Windows
Analysis Report
Coca cola Cooler Confirmation Needed.pdf
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 60% |
Signatures
Classification
- System is w10x64_ra
- Acrobat.exe (PID: 6368 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\C oca cola C ooler Conf irmation N eeded.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) - AcroCEF.exe (PID: 5316 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 6648 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=21 36 --field -trial-han dle=1556,i ,177390928 0777585368 8,77813908 7382775480 0,131072 - -disable-f eatures=Ba ckForwardC ache,Calcu lateNative WinOcclusi on,WinUseB rowserSpel lChecker / prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | DNS query: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | Classification label: |
Source: | File created: |
Source: | File created: |
Source: | Key opened: |
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: |
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 3 Exploitation for Client Execution | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 System Information Discovery | Remote Services | Data from Local System | 2 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 2 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
3% | ReversingLabs | |||
0% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
chrome.cloudflare-dns.com | 172.64.41.3 | true | false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
23.215.23.211 | unknown | United States | 20940 | AKAMAI-ASN1EU | false | |
52.5.13.197 | unknown | United States | 14618 | AMAZON-AESUS | false | |
172.64.41.3 | chrome.cloudflare-dns.com | United States | 13335 | CLOUDFLARENETUS | false |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1531356 |
Start date and time: | 2024-10-11 05:25:51 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 13 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | stream |
Analysis stop reason: | Timeout |
Sample name: | Coca cola Cooler Confirmation Needed.pdf |
Detection: | CLEAN |
Classification: | clean1.winPDF@17/32@1/10 |
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 23.215.23.211, 52.5.13.197, 23.22.254.206, 52.202.204.11, 54.227.187.23, 13.95.31.18
- Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, fe3.delivery.mp.microsoft.com, fs.microsoft.com, slscr.update.microsoft.com, ssl-delivery.adobe.com.edgekey.net, glb.cws.prod.dcat.dsp.trafficmanager.net, p13n.adobe.io, geo2.adobe.com, fe3cr.delivery.mp.microsoft.com
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 290 |
Entropy (8bit): | 5.21313171893495 |
Encrypted: | false |
SSDEEP: | |
MD5: | BD7B0809FC9602C3097BEA5B24E6CAAF |
SHA1: | EBBD5F5F0F4847AA5350B02E209CFD2409B47E7C |
SHA-256: | F758738E88F7B6A3FD0AF3F1BA3D09091C372B4BE6CB3400C09ED6AAD0007CEA |
SHA-512: | 428DEA3378FC53D9AC194D76533E81E16EB767F77480271EB71164FA1E39237EF46B22EE4228533992017731A84B8A3CE83DAAE923DBA3D6A76ED58941BCBA5E |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | BD7B0809FC9602C3097BEA5B24E6CAAF |
SHA1: | EBBD5F5F0F4847AA5350B02E209CFD2409B47E7C |
SHA-256: | F758738E88F7B6A3FD0AF3F1BA3D09091C372B4BE6CB3400C09ED6AAD0007CEA |
SHA-512: | 428DEA3378FC53D9AC194D76533E81E16EB767F77480271EB71164FA1E39237EF46B22EE4228533992017731A84B8A3CE83DAAE923DBA3D6A76ED58941BCBA5E |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 334 |
Entropy (8bit): | 5.102069970593169 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3338C2EF6530AEAA5A916CB03376EE83 |
SHA1: | 972021186A4F4FDE406F9BB84C26D05E6E7C1495 |
SHA-256: | D633BEB7B0C9CA38D204DF5E43CD47F978B2C4F6EB62D93141591592A98AB27F |
SHA-512: | 67A8C6870A38561F8761BCC1462AE5FA6D2219489738ED34049323AA8696952E1BD67FE3B3050872A2E53CF83A7F71599A2AEE9E6248D0C67C980C384AD0EF63 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3338C2EF6530AEAA5A916CB03376EE83 |
SHA1: | 972021186A4F4FDE406F9BB84C26D05E6E7C1495 |
SHA-256: | D633BEB7B0C9CA38D204DF5E43CD47F978B2C4F6EB62D93141591592A98AB27F |
SHA-512: | 67A8C6870A38561F8761BCC1462AE5FA6D2219489738ED34049323AA8696952E1BD67FE3B3050872A2E53CF83A7F71599A2AEE9E6248D0C67C980C384AD0EF63 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | F7734C5562A331E7E5AD650E528B9CCE |
SHA1: | 1F2AC5AC6B7E30E317FD8F653B1C78339248DB12 |
SHA-256: | C55A12976D4F8EC2298956E7A1024E79A8A0E8E2FB0A7F574E8CD01533B9B6C0 |
SHA-512: | C985E18F984F1D8C5F0B5749E849E76FF4686415A33749977E10C28DC1D7B201B9F7E7C0F6556A35CB333A5CD7526F7D1A6D652BBCDDB50FB144869C74B70CFD |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\d4a49df4-bb75-4fae-967f-9e3a602ba56f.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 253 |
Entropy (8bit): | 4.931682077316122 |
Encrypted: | false |
SSDEEP: | |
MD5: | F7734C5562A331E7E5AD650E528B9CCE |
SHA1: | 1F2AC5AC6B7E30E317FD8F653B1C78339248DB12 |
SHA-256: | C55A12976D4F8EC2298956E7A1024E79A8A0E8E2FB0A7F574E8CD01533B9B6C0 |
SHA-512: | C985E18F984F1D8C5F0B5749E849E76FF4686415A33749977E10C28DC1D7B201B9F7E7C0F6556A35CB333A5CD7526F7D1A6D652BBCDDB50FB144869C74B70CFD |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4509 |
Entropy (8bit): | 5.229763534595281 |
Encrypted: | false |
SSDEEP: | |
MD5: | 93AA4911C31E2F06671743A29A27C0D5 |
SHA1: | 9066EE7392E2D00669CB2DD434BBF5A16E0B092A |
SHA-256: | 24701CA67DAB349B2FF75B04EE398CACF66665DD6C5B0453F56D5D7104AAD17F |
SHA-512: | BD8BEC8FF721D03D6DB3C966FCFC8CA29E92E4DEA99498278A1390EC4AD087A64D95C8E0CE248880F91DAF812F8FDD886813A14D7E1ABDAE1B891AF8A7E37431 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 322 |
Entropy (8bit): | 5.15711218220889 |
Encrypted: | false |
SSDEEP: | |
MD5: | A99650A85EDC3DB52B69E11E359B3C0C |
SHA1: | BB21A3B1B6ACA60715B242F1EEE2CD20D11E46A2 |
SHA-256: | 1E752E6A59DABAAFB87B476BF47752EBCC67D9AF238CADD94F1EE868C6E674F1 |
SHA-512: | CDAB1B827C128E4268BEC3D14DD76E4C435DCAF96C39D9F1D681BCEEBC30F2094F4E34B5FCE85BB1320A6BBA11C7759AF57CDFB87B0C6BE55296699BED4A1A0B |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | A99650A85EDC3DB52B69E11E359B3C0C |
SHA1: | BB21A3B1B6ACA60715B242F1EEE2CD20D11E46A2 |
SHA-256: | 1E752E6A59DABAAFB87B476BF47752EBCC67D9AF238CADD94F1EE868C6E674F1 |
SHA-512: | CDAB1B827C128E4268BEC3D14DD76E4C435DCAF96C39D9F1D681BCEEBC30F2094F4E34B5FCE85BB1320A6BBA11C7759AF57CDFB87B0C6BE55296699BED4A1A0B |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 227002 |
Entropy (8bit): | 3.392780893644728 |
Encrypted: | false |
SSDEEP: | |
MD5: | 265E3E1166312A864FB63291EA661C6A |
SHA1: | 80DFF3187FF929596EB22E1DB9021BAD6F97178C |
SHA-256: | C13E08B1887A4E44DC39609D7234E8D732A6BC11313B55D6F4ECFB060CD87728 |
SHA-512: | 48776A2BFE8F25E5601DCC0137F7AB103D5684517334B806E3ACF61683DD9B283828475FC85CE0CBE4E8AF88E6F8B25EED0A77640E2CFFF2CC73708726519AFA |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.370667615165181 |
Encrypted: | false |
SSDEEP: | |
MD5: | 431788D48887FD96F7A58F71D35A249A |
SHA1: | 6A9E186A3C59D5FC9BE10D16C730DB9567A8CFEB |
SHA-256: | E3BAB26F46DB8CBBC28BF359864E3A1524852A4DF19042DDCA85DF756B50EF62 |
SHA-512: | 6F642BCC2DFBD810735A435EE7D509A8226785C9CD333E5C9109402757EA391CCD2B4EDBF77055C5532A0EFADB29B8794AE2440F48041559AE26EB97998C4B79 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.3188138062516215 |
Encrypted: | false |
SSDEEP: | |
MD5: | 01DF2FC1D70D0A9A789A43A300944883 |
SHA1: | 50BA034EAD5A2CA2224B001471C42624F0C27BCD |
SHA-256: | C03675F61EC44E06EC51454A38A5011708494C5BBBEAB9DA16DC765BDF1376BA |
SHA-512: | 3064B9A843EFD578CA4881674B2263A5121C37EC08550BDE30EA26B2709F722D639F2735F10473319CB71DEAF7EA5CC48CEDC8E4FB75047AFE063C01827CEA46 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.297362122777626 |
Encrypted: | false |
SSDEEP: | |
MD5: | 8735B2FB7D50873FE879A0ECBF0E7F95 |
SHA1: | 51D2579D285069AD8937370DB1C7839A4EC5F5DA |
SHA-256: | A9D202DB48B017640AF01C3C2F16B22352C08637A8FAEE4D8A20D6FE2B04B492 |
SHA-512: | F6075855BA1170051BC6C7EC453B6E70B8D5A1610799394A737A5077C1213A8A5F2BE5D4CC8ACA646A907B86BEBC094C96F876F76655E738999901F33E7117E7 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.359304092637685 |
Encrypted: | false |
SSDEEP: | |
MD5: | 1C6AACEA66227DDA5186FB86D66BA026 |
SHA1: | 24A82C74F7003A308CB68324EC64E9099575A2E3 |
SHA-256: | CDCB240535E5873D76F5788913D16CC8D05A8945EB524B7FB54AB5CB21786C5C |
SHA-512: | 746161569DAE32A2506757BB3C5A0D8A0C092B51C6EEA1EAB866D7718458C4FF73DB3B6C76F72F5ED2AB66414B2854AE485E34F8070D4AF76F766A510E5D67E7 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1083 |
Entropy (8bit): | 5.684516372205422 |
Encrypted: | false |
SSDEEP: | |
MD5: | E8E2F7B292B2201EC2919F3988BAF7FD |
SHA1: | 20A0ACDBD32FEB67174152FF70FE75B2FD24D6D2 |
SHA-256: | 812D4C0424D943C972583ABE8BAC738549F4921F612389E2B44B0347CD785F53 |
SHA-512: | 011DE6D5EFC84C6DFF1D7AF489FD5B59F68CE8BE3987DE7D8290600E20A7AFD1A13BE03692E32BA1C4CA54F583C27E5F725DFFD8C4486B82F977292A19543BF4 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1050 |
Entropy (8bit): | 5.65339997016325 |
Encrypted: | false |
SSDEEP: | |
MD5: | 307CF501CB83BE6223246D45658B9777 |
SHA1: | 1A035788018A6E838B20785CA114D28FDA5E7B31 |
SHA-256: | A4BDB385DC4EDA56EF288779A89007D083E0E3F6AB921B046D48F89C28BA3D36 |
SHA-512: | 232EE94236D4708B42A03C4E5409042D638A4A78B429548FAB5661B2587127686667E8D4CC18C0BB2D1FD44DDFBBB8C9BF10886C6A364002FCBD6D3608AD4E47 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.30971725813772 |
Encrypted: | false |
SSDEEP: | |
MD5: | 8563C5E90B6C86AFD7971D616625D095 |
SHA1: | 096F08E5BA25A06CDC95534DE594294F97231EA4 |
SHA-256: | B73D3368FA749FC6B470C5ECE9ADC95E65BD3E77DD0F66B8894B1CC23C461667 |
SHA-512: | B97535ADB1AD5866A3576D4C72AAB7DC8C38B0771A2C41D42EE60DCDB05B86C842B00F182D3994F2FDE925A76451CD6127A1418364A2ACB9C8E7A8FF924F7DDF |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1062 |
Entropy (8bit): | 5.690661044171209 |
Encrypted: | false |
SSDEEP: | |
MD5: | 2904D80B26BD1DC9F3800FD4E84CE435 |
SHA1: | 60379C551848D7D63C8F42E7C47BC872E4F6A63A |
SHA-256: | 9D4C8EB820FCD924FD2638547C6068116D5F37D1E97BC999893B7991375271E8 |
SHA-512: | 3CC50134B53E331C8C4493711321646F93012C08B8C204FBA227E617B21256342E049DB76F577F443286E85529D16D91B647B5E253AA06545315AFFF2664567E |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1164 |
Entropy (8bit): | 5.698163443903301 |
Encrypted: | false |
SSDEEP: | |
MD5: | 00C3A4F7FD4418C44311D240ABA0249E |
SHA1: | BDEC0E40906E55DFE2617659CA3F41B552F2E8F7 |
SHA-256: | 62F99C5D179D1618C6909B76A97ACB3F7ACC80CAC1A9715AD6F6427BD7908392 |
SHA-512: | 298D6581BC0C106346731B73A97F3524651C0F477CA7740E0F8147A66FE72CE5A6179EB819AFE4A7CAA531B3622288649D8055BDDB3D3709F3B87E2A7520CF0F |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.313135207957119 |
Encrypted: | false |
SSDEEP: | |
MD5: | D4F37A121DA896BA541021193CF55665 |
SHA1: | 10CEF4401C47A7098C730098B31805C2CCBF78ED |
SHA-256: | 20A8599B2C4EE929B504D023BC84FA4CF13AE20DB06FD188997CF55A959E071F |
SHA-512: | E3F0B0EC8C420097A52A559FDF232C8E5BEBC011B4FFE4F9FCB5140014A035AC824A7AFBB8882432F49CFF9AC542FB02DAC4157EA1EA7886D505B4D95A6C2084 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1395 |
Entropy (8bit): | 5.777316705982583 |
Encrypted: | false |
SSDEEP: | |
MD5: | D6517AAE13E74E794546AAC3B8841A0F |
SHA1: | B6FB8A998D8D9A0EF1FFB7B99B9A84210D823922 |
SHA-256: | C657E6D4AF4C11B4F4E5EB180B4D2C429F3108296498F5C82133BF2FD05B0ACE |
SHA-512: | 061215D6D0C1C180BF9B187F7D954E375E03A886BAC6D8419AAB3C7A1A81D81330AFAF6EEA005B50BEEC295E96FCE5DA05E3AAF01B4D9D6C60284FE449E33331 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.296592029287634 |
Encrypted: | false |
SSDEEP: | |
MD5: | D51CCDA2F1BF9FA9B948B31D2FD580C3 |
SHA1: | 7958BB5C3B8F83395DCAC31DC2E23DD2E0DAF4F8 |
SHA-256: | 0B8D046699427E69E0BAF241860F301220AD29EDBE2AE2F953A0B6D41D79EEAB |
SHA-512: | 80C57071C48B450A2E50395E70EAE96E83937875899B02E332DA05CBC49AD7800799BB6C3F01F8A27FBBA467FA17B708FEEB4D200A0A0DA3CC0489D725FC262F |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.300451026081714 |
Encrypted: | false |
SSDEEP: | |
MD5: | 32B04002DF1869F82CFA95319298448C |
SHA1: | 748DF260E63E4208799FEF9682D6BE397BFECA86 |
SHA-256: | E2167CE7FAA4A9608AD1F4A1100F003F87921110FA415A3273A6C813671CFBE6 |
SHA-512: | 98CB35AF32B79215AAA750BF6EC7F2C39FD442C49F9BC0763678F70E4ED565B0DE132ED6C0C4D9F0F2122CCF121BDAB56D10CB98E2745A8021535C6A0E6BC864 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1082 |
Entropy (8bit): | 5.687982640518521 |
Encrypted: | false |
SSDEEP: | |
MD5: | DA3786C3F2ADFB1C149E6366AB1A2219 |
SHA1: | 0E16D7F853820E3D7B800B4F450FDB4970C69BA7 |
SHA-256: | B453CD10445B7EF66443ADC07CC675600EE38BE7062472D09D98DD14086027C2 |
SHA-512: | 8B7AD81E20FB7D895E8B6BD09795F9F5FFFCC1669E43A98851528567D9793D9A31ACDDBBF3C393A823D5BCC54421DBFF604048EDDB78F7697E206F63581A9EE3 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 286 |
Entropy (8bit): | 5.276854026285229 |
Encrypted: | false |
SSDEEP: | |
MD5: | 059BEC4E5A2FA1A564903057ED522C84 |
SHA1: | 1806DE8755320279AF3DDA688B83BAD868BB9021 |
SHA-256: | A5905A635815AB3FFAC5009A46D13BAEAF4FE45B4402A71C4E89CD310F974A27 |
SHA-512: | B559B22EE7805DBB07FFF279217C61C8ABCB9902C3BADA5149D32F0F327D6D487259B3B0A4F1491C9C80E667CC542D3C8145817E48380C13F2C75E0A894C65B9 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 782 |
Entropy (8bit): | 5.371911739130779 |
Encrypted: | false |
SSDEEP: | |
MD5: | 2B1F9F43943B75B9EED60C213928F3F7 |
SHA1: | 4124AD8C1CC4A6E451B880681D965A14C9E3A698 |
SHA-256: | AD71F39DF8357884CD8E9DF643D764AD0B4872AF86CB2E9A199D1356C0D980E5 |
SHA-512: | 538E5FC80B369CCD15E202E3D3C2A1D3BEF6BD9FD51BD2557DAB72A130626B5A6EC16F776053FE915A1DAC23075DAD276CD9E0590DBCD8F2616803D21FA6EBB8 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2818 |
Entropy (8bit): | 5.129548302105868 |
Encrypted: | false |
SSDEEP: | |
MD5: | 81146A65F8F03C0BEFAB10BB38A31C13 |
SHA1: | D7EA6F23199423B4BA998367918E4B0673D7EF69 |
SHA-256: | 422A18983DB60F278A68F99FD13127C748E08154646F83BB543B5AD404F4E69F |
SHA-512: | 0186A5621C5F1071116AFA8A44EE8631C099E56994B148AF4940F5AEB5F9AF1EE9504EE3BFCB5C381503FBCD03302E9A60235A096EE4C878C313FF751DB2A10D |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 0.9875339592095237 |
Encrypted: | false |
SSDEEP: | |
MD5: | EF4B6E97445C9AA4EEC4149D40AFC814 |
SHA1: | 9B056728A5435D3741432292ED837A2F33972660 |
SHA-256: | 1FD131620DEE964B18915A83A2C0A1FBBFAB91CB4FBE44869A97F6937EC323FE |
SHA-512: | A5ACC81C8AC098767C2BF185A2D909317A0276523590B8E1B39C2C53CEEC9CB2A313975185B3A2E355FE48A09A893005E41B4BFF0205C24435A33DA0609079A0 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.3412781738588533 |
Encrypted: | false |
SSDEEP: | |
MD5: | 69EEF632ECFB0232B712653365D8D638 |
SHA1: | A2AD5AD643A4E0A2A0A2F65BB354E98F8D3DF2E6 |
SHA-256: | 60244F018043CDBC3BA5A58419A3BA3DE8F78A82E9C4CFB13BD3A572EE0ABEF0 |
SHA-512: | FD50340F8F360EB5E033AE935851C84C4182CD0CBA41CF6EAF3D26C6DBC61467A9E90A1A4BCF2A2532B15BA7881BBE5FF2E1352FF5CA9D21D5E62870579009D1 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.513199765407527 |
Encrypted: | false |
SSDEEP: | |
MD5: | FEE282801805F4D734E451E08D1517C7 |
SHA1: | 23F30AF7FC28DAFF3F137C82E79398D0B92A36AB |
SHA-256: | B3115E512D877410DBBAE83AA037C9C5B761E1C8A5094826F758AA847F7FA633 |
SHA-512: | AC5409C513E3CB7271F5BDEFD73C1A38534F811DA8BC043B94C7CA8AB529821C643C8A65996B498F87BE60826C07358A5B872DFB66EE53A8E9AF3DC11EECD090 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-10 23-26-28-559.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.353642815103214 |
Encrypted: | false |
SSDEEP: | |
MD5: | 91F06491552FC977E9E8AF47786EE7C1 |
SHA1: | 8FEB27904897FFCC2BE1A985D479D7F75F11CEFC |
SHA-256: | 06582F9F48220653B0CB355A53A9B145DA049C536D00095C57FCB3E941BA90BB |
SHA-512: | A63E6E0D25B88EBB6602885AB8E91167D37267B24516A11F7492F48876D3DDCAE44FFC386E146F3CF6EB4FA6AF251602143F254687B17FCFE6F00783095C5082 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16603 |
Entropy (8bit): | 5.3784381172283595 |
Encrypted: | false |
SSDEEP: | |
MD5: | F5DF98FFCE8FBD19BEE28ED44D43A70B |
SHA1: | C621A0BC5CDC8A1932FF3F5583CD15726E3DD55A |
SHA-256: | 955D45715F6E2129816F159BC7F48F2E78427938BC818AE1177FFE4F5C7FE92D |
SHA-512: | 3C3A43E7A106FC7D4449807C90D213C0D0E042AF7F088CCE1EC66B0FECBD3BA5D5F358BA26FD94876979546D80748484A0C2501DA1912F8EE46BEB7B909A5068 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 29845 |
Entropy (8bit): | 5.414770509648415 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3283F03EA01D4D513D98EBD20DBC5985 |
SHA1: | 8ABE23E4284F7760E3F96B86C639C6284A50D4DB |
SHA-256: | DE8E3149F2A6467579665DDFFAAA30313E7BFED9E5CDC1F9547DFB53C56C8378 |
SHA-512: | 62ABF548E37740EBCF282FE9A86871E41999E6FC6B5C60584FA6E9FFE73FA75F102CE59529ABC9FD9F0E48D91342A6AF1F08319057FBA478542FCA3C4109B74B |
Malicious: | false |
Reputation: | unknown |
Preview: |
File type: | |
Entropy (8bit): | 7.990783262127647 |
TrID: |
|
File name: | Coca cola Cooler Confirmation Needed.pdf |
File size: | 35'796 bytes |
MD5: | 8b940dcbc76ff901f2fde271632918d2 |
SHA1: | 2b8918245e7f4d02b73ccb36386765b2346d28e4 |
SHA256: | dd9ed9f0630fa091598320e760ef759b5605761703e7a4131e9351fa09633ba0 |
SHA512: | cbf856a9769fdd8288ea1272efc36b23598f60f2a40d54593024587b5e7149ce5f2000f14dac541c07c1f12fef0d0ffa5571a2328903ac38f95693bd982883c4 |
SSDEEP: | 768:kzxt536htgG+upO4gLTEC7YqoLvZnzjsJ5ORESCn782FA:kzTYSmU4gLTF0qoLvZzjw9nlA |
TLSH: | 88F2F166B5FC093241E45132E9241F3961A28F02F86F1E72728FC27B9569EA6DC0D00B |
File Content Preview: | %PDF-1.7.%......360 0 obj.<</Filter/FlateDecode/First 902/Length 43577/N 91/Type/ObjStm>>stream..h..{...G......YW...4.H...N.nXr{..b@UQ..T........G..}'"..d.$..n.."..q=q;..lZ...y..<..BL..."z.w~a.....[..D.DA"...q.....p..u]......Z....wF..[..../|.R........U.w> |
Icon Hash: | 62cc8caeb29e8ae0 |
General | |
---|---|
Header: | %PDF-1.7 |
Total Entropy: | 7.990783 |
Total Bytes: | 35796 |
Stream Entropy: | 7.990692 |
Stream Bytes: | 35701 |
Entropy outside Streams: | 5.270467 |
Bytes outside Streams: | 95 |
Number of EOF found: | 0 |
Bytes after EOF: |
Name | Count |
---|---|
obj | 1 |
endobj | 0 |
stream | 1 |
endstream | 0 |
xref | 0 |
trailer | 0 |
startxref | 0 |
/Page | 0 |
/Encrypt | 0 |
/ObjStm | 1 |
/URI | 0 |
/JS | 0 |
/JavaScript | 0 |
/AA | 0 |
/OpenAction | 0 |
/AcroForm | 0 |
/JBIG2Decode | 0 |
/RichMedia | 0 |
/Launch | 0 |
/EmbeddedFile | 0 |