072F8F4F98874561192A47798A583E5 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.245349901634839 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXrSEH6DJQ+x+FIbRI6XVW7+0YGVVKoAvJf21rPeUkwRe9:YvXKXrSEaDJQpYpW7F5G+16Ukee9 |
MD5: | DD108361BAE6F7899BAE1185BDF59BB1 |
SHA1: | 17ABE48DFFE0322D2A83723FAFB38A4FE65324A6 |
SHA-256: | A017BCC87EACE7306A95FE1C4D9E28F29CC134C77EEFA03035C775E46F58BDB4 |
SHA-512: | 851E8083FE1BCB93D9CAC9DC9EABDC2AC4A8F8F8A77007F11EDC0E8E3FD425CAC312788CA7F625168D719D61EB7A2F980E8A93ED9CEF5EFEF578C5F0B2CE13B8 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1058 |
Entropy (8bit): | 5.653324423211665 |
Encrypted: | false |
SSDEEP: | 24:Yv6XhWJQKikamXayLgEFRcONaqnl0RCmK8czOC+w2E+tg8BoE:YvoWJkiBguOAh8cv+NK+ |
MD5: | 39421B1A24E96A26F0DF16C98FA1C70A |
SHA1: | 130AF4D5332714A292340CDC06A5365FE0EF317C |
SHA-256: | A171A985F95FE294B7877A68E1B3D8864CB4B8582D41B3FF44C66DC298C75C46 |
SHA-512: | 01B96D7EB9425B264546BE8E779A470024B648A18E79A6BE66E7E72A24388FA110A717074A9724D2B669E4A9B530D4E82BCF179F8B15048962D5A397E1DF17A7 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 286 |
Entropy (8bit): | 5.218684146049753 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXrSEH6DJQ+x+FIbRI6XVW7+0YGVVKoAvJfshHHrPeUkwRe9:YvXKXrSEaDJQpYpW7F5GUUUkee9 |
MD5: | 4D3343A6F5805235DCC83E42849210F0 |
SHA1: | 4DF20B6B4F8247CDAE81E698CAA223A842BD6627 |
SHA-256: | 770603F26ADF2F07A624891FAF8A13BEE1BD1AA64CA1477595CF133B7D5650DD |
SHA-512: | B491E360A2DB83F524F042FBCE3E4EB34974DC0642A12C9CA30DBA81F991CBD0FE8BE9DA59F0988DD140ABD3A8A1159E505E110955399C95BA007B876E0491EC |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 782 |
Entropy (8bit): | 5.355297603122185 |
Encrypted: | false |
SSDEEP: | 12:YvXKXrSEaDJQpYpW7F5GTq16Ukee1+3CEJ1KXd15kcyKMQo7P70c0WM6ZB/uhWME:Yv6XhWJQKir168CgEXX5kcIfANhLE |
MD5: | 58FFA1580B67D802D1D0B22E1532E85C |
SHA1: | DA1F6E5022B32440A9A0516B3B4E33D5C81C22EE |
SHA-256: | 23C6611C96262EF51FB56B92DF38D2EFBBB15CF578F0CE4361DAF14B78449A5B |
SHA-512: | F20A81FD5A29FCAF66CA052CAA2315C716B1705BEF0A13E19943C4E9218DA3834F435147449B33923DE4E7B447B0612CCE82B3D80A6A15A7BAA3EB6EA9E80EFB |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | 3:e:e |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2818 |
Entropy (8bit): | 5.118981348132025 |
Encrypted: | false |
SSDEEP: | 24:YhZQOMKQDaXayA8PZ4CC6j8c7LEEK72NX0Qjmj0SI84AI2N12LSiwy75/pdP9pug:Y33hVNYc7wX7CZ42hU1Mwy7tpdP9F |
MD5: | CCAD07A7DD942BFCF90FA57ADF54F277 |
SHA1: | 1771CF9B624B4CED8B2DE11BC66DD02BFC3160EF |
SHA-256: | 7CB5E2EB132C06178002B04EAE929F1B1271448CC245DBB98DEEFF490A356309 |
SHA-512: | B4E0E7C73F775E141FB565828E04370CF241327257FB5177ABA3A5F9D582F3A4DB1EA919D557034D6AA056D38DF402A68EF58A27B2CDA26EBCE2435C41F29BAC |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 0.9846441653305193 |
Encrypted: | false |
SSDEEP: | 24:TLHRx/XYKQvGJF7urs6I1RZKHs/Ds/SpQ+Mf4zJwtNBwtNbRZ6bRZ4/+MfF:TVl2GL7ms6ggOVptzutYtp6Pg |
MD5: | 962C378E3360CBDB89EBF9DE55C8EBAF |
SHA1: | 2765E8F3C8C6899654C63544179DBA4AD7475A5D |
