Windows
Analysis Report
CRANSTONJONATHAN.pdf
Overview
General Information
Detection
Score: | 2 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- Acrobat.exe (PID: 6712 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\C RANSTONJON ATHAN.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) - AcroCEF.exe (PID: 2736 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 4368 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --user-d ata-dir="C :\Users\us er\AppData \Local\CEF \User Data " --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=22 04 --field -trial-han dle=1588,i ,125375626 6990944482 9,16526735 7755591902 56,131072 --disable- features=B ackForward Cache,Calc ulateNativ eWinOcclus ion,WinUse BrowserSpe llChecker /prefetch: 8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | DNS query: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | IP Address: |
Source: | HTTP traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 3 Exploitation for Client Execution | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 System Information Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 13 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com | 84.201.210.34 | true | false | unknown | |
x1.i.lencr.org | unknown | unknown | false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
23.41.168.139 | unknown | United States | 6461 | ZAYO-6461US | false |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1525186 |
Start date and time: | 2024-10-03 20:42:56 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 12s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowspdfcookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 11 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | CRANSTONJONATHAN.pdf |
Detection: | CLEAN |
Classification: | clean2.winPDF@14/46@1/1 |
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 184.28.88.176, 23.22.254.206, 52.5.13.197, 54.227.187.23, 52.202.204.11, 162.159.61.3, 172.64.41.3, 2.19.126.143, 2.19.126.149, 2.23.197.184, 84.201.210.34, 2.19.126.163, 2.19.126.137
- Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, fs.microsoft.com, e8652.dscx.akamaiedge.net, slscr.update.microsoft.com, acroipm2.adobe.com.edgesuite.net, ctldl.windowsupdate.com.delivery.microsoft.com, ctldl.windowsupdate.com, p13n.adobe.io, a767.dspw65.akamai.net, acroipm2.adobe.com, fe3cr.delivery.mp.microsoft.com, download.windowsupdate.com.edgesuite.net, ocsp.digicert.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, geo2.adobe.com, wu-b-net.trafficmanager.net, crl.root-x1.letsencrypt.org.edgekey.net
- VT rate limit hit for: CRANSTONJONATHAN.pdf
Time | Type | Description |
---|---|---|
14:44:12 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
23.41.168.139 | Get hash | malicious | Azorult | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | LonePage | Browse | |||
Get hash | malicious | LonePage | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | PayPal Phisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com | Get hash | malicious | HTMLPhisher | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Xmrig | Browse |
| ||
Get hash | malicious | HtmlDropper | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
ZAYO-6461US | Get hash | malicious | Azorult | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | LonePage | Browse |
| ||
Get hash | malicious | LonePage | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | PayPal Phisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.2101554405153205 |
Encrypted: | false |
SSDEEP: | 6:Pwi5Vq2PN72nKuAl9OmbnIFUt8mwi8SgZmw+mwi8SIkwON72nKuAl9OmbjLJ:VvVaHAahFUt8LX/+LF5OaHAaSJ |
MD5: | 431758562A4ECAEB2D831D1A85973AEE |
SHA1: | FB301A58C0520C1C773D661305F61BC08474DC8F |
SHA-256: | 73BDB676C21A0D361EF33947BD4253D78F44EA10070505787B8BBBE159BA7FDE |
SHA-512: | C4B3A73632E815268AB668FE9F57989355779BD920AD68ED7C7BB611BFDCF76C3BD1BF02CDDB66AE14F76395A2ED686509C0A2E9BE00159326F01FFD08A895C8 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.2101554405153205 |
Encrypted: | false |
SSDEEP: | 6:Pwi5Vq2PN72nKuAl9OmbnIFUt8mwi8SgZmw+mwi8SIkwON72nKuAl9OmbjLJ:VvVaHAahFUt8LX/+LF5OaHAaSJ |
MD5: | 431758562A4ECAEB2D831D1A85973AEE |
SHA1: | FB301A58C0520C1C773D661305F61BC08474DC8F |
SHA-256: | 73BDB676C21A0D361EF33947BD4253D78F44EA10070505787B8BBBE159BA7FDE |
SHA-512: | C4B3A73632E815268AB668FE9F57989355779BD920AD68ED7C7BB611BFDCF76C3BD1BF02CDDB66AE14F76395A2ED686509C0A2E9BE00159326F01FFD08A895C8 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 342 |
Entropy (8bit): | 5.165332868942412 |
Encrypted: | false |
SSDEEP: | 6:PwN0q2PN72nKuAl9Ombzo2jMGIFUt8mwHH9Zmw+mwHHPkwON72nKuAl9Ombzo2jz:w0vVaHAa8uFUt8Vd/+Vv5OaHAa8RJ |
MD5: | DE8AD3B89449A762C4C54D7291F579BA |
SHA1: | 1AD87E783CDD90DC1098B7F801AE199E5DF427F8 |
SHA-256: | B2B1E30C7F96C1A4F27F1FC3D5E298781E64C4AE2DC93D9351DF08B23520E551 |
SHA-512: | 7AD8A85633B473A0C296B080437406CCB048C1857C83E2FD3C70F3DCDD5A78C82D271EB5D6F0FB511023B36687D1D758FD6976BD8A49160CC79BB27B1AE7AD43 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 342 |
Entropy (8bit): | 5.165332868942412 |
Encrypted: | false |
SSDEEP: | 6:PwN0q2PN72nKuAl9Ombzo2jMGIFUt8mwHH9Zmw+mwHHPkwON72nKuAl9Ombzo2jz:w0vVaHAa8uFUt8Vd/+Vv5OaHAa8RJ |
MD5: | DE8AD3B89449A762C4C54D7291F579BA |
SHA1: | 1AD87E783CDD90DC1098B7F801AE199E5DF427F8 |
SHA-256: | B2B1E30C7F96C1A4F27F1FC3D5E298781E64C4AE2DC93D9351DF08B23520E551 |
SHA-512: | 7AD8A85633B473A0C296B080437406CCB048C1857C83E2FD3C70F3DCDD5A78C82D271EB5D6F0FB511023B36687D1D758FD6976BD8A49160CC79BB27B1AE7AD43 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 475 |
Entropy (8bit): | 4.975824910517686 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqNsBdOg2Hkgcaq3QYiubcP7E4T3y:Y2sRdsrdMHo3QYhbA7nby |
MD5: | CAC0EBD8FA16118F4BA2A7C01E59610F |
SHA1: | 003CE17C70A5C14EEC4E18CF655A1B56CE511378 |
SHA-256: | 9EA13965D66D9DA926DE04C79D9F686DFBC47E9A33ABC4CB2183D5C6E3E02C73 |
SHA-512: | 9053EE7245122175251BE66F5D385E5BC335E274BD09CB4F428B2CB01EF189F41199C1DA596B2ED485D8A350E2D1567F23AEC0D69A1B010BB50D028D418EE7CE |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\f255c1af-ab5b-4ea7-81a2-73bc3578dac4.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 475 |
Entropy (8bit): | 4.975824910517686 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqNsBdOg2Hkgcaq3QYiubcP7E4T3y:Y2sRdsrdMHo3QYhbA7nby |
MD5: | CAC0EBD8FA16118F4BA2A7C01E59610F |
SHA1: | 003CE17C70A5C14EEC4E18CF655A1B56CE511378 |
SHA-256: | 9EA13965D66D9DA926DE04C79D9F686DFBC47E9A33ABC4CB2183D5C6E3E02C73 |
SHA-512: | 9053EE7245122175251BE66F5D385E5BC335E274BD09CB4F428B2CB01EF189F41199C1DA596B2ED485D8A350E2D1567F23AEC0D69A1B010BB50D028D418EE7CE |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 5859 |
Entropy (8bit): | 5.247748933929616 |
Encrypted: | false |
SSDEEP: | 96:av+Nkkl+2GAouz3z3xfNLUS3vHp5OuDzUrMzh28qXAXFP74LRXOtW7ANwE7aBU9d:av+Nkkl+2G1uz3zhfZUyPp5OuDzUwzhB |
MD5: | 89DC024E42542F58DEB46FC86EF1FA9C |
SHA1: | 9D133C68115E6A9C358DD54875C0387B0D9E6989 |
SHA-256: | 34C1D9786DA04D01E986966CA8F7CB750086FA222F0C9989F7F32DC8DC692089 |
SHA-512: | D8BC81C874224C8E57264701E811CCF14AE2DD6B8B517999BA3A2D51330D932FC451F1A5E53A5F3B587E8F05B947FD870D2A1AAFC80699110B7F883B3AA367E8 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 330 |
Entropy (8bit): | 5.104771454802195 |
Encrypted: | false |
SSDEEP: | 6:PPjsq2PN72nKuAl9OmbzNMxIFUt8mPWU7Zmw+mPekwON72nKuAl9OmbzNMFLJ:zsvVaHAa8jFUt8JU7/+T5OaHAa84J |
MD5: | AD9E2022422D8802127B3DBB4C071A50 |
SHA1: | A75E557E8C215E78278BF74267D79CEA865A0700 |
SHA-256: | 07BF7EFA0B6AA47822CD80DBC834CF6D749E64302124D9E2FD6EB2625A9DC179 |
SHA-512: | D9469E06CCF1DC6323E7DD5C7AE41E9945881BEC82BEA0BFEAA25F5F437EA625A608A6597175C7B27B8E07835F1802CD783F47768727D2B662CA6B51EBCBC5BC |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 330 |
Entropy (8bit): | 5.104771454802195 |
Encrypted: | false |
SSDEEP: | 6:PPjsq2PN72nKuAl9OmbzNMxIFUt8mPWU7Zmw+mPekwON72nKuAl9OmbzNMFLJ:zsvVaHAa8jFUt8JU7/+T5OaHAa84J |
MD5: | AD9E2022422D8802127B3DBB4C071A50 |
SHA1: | A75E557E8C215E78278BF74267D79CEA865A0700 |
SHA-256: | 07BF7EFA0B6AA47822CD80DBC834CF6D749E64302124D9E2FD6EB2625A9DC179 |
SHA-512: | D9469E06CCF1DC6323E7DD5C7AE41E9945881BEC82BEA0BFEAA25F5F437EA625A608A6597175C7B27B8E07835F1802CD783F47768727D2B662CA6B51EBCBC5BC |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-241003184404Z-169.bmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 65110 |
Entropy (8bit): | 1.7427501219882056 |
Encrypted: | false |
SSDEEP: | 192:F3AEYNiGLrusvyGJk8amMt02LNvzFb6NjJBdz1Mb6P6E+kB:qEHGnuGaRvwJGOSkB |
MD5: | 938ED2CF7753BC9B484B6241A41C2AA2 |
SHA1: | 7AA5A65432A2205F7968C69E8EEC901E121CE301 |
SHA-256: | 01A3ECFC805580ABB4DF13A4E8E4FA90E644D8BE23EB9EB770637D6C92F18F29 |
SHA-512: | 9399449626BAFDA8C4CC01F65E076A508A00515F1787F93AA441842F36ED223C0EE2BBE05A9D9ABB4CC4201EDCF1DC5CE0FF149E56CD1858371A4F275624C287 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 86016 |
Entropy (8bit): | 4.444862308178459 |
Encrypted: | false |
SSDEEP: | 384:ye6ci5tBiBA7aDQPsknQ0UNCFOa14ocOUw6zyFzqFkdZ+EUTTcdUZ5yDQhJL:mSs3OazzU89UTTgUL |
MD5: | 6760E33366A7833EA20024F92BA28651 |
SHA1: | 8D1E009F29319E59C1424AF710D54D8ACA778DD7 |
SHA-256: | 4E78936FE334AD6D344F62E6F1D8CCB7D8E0F42A524211608FE492FB48CB6D10 |
SHA-512: | BB5CC05552453A4BA66C70610B5F0356501E6C62349C48BD752DA0B77C207755BDACD946964645C4E24E4120EA51FBDECF24BC3052371BD284D400D225D1708A |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 3.768254579411002 |
Encrypted: | false |
SSDEEP: | 48:7MLJioyVtioyJoy1C7oy16oy1fKOioy1noy1AYoy1Wioy1oioykioyBoy1noy1Oo:7MJutr6XjBieb9IVXEBodRBks |
MD5: | 7FBBA7AB7EE7B637D2FCD851D2ACAE1E |
SHA1: | 3001BDEE08D0AA0AC6B6614D8746A1796B2AF14F |
SHA-256: | 594D414867D3D50267599CE3547F9F9FB9C25300FED17A3A59D86F44D18092F5 |
SHA-512: | 46AE9455357EEF0A74951399F632F5439068CEA4DAF29D47C4875378F3480296BCB434FC6862FD90880E8A1CE9E3C36C4DD44688B49098E622B07C06726000F1 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1391 |
Entropy (8bit): | 7.705940075877404 |
Encrypted: | false |
SSDEEP: | 24:ooVdTH2NMU+I3E0Ulcrgdaf3sWrATrnkC4EmCUkmGMkfQo1fSZotWzD1:ooVguI3Kcx8WIzNeCUkJMmSuMX1 |
MD5: | 0CD2F9E0DA1773E9ED864DA5E370E74E |
SHA1: | CABD2A79A1076A31F21D253635CB039D4329A5E8 |
SHA-256: | 96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6 |
SHA-512: | 3B40F27E828323F5B91F8909883A78A21C86551761F27B38029FAAEC14AF5B7AA96FB9F9CC93EE201B5EB1D0FEF17B290747E8B839D2E49A8F36C5EBF3C7C910 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71954 |
Entropy (8bit): | 7.996617769952133 |
Encrypted: | true |
SSDEEP: | 1536:gc257bHnClJ3v5mnAQEBP+bfnW8Ctl8G1G4eu76NWDdB34w18R5cBWcJAm68+Q:gp2ld5jPqW8LgeulxB3fgcEfDQ |
MD5: | 49AEBF8CBD62D92AC215B2923FB1B9F5 |
SHA1: | 1723BE06719828DDA65AD804298D0431F6AFF976 |
SHA-256: | B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F |
SHA-512: | BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 192 |
Entropy (8bit): | 2.7673182398396405 |
Encrypted: | false |
SSDEEP: | 3:kkFklAFAhLkXfllXlE/HT8kejNNX8RolJuRdxLlGB9lQRYwpDdt:kKZFEL9T8NRNMa8RdWBwRd |
MD5: | 8099FE7B0CAFE44FE345308FFD556BA0 |
SHA1: | DB7496E5DD6D03A8CED988ED568969746B152042 |
SHA-256: | 4B2A80DDAAD9E114FEE4DDD2CEA4E0FA54D8E46791179FF17E33EBF59496C570 |
SHA-512: | 530F68453BA66093F0B1DB4E55B08870ED040EC7984467AEE3B14293670E3FDAAE4348D03FC39A4F53C5B388C95061FA0315EE1DDB92973F0ECFBB1301751A83 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 328 |
Entropy (8bit): | 3.130277681168393 |
Encrypted: | false |
SSDEEP: | 6:kKsmbT9UswDLL+N+SkQlPlEGYRMY9z+4KlDA3RUebT3:8DnLNkPlE99SNxAhUe/3 |
MD5: | 1F628C9883F5169E0D28BDEB2BB8A040 |
SHA1: | 81075EC88311DBF38F8FDB9B0722793E6D41044C |
SHA-256: | 2D0D3C70AC84037264D8C15A658921C1A9634969266812D1D79F75C3991FC87A |
SHA-512: | 455B959BE6A8D2C8CF5C8C2F3E28F8FD232AAE42F2130634103F7B8C79FC78A352CE0BE66D938CBD6DB817774C6A39F5687E76479869FB4B7F2D13A406F6ACC8 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 227002 |
Entropy (8bit): | 3.392780893644728 |
Encrypted: | false |
SSDEEP: | 1536:qKPC4iyzDtrh1cK3XEivK7VK/3AYvYwgF/rRoL+sn:XPCaJ/3AYvYwglFoL+sn |
MD5: | 265E3E1166312A864FB63291EA661C6A |
SHA1: | 80DFF3187FF929596EB22E1DB9021BAD6F97178C |
SHA-256: | C13E08B1887A4E44DC39609D7234E8D732A6BC11313B55D6F4ECFB060CD87728 |
SHA-512: | 48776A2BFE8F25E5601DCC0137F7AB103D5684517334B806E3ACF61683DD9B283828475FC85CE0CBE4E8AF88E6F8B25EED0A77640E2CFFF2CC73708726519AFA |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.3422367604700165 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXMIEgyEBl0nZiQ0YGJZd2DoAvJM3g98kUwPeUkwRe9:YvXKXM4f0cbGMbLUkee9 |
MD5: | 2AF7F7DEEE5F15BE84BB2EBD1004ED3D |
SHA1: | F2A8CA4000EC3D9719870B830F718F36061B499B |
SHA-256: | 972AFA1A855850B7866F85756F948FF09DD10BCF6886024D44F078E6B5CFED57 |
SHA-512: | 3CC5EA0C3A80F955F6C792C84544E8D98EF2A4D844EED6F9D4E19F66662AD99C7752CCCEAE37741CC46F538FF8D2099E6CC4CA6C2E45C88B26329F51916A8A78 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.295822900583356 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXMIEgyEBl0nZiQ0YGJZd2DoAvJfBoTfXpnrPeUkwRe9:YvXKXM4f0cbGWTfXcUkee9 |
MD5: | FC3306A44D222A8283B6459187BACC29 |
SHA1: | 62C0A0EB5AB057EC982529F542DDB6F4CD1549DB |
SHA-256: | 0E6D732E75B49310CED74E15654835EB6D6A867FA04116B939EA6DE808A407AD |
SHA-512: | BBF0CCC2BE1C29C2CD82F1AF57D906951DE46CCDA2135337256F2CB5C3062B694B541276CCAB44F9631D8A18B6C2F23F261F88D2FB610410CD4667D352B462AC |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.2736729941604255 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXMIEgyEBl0nZiQ0YGJZd2DoAvJfBD2G6UpnrPeUkwRe9:YvXKXM4f0cbGR22cUkee9 |
MD5: | 55D60E4C7E7E3735FA879D103D15711F |
SHA1: | FF1A51D479FA5013137B21D4A7996E6AA9F7F6FF |
SHA-256: | D18FFA3C66D1479D8CA7437260BA874EA9921C52B537442A5960A45183DE33A7 |
SHA-512: | 55C8429F83B18323D2A7F86C3ACCB074A5F787A1C98AF9793A5075B955AEF7E842A128904B6384A5CDFF8DD906572326A2342E00A5A5D5638C4C462865DCF487 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.321518051016508 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXMIEgyEBl0nZiQ0YGJZd2DoAvJfPmwrPeUkwRe9:YvXKXM4f0cbGH56Ukee9 |
MD5: | BB63D5EFE0D96DC4094E774EFC832C42 |
SHA1: | 40FBCC3FE7A2621704280B2B3604D9F6621ADC45 |
SHA-256: | 37C67F06D755D436C63DB1795E4F6E216998F7E90A337FABAD0BDA20F908B5C0 |
SHA-512: | 69E4E72B76109DCEFB1C01846D612E6DEDD8E806016660497A21CA6818344460F910D2FF8A2B8F8B6345DA313E8D5E43F5AEA50FFBD311650AF33D03DF599C47 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1091 |
Entropy (8bit): | 5.680980276151775 |
Encrypted: | false |
SSDEEP: | 24:Yv6XxxwpLgE7cgD6SOGtnnl0RCmK8czOCYvSHr:Yvthgs6SraAh8cvYKHr |
MD5: | CB2D9F69958420DCCF93B46882AE96F9 |
SHA1: | F12BC8AB8996B83A7802331BB3A556A7648A08AD |
SHA-256: | 53CC29E09190B01BE9288E37D6950F7BE114182F39CA3350E1DC6AFDF47F4E1D |
SHA-512: | A7C638757D43AC3CD296DF7B7660BA511709AAEBCADCEC7A4F6B8E72C53E1B61029A25934948912BB93CD62A44096740D1CBCC19BE6D1D9D411CB7CA24A84D0A |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1050 |
Entropy (8bit): | 5.647071212560808 |
Encrypted: | false |
SSDEEP: | 24:Yv6XxxiVLgEF0c7sbnl0RCmK8czOCYHflEpwiVqr:YvxFg6sGAh8cvYHWpwHr |
MD5: | C9AD8AE72D23BE8A3F4EDE4782FC6C00 |
SHA1: | BCF951452F5800CAF138B67981D2CE94557B7489 |
SHA-256: | E360F7A50EFE60B0244C57E5EB3547C2A4DC27D4D293CFB1AB8388F66529DD35 |
SHA-512: | 090148CBFB892CDE2C14D2F7A8F9A53EB7F71C86B3A25309C57AEB15D022282D5262743A5A322B8E47FE4B670833418423C5F7767AAD61B3F8A491C48BFCC5C0 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.271646096878236 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXMIEgyEBl0nZiQ0YGJZd2DoAvJfQ1rPeUkwRe9:YvXKXM4f0cbGY16Ukee9 |
MD5: | 4B2A775813BEEB58236F2141CF5A2EFE |
SHA1: | E92E52A15EBBF4FB7A88FF5445D465048EE846F6 |
SHA-256: | 7DE92A24A89E3D21D81F500F8DBB2999A23C993395EAAEFAB81D4D9AC12EF3F5 |
SHA-512: | 858B4B86CB798D4863B7C6C7A56284A819FC92F80D2C9B1855F3EEDBBF038FF263F0A54FE1BC1DF91B1C701945C18F35CB748AFFDFCA42D4BC0ACC61F4F43424 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1098 |
Entropy (8bit): | 5.679448892769297 |
Encrypted: | false |
SSDEEP: | 24:Yv6XxxP2LgEFcs2SOGt0nl0RCmK8czOCUaBtCrfSHr:Yvgogq2SrhAh8cvUgEmHr |
MD5: | 409ED9BD8CAC8FD2D94682A1A2E7BAAB |
SHA1: | 489DCE24A0D07BA7D833E126108E4A35C4BC93AF |
SHA-256: | B29F8C82204407DDFE54DFFCD810CC3C33750ED59763ACD5060669FB3BD96D19 |
SHA-512: | A73298D2CFACAB8F322C92A23527D1391CA063AA7F440A361645D7A29BEBF4546BA1B09080A80A47887DAFCA686BF292C9B4162EEBF613585D0613F3827CE238 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1164 |
Entropy (8bit): | 5.692287334691577 |
Encrypted: | false |
SSDEEP: | 24:Yv6XxxjKLgEfIcZVSkpsn264rS514ZjBrwloJTmcVIsrSK5qr:YvoEgqprtrS5OZjSlwTmAfSKwr |
MD5: | 24AB42B85317EE1D9AF3626C9DA2C6A9 |
SHA1: | DF1E71F4499F4D2C303CA395324D2FBCF4EDCDAA |
SHA-256: | E478697FBFE78F3ACD33850E21C9CCB8FD83438E416A552F68DB73A6F75FA57C |
SHA-512: | E581E7650B2A85622F6EC027D899112B1D11D7CE28C9C7141062C5D13858131AF2105847175665D37E2736A6926BA3FE332F51B674911AA9949D2543941556F4 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.275514704130586 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXMIEgyEBl0nZiQ0YGJZd2DoAvJfYdPeUkwRe9:YvXKXM4f0cbGg8Ukee9 |
MD5: | CFC9A6F5156317E62BC046BA6971FB07 |
SHA1: | 8618D1515650324286EAE3176F5CB53FDC2881DB |
SHA-256: | 65453B7B58DEF884816B3A8AA478CF6759B1FF97116446439889920D0A4C3B1B |
SHA-512: | B923FF9ACB06C57133E023283DE394053A163DF491AA33EC02E8FD1A11D5C063712530FBE1AF5DA18381C3F191E7262D85130E3E5905622F099708BACC275359 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1395 |
Entropy (8bit): | 5.771242136880214 |
Encrypted: | false |
SSDEEP: | 24:Yv6Xxx+rLgEGOc93W2JeFmaR7CQzttgBcu141CjrWpHfRzVCV9FJNx:YvHHgDv3W2aYQfgB5OUupHrQ9FJD |
MD5: | A39F82030F835233D0AFE9989CC57600 |
SHA1: | 2B2F1181EC86426A4F2AAC31CF738AB2CAF4E1F0 |
SHA-256: | 80D6195C16EE6854AAF08241EEF802BF83949E81D2DEC0BB9DAFC5C4DA6B7C98 |
SHA-512: | 22818E66DA47A5D7C58121C39D2306595D450FB3218EE94BBD07494D66EC134E9955A060C78EF3DE3AD35C0291CDC451B0B997B98684CBC2618BF7E180D2E3B3 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.259230085624858 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXMIEgyEBl0nZiQ0YGJZd2DoAvJfbPtdPeUkwRe9:YvXKXM4f0cbGDV8Ukee9 |
MD5: | 8FB0E667A2303A0E88EE9F2B378E8268 |
SHA1: | 73425126C0AC275C737CEDD956877FE1D41D6929 |
SHA-256: | C40AA2399A6D59B82A676409367494F9F199C569272A5CE0A6DA227589FD4CD0 |
SHA-512: | 5B2BB76731818D6E1CC2DCCFDC2F6005B9E44567FA592935AB9986779B6E5B5FC4B1D50AF640139AC8638B791C6DD98B0D7F7DA733EFF02A654F19DC720F0F60 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.263363906395421 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXMIEgyEBl0nZiQ0YGJZd2DoAvJf21rPeUkwRe9:YvXKXM4f0cbG+16Ukee9 |
MD5: | F79D2C86668302B4D6AC437CD763D77D |
SHA1: | FCC21A91A7C74DFC8F533A8CA6EBA28F3A744958 |
SHA-256: | 12E9E49F5C4EC7F7E3510EF7D9DF23DAA49D90A039ADC0CF60ECBB1486FE04DB |
SHA-512: | E214B09AC36621E1BAB4894F34C2BBCA75ACA9CAEC1A8046E248A0D73F32187710817EF1CA523AE82A744366A94374BB871DC5855E8784114357E76126C2DF09 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1054 |
Entropy (8bit): | 5.658607763709798 |
Encrypted: | false |
SSDEEP: | 24:Yv6Xxx0amXayLgE6cTg4QSOGtNaqnl0RCmK8czOC/CrfSHr:YvJBgSXQSrOAh8cv6mHr |
MD5: | 771C9B1822FC865988AF1A2361AFC6FF |
SHA1: | 06B868AF9422CB7AD6F9A1D30E811828570A16E9 |
SHA-256: | 7F8274DD9A9668460EEFE3813C9EF4ACF6976827296DC5EA51880A1880F12377 |
SHA-512: | F23402BA09EEFE35ABDD5D499FA9AAE8F4D86FB0C625F1156CD864B1EF18EECEC9ECD9F1553A9FDA47339A7225076ABE900CB7C8344B65BE6B2169EAEC8AA541 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 286 |
Entropy (8bit): | 5.237233095782162 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXMIEgyEBl0nZiQ0YGJZd2DoAvJfshHHrPeUkwRe9:YvXKXM4f0cbGUUUkee9 |
MD5: | E372765EAAF21C240C1F7FF51503E3D6 |
SHA1: | EB4C5ED5CCD63B8975D536935792EEAF8E6BDDDB |
SHA-256: | 4BA01901F122D28BBFF292A76842983433AC94FC34DB66B8549052D7E4DE9B93 |
SHA-512: | 637FE883C709AED21BE13B9719DFCB815ECB0E3648C407CD375B916975BC66EFBD6A613E4236F3477298C82BFB8D6650BC9A432882AE79BF8FA670B66549513F |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 782 |
Entropy (8bit): | 5.348354009920406 |
Encrypted: | false |
SSDEEP: | 12:YvXKXM4f0cbGTq16Ukee1+3CEJ1KXd15kcyKMQo7P70c0WM6ZB/uhWt:Yv6Xxx7168CgEXX5kcIfANh8 |
MD5: | 1E9950327F2DCAF46F048848CE6A1FFC |
SHA1: | 221AADC4A35986ED8A094DB447AD035A00123B9B |
SHA-256: | 977AD2BD6F920EC27CBB576646605A2318F47BB3ABD9711C29EA5379270E8991 |
SHA-512: | F8013D3373C25BF539934D8264287D241AE975C1BBA57E15ACD1F51B48F6413BB41804551D77D3EA94EA47D819867B05338D7A124A73821F01AC564ADD36B367 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | 3:e:e |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2818 |
Entropy (8bit): | 5.136401547558455 |
Encrypted: | false |
SSDEEP: | 24:YjcTgzZfM1aZcayOtjqUjKChqFanlzw+ujhHBj0S6jK+26Y2LSkiOB5HNt79/5ul:YjtxPTOydnlKLQlZYyiOB5f9/8 |
MD5: | 666D2D0269515DB60F4ED999D5D54935 |
SHA1: | 84DF2FDA56B9A24FFC58058D74DA5CC1E8290FFD |
SHA-256: | 36EB36C51DA1405FE429D82BEE3F99F76D694C4A15840AABC1C49376997CB52F |
SHA-512: | ECDFD8B57ACF936232CB9AFA5D4F00BD0F5DE2264E222980449505F23085AABFC94854DAA4D4BF27A821D2FAA0C19284DECD150F3344AFFD3537D62F9F4E3DEB |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 1.146800281742649 |
Encrypted: | false |
SSDEEP: | 24:TLhx/XYKQvGJF7ursgRZXcMRZXcMZgux3Fmu3n9u1oGuDyIX4uDyvuOudIUudcHr:TFl2GL7msKXc+XcGNFlRYIX2v3kr |
MD5: | 13C64C17561002C9E1737BA774883920 |
SHA1: | B5F11504FAF821FADA1C02E8E557465355C6EB45 |
SHA-256: | BC215D01D211054D535E52B838D6A1536EF66B97F480F7D88ACC5D183B4ED671 |
SHA-512: | 38DB5C0CF14A42D66DCAF6B765F6FE55DFBAA84BDD2C6F2D24A33D111C2CCF1C21AC0FED41211B8896BAD695C31FD74CF8F8FB8AB03E567F72429ED9A213D513 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.549998121095125 |
Encrypted: | false |
SSDEEP: | 24:7+t8DUXcMRZXcMZgux3Fmu3n9u1oGuDyIX4uDyvuOudIUudcHRuLuxr6vqLxx/X9:7M8gXc+XcGNFlRYIX2v26vqVl2GL7msj |
MD5: | 001587ED14C7518016EDAA199CA8B789 |
SHA1: | 5F4D32E28FEE0937398A3636F50C9FA00685B53A |
SHA-256: | 6A844A3B6519E6C6D49EDC74BC2E7BC8495E4229BAADDEAFBB051B94287CB598 |
SHA-512: | 01F0EC713CB1ED060304C96DB62450B4E140C2618D8C99504123F9AF6A34E0E2BBE87DD42315F1353C9D12FB67C90AFEB9B9D331A5369593A00CCD2F260EC5B7 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.5065515051498046 |
Encrypted: | false |
SSDEEP: | 6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K82hlQqRel:Qw946cPbiOxDlbYnuRKXhlEl |
MD5: | 80D025FBD889C32AE41AB4E1EA1A11FF |
SHA1: | 2E5163E9D3A0749D073A7613648AEE4584F6E303 |
SHA-256: | C0EF13AA7CB5F7BDC319890245E57B2B950B2484E6D6FEC58E98BFDC8F970AE5 |
SHA-512: | 3D0DE280B82BC8B91F4D3E5B31769C244FD05CA931042F82FA49A30CE2C914961258DAAB6DBF0B0537F5C02E222A01707973093A94B4423F1C4950BED2D18D58 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 358 |
Entropy (8bit): | 5.031252052024994 |
Encrypted: | false |
SSDEEP: | 6:IngVMrexJzJT0y9VEQIFVmb/eu2g/86S1kxROOTMmmjZwmmjZbmCSyAAO:IngVMre9T0HQIDmy9g06JXajQjZalX |
MD5: | 989565DE40604F8931EA662AEE06C626 |
SHA1: | F951533527CE4DC73EEC55DEBAF5AA942C5E74FE |
SHA-256: | FC1E84522B5BB62448B81685336C73970EF88D53DC587AC6E330555D9145F45F |
SHA-512: | CC20E1F4C4A0FF479293674952214E226167ECFD0A77F8793153C4925D974186AE3A74A907FC8D70DEBC0900628F5455D6776FD742B2A6922ED943F7FC231BBD |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-03 14-44-01-611.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.338264912747007 |
Encrypted: | false |
SSDEEP: | 384:lH4ZASLaTgKoBKkrNdOZTfUY9/B6u6AJ8dbBNrSVNspYiz5LkiTjgjQLhDydAY8s:kIb |
MD5: | 128A51060103D95314048C2F32A15C66 |
SHA1: | EEB64761BE485729CD12BF4FBF7F2A68BA1AD7DB |
SHA-256: | 601388D70DFB723E560FEA6AE08E5FEE8C1A980DF7DF9B6C10E1EC39705D4713 |
SHA-512: | 55099B6F65D6EF41BC0C077BF810A13BA338C503974B4A5F2AA8EB286E1FCF49DF96318B1DA691296FB71AA8F2A2EA1406C4E86F219B40FB837F2E0BF208E677 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 15114 |
Entropy (8bit): | 5.318783736685956 |
Encrypted: | false |
SSDEEP: | 384:URFQYYxUjNG2TNOH84bYFv4JxGxE/nDwUrOXRV3Xyc+vn9xbDM1Kpups94accnX+:Y8g |
MD5: | 53C2CBD6155BBCCCDAA991802B490181 |
SHA1: | DC132ED2E1025CC2DA8D6B1E7AEC0720233DE683 |
SHA-256: | ACB23290BDD17B95666CA0B86B2A9B22696998828051A63BC86CA166BA1BC22F |
SHA-512: | 98535A3E1AA7F4D63CF42BE9D7011AFC60154A7434740F823016ED74797CBB3DF8519502AB547B33A4CE54A43789D8867399A6A138495D78AC8A8C7E95709217 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 29752 |
Entropy (8bit): | 5.388999335069104 |
Encrypted: | false |
SSDEEP: | 192:acb4I3dcbPcbaIO4cbYcbqnIdjcb6acbaIewcbRDGcb4IEhkjcbAc:V3fOCIdJDevDxEhk7c |
MD5: | 8FD4AE976A770A79FC82132A9587F35D |
SHA1: | 653DC594ACADEC8CB7114DE7AED2013A096CA58A |
SHA-256: | 8184D726E84A38BFA661114948256A6B27CD3C1C2C6AD22AE0A29CA53872C584 |
SHA-512: | 2D671225BCFA9557983CA43784630566228783DCAB36F66C31F719E18B9C6C0D820755230EA45FF8A143E8C7601C75C40683489CFB22555A57364223DAFA9917 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | 24576:/xA7owWLaGZDwYIGNPJodpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:JVwWLaGZDwZGk3mlind9i4ufFXpAXkru |
MD5: | 18E3D04537AF72FDBEB3760B2D10C80E |
SHA1: | B313CD0B25E41E5CF0DFB83B33AB3E3C7678D5CC |
SHA-256: | BBEF113A2057EE7EAC911DC960D36D4A62C262DAE5B1379257908228243BD6F4 |
SHA-512: | 2A5B9B0A5DC98151AD2346055DF2F7BFDE62F6069A4A6A9AB3377B644D61AE31609B9FC73BEE4A0E929F84BF30DA4C1CDE628915AC37C7542FD170D12DE41298 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | 6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | 12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg |
MD5: | 3A49135134665364308390AC398006F1 |
SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | 24576:/xA7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R07/WLaGZDwYIGNPJe:JVB3mlind9i4ufFXpAXkrfUs0jWLaGZo |
MD5: | A0CFC77914D9BFBDD8BC1B1154A7B364 |
SHA1: | 54962BFDF3797C95DC2A4C8B29E873743811AD30 |
SHA-256: | 81E45F94FE27B1D7D61DBC0DAFC005A1816D238D594B443BF4F0EE3241FB9685 |
SHA-512: | 74A8F6D96E004B8AFB4B635C0150355CEF5D7127972EA90683900B60560AA9C7F8DE780D1D5A4A944AF92B63C69F80DCDE09249AB99696932F1955F9EED443BE |
Malicious: | false |
Preview: |
File type: | |
Entropy (8bit): | 7.890939599680852 |
TrID: |
|
File name: | CRANSTONJONATHAN.pdf |
File size: | 65'407 bytes |
MD5: | acfd79294b7a2b428b071bb757328866 |
SHA1: | 08e80fdedbd891ab484c05e65e77f69bf8b36684 |
SHA256: | 61353ab9c07351dd768f95a2c39d71d109c75f2e9227b2eef6bd26283cd8ed87 |
SHA512: | 0a6b6f346aebe8f6330abb235045277a9daec6b805a60c3ea95c799a164a60d3e3889bbfb926c7b29d305ab38d51d492e88e5cd9c143e1c2427b089efe6e1ba5 |
SSDEEP: | 1536:+tUqISFIrOB0JslI6IKKMecbC+Y4gmFq+bT:+3F2+sslTISPC+hgAq+bT |
TLSH: | B053F172A1152C1ED9E2C3CAAC2DBC9EA47CB1729FF8354271784935B4108E57291BCF |
File Content Preview: | %PDF-1.4.1 0 obj.<<./Title (..)./Creator (..)./Producer (...Q.t. .5...5...1)./CreationDate (D:20241002012655).>>.endobj.2 0 obj.<<./Type /Catalog./Pages 3 0 R.>>.endobj.4 0 obj.<<./Type /ExtGState./SA true./SM 0.02./ca 1.0./CA 1.0./AIS false./SMask /None> |
Icon Hash: | 62cc8caeb29e8ae0 |
General | |
---|---|
Header: | %PDF-1.4 |
Total Entropy: | 7.890940 |
Total Bytes: | 65407 |
Stream Entropy: | 7.914082 |
Stream Bytes: | 61842 |
Entropy outside Streams: | 5.079341 |
Bytes outside Streams: | 3565 |
Number of EOF found: | 1 |
Bytes after EOF: |
Name | Count |
---|---|
obj | 29 |
endobj | 29 |
stream | 7 |
endstream | 6 |
xref | 1 |
trailer | 1 |
startxref | 1 |
/Page | 2 |
/Encrypt | 0 |
/ObjStm | 0 |
/URI | 0 |
/JS | 0 |
/JavaScript | 0 |
/AA | 0 |
/OpenAction | 0 |
/AcroForm | 0 |
/JBIG2Decode | 0 |
/RichMedia | 0 |
/Launch | 0 |
/EmbeddedFile | 0 |
Image Streams |
---|
ID | DHASH | MD5 | Preview |
---|---|---|---|
14 | 4eab981e39234959 | a6b308221482528888a2cb115fee0e4e |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 3, 2024 20:44:13.224486113 CEST | 49729 | 443 | 192.168.2.6 | 23.41.168.139 |
Oct 3, 2024 20:44:13.224528074 CEST | 443 | 49729 | 23.41.168.139 | 192.168.2.6 |
Oct 3, 2024 20:44:13.224602938 CEST | 49729 | 443 | 192.168.2.6 | 23.41.168.139 |
Oct 3, 2024 20:44:13.224778891 CEST | 49729 | 443 | 192.168.2.6 | 23.41.168.139 |
Oct 3, 2024 20:44:13.224795103 CEST | 443 | 49729 | 23.41.168.139 | 192.168.2.6 |
Oct 3, 2024 20:44:13.835463047 CEST | 443 | 49729 | 23.41.168.139 | 192.168.2.6 |
Oct 3, 2024 20:44:13.836045027 CEST | 49729 | 443 | 192.168.2.6 | 23.41.168.139 |
Oct 3, 2024 20:44:13.836065054 CEST | 443 | 49729 | 23.41.168.139 | 192.168.2.6 |
Oct 3, 2024 20:44:13.837315083 CEST | 443 | 49729 | 23.41.168.139 | 192.168.2.6 |
Oct 3, 2024 20:44:13.838025093 CEST | 49729 | 443 | 192.168.2.6 | 23.41.168.139 |
Oct 3, 2024 20:44:13.839689970 CEST | 49729 | 443 | 192.168.2.6 | 23.41.168.139 |
Oct 3, 2024 20:44:13.839777946 CEST | 443 | 49729 | 23.41.168.139 | 192.168.2.6 |
Oct 3, 2024 20:44:13.839973927 CEST | 49729 | 443 | 192.168.2.6 | 23.41.168.139 |
Oct 3, 2024 20:44:13.839994907 CEST | 443 | 49729 | 23.41.168.139 | 192.168.2.6 |
Oct 3, 2024 20:44:13.880443096 CEST | 49729 | 443 | 192.168.2.6 | 23.41.168.139 |
Oct 3, 2024 20:44:13.938461065 CEST | 443 | 49729 | 23.41.168.139 | 192.168.2.6 |
Oct 3, 2024 20:44:13.938545942 CEST | 443 | 49729 | 23.41.168.139 | 192.168.2.6 |
Oct 3, 2024 20:44:13.938693047 CEST | 49729 | 443 | 192.168.2.6 | 23.41.168.139 |
Oct 3, 2024 20:44:13.939953089 CEST | 49729 | 443 | 192.168.2.6 | 23.41.168.139 |
Oct 3, 2024 20:44:13.939970016 CEST | 443 | 49729 | 23.41.168.139 | 192.168.2.6 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 3, 2024 20:44:12.802746058 CEST | 54520 | 53 | 192.168.2.6 | 1.1.1.1 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 3, 2024 20:44:12.802746058 CEST | 192.168.2.6 | 1.1.1.1 | 0x9f1 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 3, 2024 20:44:12.815412045 CEST | 1.1.1.1 | 192.168.2.6 | 0x9f1 | No error (0) | crl.root-x1.letsencrypt.org.edgekey.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 3, 2024 20:44:13.569611073 CEST | 1.1.1.1 | 192.168.2.6 | 0xc8e6 | No error (0) | default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 3, 2024 20:44:13.569611073 CEST | 1.1.1.1 | 192.168.2.6 | 0xc8e6 | No error (0) | 84.201.210.34 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 20:44:13.569611073 CEST | 1.1.1.1 | 192.168.2.6 | 0xc8e6 | No error (0) | 84.201.210.38 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 20:44:13.569611073 CEST | 1.1.1.1 | 192.168.2.6 | 0xc8e6 | No error (0) | 217.20.57.27 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 20:44:13.569611073 CEST | 1.1.1.1 | 192.168.2.6 | 0xc8e6 | No error (0) | 217.20.57.22 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 20:44:13.569611073 CEST | 1.1.1.1 | 192.168.2.6 | 0xc8e6 | No error (0) | 217.20.57.38 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 20:44:13.569611073 CEST | 1.1.1.1 | 192.168.2.6 | 0xc8e6 | No error (0) | 217.20.57.42 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 20:44:13.569611073 CEST | 1.1.1.1 | 192.168.2.6 | 0xc8e6 | No error (0) | 217.20.57.21 | A (IP address) | IN (0x0001) | false | ||
Oct 3, 2024 20:44:13.569611073 CEST | 1.1.1.1 | 192.168.2.6 | 0xc8e6 | No error (0) | 217.20.57.40 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.6 | 49729 | 23.41.168.139 | 443 | 4368 | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-03 18:44:13 UTC | 475 | OUT | |
2024-10-03 18:44:13 UTC | 198 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 14:43:58 |
Start date: | 03/10/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff651090000 |
File size: | 5'641'176 bytes |
MD5 hash: | 24EAD1C46A47022347DC0F05F6EFBB8C |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Target ID: | 2 |
Start time: | 14:43:59 |
Start date: | 03/10/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff70df30000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Target ID: | 4 |
Start time: | 14:43:59 |
Start date: | 03/10/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff70df30000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |