Windows
Analysis Report
INV DATE 2024-10-10.PDF
Overview
General Information
Detection
Score: | 20 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- Acrobat.exe (PID: 5908 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\I NV DATE 20 24-10-10.P DF" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) - AcroCEF.exe (PID: 3144 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 6616 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --user-d ata-dir="C :\Users\us er\AppData \Local\CEF \User Data " --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=21 16 --field -trial-han dle=1768,i ,149247496 1823504818 1,35212556 1017086981 7,131072 - -disable-f eatures=Ba ckForwardC ache,Calcu lateNative WinOcclusi on,WinUseB rowserSpel lChecker / prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
- cleanup
Click to jump to signature section
Source: | IP Address: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | Initial sample: |
Persistence and Installation Behavior |
---|
Source: | LLM: | ||
Source: | LLM: |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Browser Extensions | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 System Information Discovery | Remote Services | Data from Local System | Data Obfuscation | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | Junk Data | Exfiltration Over Bluetooth | Network Denial of Service |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
23.195.76.153 | unknown | United States | 2914 | NTT-COMMUNICATIONS-2914US | false |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1528236 |
Start date and time: | 2024-10-07 17:16:17 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 4s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowspdfcookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 9 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | INV DATE 2024-10-10.PDF |
Detection: | SUS |
Classification: | sus20.winPDF@14/36@0/1 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 184.28.88.176, 18.207.85.246, 34.193.227.236, 107.22.247.231, 54.144.73.197, 162.159.61.3, 172.64.41.3, 2.23.197.184, 93.184.221.240, 2.19.126.143, 2.19.126.149, 192.168.2.5, 23.219.161.132
- Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, fs.microsoft.com, e8652.dscx.akamaiedge.net, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com.delivery.microsoft.com, acroipm2.adobe.com.edgesuite.net, wu.ec.azureedge.net, ctldl.windowsupdate.com, p13n.adobe.io, wu.azureedge.net, acroipm2.adobe.com, fe3cr.delivery.mp.microsoft.com, ocsp.digicert.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, hlb.apr-52dd2-0.edgecastdns.net, geo2.adobe.com, wu-b-net.trafficmanager.net, crl.root-x1.letsencrypt.org.edgekey.net
- Report size getting too big, too many NtCreateFile calls found.
- VT rate limit hit for: INV DATE 2024-10-10.PDF
Time | Type | Description |
---|---|---|
11:17:25 | API Interceptor |
Input | Output |
---|---|
URL: PDF document Model: jbxai | { "brand":["Aston Carter"], "contains_trigger_text":true, "trigger_text":"INVOICE TOTAL AMOUNT DUE: USD", "prominent_button_name":"INVOICE TOTAL AMOUNT DUE: USD", "text_input_field_labels":["Contractor", "Date", "Type", "Qty", "Rate", "Total"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "text":"PLEASE REMIT TO: ASTON CARTER, INC. P.O. BOX 7410408 CHICAGO IL 60674-0408 UNITED STATES AMERIS BANK BOGGS, DAVID 3500 PIEDMONT RD NE SUITE 500 ATLANTA AL 30305 For Billing Inquiries Call Merton, Stone at 866-887-0244 ext 904/489-3205 E-Mail: smerton@actalentservices.com Contractor Date Type Qty Rate Total Wallace, Wesley A 09/28/24 REG 40.00 71.00 2, 840.00 INVOICE TOTAL AMOUNT DUE: USD 2, 840.00", "has_visible_qrcode":false} |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
23.195.76.153 | Get hash | malicious | HTMLPhisher | Browse | ||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | HTMLPhisher | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
NTT-COMMUNICATIONS-2914US | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
|
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.158027212841806 |
Encrypted: | false |
SSDEEP: | 6:XUaq2P92nKuAl9OmbnIFUt8AUfZZmw+AUfzkwO92nKuAl9OmbjLJ:Xfv4HAahFUt8AY/+AA5LHAaSJ |
MD5: | ABA7CAB37E0345BC24792098A6755AA0 |
SHA1: | 6CE9FB00C93A1A75E591AD4C2D6AED5A2F029509 |
SHA-256: | 75798589997C6FC8612D623E91FEBEBB0D1C191A06835458B1518E4705E67E49 |
SHA-512: | 1A5827C2C4F10216794A8AAF5FEA1DA99E547F31B1F6FC8B7FDEC4BFE9FE44DBD07C32B2F2F8B777BC0EBB9F6BEC149FABD4D36EB105E7F8F5D832FFB02E3A0F |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.158027212841806 |
Encrypted: | false |
SSDEEP: | 6:XUaq2P92nKuAl9OmbnIFUt8AUfZZmw+AUfzkwO92nKuAl9OmbjLJ:Xfv4HAahFUt8AY/+AA5LHAaSJ |
MD5: | ABA7CAB37E0345BC24792098A6755AA0 |
SHA1: | 6CE9FB00C93A1A75E591AD4C2D6AED5A2F029509 |
SHA-256: | 75798589997C6FC8612D623E91FEBEBB0D1C191A06835458B1518E4705E67E49 |
SHA-512: | 1A5827C2C4F10216794A8AAF5FEA1DA99E547F31B1F6FC8B7FDEC4BFE9FE44DBD07C32B2F2F8B777BC0EBB9F6BEC149FABD4D36EB105E7F8F5D832FFB02E3A0F |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 335 |
Entropy (8bit): | 5.098641081567132 |
Encrypted: | false |
SSDEEP: | 6:Xd+q2P92nKuAl9Ombzo2jMGIFUt8A9hZmw+AWVkwO92nKuAl9Ombzo2jMmLJ:Xd+v4HAa8uFUt8A9h/+AWV5LHAa8RJ |
MD5: | 8C4F624E9F32EB81BB02A42B3FD3467F |
SHA1: | 346515C21AC021C991C2B4706CED1A57011F0774 |
SHA-256: | 1D140AB1631326646E5CDEACAF2E28051CA94E9B42A423A9747B936D5F798D9D |
SHA-512: | F6A97F46E2A4B5A250B1F023D67854307C1BA2B11CD16C21D7ACC23221BE85CE46FC9DA3B6F5920D297E832C5AB8A13C99FC3D84B0125C890CA61D4A98915E09 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 335 |
Entropy (8bit): | 5.098641081567132 |
Encrypted: | false |
SSDEEP: | 6:Xd+q2P92nKuAl9Ombzo2jMGIFUt8A9hZmw+AWVkwO92nKuAl9Ombzo2jMmLJ:Xd+v4HAa8uFUt8A9h/+AWV5LHAa8RJ |
MD5: | 8C4F624E9F32EB81BB02A42B3FD3467F |
SHA1: | 346515C21AC021C991C2B4706CED1A57011F0774 |
SHA-256: | 1D140AB1631326646E5CDEACAF2E28051CA94E9B42A423A9747B936D5F798D9D |
SHA-512: | F6A97F46E2A4B5A250B1F023D67854307C1BA2B11CD16C21D7ACC23221BE85CE46FC9DA3B6F5920D297E832C5AB8A13C99FC3D84B0125C890CA61D4A98915E09 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\734f3dd5-c39e-481c-9c18-44507923aa88.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 508 |
Entropy (8bit): | 5.057386895832011 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqJDksBdOg2HpVOgcaq3QYiubxnP7E4T3OF+:Y2sRdsAddMHpVu3QYhbxP7nbI+ |
MD5: | 99F6041A4E1D763DD210877B7EF73D37 |
SHA1: | 0F9D9664C5A8292E4B5812B14E83FD17F693DE9B |
SHA-256: | F00097630DE84CDF03072E627F8FA595F4443AFE6B1EE672F5E13083B8E79096 |
SHA-512: | D25A25FAFC664F6B5CBE227667DD375186AE77A7D1FF37451688F66920EE981BB4E9EF56E45168C61EB49B51B1B5A81F720C90B2F3981EB0242A86CD8746D03F |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 508 |
Entropy (8bit): | 5.057386895832011 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqJDksBdOg2HpVOgcaq3QYiubxnP7E4T3OF+:Y2sRdsAddMHpVu3QYhbxP7nbI+ |
MD5: | 99F6041A4E1D763DD210877B7EF73D37 |
SHA1: | 0F9D9664C5A8292E4B5812B14E83FD17F693DE9B |
SHA-256: | F00097630DE84CDF03072E627F8FA595F4443AFE6B1EE672F5E13083B8E79096 |
SHA-512: | D25A25FAFC664F6B5CBE227667DD375186AE77A7D1FF37451688F66920EE981BB4E9EF56E45168C61EB49B51B1B5A81F720C90B2F3981EB0242A86CD8746D03F |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4509 |
Entropy (8bit): | 5.234732253771931 |
Encrypted: | false |
SSDEEP: | 96:QqBpCqGp3Al+NehBmkID2w6bNMhugoKTNY+No/KTNcygLPGLLU0NFZVgNTZ:rBpJGp3AoqBmki25ZEVoKTNY+NoCTNL+ |
MD5: | CF26DBAEB7F70786239354FA75271DEC |
SHA1: | 0D483414E2BDF454D7A58ABA6F59F2F3051262D2 |
SHA-256: | 47D07B305FB1B0F6454957B05A316F85EE01DFD2361141B50B551FC61370E8D8 |
SHA-512: | 92F1B639B869926BB0CBB93FF8C472B08008C9E42ECA4C7FB24E904F818C3568A42CBD35A9364517FEFDDB7CF0E13E08559AB62732538006AAD88A63ED3CBFE0 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 323 |
Entropy (8bit): | 5.095045168182769 |
Encrypted: | false |
SSDEEP: | 6:g+q2P92nKuAl9OmbzNMxIFUt89ZZmw+9NVkwO92nKuAl9OmbzNMFLJ:g+v4HAa8jFUt8P/+PV5LHAa84J |
MD5: | 8EBC479429C4E9B397118229DEAE49F3 |
SHA1: | B88BC0684D4701D7BEA12194979471BF6DBC0391 |
SHA-256: | 7BFB43EC061AC65DD6382A18BF77D9A53F883955BB07BB644B8DFF886614065D |
SHA-512: | 0694C16455BA0178DA9ECCC6021013A6DF4CF80595312EE2C66F172937B64AE6E10C7826E92AAB45EB7F6D8B2075A5475822ACB36D26D5161F970CC07D6572E0 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 323 |
Entropy (8bit): | 5.095045168182769 |
Encrypted: | false |
SSDEEP: | 6:g+q2P92nKuAl9OmbzNMxIFUt89ZZmw+9NVkwO92nKuAl9OmbzNMFLJ:g+v4HAa8jFUt8P/+PV5LHAa84J |
MD5: | 8EBC479429C4E9B397118229DEAE49F3 |
SHA1: | B88BC0684D4701D7BEA12194979471BF6DBC0391 |
SHA-256: | 7BFB43EC061AC65DD6382A18BF77D9A53F883955BB07BB644B8DFF886614065D |
SHA-512: | 0694C16455BA0178DA9ECCC6021013A6DF4CF80595312EE2C66F172937B64AE6E10C7826E92AAB45EB7F6D8B2075A5475822ACB36D26D5161F970CC07D6572E0 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-241007151717Z-158.bmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71190 |
Entropy (8bit): | 0.9982362239128421 |
Encrypted: | false |
SSDEEP: | 192:BNkO+cvPxUj6MHi8c1Cc0SLMEsaUtkzMHdkdaMu/OFzIa2QPSY:PjvPxUj5PSL/7RMHdk06FzYQPz |
MD5: | AA406CA87B23F8310E43BA690F14F6FB |
SHA1: | CDA99EE901A2DDDC7FA859D4A855020C71CEC4FC |
SHA-256: | 66E65398C8CA5D1DB60CB6AE6DCD1C2E91C910DC55D9CB09F8030EF6AAFF8F16 |
SHA-512: | 762B1EC2A56722F7AE7EEC18A391BC3DAAC4466DEEA4D3AE15C72D909B985B28C32B615C9F1C53F972ADD1A1BAF9EAD1FA96760BE98A6747BC27ADCC960AFB55 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 57344 |
Entropy (8bit): | 3.2934188940827513 |
Encrypted: | false |
SSDEEP: | 192:PedRBsVui5V4R4dcQ5V4R4RtYWtEV2UUTTchqGp8F/7/z+FP:Pemci5H5FY+EUUUTTcHqFzqFP |
MD5: | BBFA5ED2704FE584F26033420BE55E6E |
SHA1: | 721D72E0E80AE53C1BC0A79F19CDB73A41F0CBCF |
SHA-256: | B4A7592156EEDCE97F36DD1B259A9D68F7C52E5DAC303EEC39E83A0F97DFF0C4 |
SHA-512: | 1E904E5AC771798121DAFA026B79C06A6AEEC2476751C6FA059EE0D31E1D319D5416FE8AFC896109C201429D1795323A5052E6A2F7D43664E8E33CD4CBD3F5B1 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 2.2101063057330013 |
Encrypted: | false |
SSDEEP: | 24:7+tJiTwKssWqLKzkrFsgIFsxX3pALXmnHpkDGjmcxBSkomXk+2m9RFTsyg+wmf9m:7MsEqOmFTIF3XmHjBoGGR+jMz+LhQ |
MD5: | 41E3C663EC023873DF3A9336143CCB89 |
SHA1: | 32361CDC824211A7A6A725B0AD55952C598A975E |
SHA-256: | DDBF596B30FB46CF8AE50B4161541673793AF60D1575F41CB8AE8FE020929015 |
SHA-512: | BC9EDAB1AEEBC5D86F9155986E71668AB519C3F5178AE8C550DAC600BEBCC1C20BE006D065A120FE2870F350D3E35BED23F1E28F72AE3E4924D464643F1E7EC4 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1391 |
Entropy (8bit): | 7.705940075877404 |
Encrypted: | false |
SSDEEP: | 24:ooVdTH2NMU+I3E0Ulcrgdaf3sWrATrnkC4EmCUkmGMkfQo1fSZotWzD1:ooVguI3Kcx8WIzNeCUkJMmSuMX1 |
MD5: | 0CD2F9E0DA1773E9ED864DA5E370E74E |
SHA1: | CABD2A79A1076A31F21D253635CB039D4329A5E8 |
SHA-256: | 96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6 |
SHA-512: | 3B40F27E828323F5B91F8909883A78A21C86551761F27B38029FAAEC14AF5B7AA96FB9F9CC93EE201B5EB1D0FEF17B290747E8B839D2E49A8F36C5EBF3C7C910 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71954 |
Entropy (8bit): | 7.996617769952133 |
Encrypted: | true |
SSDEEP: | 1536:gc257bHnClJ3v5mnAQEBP+bfnW8Ctl8G1G4eu76NWDdB34w18R5cBWcJAm68+Q:gp2ld5jPqW8LgeulxB3fgcEfDQ |
MD5: | 49AEBF8CBD62D92AC215B2923FB1B9F5 |
SHA1: | 1723BE06719828DDA65AD804298D0431F6AFF976 |
SHA-256: | B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F |
SHA-512: | BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 192 |
Entropy (8bit): | 2.7569015731729736 |
Encrypted: | false |
SSDEEP: | 3:kkFklOpqhp9+klfllXlE/HT8kjzvNNX8RolJuRdxLlGB9lQRYwpDdt:kKXpq0kmT8opNMa8RdWBwRd |
MD5: | 504AD14E71101E45D3B8CD50AF1FB93B |
SHA1: | E0E0E1F4F3CD5ECC6EB7AD3A313DC106C7EC6DE0 |
SHA-256: | 481325EE9AAC702808B8FDB544261DD9DB25CE18D864230E2F45368BF2307625 |
SHA-512: | DDD5B918E6F1EEFD2C9972BE67186E47458BC33E0ADDD16ED08546CB7AC38094D48FDD23ACC79C9A94940584CED0F26E1B471F3D74082EF9B776DCFEEF76BCE4 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 328 |
Entropy (8bit): | 3.1440865988908953 |
Encrypted: | false |
SSDEEP: | 6:kK9F9UswDLL+N+SkQlPlEGYRMY9z+4KlDA3RUebT3:VsDnLNkPlE99SNxAhUe/3 |
MD5: | 2C327D6D3CC5A5135FD0BF2040BD04F3 |
SHA1: | 3AF907B1B513E24AE360B4B6F99FED1C7FB7D8AB |
SHA-256: | 3CF89169E034CF8C62575EBD6D86A7A1E2F30AE153E342F0B89FEC7BC5DCD6F5 |
SHA-512: | 3EED7BDCABB5606AC8580D66F1F2ABBAFE93A0DFE5B4108AB641B0FA78B46AC21C21AD1FA47D43FFDF2F824469BA0176C39B0E5CF53316581C38E78D60132434 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | 3:e:e |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2145 |
Entropy (8bit): | 5.069812983464617 |
Encrypted: | false |
SSDEEP: | 24:YFuyT3QJGm27XHZ2LSCt7aZna0TNpnayGZmmuBJvbZW4xCZqu20Z+nZO8ZMCCDxN:Y1TAwmWXZYEtoitbRCwu20wD+JliWxao |
MD5: | 96B18D23D5B4D31F1753C332652B0F49 |
SHA1: | BE21C723706652FC6EA8800E3A13140A9415CB01 |
SHA-256: | BEC5D48ACEC447535504C5030ACB396994D58FB1E655C6462496568530149D8F |
SHA-512: | 55C2FCEE5FE3767E47253F1433473D21475B7C543DD991AAA90620F8E68F1F8DA5BE9F00D504B172BE712E1D2BB7AB811AAF54D015FCD3BA0C69B29E957B1189 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 1.0035038802300882 |
Encrypted: | false |
SSDEEP: | 48:TGufl2GL7msvgOZZApZhnZAuwlZaXlZ8lZBZ/jZt:lNVmsIOZOpnnO5oCDxr |
MD5: | A14B00516A84FC8A96A9C7C9B102598E |
SHA1: | 519AEAF3592CB1729927EF2C1EE1DD5EAEF91B5E |
SHA-256: | A8DF9EE9B6B8D4D5721A5A30C90E71384484DE71025677DDEE652B43D3FC6F4F |
SHA-512: | 7365785EA367DBDB77AEA1280183040A13ED80544E7D1DAC61D5B089849FEC1BBA4338E25BDA0D3E61A0AB836632910F03BEC3DE2FCD7D8A990ED2D736052459 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.3686255507734744 |
Encrypted: | false |
SSDEEP: | 48:7MCgOVplZhnZAuwlZaXlZ8lZBZ/jZIqFl2GL7msP:7WOVplnnO5oCDx+KVmsP |
MD5: | 97C5324FADA512B8FE11B16FD3D08E41 |
SHA1: | 3ED94FE2CECA1AF130FBC5EE1E792892DDF35B74 |
SHA-256: | 162A9E3B6BC4BE634CB4E1CBFC5D9DE67AC30ED06440F330E8000EDF30CA03CD |
SHA-512: | 88F02283F9AF9F958E8E41DBCD28A7EC4B97071A3D776D5B81DEA8B7F68D8D1C504C72570CDB250698EE031FB24827CFACA979780A8C70B9DD0D5A2945FB6E0B |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.4841540457826223 |
Encrypted: | false |
SSDEEP: | 6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K8yQRqPlYH:Qw946cPbiOxDlbYnuRKT5YH |
MD5: | A1EC6FFA96695A6CEE634879002C459E |
SHA1: | 32492C4C489E395096A46D4C81C2740455CE2191 |
SHA-256: | 7D681923FAFF3E1F35E299AEAC2A2573376AA1A745D654DF8405A366C4B1FA5E |
SHA-512: | E9E573779B898BDD400599A3099A876C5931436A7138E4E31EF44D0FA077FDE0C145770975A3004B041BFBF5A0FE2E2E1C9CC611A0961F364D0070F8DF255519 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 144514 |
Entropy (8bit): | 7.992637131260696 |
Encrypted: | true |
SSDEEP: | 3072:OvjeSq37BcXWpJ/PwBI4lsRMoZVaJctHtTx8EOyhnL:Cjc7BcePUsSSt38snL |
MD5: | BA1716D4FB435DA6C47CE77E3667E6A8 |
SHA1: | AF6ADF9F1A53033CF28506F33975A3D1BC0C4ECF |
SHA-256: | AD771EC5D244D9815762116D5C77BA53A1D06CEBA42D348160790DBBE4B6769D |
SHA-512: | 65249DB52791037E9CC0EEF2D07A9CB1895410623345F2646D7EA4ED7001F7273C799275C3342081097AF2D231282D6676F4DBC4D33C5E902993BE89B4A678FD |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 144514 |
Entropy (8bit): | 7.992637131260696 |
Encrypted: | true |
SSDEEP: | 3072:OvjeSq37BcXWpJ/PwBI4lsRMoZVaJctHtTx8EOyhnL:Cjc7BcePUsSSt38snL |
MD5: | BA1716D4FB435DA6C47CE77E3667E6A8 |
SHA1: | AF6ADF9F1A53033CF28506F33975A3D1BC0C4ECF |
SHA-256: | AD771EC5D244D9815762116D5C77BA53A1D06CEBA42D348160790DBBE4B6769D |
SHA-512: | 65249DB52791037E9CC0EEF2D07A9CB1895410623345F2646D7EA4ED7001F7273C799275C3342081097AF2D231282D6676F4DBC4D33C5E902993BE89B4A678FD |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-07 11-17-15-179.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.376360055978702 |
Encrypted: | false |
SSDEEP: | 384:6b1sdmfenwop+WP21h2RPjRNg7JjO2on6oU6CyuJw1oaNIIu9EMuJuF6MKK9g9JQ:vIn |
MD5: | 1336667A75083BF81E2632FABAA88B67 |
SHA1: | 46E40800B27D95DAED0DBB830E0D0BA85C031D40 |
SHA-256: | F81B7C83E0B979F04D3763B4F88CD05BC8FBB2F441EBFAB75826793B869F75D1 |
SHA-512: | D039D8650CF7B149799D42C7415CBF94D4A0A4BF389B615EF7D1B427BC51727D3441AA37D8C178E7E7E89D69C95666EB14C31B56CDFBD3937E4581A31A69081A |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 15114 |
Entropy (8bit): | 5.363617230518761 |
Encrypted: | false |
SSDEEP: | 384:q9bQZQiQBQPQshPDhEhZh7heQh7hsh5hmhnbabWb8OIOJONOGOnO7N3O3u3E3SGz:qNe/WKLRDmfxEQpW3IJOSIVwgrYueeUn |
MD5: | 25B770006E93270DE6DB366A9F09E6FA |
SHA1: | 080F7BF531999E6DBD8B433826227391882E2603 |
SHA-256: | D8B2F28678751DBC54D00BC326CA4DFD2C44F187D22375E4C4A7EDAC159D0BF9 |
SHA-512: | EE6EDE198472370382F616F317F22AD6D794D5E1CD4C51E38B8CD2A57D44B19F8F3628B305711CBBC73CEB1203E601309F979FD97DCDEA38AE35E8DB3D087E3A |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 29752 |
Entropy (8bit): | 5.399930340351063 |
Encrypted: | false |
SSDEEP: | 768:GLxxlyVUFcAzWL8VWL1ANSFld5YjMWLvJ8Uy++NSXl3WLd5WLrbhhVClkVMwDGbF:h |
MD5: | 7C14A043D1FB7BF30F89A30B8EFC97D1 |
SHA1: | A5A26B388E3201DC2B073EBB453518872C47417F |
SHA-256: | 8F74AF9A40F3D005B031455D0BB8F0AC8077B345C49DE99BA221896D88C9FD08 |
SHA-512: | F7E267AE87A28371994A5534A25519E1A926D70EFB9FB73D5E6ED3725E59A4F6A66BAA65EA925098FA06A7AAFE255B506CE285F71F53CC956E3D29CB07D46971 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | 24576:/xA7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R07/WLaGZDwYIGNPJe:JVB3mlind9i4ufFXpAXkrfUs0jWLaGZo |
MD5: | A0CFC77914D9BFBDD8BC1B1154A7B364 |
SHA1: | 54962BFDF3797C95DC2A4C8B29E873743811AD30 |
SHA-256: | 81E45F94FE27B1D7D61DBC0DAFC005A1816D238D594B443BF4F0EE3241FB9685 |
SHA-512: | 74A8F6D96E004B8AFB4B635C0150355CEF5D7127972EA90683900B60560AA9C7F8DE780D1D5A4A944AF92B63C69F80DCDE09249AB99696932F1955F9EED443BE |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | 12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg |
MD5: | 3A49135134665364308390AC398006F1 |
SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | 24576:/xA7owWLaGZDwYIGNPJodpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:JVwWLaGZDwZGk3mlind9i4ufFXpAXkru |
MD5: | 18E3D04537AF72FDBEB3760B2D10C80E |
SHA1: | B313CD0B25E41E5CF0DFB83B33AB3E3C7678D5CC |
SHA-256: | BBEF113A2057EE7EAC911DC960D36D4A62C262DAE5B1379257908228243BD6F4 |
SHA-512: | 2A5B9B0A5DC98151AD2346055DF2F7BFDE62F6069A4A6A9AB3377B644D61AE31609B9FC73BEE4A0E929F84BF30DA4C1CDE628915AC37C7542FD170D12DE41298 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | 6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 24 |
Entropy (8bit): | 3.66829583405449 |
Encrypted: | false |
SSDEEP: | 3:So6FwHn:So6FwHn |
MD5: | DD4A3BD8B9FF61628346391EA9987E1D |
SHA1: | 474076C122CACAAF112469FC62976BB69187AA2B |
SHA-256: | 7C22C759CA704106556BBC4FC10B7F53404CA1F8B40F01038D3F7C4B8183F486 |
SHA-512: | FDAF3D9F8072ED7DE9B2528376C10E3C3FDBEA74347710A4795BECF23C6577B3582B2E89D3C04EF0523C98FE0A46F2AF3629490701A20B848C63BA7B26579491 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Security\CRLCache\915DEAC5D1E15E49646B8A94E04E470958C9BB89.crl
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 98682 |
Entropy (8bit): | 6.445287254681573 |
Encrypted: | false |
SSDEEP: | 1536:0tlkIi4M2MXZcFVZNt0zfIagnbSLDII+D61S8:03kf4MlpyZN+gbE8pD61L |
MD5: | 7113425405A05E110DC458BBF93F608A |
SHA1: | 88123C4AD0C5E5AFB0A3D4E9A43EAFDF7C4EBAAF |
SHA-256: | 7E5C3C23B9F730818CDC71D7A2EA01FE57F03C03118D477ADB18FA6A8DBDBC46 |
SHA-512: | 6AFE246B0B5CD5DE74F60A19E31822F83CCA274A61545546BDA90DDE97C84C163CB1D4277D0F4E0F70F1E4DE4B76D1DEB22992E44030E28EB9E56A7EA2AB5E8D |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Security\CRLCache\DF22CF8B8C3B46C10D3D5C407561EABEB57F8181.crl
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 737 |
Entropy (8bit): | 7.501268097735403 |
Encrypted: | false |
SSDEEP: | 12:yeRLaWQMnFQlRKfdFfBy6T6FYoX0fH8PkwWWOxPLA3jw/fQMlNdP8LOUa:y2GWnSKfdtw46FYfP1icPLHCfa |
MD5: | 5274D23C3AB7C3D5A4F3F86D4249A545 |
SHA1: | 8A3778F5083169B281B610F2036E79AEA3020192 |
SHA-256: | 8FEF0EEC745051335467846C2F3059BD450048E744D83EBE6B7FD7179A5E5F97 |
SHA-512: | FC3E30422A35A78C93EDB2DAD6FAF02058FC37099E9CACD639A079DF70E650FEC635CF7592FFB069F23E90B47B0D7CF3518166848494A35AF1E10B50BB177574 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 14456 |
Entropy (8bit): | 4.2098179599164975 |
Encrypted: | false |
SSDEEP: | 192:gcPqYV/saFlwwR+kMqe8TlZMX1sgUVa3ddMVsuNeMcGdSD9obOUAVlcMudM/Y14e:g7Q/X4kMb0lZ6mgtdHOelGdWaolvsTZ |
MD5: | 32FCA302C8B872738373D7CCB1E75FD4 |
SHA1: | DA85FAF24ED0ECFD5D69CCFD6286D8B77D7EB4F1 |
SHA-256: | CD0DD26304B88C20801FE80B33C49C009E2E5D4411B5D7F83252E1D90CD461C6 |
SHA-512: | 57F8CC85FAFB15455074431216E47433E50DF5DE74ED74C395B7FF2C433DB7CE06F0A1C1FE1EFDC17229DBC33325D559789F43901556DD1A12963B94F01D5A1F |
Malicious: | false |
Preview: |
File type: | |
Entropy (8bit): | 7.68565438600001 |
TrID: |
|
File name: | INV DATE 2024-10-10.PDF |
File size: | 68'357 bytes |
MD5: | 052eccd4d81f51a1e378f8783d53ca29 |
SHA1: | 2ad1980db04418a8acfc332801c62b59c9c6bdd6 |
SHA256: | 5f259b1fafa1326d6e0e2fd20241a66a14497c48944e7c7305aea7a960485422 |
SHA512: | c9a4cfed7c490914cc732984adf040339a6ad35de2bec368da47b3d6eaa1f9808276644f95cc34c22082b8c254c678ccf5769f702b319b2df4763056ad5acf45 |
SSDEEP: | 1536:Etttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttts:kf/Kole2hzyO85YTXMp |
TLSH: | C56315DA9981DB48813A66C7DE2FCE050A8F03C95D4E1266B4EC0D8FBF9085535DF29E |
File Content Preview: | %PDF-1.6.%......10 0 obj.<</Linearized 1/L 68357/O 12/E 22383/N 2/T 68053/H [ 437 143]>>.endobj. ..15 0 obj.<</DecodeParms<</Columns 3/Predictor 12>>/Filter/FlateDecode/ID[<0ED218DD0FAEA04FB9AED6D6D649614B><79CBF9050197384D89A669D8CE07301 |
Icon Hash: | 62cc8caeb29e8ae0 |
General | |
---|---|
Header: | %PDF-1.6 |
Total Entropy: | 7.685654 |
Total Bytes: | 68357 |
Stream Entropy: | 7.681620 |
Stream Bytes: | 66458 |
Entropy outside Streams: | 5.374237 |
Bytes outside Streams: | 1899 |
Number of EOF found: | 2 |
Bytes after EOF: |
Name | Count |
---|---|
obj | 14 |
endobj | 14 |
stream | 10 |
endstream | 10 |
xref | 0 |
trailer | 0 |
startxref | 2 |
/Page | 2 |
/Encrypt | 0 |
/ObjStm | 2 |
/URI | 0 |
/JS | 0 |
/JavaScript | 0 |
/AA | 0 |
/OpenAction | 0 |
/AcroForm | 0 |
/JBIG2Decode | 0 |
/RichMedia | 0 |
/Launch | 0 |
/EmbeddedFile | 0 |
Image Streams |
---|
ID | DHASH | MD5 | Preview |
---|---|---|---|
3 | 49dd316961000000 | 6146d5c9a86c9ce68d0b23e702505603 |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 11:17:11 |
Start date: | 07/10/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff686a00000 |
File size: | 5'641'176 bytes |
MD5 hash: | 24EAD1C46A47022347DC0F05F6EFBB8C |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Target ID: | 2 |
Start time: | 11:17:12 |
Start date: | 07/10/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6413e0000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Target ID: | 4 |
Start time: | 11:17:12 |
Start date: | 07/10/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6413e0000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |