Windows
Analysis Report
Fedex Scan Y;29tbWl)zc2;lvb,mlu,Z0B)2c290L)mFl;177-signed.pdf
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 40% |
Signatures
Classification
- System is w10x64_ra
- Acrobat.exe (PID: 2172 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\F edex Scan Y;29tbWl)z c2;lvb,mlu ,Z0B)2c290 L)mFl;177- signed.pdf " MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) - AcroCEF.exe (PID: 3012 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 3412 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=22 48 --field -trial-han dle=1592,i ,491027021 382810470, 1840102782 6524376712 ,131072 -- disable-fe atures=Bac kForwardCa che,Calcul ateNativeW inOcclusio n,WinUseBr owserSpell Checker /p refetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - chrome.exe (PID: 4468 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t https:// www.adobe. com/go/rea der-upsell -scan?mv=i n-product& mv2=reader &invc=floa ting-toolb ar&tl=Scan PDFRdrApp& subtl=Scan PDFRdrApp& modern=tru e&SCAMode= Rdr&DTProd =Reader&DT ServLvl=Si gnedOut&tt srccat=RGS 0263*ENU*C ontrol MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA) - chrome.exe (PID: 2276 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2224 --fi eld-trial- handle=201 6,i,169083 8490886186 1738,17446 3028448534 8241,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA) - AdobeCollabSync.exe (PID: 3896 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\AdobeCo llabSync.e xe" -c MD5: 8A41FC5F946230805512B943C45AC9D8) - AdobeCollabSync.exe (PID: 2600 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\AdobeCo llabSync.e xe" -c --t ype=collab -renderer --proc=389 6 MD5: 8A41FC5F946230805512B943C45AC9D8) - FullTrustNotifier.exe (PID: 5644 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\RDCNoti ficationCl ient\FullT rustNotifi er.exe" Ge tChannelUr i MD5: 92366A2F482926C3D0DD02D6F952F742) - AdobeCollabSync.exe (PID: 4684 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\AdobeCo llabSync.e xe" -c MD5: 8A41FC5F946230805512B943C45AC9D8) - AdobeCollabSync.exe (PID: 1816 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\AdobeCo llabSync.e xe" -c --t ype=collab -renderer --proc=468 4 MD5: 8A41FC5F946230805512B943C45AC9D8) - AdobeCollabSync.exe (PID: 5484 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\AdobeCo llabSync.e xe" -c MD5: 8A41FC5F946230805512B943C45AC9D8) - AdobeCollabSync.exe (PID: 6332 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\AdobeCo llabSync.e xe" -c --t ype=collab -renderer --proc=548 4 MD5: 8A41FC5F946230805512B943C45AC9D8)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | Memory has grown: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | Classification label: |
Source: | File created: |
Source: | File created: |
Source: | Key opened: |
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: |
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: |
Source: | Key value queried: |
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Initial sample: |
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: |
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: |
Source: | Thread delayed: | ||
Source: | Thread delayed: | ||
Source: | Thread delayed: | ||
Source: | Thread delayed: |
Source: | Thread delayed: | ||
Source: | Thread delayed: | ||
Source: | Thread delayed: | ||
Source: | Thread delayed: | ||
Source: | Thread delayed: |
Source: | Process information queried: |
Source: | Key value queried: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 DLL Side-Loading | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 Process Discovery | Remote Services | Data from Local System | 2 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | 1 Registry Run Keys / Startup Folder | 1 DLL Side-Loading | 11 Virtualization/Sandbox Evasion | LSASS Memory | 11 Virtualization/Sandbox Evasion | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 1 Registry Run Keys / Startup Folder | 1 Process Injection | Security Account Manager | 2 System Information Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | 2 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 1 Extra Window Memory Injection | 1 DLL Side-Loading | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | Protocol Impersonation | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | 1 Extra Window Memory Injection | LSA Secrets | Internet Connection Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
x1.i.lencr.org | unknown | unknown | false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
23.200.0.33 | unknown | United States | 20940 | AKAMAI-ASN1EU | false | |
1.1.1.1 | unknown | Australia | 13335 | CLOUDFLARENETUS | false | |
216.58.212.164 | unknown | United States | 15169 | GOOGLEUS | false | |
184.28.88.176 | unknown | United States | 16625 | AKAMAI-ASUS | false | |
173.194.76.84 | unknown | United States | 15169 | GOOGLEUS | false | |
162.159.61.3 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
2.23.197.184 | unknown | European Union | 1273 | CWVodafoneGroupPLCEU | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
2.19.126.140 | unknown | European Union | 16625 | AKAMAI-ASUS | false | |
52.5.13.197 | unknown | United States | 14618 | AMAZON-AESUS | false | |
23.56.162.185 | unknown | United States | 16625 | AKAMAI-ASUS | false | |
142.250.184.238 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.184.227 | unknown | United States | 15169 | GOOGLEUS | false | |
18.207.85.246 | unknown | United States | 14618 | AMAZON-AESUS | false | |
2.16.100.168 | unknown | European Union | 20940 | AKAMAI-ASN1EU | false |
IP |
---|
192.168.2.17 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1524350 |
Start date and time: | 2024-10-02 17:43:33 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 29 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | stream |
Analysis stop reason: | Timeout |
Sample name: | Fedex Scan Y;29tbWl)zc2;lvb,mlu,Z0B)2c290L)mFl;177-signed.pdf |
Detection: | CLEAN |
Classification: | clean1.winPDF@49/69@1/120 |
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, SgrmBroker.exe
- Excluded IPs from analysis (whitelisted): 162.159.61.3, 172.64.41.3, 184.28.88.176, 18.207.85.246, 107.22.247.231, 54.144.73.197, 34.193.227.236, 2.23.197.184, 2.16.100.168, 88.221.110.91, 2.19.126.143, 2.19.126.149
- Excluded domains from analysis (whitelisted): dl.delivery.mp.microsoft.com
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- VT rate limit hit for: Fedex Scan Y;29tbWl)zc2;lvb,mlu,Z0B)2c290L)mFl;177-signed.pdf
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.141040630983599 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4E86C78E5401AA9D4F5F1404BE9E65B6 |
SHA1: | CDA10DAE28C40D4AED7E319067D5D7BAEAEDD866 |
SHA-256: | 1D4E8E94D1273E764381E0297E12779297A06EFBC4995C3DD648350E0E3479F4 |
SHA-512: | EEA10AC77AC98CD61CC77927DDC6ACB51CD1C156799D864F0DA3BB00086E66882DB518BA7B07B795B4AFA936CD63C59041014C7BC500A785D5A84DC51D3C027F |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 338 |
Entropy (8bit): | 5.102946145713107 |
Encrypted: | false |
SSDEEP: | |
MD5: | B36DE1731C6F364E2BCEA9B699AB4AC7 |
SHA1: | 6CF83F1AEEACB235971C0C59420F2BDD1C631926 |
SHA-256: | 9FA2206031437F1160E8D43FC3DC7C06EE4091ECD0B06EBF8D1C4241FB0B18EF |
SHA-512: | 78D16E88E2822975F12CB566F7F5AF528A06177260CD3F020CF37D04D478412C2AEDB893EEAF73D5A24D309E08E1A0466AAEF94DCC149050CB336D2EE9CD68F6 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\587bc1f9-5ee3-4271-84cf-92e41d98664b.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 476 |
Entropy (8bit): | 4.973973222440336 |
Encrypted: | false |
SSDEEP: | |
MD5: | C45D427B83D825EA9124B9C14096597F |
SHA1: | BC9E776B6542D2D4E1034E2C5FDE5D2616AD4133 |
SHA-256: | 3C0C7C8BF44360A6C03A76C8DC19A2C3F48EA389CE79601019068ED862B5F967 |
SHA-512: | 9B50AF38821791B469CEB8EFE1854A0454B2B7A8919BDF66CDCA20C21DEBF4B470A87D978F573E4362E61B4407C90F0B541C2D00EE8DF4793ECAF9B885CD303A |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 929CC6E99547126B372398AAD499520E |
SHA1: | 9E80FB95EE9FD70D36091AF14FF89552081504C9 |
SHA-256: | 6570DBFDDC047BD44B216BBC3AA00C4EF095D3E3120304F7FD277E8B472B7A43 |
SHA-512: | BEDA4E9EC4537247166B4CE05F7CDF4C7E06081413C6599FA0294E5AFE3412322275127BE41DBD8C4C1EF70DF38EFA55E7458868C9EF50D65D8F5327715B1274 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State~RF65b77d.TMP (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 929CC6E99547126B372398AAD499520E |
SHA1: | 9E80FB95EE9FD70D36091AF14FF89552081504C9 |
SHA-256: | 6570DBFDDC047BD44B216BBC3AA00C4EF095D3E3120304F7FD277E8B472B7A43 |
SHA-512: | BEDA4E9EC4537247166B4CE05F7CDF4C7E06081413C6599FA0294E5AFE3412322275127BE41DBD8C4C1EF70DF38EFA55E7458868C9EF50D65D8F5327715B1274 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\a5b3a7b4-f141-4237-bf56-a5dab0e7f292.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 384 |
Entropy (8bit): | 4.932552339462053 |
Encrypted: | false |
SSDEEP: | |
MD5: | 929CC6E99547126B372398AAD499520E |
SHA1: | 9E80FB95EE9FD70D36091AF14FF89552081504C9 |
SHA-256: | 6570DBFDDC047BD44B216BBC3AA00C4EF095D3E3120304F7FD277E8B472B7A43 |
SHA-512: | BEDA4E9EC4537247166B4CE05F7CDF4C7E06081413C6599FA0294E5AFE3412322275127BE41DBD8C4C1EF70DF38EFA55E7458868C9EF50D65D8F5327715B1274 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 6937 |
Entropy (8bit): | 5.245940992261814 |
Encrypted: | false |
SSDEEP: | |
MD5: | 7FD8F91F88AFB1B8C38CD13519224496 |
SHA1: | 13C6827EE8B834A9D4ACFB662EAD8B0128DA5BFE |
SHA-256: | 31DB40502A566807F61462149FA372E7777A08D62A20B1439423800077DB0309 |
SHA-512: | DF15CA675FCA13B95CC404B89642ECC6EFB34A8B0FD950CF29E552430297B8CA127E4CC6C827732676A94B34E5407C9106BDC1A326AE2991AA91E40759F65850 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 326 |
Entropy (8bit): | 5.091923157720052 |
Encrypted: | false |
SSDEEP: | |
MD5: | D88D52CE3BD83A559870198C7A4E7492 |
SHA1: | E4001078D10192BED6F15E3A0F40E721649E5B90 |
SHA-256: | 21A79285B3B7863D5D9461E1549B4D0A61F43CE92297ABA630F7CB597060C439 |
SHA-512: | E0CEF7600A38D71AB232793BDC7533D66395E86FAD81EC0930DAC9761F43658332C9925EFCF45E59E104BBFF3FAB2590589D40E41DC9A9463483E62BD6A3CE40 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 131072 |
Entropy (8bit): | 0.014398390623025559 |
Encrypted: | false |
SSDEEP: | |
MD5: | 2CA18D8392674A893869D1D44678DF8E |
SHA1: | 90760A4B3ED87707597EB8F56AA2F22B152D6282 |
SHA-256: | 519F61F1891B02662B71CB896F4F38699F17C95DF0EA4DF2A797F62B73D53217 |
SHA-512: | 619372C151396FE7695206B3F162BF427E3225D381B7248F37CF7DF16CB0C9DA64AF5A4C5E747548F6433304EC165CDBB45E2D01BD51457E50CA4FB8D113D2A4 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\000001.dbtmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16 |
Entropy (8bit): | 3.2743974703476995 |
Encrypted: | false |
SSDEEP: | |
MD5: | 46295CAC801E5D4857D09837238A6394 |
SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 54 |
Entropy (8bit): | 4.32369838151265 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4E5714CABB1AF70C101D65B9A0DE00D4 |
SHA1: | 9D3F38185CE8C1EA257833F26AF235B1FF4E99FB |
SHA-256: | 3FCC20ADB132D7F2D935EC5037C159E426B5B732B56C60F7C22A432B532A6B00 |
SHA-512: | 18EA1C13477A65D1EFAF42C5BBA0609B60088CD4CB32C735016A8BA1C0C85F71A07E44DA1D689F8F014E3AF534E849C215EE653A96F176CD60500C45B52F5CC3 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\CURRENT (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 46295CAC801E5D4857D09837238A6394 |
SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.172511027749779 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5102336A6501E28406C5126F8EF1F5A7 |
SHA1: | CDE67D5A4DF9F2F281DB77194D53B2F2F8014130 |
SHA-256: | 307534B80D8346FF1303F5906C363EBCAA01A6B04C077A63A11FD78DB08847C8 |
SHA-512: | 5D0D84BF5BF829E59F9F00BEDCDF88AB1CC4E8088F75055A900C8AAD53C28EE20625FC62C29969F5343CE53199ACB9E99BC0C1140A4A338FFB8328EA85FDF0F5 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 126 |
Entropy (8bit): | 3.6123534208443075 |
Encrypted: | false |
SSDEEP: | |
MD5: | A05963DD9E2C7C3F13C18A9245AD5934 |
SHA1: | 15A87493591860C6C22499DF3A705ACB3CB466BD |
SHA-256: | F40B7EF0FE0B676871403B8DD21CE42AF8E482DC8B81F09D93CB2C48CCD112B4 |
SHA-512: | E67833950A3DB8D4C27FC851C7DF9AEBB85699024F805E98A2951E9E9FC3B606F10EAD23CE0A3B97484A18A9A52520540FB29787178BFEB9FBD8D46D0AA492A2 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 303 |
Entropy (8bit): | 5.158876454787324 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4EDD21730203035E2FA0883294C5705D |
SHA1: | AC1BCDB7DCC155325E30540F4E9D0EDA83C99136 |
SHA-256: | 4F93299ACF26799AD172642F27FB4EB8A827BF0ADBDF18D511E8ED17B265609F |
SHA-512: | 5567C21F39065CB2ADBAC72A03338D8953C36566338E5DD9BC58FAD3135ABF9904356DBA9B39098CE544FD11680E69B1A594164DB267411B06617E30D1580422 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\MANIFEST-000001
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 41 |
Entropy (8bit): | 4.704993772857998 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5AF87DFD673BA2115E2FCF5CFDB727AB |
SHA1: | D5B5BBF396DC291274584EF71F444F420B6056F1 |
SHA-256: | F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4 |
SHA-512: | DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\Acrobat\Eureka\AcroCoreSync\Adobe\CoreSync\EntitySync\80307f885d209ff3421f3adf000d6b1e.db
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4096 |
Entropy (8bit): | 0.08728080750134917 |
Encrypted: | false |
SSDEEP: | |
MD5: | 863BB379B267B2404CB64A3BC9B4A650 |
SHA1: | 139EDCE2C64569B81175543D1DE743EF474F4432 |
SHA-256: | F7C1BC02F430EBD015E45159D9FD9E18643C4CDCCBB7E7733A248C8393CAA88C |
SHA-512: | 6AFF907DDAFC78AF2186F58D7102A88527BCE5473D72C03607EFC49C56ABAA157191D391A1ED9350CC058E9BB37040C29DBA9E3A668F640DE0100A639F1D2F51 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\Acrobat\Eureka\AcroCoreSync\Adobe\CoreSync\EntitySync\80307f885d209ff3421f3adf000d6b1e.db-journal
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 512 |
Entropy (8bit): | 0.28109187076190567 |
Encrypted: | false |
SSDEEP: | |
MD5: | CF6CF19538B0CAFB4DB12436F05FD38C |
SHA1: | 649F8CD8B72EFC59C55E8675DF0A46E423584E2B |
SHA-256: | 815F5F2C9C88DF67CBEAD0CB1ABB997E59E3C0096272449EADB1C344410445B2 |
SHA-512: | 179713020198AE706614B3087EE866DA80A0D134F78BC121296116454272228782BA29D82C6958A0C35D5E6CC5D0E82BD5533DDBD3D97E18EA2E88FF074BF345 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\Acrobat\Eureka\AcroCoreSync\Adobe\CoreSync\EntitySync\80307f885d209ff3421f3adf000d6b1e.db-shm
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 32768 |
Entropy (8bit): | 0.06146477858805117 |
Encrypted: | false |
SSDEEP: | |
MD5: | FF52F43B9F66CE04CBA3CE69CFD7F166 |
SHA1: | 131475B853FC4885B5654700D06E58E9BC7AF4E7 |
SHA-256: | 8DCF0B418636B3113CB7F009E9E6C5E231516750D8E19CDD7B66A1B2C640BD87 |
SHA-512: | 01F44F46D8CECAB0F63180B13A01BB4008A4F0B04C99469700F073601E0911A920AE46F1FE1892AA7E00E5C90B6EC246C0BF86DFAAA656D335CE909F4021806C |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\Acrobat\Eureka\AcroCoreSync\Adobe\CoreSync\EntitySync\80307f885d209ff3421f3adf000d6b1e.db-wal
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 119512 |
Entropy (8bit): | 0.9644376407631008 |
Encrypted: | false |
SSDEEP: | |
MD5: | 14D7D2DF204541AFCC79C706840D5B5F |
SHA1: | 17D273546AF1F3C7F4237629295BFD64FA9EE8CA |
SHA-256: | B0CC07EE5AADF14CC6AFBF57CAC460F2D5462A734C43C2432F32CBC69C3841CB |
SHA-512: | 3B051708810A235B0C0FC0D58508B27AD9B50FD3F2DFB43BAF38977F7C1D3225F2C35A0A65CCF292D2579A3BD108F75E43ED401C3FC3B4283126D9FF419F8135 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\Acrobat\Eureka\AcroCoreSync\CreativeCloud\CoreSync\EntitySync-2024-10-02.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2420 |
Entropy (8bit): | 5.135097621659396 |
Encrypted: | false |
SSDEEP: | |
MD5: | 2BE612F2287A4E878A78DA48AC4FF38A |
SHA1: | EFDFEEEA8893E2E6290A7FEAC5F55521E2A2A4CB |
SHA-256: | 28BBD3B08FC4C6500EEAB5F561AE0A7192D1A55215D816197461D0C5BFD5D07A |
SHA-512: | E78DF5E10362FC16160AA2861800213672CE03AF93BD18B825E41427275A3463CBD146043C4CB8AC981AECF55C4B1462CC08062438B13B7B835332349752E690 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 32768 |
Entropy (8bit): | 0.36835287347338636 |
Encrypted: | false |
SSDEEP: | |
MD5: | F391306DD8BAA3198B26D3C80A906E19 |
SHA1: | 6CD1B24D186F1CC68BF9097177DA5676C4A56422 |
SHA-256: | 62604481C477AF3F8813122011B9CEC6DDEE9A3992F3FAFE236E3E92FC62E680 |
SHA-512: | 5AD524078462D761F0F01933EBFC3714B44C93296BD4EDAB34B59CB833D1D9334CE830E196D2BD2BDA82837914E91B2B53E848EDC9BD04B7EDCC31D7DFD9DD53 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\Acrobat\RFL\LocalMapping\RFLDB230-journal
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 512 |
Entropy (8bit): | 0.28499812076190567 |
Encrypted: | false |
SSDEEP: | |
MD5: | B3DDA0442937F86B2399D376D948C37B |
SHA1: | 0218ABB261F5F3D790222143AD9D6AC9D99AB479 |
SHA-256: | 6594E6FB7B232FD713129FC6B4109116B4F2047ED01A8A7EB6B6F1A48FA35E4C |
SHA-512: | 4BF9FEA2BCE7E3ABD93175ABF83BB40A3BDCD5416CC82786F212CEEE1966DB8CA8418A1BF9AAC4EC6E358A7A61B6AF78B8171316482B633D7E9BDCBD8537A24F |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-241002154453Z-427.bmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71190 |
Entropy (8bit): | 1.7558660031022084 |
Encrypted: | false |
SSDEEP: | |
MD5: | A24CC78FBFC61CBF828A276818D75870 |
SHA1: | 57D36FD183DFAF9E648E75C79780DDCCA0695C0E |
SHA-256: | 96609433E493A48692542CAE356AF1FF782B33FF11CE18BE926DF5933E7700D3 |
SHA-512: | DB7CC9737B7728BE83C6F2C0EB3528640C4783F93D1FC9A8BB8334A076145D32A82F26B9E412B24B439BE5B477DEBD92F9901D363AE1B351EFAB183475FC2F89 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 86016 |
Entropy (8bit): | 4.444928811590567 |
Encrypted: | false |
SSDEEP: | |
MD5: | 406A1F34899287A2C2D086730CF9EFA4 |
SHA1: | 7C7CFE70E8CDFD982A825C3E4A50314EEE61050C |
SHA-256: | 866B205CBD4821CA5BE077896328F0E9E905BC11367986771002E48B79C83EF5 |
SHA-512: | B93D8414D3223868C0F636C14B0FF1B6249BF533AB2258D011BE9D317C218B62D93FAC11AB8B744D5DDF6FA7A9ED6C71F041A0B67D329F695E35D565D8477D34 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 2.2112907360115464 |
Encrypted: | false |
SSDEEP: | |
MD5: | 65427806F64AB75F38DFAD1DB78FD3C0 |
SHA1: | 91425E27981C61F82D343F4E7C5F903F08BA82BA |
SHA-256: | 8B2EE1BDC679BEFB5C87EE5C7F91DDC986782967D21E373B6BD2D76607F49D11 |
SHA-512: | 06D73072794538432F405F02A86E4CD2CE2FE1464F29465C6B96BBC3D0FDE1C8807074CAC84A23DA95B8C3AFC308499B39DEA21062AC39FE03066D829E42F33D |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 94208 |
Entropy (8bit): | 0.9951370817377893 |
Encrypted: | false |
SSDEEP: | |
MD5: | DCD066A1C8CA38D94ACA4E5DF6CA20BF |
SHA1: | 0C670E7CB31FE1CFD952082C3629AD8861BFD799 |
SHA-256: | E484D26709945669E18A3D0A7F95E3EA943D4170736EDD8FEDFE3F69A7B8D25E |
SHA-512: | C07D385DB9B836F106E1951FDCD911D7FFF44AAE6EE7406CA665B211236E8ABE3395789E10200644343779983E9AD7B5E484B3B1567CA6EAB890A88E4FF9500B |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer-journal
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 512 |
Entropy (8bit): | 0.28109187076190567 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4A3A5BA44A162E5AEAE74829B31453B3 |
SHA1: | 49C1AA3AFBD0B589C62F3663C26BDFA4511D69FA |
SHA-256: | 72D14B9291550C330BC39B466BEB57D943D7D9366BE85D7F5A064B5F0F72A25E |
SHA-512: | B5D1F53E9D9460CBA98C606043E6635A6F8F03A8E596CC914434CCA0BB484D94772492D1F6C61AFE8197D931B804A99F5FD2C9D9FAAFC82A24D404FA478061B0 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1391 |
Entropy (8bit): | 7.705940075877404 |
Encrypted: | false |
SSDEEP: | |
MD5: | 0CD2F9E0DA1773E9ED864DA5E370E74E |
SHA1: | CABD2A79A1076A31F21D253635CB039D4329A5E8 |
SHA-256: | 96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6 |
SHA-512: | 3B40F27E828323F5B91F8909883A78A21C86551761F27B38029FAAEC14AF5B7AA96FB9F9CC93EE201B5EB1D0FEF17B290747E8B839D2E49A8F36C5EBF3C7C910 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71954 |
Entropy (8bit): | 7.996617769952133 |
Encrypted: | true |
SSDEEP: | |
MD5: | 49AEBF8CBD62D92AC215B2923FB1B9F5 |
SHA1: | 1723BE06719828DDA65AD804298D0431F6AFF976 |
SHA-256: | B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F |
SHA-512: | BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 192 |
Entropy (8bit): | 2.746484906506307 |
Encrypted: | false |
SSDEEP: | |
MD5: | CDF4A18CAE7FA9302955BD6E684EC8AA |
SHA1: | 91B99FC6EE64DDF1748E5C38A352C3F37B6D718C |
SHA-256: | 0B8F842537D370BF806771D589579D9AED13FFE6910D152759A2132B622511B5 |
SHA-512: | 2BB5FBE73692F7C89909AC4C2A9DADBD94CE8CECD26ED50C74175993335CE4F7F4C5F95E6E1AC02CC7E8404CF25334F7CEA01427FBF8331B83721D83BB614E06 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 328 |
Entropy (8bit): | 3.1224298822818697 |
Encrypted: | false |
SSDEEP: | |
MD5: | 987EB07A7408223213C27B14B252D929 |
SHA1: | 0411469A5DCABE0A88FB2DC45B09976D09F224DB |
SHA-256: | 9102B364764B71C0F0B6FC64C86E4CCA7251D3093146F0023B5CF602B1212B5C |
SHA-512: | 83C4A72FE52473E679288BC9708C4546CBCDEAE605194EE24A2629D53B9E0E7749F89B1C56EF91CE54A10DC9B2ADE2F4E122D17380597BC1D9677398C00932EC |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.3837996153025385 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3AB2595A56535F43694A84FB93A5CC66 |
SHA1: | B8FB6F13CCB5B1B48109144224A62023C67BA12A |
SHA-256: | 7971330A5C7AB2D0230E6DCDCF5268DB8873F1C00663E86F87E11F60E198A063 |
SHA-512: | 2587F55BEBDBD7A1AAC7565E70D154F6F2DB580E954370CCB0C386835AD2340DE6DDABCB44660F72590FD32B6F5DB26B9AFEC19462B7590AB27EBAF38F8B73D5 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.331036469395363 |
Encrypted: | false |
SSDEEP: | |
MD5: | ED45A0F5DF185CD2FC36EB171C1D7F08 |
SHA1: | 315DB48E1AC056FED34B472CA84D4AB51A867C61 |
SHA-256: | A2AA87EAD31453DD9A8869B0F770CDD5CA0E256BF08ABC8A8DFDB58FDEBC9485 |
SHA-512: | 81145C00A967C365B18C1150F7EE6921524BDC73D8D322050F6081DA9F8EA73C8E19607A7CFA2FFE77A609AB92EE9FEC0E6B00AE79E73E7A60871540D4626F3C |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.3092959647531695 |
Encrypted: | false |
SSDEEP: | |
MD5: | 764F36A34A94D51620CD310D25DA2895 |
SHA1: | 8C5D05C32D0F43CEBDF3033A69C27C84D3A84530 |
SHA-256: | 1E4B881CB453F2DCD84E85A2D06060289CB9269DA0DD190FD68CF2DEE0288F46 |
SHA-512: | 2C74F864CE35D2A7604F134EF7076ADB3911E81F03EBDB3BCE6FA333B74EC8DCA62FC2B361ACD80300A93E201C05ACB84DEBBB5EE450BC24E9D0BC9AEF18ED86 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.370613159732194 |
Encrypted: | false |
SSDEEP: | |
MD5: | 269CB3127BF8AD5FCD15B9DDA0579C2F |
SHA1: | C658E058E8E238E7DE95E02703E4FB422209DFBD |
SHA-256: | 5AC9157EE4772AF22D1C435E5529C069C5EA2F4A2B3A2B17CFE353A8FA6D4A4F |
SHA-512: | 2D708EAD5892EEA706DC1240CFE28C828A22677558619B4BFE493C55E7EF7308E10C6BB73C197E68C6386423DA55E688A7644CEA9EADFF6B65977917EE5B0BF0 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1063 |
Entropy (8bit): | 5.674317804577162 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5CC3F7DC1F83CEBF87205F6D00BDAB75 |
SHA1: | BAC5BDE732505252A9F3273ADBF98099CA508905 |
SHA-256: | AD076FCA948EE7185D3C6960DA7687DD26D9D85AB83B3BBF6B81D16D7D087786 |
SHA-512: | C4250638BE2500E1BA0A51D05F997EF4A29D0ED4CAE282F8061CA97E92765A62BD545DFAFC39B997F44C085B161507A008E92E250D641F4F3E97EF6427D03D4A |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1050 |
Entropy (8bit): | 5.662017227035596 |
Encrypted: | false |
SSDEEP: | |
MD5: | AB88B0D6068FD948DCD88F48657CF4E2 |
SHA1: | 712A9C317E0AE3DCCE01AC6503F2D8F49EFD78CF |
SHA-256: | C3AF6DF286324BFC163EDB27B166D5123196DCC76BF7AFDC2973CDDB8A80F0EB |
SHA-512: | 8B284CB4ADB2C3F3EF61B892FA2ADA312437DA31951596948E3099A891BE502E245145E72B555B08D978BDA56B7462C5E2E838CD388AC8A0FC31830EA9ABA296 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.323226581673733 |
Encrypted: | false |
SSDEEP: | |
MD5: | CA414C9905EA8AE07E2F62BB3B072F5E |
SHA1: | FE7394CEA005786823638C45FDD93244EC8EF7DB |
SHA-256: | FBAE642DECE158B539E6D4DF4C167F41DB112E35EB760D2734728333AF92A752 |
SHA-512: | 01A5489CD6D57E25B0F6D6F7247FA56D3FC67DD7631125C06FB90D208EDA3F006AA9D8D10FDBAD23D9D2AA3EF10D1E4A7F5DD2990ABD29D99062AACF57CB5184 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1038 |
Entropy (8bit): | 5.658425471470462 |
Encrypted: | false |
SSDEEP: | |
MD5: | 38BB1FF1CF01144F42342F10D6146F3A |
SHA1: | AAF391D2CA3D7EDE8BB9196CEAF4DC8289B8A066 |
SHA-256: | 0C7796E0A30D2A57F41EF5063BACCF0FA2C35F0F7D4A1526F45179E4E1A120CF |
SHA-512: | 9BA2D3E8886BAC4F32C3166D3BE27B92BA885602358223A8870A8769453D38FD79FBA6FE6D4955CF8E31DB4273A4C3522A66CE026F7FCA3E02C365E84BA67E01 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1164 |
Entropy (8bit): | 5.705067830259659 |
Encrypted: | false |
SSDEEP: | |
MD5: | 39C611710572F2A1A663DC7B3FFFC372 |
SHA1: | B47BF502EABF74C1DF67C075FD10D12CA6DCDBEF |
SHA-256: | 465FCE3515A804CFB6FC8F34BAFCDC031AE92427BDD345267ED1D48FEA935A0D |
SHA-512: | 7BD1371BBD508EBDB0D214DC9B1435CCE2FE585BEC6E3247742E3A3800421290254EF014E865061A29A81C29D1C8DA172EA1FE9AA5B668C9249023AE60933859 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.3297127082837825 |
Encrypted: | false |
SSDEEP: | |
MD5: | 0275D6DA6C07BAB698D2EBBE046C07C9 |
SHA1: | F8579ED939D111F3F0EFEBC203D1C5AAC1E3AEC6 |
SHA-256: | E19D3E3EB48F4CFC0636CEAFD98DEBFE0CA0871D18BCFDB103ADB4321D1228CE |
SHA-512: | 98470F44EE568EBA592536E922E986CF04EB7227EFEC294EA9DA637DEFEE06555E1E5ADADED0B74217E7C8E2AA3F0BB275C0DC81FA8DFB5DBA22C6268B9A75DC |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1395 |
Entropy (8bit): | 5.780700824954139 |
Encrypted: | false |
SSDEEP: | |
MD5: | 325DE634F41019A2CF5AE0983AE0CDD5 |
SHA1: | 3B3B88D136FC92F52EB1F050237D32FF0EA91357 |
SHA-256: | FC142210F99DD604D91CB4F1FAB937695C1D47B239A351670252459130CC7B67 |
SHA-512: | 91D9DFB0DDF6A53197A18A5CA0C18710F831E008B48759A3081FC18CF69FA246BC055002FC3E76536F8CECFC233F3776E83EDF476E3E61D36D3EAB2BC1A9015A |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.3130555949041485 |
Encrypted: | false |
SSDEEP: | |
MD5: | 944F4166948D02DCD462D60980195FA3 |
SHA1: | 23960E678BF378CEE3AAE2B80F7D2B5C966CD742 |
SHA-256: | 4CF81FD3B1B8D4711DE4856801C02D5F14A38C13D377D2D99D138D45682912A2 |
SHA-512: | 703F8E46A423083F3E478AFEEA294CCF6A166864E540ED29D979D71A72E8E34FB338F4AFFE0DCE67DD2F31EE588977C2A13250C8001EF0B4FEE9095027EDF97C |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.314825701830492 |
Encrypted: | false |
SSDEEP: | |
MD5: | B0AC3940C4C003BE24AD046005745295 |
SHA1: | 8D865F62D5F5FED1344F4B5232FB647A36200858 |
SHA-256: | 5A9FC14E6A7E0D918BE83E08E292EA79681CBFA3F2EE75FF940B8F248EC9D4CC |
SHA-512: | 4E77815472359586DF632793CBBA85366040CCED2C48E1DA2D52B45624FC99958385516FDF37588C4F73C7FF90675132BA18F05C82D030EB25D36BA89FB9100A |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1058 |
Entropy (8bit): | 5.665042436967076 |
Encrypted: | false |
SSDEEP: | |
MD5: | C2822D02E39ACF652B6E7EF30708F62D |
SHA1: | 7B4F4DB4AFD034DAB3283BDDF386E2F47E0EBC13 |
SHA-256: | 6085CB4D1613A648C8650FBCEA7E0CE754B8AC596344DEC2E23FDDC4EE324740 |
SHA-512: | 0479B4C5029D8CD5A73448FA3DBB72F0774950360E763ADD63ECCF9608F496D00478F11FB3AA1063E14BF0B7A27578648724C2EC9CB388D64240E6BAD770764A |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 286 |
Entropy (8bit): | 5.2915944429820225 |
Encrypted: | false |
SSDEEP: | |
MD5: | 93604683E8910989F9D06FF92197D730 |
SHA1: | E8E9A62699F7FDE69D306724FCE23C1BE3F470B8 |
SHA-256: | BE6D783EDCEA46D16C2C900A6DBAF04DC2DDFE611679D9DC9BE6BF1DE36FE950 |
SHA-512: | BDADB5EF1E7F57D27DA53A3B0F05899F60B0039DF13EEECC885729FD99C96D93BF126E34A65531FF4CB5E25BC2D3A07FCCA2D4FE40CEA72AAD4D5C212B0C20DD |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 782 |
Entropy (8bit): | 5.37877091794164 |
Encrypted: | false |
SSDEEP: | |
MD5: | CE67CD187915AABB731844B5D3CA7D28 |
SHA1: | 7768EF969055B686508F1D4F7A72DDC6971BE0B1 |
SHA-256: | 7F64F61C6EA77DDF5B10AF383323C158FE5EDFB7183F14176ABD09DBE42DCA37 |
SHA-512: | 9C4A4FAC1C80A5C4BCC3CC93D91EA722119AA9FE935C8BDB35FDD9B6D311AF5B6765011A9C4C60FDF26140F15FDD5B135C9F1F71FC785A71EE4C2897C8A79005 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2818 |
Entropy (8bit): | 5.134369963052342 |
Encrypted: | false |
SSDEEP: | |
MD5: | BBFFA12A00F1A118CD88E05D718EFED2 |
SHA1: | 78DBC11C3933D92B8E3A4A15A4C3AD9D4B40BA81 |
SHA-256: | 2A0DACC6E0251918487A527133EB8E1F95D363D8AC7427F0E509A21DEFF9F34A |
SHA-512: | D6A100029C8A37FD3D827C9CA141ABA31D0DEEF5F57AF82B050BBEE27B3D88D9108E7AD7F63AD43396B2171D3784201B686D268D6F0A92B2FB78E3991EE08441 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 1.3574982542901968 |
Encrypted: | false |
SSDEEP: | |
MD5: | 9BA7A8CEBAC50881F9F1566CA95DBA91 |
SHA1: | EBC3432083086EC05B2BC89A76BF66015AA8E0D1 |
SHA-256: | 517A14CA4065057F3D0D227ECDD49D8C2A3F0BA3F7116573CE29CB70C5286E69 |
SHA-512: | 899911F4FACFA4EEA2E4CFF109B3519DBC5156A6457ED618E3775DC3C9A3A1008C36ABF015070C4E1776B007BBB07FB8C52259C004A717B053FCBD37B8115711 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.831940188283579 |
Encrypted: | false |
SSDEEP: | |
MD5: | 6B1218FF4C6EEDCB7FCF086E3FE245D4 |
SHA1: | B59806310B17A5D7504D14A8437801262176077A |
SHA-256: | 1110826F191989BA4B833AB32478DF3B73DF99B549674403BD0369F29C8FC4B7 |
SHA-512: | 6EDA22CE5010D44EF772FBBB08F9E01A12A617717D1A773B58CEC5CF6628845E264ED1A590F4C206FC2507630590CFFEBFF1280772542B0175E50F4C7B5804C5 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.5004142083842487 |
Encrypted: | false |
SSDEEP: | |
MD5: | 6A9FDA47D33828BC3ADE74C2C040ECBD |
SHA1: | 13DB4EA3454FE83FB5CB0B0F9E839B8A0C738CDE |
SHA-256: | 2CFAAE84812657DC1C13BAE81EC9216428E14BCC828AA179332A16C95D8310C4 |
SHA-512: | D7BA154E29DA8594F12E42C04BC0CC7445B5A483C174398951791BD4589FA78F7AB95EEF90CBB2C2ED79DBBF982D0B41626E59C1472319F7A6EF984CE1BA8504 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 144514 |
Entropy (8bit): | 7.992637131260696 |
Encrypted: | true |
SSDEEP: | |
MD5: | BA1716D4FB435DA6C47CE77E3667E6A8 |
SHA1: | AF6ADF9F1A53033CF28506F33975A3D1BC0C4ECF |
SHA-256: | AD771EC5D244D9815762116D5C77BA53A1D06CEBA42D348160790DBBE4B6769D |
SHA-512: | 65249DB52791037E9CC0EEF2D07A9CB1895410623345F2646D7EA4ED7001F7273C799275C3342081097AF2D231282D6676F4DBC4D33C5E902993BE89B4A678FD |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-02 11-44-43-479.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.359827924713262 |
Encrypted: | false |
SSDEEP: | |
MD5: | 06DEAEDB81D09FD8FB5FF668D8E09CB2 |
SHA1: | 28A02BCBD5975117B97A08AFB049F2C94F334726 |
SHA-256: | D98DE785425112A2D7A41B16073812FA4FA4955F2D5139AE87C9A5FBC4717D64 |
SHA-512: | 948E3B56E5A8D818A5FE9D74B82A898F7264909ADF2C49E5D096CB90F4D28ED95990545A4857933F0E06D493AA0F6D41F6109C74B44BC0E4B84346B519681936 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 15089 |
Entropy (8bit): | 5.3850051343182015 |
Encrypted: | false |
SSDEEP: | |
MD5: | BAAA097A78B7D695A0CE7DB57324C9C5 |
SHA1: | 8D7323649C8957B506B6B7F61C8E142518F5B121 |
SHA-256: | EC63CDF3A75910E5BDC06328883D3024A8139B9816E82A5AAF6444C4B43F5F57 |
SHA-512: | 5B2762AB5F9C22CBC25C2E9C6F4EFC39A3D457EB11388153983CFC593069BA75F8D88C65F4587B0DAD309404640808A382EA6B9C8B8582F34FD158BF103B1D65 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 35721 |
Entropy (8bit): | 5.417887147453702 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4186E5BC91A80E3E50CCF680F7DC4880 |
SHA1: | 337E960122B88697897EECC714D8D30C2A79B49A |
SHA-256: | 167F2473EC94929FCE286599ECED12046A71A95821B09047781D0ECE54CD1E37 |
SHA-512: | 6D496464B742D86A47ACB9056F9476FDE952BA8B9832E535BEE318BD68BFACC3552B05545C2EC907DDDCC846F3F4E9C21BB42ECB631B813CE70B471942F44172 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 303847 |
Entropy (8bit): | 7.977343682139445 |
Encrypted: | false |
SSDEEP: | |
MD5: | 6EBF730982F4EE546227EB59BEF4B58A |
SHA1: | 7BAC2D7BB2CA2065521FBAB3565BAB088D335CE5 |
SHA-256: | CFFC432047F639682F764D701156F076C40FB8F824207463FE5230196543446B |
SHA-512: | 562C849B4B648FB5CC0678DC9BF1334FC55D2EDA2DEAD1A75955C45956DD50AE8E9A1156ADA2FEDD3379E33EECEF84EEFF9315D8E76D11DFCEF8495A76FCBD48 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | |
MD5: | 408F8BA5ED5014C1E10FA19D75C944A6 |
SHA1: | 87595F69D692B4D785AAFAD71394426879C7980F |
SHA-256: | FFFE47EBC7E157F63F4BE40AC0B2DCD73A5DCDF57B9D03FEA3EB99212A7EC16F |
SHA-512: | 01B286CA276C6B4302AC6ABA30466CE2048F6AC7FA5ACD7DCA375541C91339CEE94377B783A3A7710D10C315CA062CAE79DD2A073406D1C3C76AC4787DA5A793 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3A49135134665364308390AC398006F1 |
SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | |
MD5: | D2D247B52923558A375F88902D534C0D |
SHA1: | EA4CAEA24736763CEC24D676DE98B1372010C2F7 |
SHA-256: | 24C3481DC96B4EF9B5A97934BEDF56ABE62BF7A163CFF99370A6B57BDF0B1BA0 |
SHA-512: | BA095487F17CE39B7D3D61DD27B0839F3534FA5388153DB6FCE0DB7D82818D13916F497EF218556A55012CFE1489F1889E45324737A062425ADB32C837C230AF |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9983364276892503 |
Encrypted: | false |
SSDEEP: | |
MD5: | A119CB9E84382B3E396B57D82B6CFE38 |
SHA1: | A4ECA2F2611963AD573A90C5DE1DCAE0C4A93BD4 |
SHA-256: | B9BD630E22FF621C6E63F298DEEA6AAB9557013B0CECFD3E6ED4E5A28F14023A |
SHA-512: | 2B23D28F3A543FCFA47B585A7129EE9A1EB1B891EADD839879F8EB76DBFC48C981FC1A716F1D2066183900400CFC4E2B52FD8B70246A6859A8D1FC70D68E3F0C |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 4.012918370418497 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5D62DFD3CAB7C6F8216531F24FA61096 |
SHA1: | 39CAE6470C80CB4BEAC5FA619412BCDF3EFDB785 |
SHA-256: | 97408EA84296F881A520BF6045262EA02FBC2D4A9B08AF86720A574D0278B77D |
SHA-512: | BA29F3E2842CC2034D14BB0A9EB52CAE475668829E91409D55C9A6C1E57B661798C4BEC1EECB0553E9B7DB0118CF3928B370A48874456E5A5804D7DE911F7373 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.022295991281311 |
Encrypted: | false |
SSDEEP: | |
MD5: | 19149615F836CE80B6DEFF9401315166 |
SHA1: | 8655DBD46193CD0179750F5DD4BD63F7019F0674 |
SHA-256: | 9BF092EF95020F82C6264F7147B27F34D10C9632810E460BAF99B3ED5E2BE915 |
SHA-512: | E6DA0028B7A433609DBEEABA16264086574A9B83765127546B775457868DDDEA1AB6C84D96238443F59BDFE4B417C32EAE191F3F02872B6B91F44BFC94DE6FE2 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 4.0124404521383275 |
Encrypted: | false |
SSDEEP: | |
MD5: | 7991C8719EBE80C867CEA76790B5B0C2 |
SHA1: | 589AAC687EE6CAEE8C92CCB6850C128F5AA7F7DE |
SHA-256: | 33A6BB96175A7439D39A2684F0CF1CEF4A094A9F2C43FD15E2AF99ACE29748D2 |
SHA-512: | F8C6FCB7A56B8C699232411AABED5BBDE808131705FB716F2C4D714494B9D4142520550B1A2EBEFF4CC8F8FF94FAB2E6B717F171BB26C91A4D05AC4C9B8BA130 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9990133603919116 |
Encrypted: | false |
SSDEEP: | |
MD5: | 19BFB6E43832A5FCECB7A92C827120A5 |
SHA1: | C5C2724D879232FAD29F52D8FD354525877044C0 |
SHA-256: | 002F7543AB68F90AC509F09AB9E758C56CA1D7271A2E0EE1802B61F4AEBA37A5 |
SHA-512: | 381CA3FFE211C827510B60A03118D2CABFA3CB7BF30224A253615F9A403A260929DC3F6B78A1F9D08B13F6327C09588990E69F3616521D21E2AE2109BA5CD72F |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 4.01172497886034 |
Encrypted: | false |
SSDEEP: | |
MD5: | 284B3D0141C739B68BC34C06A40BEB4D |
SHA1: | 3731B9E7E6EA34575FB1F8ED98E6801B772B68FE |
SHA-256: | 59AA8960CCD287B5FA2BC2813D47C1B2F36E7EC1FCB3129926903A1C010D840D |
SHA-512: | BBA51B66CF6170C06EF7B561C175EB28C2B69D930591E13B2566388A3CEB44DCBE3C36E93AAB3F37ACB6AFAD5BBEA63642A4A4718F81581CF25B7C6BE0256D49 |
Malicious: | false |
Reputation: | unknown |
Preview: |
File type: | |
Entropy (8bit): | 7.870429229637889 |
TrID: |
|
File name: | Fedex Scan Y;29tbWl)zc2;lvb,mlu,Z0B)2c290L)mFl;177-signed.pdf |
File size: | 38'802 bytes |
MD5: | 61b61a032a0cfb3b4d57ac7103bcb64b |
SHA1: | 41cd2232903e82417ae320baedb05e2ef1814973 |
SHA256: | da5cbe2f356e8958900f666fc4dd72eb8a4cc060b8ba196c6e35b8dced3fa449 |
SHA512: | bd72dfc65b39fd525d9a2d9a755174aea889f8cc0e37651602500417576b3ced69d797b6c998621533328f89c85eeb85a6afba4d7b6604e17b4d35ac8b0aa6ce |
SSDEEP: | 768:r0Wjjqf1uuo5mH4ZPnM6gg7YK4kHlf4c4c9xSCq0HLN5Fi0WBCjjd86KbOvh8k/j:rVOfq5mINhPHFz9xVXN5FSK0M |
TLSH: | 7403AF31E5CD8C9DFD1BC217947E3B051EECB25757C828E240BD85A8F194C81EA7A16B |
File Content Preview: | %PDF-1.7.%.........2 0 obj.<</Length 3 0 R/Filter/FlateDecode>>.stream.x..VMo.@...W......~y-E....@.P....P.-A........u.4iZ.BU....}.f.9T..Q........[....7...d...e]...<...7..UAXE_QH.....eq.G.....B.../._S^e.;..e...x^t@7.//...........d........Jkb`<.m.....7....g |
Icon Hash: | 62cc8caeb29e8ae0 |
General | |
---|---|
Header: | %PDF-1.7 |
Total Entropy: | 7.870429 |
Total Bytes: | 38802 |
Stream Entropy: | 7.970055 |
Stream Bytes: | 32830 |
Entropy outside Streams: | 5.154626 |
Bytes outside Streams: | 5972 |
Number of EOF found: | 1 |
Bytes after EOF: |
Name | Count |
---|---|
obj | 37 |
endobj | 37 |
stream | 7 |
endstream | 7 |
xref | 1 |
trailer | 1 |
startxref | 1 |
/Page | 1 |
/Encrypt | 0 |
/ObjStm | 0 |
/URI | 0 |
/JS | 0 |
/JavaScript | 0 |
/AA | 0 |
/OpenAction | 1 |
/AcroForm | 0 |
/JBIG2Decode | 0 |
/RichMedia | 0 |
/Launch | 0 |
/EmbeddedFile | 0 |
Image Streams |
---|
ID | DHASH | MD5 | Preview |
---|---|---|---|
15 | 4d4b5d7549290965 | 7da0b63a960b36f730a91b5e70663eef | |
7 | 40b2716969697000 | fc837812f869b8d3d358bde2b08f3198 |