SHA-256: | AECE846B1BACDC1282EDB79143783FD2A59615EBA6C6E3FB596F5A99609C54AE |
SHA-512: | 44CA762F379E03ACBA7E4F1405C5DC73876367C401329451272F38ED6EA4ED7008B64FAF93F86DFB73CC9C4004D23FA75C7AD10E8D5B4B01567B1C0303202BC3 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.3393163265041301 |
Encrypted: | false |
SSDEEP: | 24:7+ttAD1RZKHs/Ds/SpQ+MfPzJwtNBwtNbRZ6bRZWf1RZKlqLBx/XYKQvGJF7ursX:7MtGgOVp2zutYtp6PMcqll2GL7msX |
MD5: | B8EED175FD82241BB509759E63CEEDD7 |
SHA1: | 8300B8CB4738CE538A62CCE81F5CA60FB064EC7A |
SHA-256: | B3184B096ACA4A0CF4080A1712EE530537F02653B6212FEF22D78FA9DA52C6B0 |
SHA-512: | 77872B0EC9E7051FD6C0A4E52A9DCBDAF4500B1F4B27CDAB58173B0DE3B174B7BA816350217A75197800C402B16B640024B70A552087E417EA3AFDCFFD827582 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.501595078528367 |
Encrypted: | false |
SSDEEP: | 6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K8gjqceCH:Qw946cPbiOxDlbYnuRKL9zH |
MD5: | 164B809EC4735C0B015F3CC9515889DB |
SHA1: | 620344A305390E1BDF066722DAF97A4EBE0F5885 |
SHA-256: | 5C86EACED917456F8D218A2556845211DDC663214AB42978159FA4473D22504B |
SHA-512: | EFDEFEA0878BEBB087711AFBAEED24C93A6F417E7342E985ABCBBFB364B33FDA5B95951941A48EACA8E763995A1B70B0E93DE95431AD090913AEA78C19FE5571 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 358 |
Entropy (8bit): | 5.081139654149842 |
Encrypted: | false |
SSDEEP: | 6:IngVMrexJzJT0y9VEQIFVmb/eu2g/86S1kxROOtiXI5fXIjCSyAAO:IngVMre9T0HQIDmy9g06JXoI5PIjlX |
MD5: | 04BF659A1D0AB26A23B7733C8153DEF2 |
SHA1: | 49C91CCEA355FC2857E5F81E1B84808072C0FA16 |
SHA-256: | FE542B914D74A3BAA9FC8DBE9E4E5D03A7528267708D0D52A113D5DDCE505D78 |
SHA-512: | 46A4B6873DF4E569AC32EADDF72BED8B7888A08F87D24EACB2185594D3E6B8C220B1726F2046BCA1509C39A32C5978166B793A4D593B857618967C622106EC9D |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-02 11-33-34-473.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.376360055978702 |
Encrypted: | false |
SSDEEP: | 384:6b1sdmfenwop+WP21h2RPjRNg7JjO2on6oU6CyuJw1oaNIIu9EMuJuF6MKK9g9JQ:vIn |
MD5: | 1336667A75083BF81E2632FABAA88B67 |
SHA1: | 46E40800B27D95DAED0DBB830E0D0BA85C031D40 |
SHA-256: | F81B7C83E0B979F04D3763B4F88CD05BC8FBB2F441EBFAB75826793B869F75D1 |
SHA-512: | D039D8650CF7B149799D42C7415CBF94D4A0A4BF389B615EF7D1B427BC51727D3441AA37D8C178E7E7E89D69C95666EB14C31B56CDFBD3937E4581A31A69081A |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 15114 |
Entropy (8bit): | 5.310672142749323 |
Encrypted: | false |
SSDEEP: | 384:xdnIPVzVq7iAjxurf1u/TMdZn7au1Cmz1+HpzXm5ZFAvXFmA6T6aififX1fUFiCY:QLZ |
MD5: | 77C225ECDE080C3B0E59E17C0CF6837E |
SHA1: | 0BCAD5FA8BC860CD935DF502D8A91D11A329F98D |
SHA-256: | 070EC8FEC734A5271C55BD5126F49ECA7302AB003CEFAF136EB53B94DEB1FF0A |
SHA-512: | A1838500CD3D336C834C9C316E772F44BBE122518ECCFB6EE8195E7992FC1CBA3201C4EACB4CEA931D1ED29BF80BE1FBA16DA5F64429191A4B8B137F829178B1 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 29752 |
Entropy (8bit): | 5.393240620211457 |
Encrypted: | false |
SSDEEP: | 768:GLxxlyVUFcAzWL8VWL1ANSFld5YjMWLvJ8Uy++NSXl3WLd5WLrbhhVClkVMwDGbf:b |
MD5: | B5EE236F2C9E2938A3E9814CE9DF31F5 |
SHA1: | 2B89CEC87A46F94918CF3133361EC46C69B6A3B4 |
SHA-256: | D8FEAFFF5F7498AC7871790985587C6EECA7B72E34ED85E358FBB59D35E896D4 |
SHA-512: | 10BA2133037B14209C6F86BD8DD2B7CD2FD91FF6C38A32BA77B7F2F28C21D35D3BB9B7408EDC7DACCE7E9E0C67F4FF173054B1F793FB9A866D07027ECC2557BE |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | 12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg |
MD5: | 3A49135134665364308390AC398006F1 |
SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | 6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | 24576:/xA7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R07/WLaGZDwYIGNPJe:JVB3mlind9i4ufFXpAXkrfUs0jWLaGZo |
MD5: | A0CFC77914D9BFBDD8BC1B1154A7B364 |
SHA1: | 54962BFDF3797C95DC2A4C8B29E873743811AD30 |
SHA-256: | 81E45F94FE27B1D7D61DBC0DAFC005A1816D238D594B443BF4F0EE3241FB9685 |
SHA-512: | 74A8F6D96E004B8AFB4B635C0150355CEF5D7127972EA90683900B60560AA9C7F8DE780D1D5A4A944AF92B63C69F80DCDE09249AB99696932F1955F9EED443BE |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | 24576:/xA7owWLaGZDwYIGNPJxdpy6mlind9j2kvhsfFXpAXDgrFBU2/R07c:JVwWLaGZDwZGV3mlind9i4ufFXpAXkrj |
MD5: | 96E2EE6506759519A5E3E5E550F28388 |
SHA1: | 477522A699526F3EC2270AD0B3D3B8D6609F8BBB |
SHA-256: | D135FEF8231B87D1F758B3D31FC5467BC933321F7E8EACB316F933DBA36474D5 |
SHA-512: | C84E93CB72ABC0742C44BF13608472EDD30BE64358C0DA350D9D54C0A88EC45931D48CE1DA823FC527E5134E7277B16AFE0521F2716C067A519FDD390DB315CC |
Malicious: | false |
Preview: |
File type: | |
Entropy (8bit): | 7.440025788299381 |
TrID: |
|
File name: | RadProCalculatorUpdates.pdf |
File size: | 36'080 bytes |
MD5: | 17c5701f6fec5fc71dc4fe829345f88e |
SHA1: | 56211a667d1e53a6c6e111a6e291b9a36b2c1b4f |
SHA256: | 9d193d86b06a17eceeae4fce87eed0116ff01ad16ac2f05c8c7a4c09338ab78b |
SHA512: | 365ec80685e5d30db073e757600ed1bc3bf883e3ec84cac86be0427f66306ee751d50b7897d7bca6cbedf9d0f1de3ff37e223c4a77e9a82ae26095d667171988 |
SSDEEP: | 768:20dtL64cdXSnYWjMRKMbRWNeJGTM6Cgn/1RaNB+O7:VF4b4wJGTM6j/1RkB+O7 |
TLSH: | BDF28D14DAC6BC5CE0565787232A3102871EF37975C898823C7D0B974B81FB9EABBD94 |
File Content Preview: | %PDF-1.4.%......37 0 obj.<</Linearized 1/L 36080/O 39/E 5887/N 8/T 35293/H [ 556 233]>>.endobj. ..xref..37 13..0000000016 00000 n..0000000789 00000 n..0000000870 00000 n..0000001000 00000 n..0000001107 00000 n..0000001486 00000 n..000000 |
Icon Hash: | 62cc8caeb29e8ae0 |
General | |
---|---|
Header: | %PDF-1.4 |
Total Entropy: | 7.440026 |
Total Bytes: | 36080 |
Stream Entropy: | 7.700604 |
Stream Bytes: | 27449 |
Entropy outside Streams: | 5.112800 |
Bytes outside Streams: | 8631 |
Number of EOF found: | 2 |
Bytes after EOF: |
Name | Count |
---|---|
obj | 49 |
endobj | 49 |
stream | 11 |
endstream | 11 |
xref | 2 |
trailer | 2 |
startxref | 2 |
/Page | 8 |
/Encrypt | 0 |
/ObjStm | 0 |
/URI | 0 |
/JS | 0 |
/JavaScript | 0 |
/AA | 0 |
/OpenAction | 0 |
/AcroForm | 0 |
/JBIG2Decode | 0 |
/RichMedia | 0 |
/Launch | 0 |
/EmbeddedFile | 0 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 2, 2024 17:33:45.758083105 CEST | 49721 | 443 | 192.168.2.5 | 104.126.112.182 |
Oct 2, 2024 17:33:45.758120060 CEST | 443 | 49721 | 104.126.112.182 | 192.168.2.5 |
Oct 2, 2024 17:33:45.758220911 CEST | 49721 | 443 | 192.168.2.5 | 104.126.112.182 |
Oct 2, 2024 17:33:45.758387089 CEST | 49721 | 443 | 192.168.2.5 | 104.126.112.182 |
Oct 2, 2024 17:33:45.758398056 CEST | 443 | 49721 | 104.126.112.182 | 192.168.2.5 |
Oct 2, 2024 17:33:46.335241079 CEST | 443 | 49721 | 104.126.112.182 | 192.168.2.5 |
Oct 2, 2024 17:33:46.335565090 CEST | 49721 | 443 | 192.168.2.5 | 104.126.112.182 |
Oct 2, 2024 17:33:46.335593939 CEST | 443 | 49721 | 104.126.112.182 | 192.168.2.5 |
Oct 2, 2024 17:33:46.337038994 CEST | 443 | 49721 | 104.126.112.182 | 192.168.2.5 |
Oct 2, 2024 17:33:46.337091923 CEST | 49721 | 443 | 192.168.2.5 | 104.126.112.182 |
Oct 2, 2024 17:33:46.363827944 CEST | 49721 | 443 | 192.168.2.5 | 104.126.112.182 |
Oct 2, 2024 17:33:46.364026070 CEST | 443 | 49721 | 104.126.112.182 | 192.168.2.5 |
Oct 2, 2024 17:33:46.364643097 CEST | 49721 | 443 | 192.168.2.5 | 104.126.112.182 |
Oct 2, 2024 17:33:46.364654064 CEST | 443 | 49721 | 104.126.112.182 | 192.168.2.5 |
Oct 2, 2024 17:33:46.411748886 CEST | 49721 | 443 | 192.168.2.5 | 104.126.112.182 |
Oct 2, 2024 17:33:46.461494923 CEST | 443 | 49721 | 104.126.112.182 | 192.168.2.5 |
Oct 2, 2024 17:33:46.461647987 CEST | 443 | 49721 | 104.126.112.182 | 192.168.2.5 |
Oct 2, 2024 17:33:46.461714983 CEST | 49721 | 443 | 192.168.2.5 | 104.126.112.182 |
Oct 2, 2024 17:33:46.462049961 CEST | 49721 | 443 | 192.168.2.5 | 104.126.112.182 |
Oct 2, 2024 17:33:46.462073088 CEST | 443 | 49721 | 104.126.112.182 | 192.168.2.5 |
Oct 2, 2024 17:33:46.462095976 CEST | 49721 | 443 | 192.168.2.5 | 104.126.112.182 |
Oct 2, 2024 17:33:46.462116957 CEST | 49721 | 443 | 192.168.2.5 | 104.126.112.182 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 2, 2024 17:33:45.319076061 CEST | 57334 | 53 | 192.168.2.5 | 1.1.1.1 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 2, 2024 17:33:45.319076061 CEST | 192.168.2.5 | 1.1.1.1 | 0x55a5 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 2, 2024 17:33:45.326416969 CEST | 1.1.1.1 | 192.168.2.5 | 0x55a5 | No error (0) | crl.root-x1.letsencrypt.org.edgekey.net | CNAME (Canonical name) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49721 | 104.126.112.182 | 443 | 3116 | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 15:33:46 UTC | 475 | OUT | |
2024-10-02 15:33:46 UTC | 198 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 11:33:31 |
Start date: | 02/10/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff686a00000 |
File size: | 5'641'176 bytes |
MD5 hash: | 24EAD1C46A47022347DC0F05F6EFBB8C |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Target ID: | 2 |
Start time: | 11:33:31 |
Start date: | 02/10/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6413e0000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Target ID: | 4 |
Start time: | 11:33:32 |
Start date: | 02/10/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6413e0000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |