Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
_73244A.pdf

Overview

General Information

Sample name:_73244A.pdf
Analysis ID:1544502
MD5:94abf8c926274959d49fbe2487e75e08
SHA1:ecc5a4c36f5d91e1de41bab68d98b08ee2e34ee4
SHA256:5cb1c57ad6360bdeb1716b5d297616d7b6b724955ef05659fce0548f8c8ca2ac

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Potential document exploit detected (performs DNS queries)

Classification

Process Tree

  • System is w10x64_ra
  • Acrobat.exe (PID: 3496 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\_73244A.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)
    • AcroCEF.exe (PID: 6780 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
      • AcroCEF.exe (PID: 7072 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2276 --field-trial-handle=1548,i,14299185383996777922,10480446800087791785,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: global trafficDNS query: name: x1.i.lencr.org
Source: global trafficDNS query: name: x1.i.lencr.org
Source: global trafficDNS query: name: x1.i.lencr.org
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficDNS traffic detected: DNS query: x1.i.lencr.org
Source: classification engineClassification label: clean0.winPDF@16/32@3/52
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.6156
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-29 09-13-45-483.log
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA
Source: unknownProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\_73244A.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2276 --field-trial-handle=1548,i,14299185383996777922,10480446800087791785,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: unknownProcess created: C:\Windows\System32\msiexec.exe C:\Windows\system32\msiexec.exe /V
Source: C:\Windows\System32\msiexec.exeProcess created: C:\Windows\System32\msiexec.exe C:\Windows\System32\MsiExec.exe -Embedding EE843A69A99388E5B8E184772D666029
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2276 --field-trial-handle=1548,i,14299185383996777922,10480446800087791785,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: _73244A.pdfInitial sample: PDF keyword /JS count = 0
Source: _73244A.pdfInitial sample: PDF keyword /JavaScript count = 0
Source: _73244A.pdfInitial sample: PDF keyword /EmbeddedFile count = 0
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information queried: ProcessInformation

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
Exploitation for Client Execution		Path Interception1
Process Injection		1
Masquerading		OS Credential Dumping1
Process Discovery		Remote ServicesData from Local System1
Non-Application Layer Protocol		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection		LSASS Memory1
System Information Discovery		Remote Desktop ProtocolData from Removable Media1
Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
x1.i.lencr.org
unknown
unknownfalse
    		unknown

    World Map of Contacted IPs

    • No. of IPs < 25%
    • 25% < No. of IPs < 50%
    • 50% < No. of IPs < 75%
    • 75% < No. of IPs

    Public IPs

    IPDomainCountryFlagASNASN NameMalicious
    2.23.197.184
    		unknownEuropean Union
    		1273CWVodafoneGroupPLCEUfalse
    184.28.88.176
    		unknownUnited States
    		16625AKAMAI-ASUSfalse
    52.5.13.197
    		unknownUnited States
    		14618AMAZON-AESUSfalse
    199.232.214.172
    		unknownUnited States
    		54113FASTLYUSfalse
    172.64.41.3
    		unknownUnited States
    		13335CLOUDFLARENETUSfalse

    General Information

    Joe Sandbox version:41.0.0 Charoite
    Analysis ID:1544502
    Start date and time:2024-10-29 14:13:13 +01:00
    Joe Sandbox product:CloudBasic
    Overall analysis duration:
    Hypervisor based Inspection enabled:false
    Report type:full
    Cookbook file name:defaultwindowsinteractivecookbook.jbs
    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
    Number of analysed new started processes analysed:15
    Number of new started drivers analysed:0
    Number of existing processes analysed:0
    Number of existing drivers analysed:0
    Number of injected processes analysed:0
    Technologies:
    • EGA enabled
    Analysis Mode:stream
    Analysis stop reason:Timeout
    Sample name:_73244A.pdf
    Detection:CLEAN
    Classification:clean0.winPDF@16/32@3/52
    Cookbook Comments:
    • Found application associated with file extension: .pdf

    Warnings

    • Exclude process from analysis (whitelisted): dllhost.exe, svchost.exe
    • Excluded IPs from analysis (whitelisted): 184.28.88.176, 52.5.13.197, 54.227.187.23, 23.22.254.206, 52.202.204.11, 172.64.41.3, 162.159.61.3
    • Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, fs.microsoft.com, ssl-delivery.adobe.com.edgekey.net, ctldl.windowsupdate.com, p13n.adobe.io, geo2.adobe.com
    • Not all processes where analyzed, report is missing behavior information
    • VT rate limit hit for: _73244A.pdf

    LLM Input / Output

    InputOutput
    URL: PDF document Model: claude-3-haiku-20240307
    ```json
{
  "contains_trigger_text": false,
  "trigger_text": "unknown",
  "prominent_button_name": "unknown",
  "text_input_field_labels": [
    "Arrive :",
    "Dpart :",
    "Chambre :"
  ],
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
    URL: PDF document Model: claude-3-haiku-20240307
    ```json
{
  "brands": [
    "Auberge Radisson"
  ]
}

    Created / dropped Files

    C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\1989facb-3791-4cee-aa56-77c231522842.tmp

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):403
    Entropy (8bit):4.984660936844831
    Encrypted:false
    SSDEEP:
    MD5:A8454348967C17D370FB2985131AA52E
    SHA1:86BA05FB5BD4F671DE0EEEB0335B0FB5FB6D9730
    SHA-256:7A410FA6EABDE82AE3004C40CC9C8E362133CBB85F9A572679263AED91233E60
    SHA-512:E37D3CA048087B0FF6033829324C2AEAFBA9B74A9609C5132B1805EAC68DA89ACC3609E9853903D534C41A01C20E6E769A8CBE3B3C55568F9F914FBF564035DE
    Malicious:false
    Reputation:unknown
    Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13374767629692524","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":229578},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.16","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

    C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):0
    Entropy (8bit):0.0
    Encrypted:false
    SSDEEP:
    MD5:4C313FE514B5F4E7E89329630909F8DC
    SHA1:916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56
    SHA-256:1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873
    SHA-512:1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205
    Malicious:false
    Reputation:unknown
    Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13341145152835463","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":144284},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.16","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

    C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State~RF47573e.TMP (copy)

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):0
    Entropy (8bit):0.0
    Encrypted:false
    SSDEEP:
    MD5:4C313FE514B5F4E7E89329630909F8DC
    SHA1:916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56
    SHA-256:1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873
    SHA-512:1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205
    Malicious:false
    Reputation:unknown
    Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13341145152835463","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":144284},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.16","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

    C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\cc2d096d-b262-44f0-930a-5115267daaab.tmp

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):403
    Entropy (8bit):4.953858338552356
    Encrypted:false
    SSDEEP:
    MD5:4C313FE514B5F4E7E89329630909F8DC
    SHA1:916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56
    SHA-256:1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873
    SHA-512:1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205
    Malicious:false
    Reputation:unknown
    Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13341145152835463","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":144284},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.16","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

    C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-241029131347Z-162.bmp

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:PC bitmap, Windows 3.x format, 117 x -152 x 32, cbSize 71190, bits offset 54
    Category:dropped
    Size (bytes):71190
    Entropy (8bit):1.2753276864347176
    Encrypted:false
    SSDEEP:
    MD5:ED4CA7BFF936699147A9453E84EE4B66
    SHA1:D15C23C832A58FD69671E0566DF1693C89D61706
    SHA-256:98E65BAEC4E29A9F6B514F2EE4C3920CE5A1BB0FCD29AB7D90A55167189F2DF9
    SHA-512:233F6C753F2D8D59B88D7F85D1E99943373CDD0708E5A324EA434975848BAFA9528D7BD669187C0E788EF580C43F83B5C57488421943933650E79D63448CA802
    Malicious:false
    Reputation:unknown
    Preview:BM........6...(...u...h..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

    C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 2, database pages 14, cookie 0x5, schema 4, UTF-8, version-valid-for 2
    Category:dropped
    Size (bytes):57344
    Entropy (8bit):3.291927920232006
    Encrypted:false
    SSDEEP:
    MD5:A4D5FECEFE05F21D6F81ACF4D9A788CF
    SHA1:1A9AC236C80F2A2809F7DE374072E2FCCA5A775C
    SHA-256:83BE4623D80FFB402FBDEC4125671DF532845A3828A1B378D99BD243A4FD8FF2
    SHA-512:FF106C6B9E1EA4B1F3E3AB01FAEA21BA24A885E63DDF0C36EB0A8C3C89A9430FE676039C076C50D7C46DC4E809F6A7E35A4BFED64D9033FEBD6121AC547AA5E9
    Malicious:false
    Reputation:unknown
    Preview:SQLite format 3......@ ..........................................................................c.......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

    C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:SQLite Rollback Journal
    Category:dropped
    Size (bytes):16928
    Entropy (8bit):1.2153824393979324
    Encrypted:false
    SSDEEP:
    MD5:5A875A89C6B0D480D01C6999E9D5012B
    SHA1:2B27B0846FB9F80A5620079FCD04237E74FCEBFB
    SHA-256:A68A827A10F41E262DD720E09E698D53F42A1939471AAE6D3043C60E8AE075D2
    SHA-512:51166172B70F800270EC01D5ED6DE607A05BAED7795D7715EAC73EF64AB1CCC73C11904EDC589C105D3AA00DA3B20300B9E26FD7574CFCB58A9735FE77A0E003
    Malicious:false
    Reputation:unknown
    Preview:.... .c......[.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

    C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
    File Type:Certificate, Version=3
    Category:dropped
    Size (bytes):1391
    Entropy (8bit):7.705940075877404
    Encrypted:false
    SSDEEP:
    MD5:0CD2F9E0DA1773E9ED864DA5E370E74E
    SHA1:CABD2A79A1076A31F21D253635CB039D4329A5E8
    SHA-256:96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6
    SHA-512:3B40F27E828323F5B91F8909883A78A21C86551761F27B38029FAAEC14AF5B7AA96FB9F9CC93EE201B5EB1D0FEF17B290747E8B839D2E49A8F36C5EBF3C7C910
    Malicious:false
    Reputation:unknown
    Preview:0..k0..S............@.YDc.c...0...*.H........0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10...150604110438Z..350604110438Z0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10.."0...*.H.............0..........$s..7.+W(.....8..n<.W.x.u...jn..O(..h.lD...c...k....1.!~.3<.H..y.....!.K...qiJffl.~<p..)"......K...~....G.|.H#S.8.O.o...IW..t../.8.{.p!.u.0<.....c...O..K~.....w...{J.L.%.p..)..S$........J.?..aQ.....cq...o[...\4ylv.;.by.../&.....................6....7..6u...r......I.....*.A..v........5/(.l....dwnG7..Y^h..r...A)>Y>.&.$...Z.L@.F....:Qn.;.}r...xY.>Qx....../..>{J.Ks......P.|C.t..t.....0.[q6....00\H..;..}`...).........A.......|.;F.H*..v.v..j.=...8.d..+..(.....B.".'].y...p..N..:..'Qn..d.3CO......B0@0...U...........0...U.......0....0...U......y.Y.{....s.....X..n0...*.H.............U.X....P.....i ')..au\.n...i/..VK..s.Y.!.~.Lq...`.9....!V..P.Y...Y.............b.E.f..|o..;.....'...}~.."......

    C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
    File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
    Category:dropped
    Size (bytes):71954
    Entropy (8bit):7.996617769952133
    Encrypted:true
    SSDEEP:
    MD5:49AEBF8CBD62D92AC215B2923FB1B9F5
    SHA1:1723BE06719828DDA65AD804298D0431F6AFF976
    SHA-256:B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F
    SHA-512:BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B
    Malicious:false
    Reputation:unknown
    Preview:MSCF............,...................I..................XaK .authroot.stl.[.i..6..CK..<Tk......4.cl!Kg..E..*Y.f_..".$mR"$.J.E.KB."..rKv.."{.g....3.W.....c..9.s...=....y6#..x..........D......\(.#.s.!.A.......cd.c........+^.ov...n.....3BL..0.......BPUR&.X..02.q...R...J.....w.....b.vy>....-.&..(..oe."."...J9...0U.6J..|U..S.....M.F8g...=.......p...........l.?3.J.x.G.Ep..$g..tj......)v]9(:.)W.8.Op.1Q..:.nPd........7.7..M].V F..g.....12..!7(...B.......h.RZ.......l.<.....6..Z^.`p?... .p.Gp.#.'.X..........|!.8.....".m.49r?.I...g...8.v.....a``.g.R4.i...J8q....NFW,E.6Y....!.o5%.Y.....R..<..S9....r....WO...(.....F..Q=*....-..7d..O(....-..+k.........K..........{Q....Z..j._.E...QZ.~.\.^......N.9.k..O.}dD.b1r...[}/....T..E..G..c.|.c.&>?..^t. ..;..X.d.E.0G....[Q.*,*......#.Dp..L.o|#syc.J............}G-.ou6.=52..XWi=...m.....^u......c..fc?&pR7S5....I...j.G........j.j..Tc.El.....B.pQ.,Bp....j...9g.. >..s..m#.Nb.o_u.M.V...........\#...v..Mo\sF..s....Y...

    C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
    File Type:data
    Category:dropped
    Size (bytes):192
    Entropy (8bit):2.7464849065063075
    Encrypted:false
    SSDEEP:
    MD5:7CCD27AC63919BEB89BA76E97D546D62
    SHA1:B561B54A8397A8251936F833BEC572659F38835B
    SHA-256:728453296AFFCE955B2D2BF25A2C656C08B0AC4C04E8E7723D64A562FCED84F5
    SHA-512:E0A1074D440046B7DD4B5567AF2FFFC1DB51E5BD3A07F24D6495D8D66DF2A94215EEC4B6EEC3BA8CA6D4C7435117094FD0FC6D946340AB262D36D31D25A26C57
    Malicious:false
    Reputation:unknown
    Preview:p...... ........:..h.*..(....................................................... ..........W....kS..............o...h.t.t.p.:././.x.1...i...l.e.n.c.r...o.r.g./...".6.4.c.d.6.6.5.4.-.5.6.f."...

    C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
    File Type:data
    Category:dropped
    Size (bytes):328
    Entropy (8bit):3.253995428229511
    Encrypted:false
    SSDEEP:
    MD5:D80ECCE2F36C7211875648E804717096
    SHA1:53D126DED6B443782FD070DF13B3916D233CCEBD
    SHA-256:CBCBD2BC836E5DBD0847328FC0911428EE51B089F1AF51D06959A79CBD1E63BB
    SHA-512:4146FA98CE7F7292B2D65AED83107E48B0C1CBBD474490A367679E01EBA45ED021A1E365209EDEDF1C787E53B29A698939FFFFA4E869DFF219F51B37C5A99F35
    Malicious:false
    Reputation:unknown
    Preview:p...... ........R.#{.*..(....................................................... ........G..@.......&......X........h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".a.7.2.8.2.e.b.4.0.b.1.d.a.1.:.0."...

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.6156

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:PostScript document text
    Category:dropped
    Size (bytes):185099
    Entropy (8bit):5.182478651346149
    Encrypted:false
    SSDEEP:
    MD5:94185C5850C26B3C6FC24ABC385CDA58
    SHA1:42F042285037B0C35BC4226D387F88C770AB5CAA
    SHA-256:1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808
    SHA-512:652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344
    Malicious:false
    Reputation:unknown
    Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Reg.FamilyName:Agency FB.StyleName:Regular.MenuName:Agency FB.StyleBits:0.WeightClass:400.WidthClass:3.AngleClass:0.FullName:Agency FB.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB.FileLength:58920.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Bold.FamilyName:Agency FB.StyleName:Bold.MenuName:Agency FB.StyleBits:2.WeightClass:700.WidthClass:3.AngleClass:0.FullName:Agency FB Bold.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB Bold.FileLength:60656.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB Bold.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Algerian.FamilyName:Algerian.StyleName:Regular.MenuName:Algerian.StyleBits:0.We

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt23.lst (copy)

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:PostScript document text
    Category:dropped
    Size (bytes):0
    Entropy (8bit):0.0
    Encrypted:false
    SSDEEP:
    MD5:94185C5850C26B3C6FC24ABC385CDA58
    SHA1:42F042285037B0C35BC4226D387F88C770AB5CAA
    SHA-256:1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808
    SHA-512:652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344
    Malicious:false
    Reputation:unknown
    Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Reg.FamilyName:Agency FB.StyleName:Regular.MenuName:Agency FB.StyleBits:0.WeightClass:400.WidthClass:3.AngleClass:0.FullName:Agency FB.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB.FileLength:58920.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Bold.FamilyName:Agency FB.StyleName:Bold.MenuName:Agency FB.StyleBits:2.WeightClass:700.WidthClass:3.AngleClass:0.FullName:Agency FB Bold.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB Bold.FileLength:60656.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB Bold.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Algerian.FamilyName:Algerian.StyleName:Regular.MenuName:Algerian.StyleBits:0.We

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):295
    Entropy (8bit):5.363367231181723
    Encrypted:false
    SSDEEP:
    MD5:BE836989EB566A31478D02619B11EA5B
    SHA1:510EB639B3D8B66E09D182668E05105AD7B9963B
    SHA-256:9573F11C2FC3CA7DADC106227E2E2F75293269D560F4D781A430ACBE771B73ED
    SHA-512:D0C85AB3AE9A8FEA26F1FCB6BA3A50609544873FE9A38D389883F70F234D535042294014622851AE8DDF909FBF3D9B55E9F8A2C74622D5E51E17730D9CD4DEC0
    Malicious:false
    Reputation:unknown
    Preview:{"analyticsData":{"responseGUID":"cf6174cb-2e6c-4f48-883e-14b150fa4471","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1730380819438,"statusCode":200,"surfaceID":"ACROBAT_READER_MASTER_SURFACEID","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):294
    Entropy (8bit):5.309866393590628
    Encrypted:false
    SSDEEP:
    MD5:DA42C6A4885E33C19D32CE929829272F
    SHA1:229777CB51ED67A34FA80D8BF2E51BA8C684942F
    SHA-256:8F4FE1E72E0387961A4E64C56989BD3DBC9B4D3DEB4E5E08CAE5B09E482C7176
    SHA-512:C5E9A1FC508F99AFA7AB75EF9D1BF49F7DBF6034E2968B6D9E597BA96F61D24167BC85AF8AEB72106F467E710610849AFDFD8F378FFFE31420AEDBCF98A084BE
    Malicious:false
    Reputation:unknown
    Preview:{"analyticsData":{"responseGUID":"cf6174cb-2e6c-4f48-883e-14b150fa4471","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1730380819438,"statusCode":200,"surfaceID":"DC_FirstMile_Home_View_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):294
    Entropy (8bit):5.2880053083358955
    Encrypted:false
    SSDEEP:
    MD5:63ADE9BE808EDFEE819B26082A333677
    SHA1:CE6A91A763567B2B8160ABF2E5A9C2E754609D22
    SHA-256:920D3C1752EB90D5841FBE72CB45F5166C877EB398997B2F7A3FABE9F09D8CCE
    SHA-512:4263FE5204FE2A083D77AEEBCA5E8FCE274B5D0B21F8E2C3093A3B7CCE62E1B49B082E32B1868384F5E971F2426119AB1E814456E494949B00F9B3E059D88501
    Malicious:false
    Reputation:unknown
    Preview:{"analyticsData":{"responseGUID":"cf6174cb-2e6c-4f48-883e-14b150fa4471","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1730380819438,"statusCode":200,"surfaceID":"DC_FirstMile_Right_Sec_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):285
    Entropy (8bit):5.351747554830245
    Encrypted:false
    SSDEEP:
    MD5:B38CC5991F57F251D7313FF99801923F
    SHA1:C1F6766DFAEF347BFDA8B36D2D6622ACA3AF4911
    SHA-256:C7635D112F1D27E4AAFFC6A574A14A5E0B36630DDE9A58ED60C9E1D5AE4332E2
    SHA-512:CF83A70FD35D00A1B642AF4406517A42144F90CDE89CA80A4EF7F8DDBA7E766F43BA6E0252201A16734CE06411E95A932C7059A62ABC6D8F620ED88B4DB690F1
    Malicious:false
    Reputation:unknown
    Preview:{"analyticsData":{"responseGUID":"cf6174cb-2e6c-4f48-883e-14b150fa4471","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1730380819438,"statusCode":200,"surfaceID":"DC_READER_LAUNCH_CARD","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):1055
    Entropy (8bit):5.665105587151025
    Encrypted:false
    SSDEEP:
    MD5:D404D8591F242527D2F5FCC914CFD536
    SHA1:7977ABB93D2EE6E6894E090D73E388C0E58E0011
    SHA-256:4FE6501A1A317BC3F8B5CE955F88A7B2D813CE6B224972867D6B4816A718F4D5
    SHA-512:E11D040EF0092844D75923CA4C451BEC7378E6BDC690F0FE62C3F68AE090E75C5CF0C64AAB59C7995C9C5A2C2B738CB832011288B2E7DBE8B5A5A51D7FB0D5C8
    Malicious:false
    Reputation:unknown
    Preview:{"analyticsData":{"responseGUID":"cf6174cb-2e6c-4f48-883e-14b150fa4471","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1730380819438,"statusCode":200,"surfaceID":"DC_Reader_Convert_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Convert_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"92038_285529ActionBlock_1","campaignId":92038,"containerId":"1","controlGroupId":"","treatmentId":"eb1a4bce-8215-46f1-b44c-154b21a85d60","variationId":"285529"},"containerId":1,"containerLabel":"JSON for DC_Reader_Convert_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkV4cG9ydCBQREZzIHRvIE1pY3Jvc29mdCBXb3JkIGFuZCBFeGNlbC4ifSwidGNhdElkIjpudWxsfQ==","dataType":"application\/json","encodingScheme":tr

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):1050
    Entropy (8bit):5.658110320596823
    Encrypted:false
    SSDEEP:
    MD5:76736678EEF9590473483E1DADA1A917
    SHA1:1F95184DB4BA1D7C677688747072B5C1A8A4021C
    SHA-256:0CA2909A50EB64FFEDB1FD5B32C77DE9B631786698C2B114E5A0EA47C0BE64CD
    SHA-512:AA192722AECA3FCAE71176BC192FC6ED4B7538BD59B903BD96C2837AECB9D37C3C8E08AB5F8DD65400FB89213721CEF601EBA3D89AB711B9ADC87C258216CD11
    Malicious:false
    Reputation:unknown
    Preview:{"analyticsData":{"responseGUID":"cf6174cb-2e6c-4f48-883e-14b150fa4471","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1730380819438,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Disc_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"85534_264855ActionBlock_0","campaignId":85534,"containerId":"1","controlGroupId":"","treatmentId":"0924134e-3c59-4f53-b731-add558c56fec","variationId":"264855"},"containerId":1,"containerLabel":"JSON for DC_Reader_Disc_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkNvbnZlcnQsIGVkaXQgYW5kIGUtc2lnblxuZm9ybXMgJiBhZ3JlZW1lbnRzLiJ9LCJ0Y2F0SWQiOm51bGx9","dataType":"application\/json","encodingScheme":true},"

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):292
    Entropy (8bit):5.304209568579434
    Encrypted:false
    SSDEEP:
    MD5:B5C3FC02A09587B353AAF14408E6039F
    SHA1:8D3785018622DD92A277304034DE736518E46945
    SHA-256:CF0564A0AF9867AD1602AEF13FA21AB0F4B53C21C2E765CD3DDA64C653FB2A1B
    SHA-512:41863B092C19E66FB1F6514D43C55CAA0693E4E11ABAA07F922BA414EB81C430E6E44865815BC4A8A4032A3458F0831B9326756DAE00A060DF43A36C96B9F779
    Malicious:false
    Reputation:unknown
    Preview:{"analyticsData":{"responseGUID":"cf6174cb-2e6c-4f48-883e-14b150fa4471","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1730380819438,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):1038
    Entropy (8bit):5.653424711279631
    Encrypted:false
    SSDEEP:
    MD5:8D33C1F96ED968D3AC09DA2F9DD2B467
    SHA1:980E36E461DB267BF941EA7188A47E6C7C770E29
    SHA-256:5B2E2C56316A6CB757973CB5A4B8EB84A9107A87F7D0EC18B53CBCFA8EC40282
    SHA-512:6565EC722E7C34F4BA5011D9F7ACFB61D5914DD0F8CF76A8212CED5F5FDE85D36FDBD13898F611B07AE420455156073B991C5E3E2BF784350B13E86E0CA11F96
    Malicious:false
    Reputation:unknown
    Preview:{"analyticsData":{"responseGUID":"cf6174cb-2e6c-4f48-883e-14b150fa4471","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1730380819438,"statusCode":200,"surfaceID":"DC_Reader_Edit_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Edit_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"85534_264855ActionBlock_1","campaignId":85534,"containerId":"1","controlGroupId":"","treatmentId":"49d2f713-7aa9-44db-aa50-0a7a22add459","variationId":"264855"},"containerId":1,"containerLabel":"JSON for DC_Reader_Edit_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkVkaXQgdGV4dCwgaW1hZ2VzLCBwYWdlcywgYW5kIG1vcmUuIn0sInRjYXRJZCI6bnVsbH0=","dataType":"application\/json","encodingScheme":true},"endDTS":1744

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):1164
    Entropy (8bit):5.702095648286805
    Encrypted:false
    SSDEEP:
    MD5:129351B556941A0D6F4D7926818EE6DB
    SHA1:35AD27399B651AF4A28FC632BF8D994606C6062D
    SHA-256:58BBFFBD3907BC1D06A3953F123A52434023652E98B0484AD11CF6C502CDF09F
    SHA-512:70BE9F1BC9C9583C9476E5439949591013A32DA96CCB11C3D746BDEFCC49339DC4C853724FF83FECA6EFE804A3532C6312AC64BA3EB5C3FDA11D69486416AD23
    Malicious:false
    Reputation:unknown
    Preview:{"analyticsData":{"responseGUID":"cf6174cb-2e6c-4f48-883e-14b150fa4471","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1730380819438,"statusCode":200,"surfaceID":"DC_Reader_Home_LHP_Trial_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Home_LHP_Trial_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"85531_264848ActionBlock_0","campaignId":85531,"containerId":"1","controlGroupId":"","treatmentId":"ee1a7497-76e7-43c2-bb63-9a0551e11d73","variationId":"264848"},"containerId":1,"containerLabel":"JSON for DC_Reader_Home_LHP_Trial_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IlRyeSBBY3JvYmF0IFBybyJ9LCJ1aSI6eyJ0aXRsZV9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjE1cHgiLCJmb250X3N0eWxlIjoiMCJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjEzcHgiLCJmb250X3N0eWxlIjoiLTEifSwidGl0bGUiOiJGcmVlIHRyaWFsIiwiZGVzY3JpcHRpb24iOiJHZXQgdW5saW1pdGVkIGFjY2VzcyB0b1xucHJlbWl1bSBQREYgYW5kIGUtc2lnbmluZ1xudG9vbHMuIn0sImJhbm5lcl9zdHlsaW5nIjo

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):289
    Entropy (8bit):5.3086308157609965
    Encrypted:false
    SSDEEP:
    MD5:8DA3E94CEB498F32F49CC0BFF989E8AB
    SHA1:ADA5B05241A89B8D19161A7AA088E3442973BDEB
    SHA-256:32DC77A27C93196476E8B5FC212AA35C0758CF62F76BF2FC99AC2E77E683693F
    SHA-512:AA00091F091E1D4728AC850B751189E2EA15DB28F27C02FDC9FA2918250A7937E1D8DBD9A8C4B8A7505F7CD99D49D26A9299CAF7AE3CBBDE4769B989A1856840
    Malicious:false
    Reputation:unknown
    Preview:{"analyticsData":{"responseGUID":"cf6174cb-2e6c-4f48-883e-14b150fa4471","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1730380819438,"statusCode":200,"surfaceID":"DC_Reader_More_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):1395
    Entropy (8bit):5.780455260512003
    Encrypted:false
    SSDEEP:
    MD5:F9EE8277074D937D7CD058ABF766B986
    SHA1:5A8EBAF44438F90278A3DC77FE914BEE3579CF55
    SHA-256:87B6668D2FC14B9D56B88A0D9E8C17CD3AE5F15C9385563B15D5100BB05B4E28
    SHA-512:7F668AB6A66DE771E9BABBE790C8D441E44B29199EEDBC08897D066D8DFCB0C69C54EB0C489EB7D638DEC1407E4E6A3F16038D393C7F865226FB14110092E1CB
    Malicious:false
    Reputation:unknown
    Preview:{"analyticsData":{"responseGUID":"cf6174cb-2e6c-4f48-883e-14b150fa4471","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1730380819438,"statusCode":200,"surfaceID":"DC_Reader_RHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_RHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"57802_176003ActionBlock_0","campaignId":57802,"containerId":"1","controlGroupId":"","treatmentId":"d0374f2d-08b2-49b9-9500-3392758c9e2e","variationId":"176003"},"containerId":1,"containerLabel":"JSON for Reader DC RHP Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJGcmVlIDctRGF5IFRyaWFsIiwiZ29fdXJsIjoiaHR0cHM6Ly9hY3JvYmF0LmFkb2JlLmNvbS9wcm94eS9wcmljaW5nL3VzL2VuL3NpZ24tZnJlZS10cmlhbC5odG1sP3RyYWNraW5naWQ9UEMxUFFMUVQmbXY9aW4tcHJvZHVjdCZtdjI9cmVhZGVyIn0sInVpIjp7InRpdGxlX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTQiLCJmb250X3N0eWxlIjoiMyJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjEyIiwiZm9udF9zdHlsZSI6IjMifSwidGl0

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):291
    Entropy (8bit):5.29211859511348
    Encrypted:false
    SSDEEP:
    MD5:E3E802E42A6064CCAD8C7600283DCE47
    SHA1:83238688C25C792DDAB2DE716574E2EC09E00B64
    SHA-256:ED9F5FD66D0FA42D5B32C20C18FEE90DDB085598D6E49CDCF2E995673885D949
    SHA-512:70B430BC11A2A21323C9982A07FC8532AAB8A9D176400B05BF0949CBD4F16E6B810A8FE54EB9798C7E16F3EA7E60C12D00559E03632E548C88308C5E09CEEB43
    Malicious:false
    Reputation:unknown
    Preview:{"analyticsData":{"responseGUID":"cf6174cb-2e6c-4f48-883e-14b150fa4471","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1730380819438,"statusCode":200,"surfaceID":"DC_Reader_RHP_Intent_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):287
    Entropy (8bit):5.295304998194911
    Encrypted:false
    SSDEEP:
    MD5:D7F8B5F472AEB1F9BBCCD72162FB2263
    SHA1:C3626D0CF1B153E6A1F992849BD37F630AEC06FA
    SHA-256:68F33235B0D61F3FFE72C4651CAF977F075988AD4E8CE3F284759FE2EABBE329
    SHA-512:544D6CF21593E8754C8F9A6243061D7B3F59BA7340683CDD6B10ABA686E1FF0B438FE7A44C6D9BC3A909ADF6A87AD49ADCA5398942CA45C4F0F82A22F89D635A
    Malicious:false
    Reputation:unknown
    Preview:{"analyticsData":{"responseGUID":"cf6174cb-2e6c-4f48-883e-14b150fa4471","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1730380819438,"statusCode":200,"surfaceID":"DC_Reader_RHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):1026
    Entropy (8bit):5.637724537722598
    Encrypted:false
    SSDEEP:
    MD5:F8929CDEC7523F1267B1F2687EB566D6
    SHA1:018FB4C2B9D9072F049032C2C4F99FDEEABDBF4D
    SHA-256:238DC46F2198EFC1FF9224C8AA6C2361DA38AB5C9A6036D8742BDEAAD665EE2B
    SHA-512:15CC9D024A808E79DAED4EBDE04462B91F789307457D8B47AC25100F54546E90D8E13E36F9409DC535789359BF19DE1EAB84ACED733BFF4FA1C57A927FC1B9DB
    Malicious:false
    Reputation:unknown
    Preview:{"analyticsData":{"responseGUID":"cf6174cb-2e6c-4f48-883e-14b150fa4471","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1730380819438,"statusCode":200,"surfaceID":"DC_Reader_Sign_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Sign_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"92038_285529ActionBlock_0","campaignId":92038,"containerId":"1","controlGroupId":"","treatmentId":"6291f52b-6cb0-4d31-bc46-37ce85e9eb25","variationId":"285529"},"containerId":1,"containerLabel":"JSON for DC_Reader_Sign_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkVhc2lseSBmaWxsIGFuZCBzaWduIFBERnMuIn0sInRjYXRJZCI6bnVsbH0=","dataType":"application\/json","encodingScheme":true},"endDTS":1751323379000,"s

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):286
    Entropy (8bit):5.273576958564674
    Encrypted:false
    SSDEEP:
    MD5:23589BF1576E4FBBED381EDB254D47BC
    SHA1:5EF6C30D9FCCD9EA170D8559F0FE85366A9054EF
    SHA-256:3A33EF44F168D7C4933E11E2A0119F7AA5B1FA0D52413D90D91EE9F085796CB4
    SHA-512:9F1DDC763963480D7B315983820F36FE6BAFDE7818CB8C5291FAC7FF73D19A0DBAD495CDC70AD4C0A674066707F22B04B60BDF47256C2322EB6E5C0BCF7DE35E
    Malicious:false
    Reputation:unknown
    Preview:{"analyticsData":{"responseGUID":"cf6174cb-2e6c-4f48-883e-14b150fa4471","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1730380819438,"statusCode":200,"surfaceID":"DC_Reader_Upsell_Cards","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):782
    Entropy (8bit):5.374611071083102
    Encrypted:false
    SSDEEP:
    MD5:ABFC3267156E73696B05891DC9EC1BDD
    SHA1:CDCE88299931BDAF7855AE914B6C96F1449C71B9
    SHA-256:1B02464D3F0B1DC4D455699ACCF9D084DDAC5207C581FC521D50340ABDF52263
    SHA-512:271BD67F7A2196D4B2FE600BF5A88FF06E25493E905DD572EBCFCDDDDFFC70D1525F01D575E584D08F296C8E6644C0EEB83154A234F76394731CED20E4EBE7EF
    Malicious:false
    Reputation:unknown
    Preview:{"analyticsData":{"responseGUID":"cf6174cb-2e6c-4f48-883e-14b150fa4471","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1730380819438,"statusCode":200,"surfaceID":"Edit_InApp_Aug2020","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"Edit_InApp_Aug2020"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"20360_57769ActionBlock_0","campaignId":20360,"containerId":"1","controlGroupId":"","treatmentId":"3c07988a-9c54-409d-9d06-53885c9f21ec","variationId":"57769"},"containerId":1,"containerLabel":"JSON for switching in-app test","content":{"data":"eyJ1cHNlbGxleHBlcmltZW50Ijp7InRlc3RpZCI6IjEiLCJjb2hvcnQiOiJicm93c2VyIn19","dataType":"application\/json","encodingScheme":true},"endDTS":1735804679000,"startDTS":1730207629469}}}}

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:data
    Category:dropped
    Size (bytes):4
    Entropy (8bit):0.8112781244591328
    Encrypted:false
    SSDEEP:
    MD5:DC84B0D741E5BEAE8070013ADDCC8C28
    SHA1:802F4A6A20CBF157AAF6C4E07E4301578D5936A2
    SHA-256:81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
    SHA-512:65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
    Malicious:false
    Reputation:unknown
    Preview:....

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):2818
    Entropy (8bit):5.124955236058765
    Encrypted:false
    SSDEEP:
    MD5:4FDBDE94AD34C45A7D04F7DFE5ED8888
    SHA1:4BCADC7F77F2065822F69193ABF26DF12316FA99
    SHA-256:05FAB4F8D3D1B77088FC32891B0E31819EAC296CEA4F19C455D85267B610396B
    SHA-512:B4C9DA9E1B5B6039E512C3DAAD50FFFF82203FD75323C1D45646F1659FA8BC2B1FB7F8D571C8F96F30F6185387CDB185FD74203A5001A02C781105BC47256B8A
    Malicious:false
    Reputation:unknown
    Preview:{"all":[{"id":"DC_Reader_Disc_LHP_Banner","info":{"dg":"3fa33101e0bd97114698968a04a52b9f","sid":"DC_Reader_Disc_LHP_Banner"},"mimeType":"file","size":1050,"ts":1730207629000},{"id":"DC_Reader_Home_LHP_Trial_Banner","info":{"dg":"fe3a5b1d0c20f327b98a7fea4553cab4","sid":"DC_Reader_Home_LHP_Trial_Banner"},"mimeType":"file","size":1164,"ts":1730207629000},{"id":"DC_Reader_Sign_LHP_Banner","info":{"dg":"73f0db5cb630596d36468ce46cfd24ad","sid":"DC_Reader_Sign_LHP_Banner"},"mimeType":"file","size":1026,"ts":1730207629000},{"id":"DC_Reader_Convert_LHP_Banner","info":{"dg":"c1d5b47c66eeeeca8a7f5e20b11767e2","sid":"DC_Reader_Convert_LHP_Banner"},"mimeType":"file","size":1055,"ts":1730207629000},{"id":"DC_Reader_Edit_LHP_Banner","info":{"dg":"1ebb8fefaaa919c4277c6702d26dc6fe","sid":"DC_Reader_Edit_LHP_Banner"},"mimeType":"file","size":1038,"ts":1730207629000},{"id":"Edit_InApp_Aug2020","info":{"dg":"a8a69766287c994aadb5629187305336","sid":"Edit_InApp_Aug2020"},"mimeType":"file","size":782,"ts":17

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 19, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 19
    Category:dropped
    Size (bytes):12288
    Entropy (8bit):0.9878193156934082
    Encrypted:false
    SSDEEP:
    MD5:CDB9DCA1FCC10BAEB52E2343CE5278BF
    SHA1:FA445CB2F6D55460F8334F5F70E700F52EF91F58
    SHA-256:61ACE8D56717DE16B7EE725A250B3C583C9152FD65C34CC258AA8A9197CBB0A7
    SHA-512:D51EA2D8E68F31C0AA8159F835786F20E6A168D445F9CED179C74A540764B86C24A2BDF732A868BF85EE8FF1077E261CD889B582CCADEF405A83C63369B64835
    Malicious:false
    Reputation:unknown
    Preview:SQLite format 3......@ ..........................................................................c.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:SQLite Rollback Journal
    Category:dropped
    Size (bytes):8720
    Entropy (8bit):1.3454762397904942
    Encrypted:false
    SSDEEP:
    MD5:0815DB0372F11854CCC404426782DA61
    SHA1:791AC8689DE2161117CECF2298E1E4E16B6C5868
    SHA-256:6824C99E7DA160D6CB96F4F0BE8252B25C9D0AFF2D544B12EC62B3EF5C8842CF
    SHA-512:1FF518A6BCB2D01ED566A731437E2A397DF24C5C0148D88E4C374C97066C570FB5DD4B3F3CBF801A98FD4BB643C10D0350A218440C663C3895239A7971B0DC02
    Malicious:false
    Reputation:unknown
    Preview:.... .c.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................j...#..#.#.#.#.#.#.#.#.7.7........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

    C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-29 09-13-45-483.log

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:ASCII text, with very long lines (393)
    Category:dropped
    Size (bytes):16525
    Entropy (8bit):5.353642815103214
    Encrypted:false
    SSDEEP:
    MD5:91F06491552FC977E9E8AF47786EE7C1
    SHA1:8FEB27904897FFCC2BE1A985D479D7F75F11CEFC
    SHA-256:06582F9F48220653B0CB355A53A9B145DA049C536D00095C57FCB3E941BA90BB
    SHA-512:A63E6E0D25B88EBB6602885AB8E91167D37267B24516A11F7492F48876D3DDCAE44FFC386E146F3CF6EB4FA6AF251602143F254687B17FCFE6F00783095C5082
    Malicious:false
    Reputation:unknown
    Preview:SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:072+0200 ThreadID=6404 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:072+0200 ThreadID=6404 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:072+0200 ThreadID=6404 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:073+0200 ThreadID=6404 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:073+0200 ThreadID=6404 Component=ngl-lib_NglAppLib Description="SetConfig:

    C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt

    Download File
    Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
    File Type:ASCII text, with CRLF line terminators
    Category:dropped
    Size (bytes):29752
    Entropy (8bit):5.42400548491163
    Encrypted:false
    SSDEEP:
    MD5:87AD6D8610F14CE4A9CF8A06CB19340A
    SHA1:410D35D7DE9D93EF5C5A644A79D5FAEA3C525627
    SHA-256:83EDAF850EAC1A66788ADFA4DBA4EC64D4699D60BA3A542905D8842050A73EB7
    SHA-512:CCB762C7BF8663AD4F23A61FBCD7FA4C3B97519D5ED80520D3B5D7B4184BF3B39E357BDE136C18CD11526C6717911176AEEAACA12CCB338CDEE22F722A6DB4E6
    Malicious:false
    Reputation:unknown
    Preview:06-10-2023 10:08:42:.---2---..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : ***************************************..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : ***************************************..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : ******** Starting new session ********..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : Starting NGL..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : Setting synchronous launch...06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 ::::: Configuring as AcrobatReader1..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : NGLAppVersion 23.6.20320.6..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : NGLAppMode NGL_INIT..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : AcroCEFPath, NGLCEFWorkflowModulePath - C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1 C:\Program Files\Adobe\Acrobat DC\Acrobat\NGL\cefWorkflow..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : isNGLExternalBrowserDisabled - No..06-10-2023 10:08:42:.Closing File..06-10-

    Static File Info

    General

    File type:PDF document, version 1.4, 1 pages
    Entropy (8bit):7.873880268173497
    TrID:
    • Adobe Portable Document Format (5005/1) 100.00%
    File name:_73244A.pdf
    File size:115'229 bytes
    MD5:94abf8c926274959d49fbe2487e75e08
    SHA1:ecc5a4c36f5d91e1de41bab68d98b08ee2e34ee4
    SHA256:5cb1c57ad6360bdeb1716b5d297616d7b6b724955ef05659fce0548f8c8ca2ac
    SHA512:c65daf8f16b6ded1f0424dd81824e4d80f5d10a012a723c0ec77d03a65a4a8a676b3deba77f305a798bd2024d77def76d0d94a4a213aa09d7239abecd3420e8c
    SSDEEP:3072:QiaIiCkXpsAhRjE0iX/0chx7NMTTFX3bI222m2Q:QvXZsZucLqTTFX3bjF1Q
    TLSH:70B3E06BC845C0C6A24F9BD4FE2C4EA41D458704F6463AB5723D0CEAFDDBD66AD0C219
    File Content Preview:%PDF-1.4..%......%..%wPDF4 by WPCubed GmbH (432), 32bit unicode ..%..%..2 0 obj..<</Type/Metadata/Subtype/XML/Length 1503 >>..stream..<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?>.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="3.1-701">.<rdf:RDF x

    File Icon

    Icon Hash:62cc8caeb29e8ae0

    Static PDF Info

    General

    Header:%PDF-1.4
    Total Entropy:7.873880
    Total Bytes:115229
    Stream Entropy:7.877552
    Stream Bytes:109405
    Entropy outside Streams:4.860749
    Bytes outside Streams:5824
    Number of EOF found:1
    Bytes after EOF:

    Keywords Statistics

    NameCount
    obj18
    endobj18
    stream3
    endstream3
    xref1
    trailer1
    startxref1
    /Page1
    /Encrypt0
    /ObjStm0
    /URI0
    /JS0
    /JavaScript0
    /AA0
    /OpenAction0
    /AcroForm0
    /JBIG2Decode0
    /RichMedia0
    /Launch0
    /EmbeddedFile0

    Image Streams

    IDDHASHMD5Preview
    5868e564965571f0ee2adaf5aba8f4177a889f057c787cd0d