Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\c0023671-1bc9-4eec-a700-17c8cb5718cd.tmp
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-241025133728Z-161.bmp
|
PC bitmap, Windows 3.x format, 107 x -152 x 32, cbSize 65110, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 11, database pages 21, cookie 0x5, schema 4,
UTF-8, version-valid-for 11
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D
|
Certificate, Version=3
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.5060
|
PostScript document text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\IconCacheAcro65536.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 24, database pages 3, cookie 0x2, schema 4, UTF-8,
version-valid-for 24
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSIa552e.LOG
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-25 09-37-26-119.log
|
ASCII text, with very long lines (393)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
|
ASCII text, with very long lines (392), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\018490d6-9b5e-4405-b7fc-51d9f37d52a9.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\33680172-8c7e-487a-b73f-64e949986274.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\96ac5ee4-2656-41f0-8547-e32c4609ee64.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\a8fdc6a0-d284-43c7-9ddb-3c70dcd820a9.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
|
dropped
|
||
|
C:\Users\user\Downloads\4f244923-933e-4087-8652-fd8bd1324d22.tmp
|
PDF document, version 1.5, 1 pages (zip deflate encoded)
|
dropped
|
||
|
C:\Users\user\Downloads\F-000687.pdf (copy)
|
PDF document, version 1.5, 1 pages (zip deflate encoded)
|
dropped
|
||
|
C:\Users\user\Downloads\F-000687.pdf.crdownload (copy)
|
PDF document, version 1.5, 1 pages (zip deflate encoded)
|
dropped
|
||
|
C:\Users\user\Downloads\bfbe2699-722d-46d9-9e90-fcb821f6efc1.tmp
|
PDF document, version 1.5, 1 pages (zip deflate encoded)
|
dropped
|
||
|
Chrome Cache Entry: 320
|
Web Open Font Format (Version 2), TrueType, length 20692, version 3.1245
|
downloaded
|
||
|
Chrome Cache Entry: 321
|
Web Open Font Format (Version 2), TrueType, length 16292, version 1.6554
|
downloaded
|
||
|
Chrome Cache Entry: 322
|
PDF document, version 1.5, 1 pages (zip deflate encoded)
|
downloaded
|
||
|
Chrome Cache Entry: 323
|
Web Open Font Format (Version 2), TrueType, length 16832, version 1.6554
|
downloaded
|
||
|
Chrome Cache Entry: 324
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 325
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 326
|
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
downloaded
|
||
|
Chrome Cache Entry: 327
|
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 328
|
PNG image data, 340 x 122, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 329
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 330
|
Unicode text, UTF-8 text, with very long lines (39202), with NEL line terminators
|
dropped
|
||
|
Chrome Cache Entry: 331
|
Web Open Font Format (Version 2), TrueType, length 16812, version 1.6554
|
downloaded
|
||
|
Chrome Cache Entry: 332
|
Unicode text, UTF-8 text, with very long lines (64098), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 333
|
Unicode text, UTF-8 text, with very long lines (64098), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 334
|
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 335
|
Unicode text, UTF-8 text, with very long lines (39202), with NEL line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 336
|
PNG image data, 340 x 122, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 337
|
ASCII text, with very long lines (1219)
|
downloaded
|
||
|
Chrome Cache Entry: 338
|
Web Open Font Format (Version 2), TrueType, length 21320, version 3.1245
|
downloaded
|
||
|
Chrome Cache Entry: 339
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
There are 59 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=1960,i,6465490032464290090,11579432866035399946,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://zohosecurepay.com/books/assektechnologie/secure?CInvoiceID=2-f2ca58a7bd9c8b8361df608f371ed0982168c7d00325acce9a3b840ec167bdea30f7c8fd50a25b966b7b8a3214a9fd9b67c2c73e804057d856db1c5399dc85e798e1fb71080bbb7a"
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Downloads\F-000687.pdf"
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0"
--lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log"
--mojo-platform-channel-handle=2084 --field-trial-handle=1724,i,12291467357645724421,1324828894136230344,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://zohosecurepay.com/books/assektechnologie/secure?CInvoiceID=2-f2ca58a7bd9c8b8361df608f371ed0982168c7d00325acce9a3b840ec167bdea30f7c8fd50a25b966b7b8a3214a9fd9b67c2c73e804057d856db1c5399dc85e798e1fb71080bbb7a
|
|||
|
http://x1.i.lencr.org/
|
unknown
|
||
|
https://books.zoho.com/favicon.ico?1729863371548
|
204.141.42.145
|
||
|
https://static.zohocdn.com/webfonts/intersemibold/font_latin.woff2
|
89.36.170.147
|
||
|
https://static.zohocdn.com/webfonts/opensanssemibold/font_latin.woff2
|
89.36.170.147
|
||
|
https://static.zohocdn.com/webfonts/opensansbold/font_latin.woff2
|
89.36.170.147
|
||
|
https://tse1.mm.bing.net/th?id=OADD2.10239395019081_1G8JFT41D9TYPNUJJ&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
|
150.171.27.10
|
||
|
http://www.dangrossman.info/
|
unknown
|
||
|
http://www.gimp.org/xmp/
|
unknown
|
||
|
https://webfonts.zoho.com/css?display=swap&family=Inter:400,500,600,700/Source+Sans+Pro:400/Open+Sans:400,600,700
|
136.143.191.104
|
||
|
https://github.com/instructure/ic-ajax/blob/master/LICENSE
|
unknown
|
||
|
https://clipboardjs.com/
|
unknown
|
||
|
https://github.com/discourse/discourse/blob/master/app/assets/javascripts/discourse/mixins/ajax.js#L
|
unknown
|
||
|
https://tse1.mm.bing.net/th?id=OADD2.10239340783938_154JBSOQL12JS43YR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
|
150.171.27.10
|
||
|
file:///C:/Users/user/Downloads/F-000687.pdf
|
|||
|
https://raw.github.com/emberjs/ember.js/master/LICENSE
|
unknown
|
||
|
https://zohosecurepay.com/books/assektechnologie/api/v3/clientinvoices/secure?CInvoiceID=2-f2ca58a7bd9c8b8361df608f371ed0982168c7d00325acce9a3b840ec167bdea30f7c8fd50a25b966b7b8a3214a9fd9b67c2c73e804057d856db1c5399dc85e798e1fb71080bbb7a&include=html
|
136.143.191.75
|
||
|
https://tse1.mm.bing.net/th?id=OADD2.10239395019080_17DEM3LK5H7QUOJTP&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
|
150.171.27.10
|
||
|
https://static.zohocdn.com/zfbooksportal/zbportal/assets/styles/cp-238d1b14ecbf5e26ac307151afb15cfc.css
|
89.36.170.147
|
||
|
https://static.zohocdn.com/zfbooksportal/zbportal/assets/cp-26451a862f541aa0a2c2668949a905e9.js
|
89.36.170.147
|
||
|
https://zohosecurepay.com/books/assektechnologie/secure?CInvoiceID=2-f2ca58a7bd9c8b8361df608f371ed0982168c7d00325acce9a3b840ec167bdea30f7c8fd50a25b966b7b8a3214a9fd9b67c2c73e804057d856db1c5399dc85e798e1fb71080bbb7a
|
136.143.191.75
|
||
|
http://www.opensource.org/licenses/mit-license.php
|
unknown
|
||
|
https://chrome.cloudflare-dns.com/dns-query
|
162.159.61.3
|
||
|
https://static.zohocdn.com/zfbooksportal/zbportal/assets/i18n/MessageResources_fr-ca-58b6bee8d0a668f3451f00da154b0d49.js
|
89.36.170.147
|
||
|
https://zohosecurepay.com/books/assektechnologie/api/v3/clientinvoices/secure?CInvoiceID=2-f2ca58a7bd9c8b8361df608f371ed0982168c7d00325acce9a3b840ec167bdea30f7c8fd50a25b966b7b8a3214a9fd9b67c2c73e804057d856db1c5399dc85e798e1fb71080bbb7a&accept=pdf
|
136.143.191.75
|
||
|
https://zohosecurepay.com/books/assektechnologie/api/v3/clientsettings/templates/invoicelogo/2-9f5f6126fb9f5927bb890a052eb3e49c534d130e54c0d7eb3f0166cd0041c678e372af3884ab1be6245a00447e58dfbf
|
136.143.191.75
|
||
|
https://github.com/fengyuanchen/cropper
|
unknown
|
||
|
https://tse1.mm.bing.net/th?id=OADD2.10239340783939_14IT4JGOWRFC6CMW9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
|
150.171.27.10
|
||
|
https://tse1.mm.bing.net/th?id=OADD2.10239370639702_1LY06F7YB2ZF9D3G5&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
|
150.171.27.10
|
||
|
https://www.improvely.com/
|
unknown
|
||
|
https://static.zohocdn.com/webfonts/interregular/font_latin.woff2
|
89.36.170.147
|
||
|
https://static.zohocdn.com/zfbooksportal/zbportal/assets/vendor-f58da9ec045ce9179e729ea434f11dd6.js
|
89.36.170.147
|
||
|
https://www.zoho.com/report-abuse/
|
unknown
|
||
|
https://zohosecurepay.com/books/assektechnologie/secure?CInvoiceID=2-f2ca58a7bd9c8b8361df608f371ed0982168c7d00325acce9a3b840ec167bdea30f7c8fd50a25b966b7b8a3214a9fd9b67c2c73e804057d856db1c5399dc85e798e1fb71080bbb7a#/securepayment
|
|||
|
https://static.zohocdn.com/webfonts/opensans/font_latin.woff2
|
89.36.170.147
|
||
|
https://static.zohocdn.com/zfbooksportal/zbportal/assets/styles/vendor-94e40a88686d3e5724e75939300b4713.css
|
89.36.170.147
|
||
|
https://tse1.mm.bing.net/th?id=OADD2.10239370639703_1XZVEAKL3PD7EZGL4&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
|
150.171.27.10
|
There are 26 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
chrome.cloudflare-dns.com
|
162.159.61.3
|
||
|
books.zoho.com
|
204.141.42.145
|
||
|
h2-stratus.zohocdn.com
|
89.36.170.147
|
||
|
www.google.com
|
142.250.185.228
|
||
|
zs-lc1-25-h2.zoho.com
|
136.143.191.104
|
||
|
zohosecurepay.com
|
136.143.191.75
|
||
|
ax-0001.ax-msedge.net
|
150.171.27.10
|
||
|
webfonts.zoho.com
|
unknown
|
||
|
x1.i.lencr.org
|
unknown
|
||
|
tse1.mm.bing.net
|
unknown
|
||
|
static.zohocdn.com
|
unknown
|
There are 1 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.185.228
|
www.google.com
|
United States
|
||
|
192.168.2.8
|
unknown
|
unknown
|
||
|
192.168.2.6
|
unknown
|
unknown
|
||
|
89.36.170.147
|
h2-stratus.zohocdn.com
|
Switzerland
|
||
|
162.159.61.3
|
chrome.cloudflare-dns.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
204.141.42.145
|
books.zoho.com
|
United States
|
||
|
136.143.191.104
|
zs-lc1-25-h2.zoho.com
|
United States
|
||
|
136.143.191.75
|
zohosecurepay.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
aFS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
tDIText
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
tFileName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
tFileSource
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sFileAncestors
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sDI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sDate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
uFileSize
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
uPageCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sAssetId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
bisSharedFile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
aFS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
tDIText
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
tFileName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
sDI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
sDate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
uFileSize
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
uPageCount
|
There are 8 hidden registries, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://zohosecurepay.com/books/assektechnologie/secure?CInvoiceID=2-f2ca58a7bd9c8b8361df608f371ed0982168c7d00325acce9a3b840ec167bdea30f7c8fd50a25b966b7b8a3214a9fd9b67c2c73e804057d856db1c5399dc85e798e1fb71080bbb7a#/securepayment
|
||
|
file:///C:/Users/user/Downloads/F-000687.pdf
|
||
|
file:///C:/Users/user/Downloads/F-000687.pdf
|