Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Excellence in Digital Banking & Product Development- International Summit 2025.pdf

Overview

General Information

Sample name:Excellence in Digital Banking & Product Development- International Summit 2025.pdf
Analysis ID:1571441
MD5:38dbb5060226bc9040432914b04f1217
SHA1:5f0bfb5eeaa2f20bfda31d3624fc700f1c864266
SHA256:ee6b50340c51e45708c10e8ff5259d3a9b129eb9ae7546093adb727db67e1828

Detection

Score:1
Range:0 - 100
Whitelisted:false
Confidence:60%

Signatures

Potential document exploit detected (performs DNS queries)
Potential document exploit detected (performs HTTP gets)
Potential document exploit detected (unknown TCP traffic)

Classification

Process Tree

  • System is w10x64_ra
  • Acrobat.exe (PID: 2864 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Excellence in Digital Banking & Product Development- International Summit 2025.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)
    • AcroCEF.exe (PID: 6776 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
      • AcroCEF.exe (PID: 6468 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1680 --field-trial-handle=1540,i,13588921467431034322,956796405548050646,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: global trafficDNS query: name: x1.i.lencr.org
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.16:49707
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.16:49707
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.16:49707
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.16:49707
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.16:49707
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.16:49707
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.16:49707
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.16:49707
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.16:49707
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 192.168.2.16:49707 -> 23.47.168.24:443
Source: global trafficTCP traffic: 23.47.168.24:443 -> 192.168.2.16:49707
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownTCP traffic detected without corresponding DNS query: 23.47.168.24
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficDNS traffic detected: DNS query: x1.i.lencr.org
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: classification engineClassification label: clean1.winPDF@17/26@1/64
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-12-09 05-49-04-048.log
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA
Source: unknownProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Excellence in Digital Banking & Product Development- International Summit 2025.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1680 --field-trial-handle=1540,i,13588921467431034322,956796405548050646,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: unknown unknown
Source: unknownProcess created: C:\Windows\System32\msiexec.exe C:\Windows\system32\msiexec.exe /V
Source: C:\Windows\System32\msiexec.exeProcess created: C:\Windows\System32\msiexec.exe C:\Windows\System32\MsiExec.exe -Embedding 8F745F3655241E055FFB5190446DC213
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1680 --field-trial-handle=1540,i,13588921467431034322,956796405548050646,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: Excellence in Digital Banking & Product Development- International Summit 2025.pdfInitial sample: PDF keyword /JS count = 0
Source: Excellence in Digital Banking & Product Development- International Summit 2025.pdfInitial sample: PDF keyword /JavaScript count = 0
Source: Excellence in Digital Banking & Product Development- International Summit 2025.pdfInitial sample: PDF keyword stream count = 216
Source: Excellence in Digital Banking & Product Development- International Summit 2025.pdfInitial sample: PDF keyword /AcroForm count = 2
Source: Excellence in Digital Banking & Product Development- International Summit 2025.pdfInitial sample: PDF keyword /EmbeddedFile count = 0
Source: Excellence in Digital Banking & Product Development- International Summit 2025.pdfInitial sample: PDF keyword /ObjStm count = 10
Source: Excellence in Digital Banking & Product Development- International Summit 2025.pdfInitial sample: PDF keyword endobj count = 235
Source: Excellence in Digital Banking & Product Development- International Summit 2025.pdfInitial sample: PDF keyword endstream count = 216
Source: Excellence in Digital Banking & Product Development- International Summit 2025.pdfInitial sample: PDF keyword obj count = 235
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information queried: ProcessInformation

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts3
Exploitation for Client Execution		Path Interception1
Process Injection		1
Masquerading		OS Credential Dumping1
Process Discovery		Remote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection		LSASS Memory1
System Information Discovery		Remote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
Excellence in Digital Banking & Product Development- International Summit 2025.pdf0%ReversingLabs

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
bg.microsoft.map.fastly.net
199.232.210.172
truefalse
    		high
    x1.i.lencr.org
    		unknown
    		unknownfalse
      		high

      World Map of Contacted IPs

      • No. of IPs < 25%
      • 25% < No. of IPs < 50%
      • 50% < No. of IPs < 75%
      • 75% < No. of IPs

      Public IPs

      IPDomainCountryFlagASNASN NameMalicious
      50.16.47.176
      		unknownUnited States
      		14618AMAZON-AESUSfalse
      23.47.168.24
      		unknownUnited States
      		16625AKAMAI-ASUSfalse
      23.195.39.65
      		unknownUnited States
      		20940AKAMAI-ASN1EUfalse
      199.232.210.172
      		bg.microsoft.map.fastly.netUnited States
      		54113FASTLYUSfalse
      172.64.41.3
      		unknownUnited States
      		13335CLOUDFLARENETUSfalse
      2.18.108.135
      		unknownEuropean Union
      		20940AKAMAI-ASN1EUfalse

      General Information

      Joe Sandbox version:41.0.0 Charoite
      Analysis ID:1571441
      Start date and time:2024-12-09 11:48:15 +01:00
      Joe Sandbox product:CloudBasic
      Overall analysis duration:
      Hypervisor based Inspection enabled:false
      Report type:full
      Cookbook file name:defaultwindowsinteractivecookbook.jbs
      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
      Number of analysed new started processes analysed:9
      Number of new started drivers analysed:0
      Number of existing processes analysed:0
      Number of existing drivers analysed:0
      Number of injected processes analysed:0
      Technologies:
      • EGA enabled
      Analysis Mode:stream
      Analysis stop reason:Timeout
      Sample name:Excellence in Digital Banking & Product Development- International Summit 2025.pdf
      Detection:CLEAN
      Classification:clean1.winPDF@17/26@1/64
      Cookbook Comments:
      • Found application associated with file extension: .pdf

      Warnings

      • Exclude process from analysis (whitelisted): dllhost.exe
      • Excluded IPs from analysis (whitelisted): 20.12.23.50
      • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, sls.update.microsoft.com, fe3cr.delivery.mp.microsoft.com, glb.sls.prod.dcat.dsp.trafficmanager.net
      • Not all processes where analyzed, report is missing behavior information
      • VT rate limit hit for: Excellence in Digital Banking & Product Development- International Summit 2025.pdf

      Created / dropped Files

      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
      File Type:ASCII text
      Category:dropped
      Size (bytes):290
      Entropy (8bit):5.20396373774007
      Encrypted:false
      SSDEEP:
      MD5:93777049CD434C89C61C6B93E7E310C2
      SHA1:C7209924FE1008F7B1B27F2FB7CBB355C15B6295
      SHA-256:3FF3D29ABB9BDDAC2941229BBA578AAA87FA40FBCF0F1985EEC339E42ED51112
      SHA-512:628B8468D2211B2A6AF8488F8956F64E4805A4C97752861CF7457E43302EF0F07E22F58C7E03A1F8520141C237CFC6CC27151E6CC76E62CC69D7CD7B44DCFF4E
      Malicious:false
      Reputation:unknown
      Preview:2024/12/09-05:49:02.456 1948 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/12/09-05:49:02.458 1948 Recovering log #3.2024/12/09-05:49:02.458 1948 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
      File Type:ASCII text
      Category:dropped
      Size (bytes):334
      Entropy (8bit):5.182868965810636
      Encrypted:false
      SSDEEP:
      MD5:D169309CBD59E7E4B566584D04385AFD
      SHA1:46216980DF1D1BE2B797489E8827B6C5252535EB
      SHA-256:8292DECA21C4B693B33A0776F38BF84BD2F6D238BB3D990656E9A8D674EC5489
      SHA-512:5FC2E5623523CDAF44A37D7B08F82AB71B7C7D6DEB10D7600431093CBF63E696E39192C8DEC2984D4B4627F2F26D2EDA903B3A5DBC42953AFF2023633CB0CDBC
      Malicious:false
      Reputation:unknown
      Preview:2024/12/09-05:49:02.372 1970 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/12/09-05:49:02.376 1970 Recovering log #3.2024/12/09-05:49:02.376 1970 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\343691f4-c07e-4c27-a245-e62e1cd8587c.tmp

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
      File Type:JSON data
      Category:dropped
      Size (bytes):403
      Entropy (8bit):4.992857299097882
      Encrypted:false
      SSDEEP:
      MD5:C0DCCFF09CD22A3484112B5F7F1D9AB3
      SHA1:314C2538F862F33F3B8298275BB42823D93ED9E8
      SHA-256:A3CBDF0EFE888BF17C56A8889137A806464137AB4114962B4EB26AC0F81AF00F
      SHA-512:9CC326CA487F6D0408997A0F82DA1C11539A3780ADE3E7B8E18F46F43088F16CB624E348A0680FEB62090AC21510EB90AB0353D42F8190CFF5B4E3232852260B
      Malicious:false
      Reputation:unknown
      Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13378301354185901","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":629207},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.16","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}

      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
      File Type:JSON data
      Category:dropped
      Size (bytes):0
      Entropy (8bit):0.0
      Encrypted:false
      SSDEEP:
      MD5:C0DCCFF09CD22A3484112B5F7F1D9AB3
      SHA1:314C2538F862F33F3B8298275BB42823D93ED9E8
      SHA-256:A3CBDF0EFE888BF17C56A8889137A806464137AB4114962B4EB26AC0F81AF00F
      SHA-512:9CC326CA487F6D0408997A0F82DA1C11539A3780ADE3E7B8E18F46F43088F16CB624E348A0680FEB62090AC21510EB90AB0353D42F8190CFF5B4E3232852260B
      Malicious:false
      Reputation:unknown
      Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13378301354185901","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":629207},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.16","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}

      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
      File Type:data
      Category:dropped
      Size (bytes):4099
      Entropy (8bit):5.230977493267322
      Encrypted:false
      SSDEEP:
      MD5:AC47D93E5A8F30A1D45D0C289AAADAAB
      SHA1:5A6CEC6A7D512EE395AFCD915E7D88B6D84AC434
      SHA-256:2A464C92AF9A64D5479AA721AC8B55A568CC250B3E57FDF57328C811F5F25A39
      SHA-512:5C9F89A5796D803EFBF284142920F012B62F4C6CE3020720CB09D90084CEA93D3C1E402707E6C5927046AE877624065239C8B3EFAD830B2A7799B38E0DF5F6D9
      Malicious:false
      Reputation:unknown
      Preview:*...#................version.1..namespace-e...o................next-map-id.1.Pnamespace-1d95df23_a38f_44a8_b732_4e62dd896a16-https://rna-resource.acrobat.com/.0y.S_r................next-map-id.2.Snamespace-2a884c18_b39c_4e3d_942f_252e530ca4bd-https://rna-v2-resource.acrobat.com/.16.X:r................next-map-id.3.Snamespace-2e78bfda_7188_4688_a4aa_1ff81b6e5eaa-https://rna-v2-resource.acrobat.com/.2.P.@o................next-map-id.4.Pnamespace-09c119c2_97bc_4467_8f67_f92472c9e5dc-https://rna-resource.acrobat.com/.346.+^...............Pnamespace-1d95df23_a38f_44a8_b732_4e62dd896a16-https://rna-resource.acrobat.com/....^...............Pnamespace-09c119c2_97bc_4467_8f67_f92472c9e5dc-https://rna-resource.acrobat.com/..?&a...............Snamespace-2a884c18_b39c_4e3d_942f_252e530ca4bd-https://rna-v2-resource.acrobat.com/_...a...............Snamespace-2e78bfda_7188_4688_a4aa_1ff81b6e5eaa-https://rna-v2-resource.acrobat.com/...o................next-map-id.5.Pnamespace-07af9ee9_2076_4f12_94b5_

      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
      File Type:ASCII text
      Category:dropped
      Size (bytes):322
      Entropy (8bit):5.153700586406069
      Encrypted:false
      SSDEEP:
      MD5:DCEEC3C1DBD161E952ED2E65EDB1A12B
      SHA1:0D67C575E88695EA903EBEE87836A78285253CC2
      SHA-256:CA27C539B2820C4D8F811769739AF007DD9643886BFB11804354A3BBA413ABD7
      SHA-512:50849562BBA299E42C116F0870E0471B3266B549557B062AC90E3483D93C8FFB0353360B763AFCA7C913B8917D0538E466CF5F9CE86F2FBFF8BD4E951DB91E49
      Malicious:false
      Reputation:unknown
      Preview:2024/12/09-05:49:02.490 1970 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/12/09-05:49:02.491 1970 Recovering log #3.2024/12/09-05:49:02.493 1970 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

      C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-241209104905Z-182.bmp

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
      File Type:PC bitmap, Windows 3.x format, 164 x -102 x 32, cbSize 66966, bits offset 54
      Category:dropped
      Size (bytes):66966
      Entropy (8bit):6.512933583000625
      Encrypted:false
      SSDEEP:
      MD5:FE7052A77A9F461CC46FF4FAC284E1B7
      SHA1:BE4030E82CBAE57ABA732A00E067B4B569D1F50E
      SHA-256:E7AC5BC695561FD5A2DBF4EFA86124E68E60B2D7F558E5824A7BC6415998A92A
      SHA-512:44D08F41FD2F225FFDCAE840F3DFACECF0D32AD736B4FC1764B2E1E13E650F817A86A2037D8713F539D22B45431CC3234F83117BAECA522AECAF60C4C36A8197
      Malicious:false
      Reputation:unknown
      Preview:BM........6...(............. ..........................u4..v4..w4..s3..s3..w4..v4..s3..s3..v4..w4..t3..s3..w4..v4..t3..v4..w4..u4..o2..s3..s2..n0..k1..m0..n1..k/..g...i/..h...f...e-..e,..c,.._+..a+..a*..^*..[*..\)..\)..Z(..U'..W(..W)..V)..S*..S*..S*..P*..N+..O+..N+..L+..J,..K,..I,..F+..F-..G,..E,..C,..B,..B-..@,..>+..>,..=,..;,.}:,..9*..8+..6*.}5*..5*..3)..2)..1(..0(../'.y-'.{.'.{-'.w+'.q+&.s*&.s*&.p($.k'%.m&$.k&$.h&$.e$#.e%$.d##._"".]!!.]!!.Z .U !.S...hBR......................................................................~...~...y...z...{...............|...y...y...v...t...v...{...........................................................................................................................w4..v4..r3..u4..w4..v4..q3..v4..v4..r3..u4..w4..u4..r3..v4..w4..v4..r3..s3..u3..r2..n1..n0..p1..j0..k/..l0..k/..f...f...g-..f-..b-..a,..b,..a*..^*..[*..^*..Z)..X(..Z(..X'..U(..T)..U)..T*..S*..P*..O+..O+..M+..K+..L,..K+..I,..G+..H,..F,..D+..E,..C,..B,..?+..>+..?,..=,.~;+..:+..:*.}7*..6*..6

      C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
      File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 2, database pages 14, cookie 0x5, schema 4, UTF-8, version-valid-for 2
      Category:dropped
      Size (bytes):57344
      Entropy (8bit):3.291927920232006
      Encrypted:false
      SSDEEP:
      MD5:A4D5FECEFE05F21D6F81ACF4D9A788CF
      SHA1:1A9AC236C80F2A2809F7DE374072E2FCCA5A775C
      SHA-256:83BE4623D80FFB402FBDEC4125671DF532845A3828A1B378D99BD243A4FD8FF2
      SHA-512:FF106C6B9E1EA4B1F3E3AB01FAEA21BA24A885E63DDF0C36EB0A8C3C89A9430FE676039C076C50D7C46DC4E809F6A7E35A4BFED64D9033FEBD6121AC547AA5E9
      Malicious:false
      Reputation:unknown
      Preview:SQLite format 3......@ ..........................................................................c.......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
      File Type:SQLite Rollback Journal
      Category:dropped
      Size (bytes):16928
      Entropy (8bit):1.2140813012558138
      Encrypted:false
      SSDEEP:
      MD5:FE56294EE8FFFED3C3B21CAE7476641C
      SHA1:DD38F960397A4290FC907F209BB26EAFC78838E4
      SHA-256:DA30F907B5EEB564A42F0D2D8105722EC0D713D1AFB8885962670E7EE1CAED0D
      SHA-512:D4E8A0F1AF15BB514E70C495D7A1BDDA61ABDBD10DBA23AEA09588DA8D3AA0C6B88BB6036482D4B8D1CF5E1D366C242A2D6423AE12E748CAD6A8FBE21040C9B1
      Malicious:false
      Reputation:unknown
      Preview:.... .c.......m.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
      File Type:Certificate, Version=3
      Category:dropped
      Size (bytes):1391
      Entropy (8bit):7.705940075877404
      Encrypted:false
      SSDEEP:
      MD5:0CD2F9E0DA1773E9ED864DA5E370E74E
      SHA1:CABD2A79A1076A31F21D253635CB039D4329A5E8
      SHA-256:96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6
      SHA-512:3B40F27E828323F5B91F8909883A78A21C86551761F27B38029FAAEC14AF5B7AA96FB9F9CC93EE201B5EB1D0FEF17B290747E8B839D2E49A8F36C5EBF3C7C910
      Malicious:false
      Reputation:unknown
      Preview:0..k0..S............@.YDc.c...0...*.H........0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10...150604110438Z..350604110438Z0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10.."0...*.H.............0..........$s..7.+W(.....8..n<.W.x.u...jn..O(..h.lD...c...k....1.!~.3<.H..y.....!.K...qiJffl.~<p..)"......K...~....G.|.H#S.8.O.o...IW..t../.8.{.p!.u.0<.....c...O..K~.....w...{J.L.%.p..)..S$........J.?..aQ.....cq...o[...\4ylv.;.by.../&.....................6....7..6u...r......I.....*.A..v........5/(.l....dwnG7..Y^h..r...A)>Y>.&.$...Z.L@.F....:Qn.;.}r...xY.>Qx....../..>{J.Ks......P.|C.t..t.....0.[q6....00\H..;..}`...).........A.......|.;F.H*..v.v..j.=...8.d..+..(.....B.".'].y...p..N..:..'Qn..d.3CO......B0@0...U...........0...U.......0....0...U......y.Y.{....s.....X..n0...*.H.............U.X....P.....i ')..au\.n...i/..VK..s.Y.!.~.Lq...`.9....!V..P.Y...Y.............b.E.f..|o..;.....'...}~.."......

      C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
      File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
      Category:dropped
      Size (bytes):71954
      Entropy (8bit):7.996617769952133
      Encrypted:true
      SSDEEP:
      MD5:49AEBF8CBD62D92AC215B2923FB1B9F5
      SHA1:1723BE06719828DDA65AD804298D0431F6AFF976
      SHA-256:B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F
      SHA-512:BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B
      Malicious:false
      Reputation:unknown
      Preview:MSCF............,...................I..................XaK .authroot.stl.[.i..6..CK..<Tk......4.cl!Kg..E..*Y.f_..".$mR"$.J.E.KB."..rKv.."{.g....3.W.....c..9.s...=....y6#..x..........D......\(.#.s.!.A.......cd.c........+^.ov...n.....3BL..0.......BPUR&.X..02.q...R...J.....w.....b.vy>....-.&..(..oe."."...J9...0U.6J..|U..S.....M.F8g...=.......p...........l.?3.J.x.G.Ep..$g..tj......)v]9(:.)W.8.Op.1Q..:.nPd........7.7..M].V F..g.....12..!7(...B.......h.RZ.......l.<.....6..Z^.`p?... .p.Gp.#.'.X..........|!.8.....".m.49r?.I...g...8.v.....a``.g.R4.i...J8q....NFW,E.6Y....!.o5%.Y.....R..<..S9....r....WO...(.....F..Q=*....-..7d..O(....-..+k.........K..........{Q....Z..j._.E...QZ.~.\.^......N.9.k..O.}dD.b1r...[}/....T..E..G..c.|.c.&>?..^t. ..;..X.d.E.0G....[Q.*,*......#.Dp..L.o|#syc.J............}G-.ou6.=52..XWi=...m.....^u......c..fc?&pR7S5....I...j.G........j.j..Tc.El.....B.pQ.,Bp....j...9g.. >..s..m#.Nb.o_u.M.V...........\#...v..Mo\sF..s....Y...

      C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
      File Type:data
      Category:dropped
      Size (bytes):192
      Entropy (8bit):2.756901573172974
      Encrypted:false
      SSDEEP:
      MD5:1CD347D596F1DBD148178F59B003FD9A
      SHA1:9B6B29D08164CEC3B4FBBE10EA91A0F4CD3E9D12
      SHA-256:25ED2A55F397A2D0FE11F803B8C9E9E1579D11B7F3BD843A558A390174F33C7A
      SHA-512:3C7482D70462491C0BA3F9E443432B9909C287FD0AEA5D2A7F20CC2A96E6304F2EED1089E54DD6EA68FBF77E9DB9D8C1FD7DD4345B75DA61515653AE477A2920
      Malicious:false
      Reputation:unknown
      Preview:p...... ........}W..'J..(....................................................... ..........W...................o...h.t.t.p.:././.x.1...i...l.e.n.c.r...o.r.g./...".6.4.c.d.6.6.5.4.-.5.6.f."...

      C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
      File Type:data
      Category:modified
      Size (bytes):328
      Entropy (8bit):3.241800306278292
      Encrypted:false
      SSDEEP:
      MD5:DF13B1E94805B2732FD37F9B707602DE
      SHA1:4197313734698B791A1577BB7AB1FF6E64BEF9DD
      SHA-256:1881BEEC2C4D12FC101A2C8D2D70E2B671F0F83EF20AA491FF84992D61800BEA
      SHA-512:9A37C576B5E3385456D6D15E0819C485CB817A2C490203109AED76598B9AF6755DF0B8D53C9A25F2AECF727479220E1FD5F33D30FDF0C1CA4859FC6800EEE784
      Malicious:false
      Reputation:unknown
      Preview:p...... ........S...(J..(....................................................... ........G..@.......&......X........h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".a.7.2.8.2.e.b.4.0.b.1.d.a.1.:.0."...

      C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
      File Type:data
      Category:dropped
      Size (bytes):4
      Entropy (8bit):0.8112781244591328
      Encrypted:false
      SSDEEP:
      MD5:DC84B0D741E5BEAE8070013ADDCC8C28
      SHA1:802F4A6A20CBF157AAF6C4E07E4301578D5936A2
      SHA-256:81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
      SHA-512:65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
      Malicious:false
      Reputation:unknown
      Preview:....

      C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
      File Type:JSON data
      Category:dropped
      Size (bytes):2145
      Entropy (8bit):5.082920106466355
      Encrypted:false
      SSDEEP:
      MD5:8C328E7214ECB5F8E3428BCE82DAD16D
      SHA1:C3B5816EF0FDC4DF2F0F0B32C9CFBD4819A8E543
      SHA-256:A012BF7225E888718010439D29F6F770BE2FC5C9868056F26D78BFD2A52D99BA
      SHA-512:80AB0BC7AFE44DB943F7901E617397DF8B13975C17C67496E6228D270F61F97D75570D1C074BFB26300C38982707C754A2BF95E274A92B2CDDE1ADE1AC1A4DAA
      Malicious:false
      Reputation:unknown
      Preview:{"all":[{"id":"TESTING","info":{"dg":"DG","sid":"TESTING"},"mimeType":"file","size":4,"ts":1733741344000},{"id":"DC_Reader_Home_LHP_Trial_Banner","info":{"dg":"f44756c6e08822e64c0e471a2499e34d","sid":"DC_Reader_Home_LHP_Trial_Banner"},"mimeType":"file","size":295,"ts":1696585148000},{"id":"DC_Reader_Disc_LHP_Banner","info":{"dg":"e8f53b6740aba22a83a1a569cebedbcc","sid":"DC_Reader_Disc_LHP_Banner"},"mimeType":"file","size":1250,"ts":1696585148000},{"id":"DC_FirstMile_Right_Sec_Surface","info":{"dg":"cc1faa6a0c714f2f0c497731f1772fa2","sid":"DC_FirstMile_Right_Sec_Surface"},"mimeType":"file","size":294,"ts":1696585143000},{"id":"DC_Reader_Sign_LHP_Banner","info":{"dg":"ab062dea95f25ef019cc2f5f5f0121d4","sid":"DC_Reader_Sign_LHP_Banner"},"mimeType":"file","size":1250,"ts":1696583346000},{"id":"DC_Reader_Convert_LHP_Banner","info":{"dg":"65580efad4bc88b91040ff50d71bfae9","sid":"DC_Reader_Convert_LHP_Banner"},"mimeType":"file","size":1255,"ts":1696583346000},{"id":"DC_Reader_Edit_LHP_Banner"

      C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
      File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 19, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 19
      Category:dropped
      Size (bytes):12288
      Entropy (8bit):0.9869965536721464
      Encrypted:false
      SSDEEP:
      MD5:1CAA9C13493DBA3D59977C62F90FA83C
      SHA1:F3F0E19D20AF95644D1381C88DC4FA1E138F72E9
      SHA-256:DBF52705DE95F7FEBF20A567BB54853FD995FE44C52A88B0BFFE5945FDA72987
      SHA-512:5880DB30D899EC04D97DD7EC4F4539A584EAFD9BC19889C7A605270807EBB6077CAA15644954105E38CB8261319D575D535FA6B61EE310D20AC058F4F762AEBA
      Malicious:false
      Reputation:unknown
      Preview:SQLite format 3......@ ..........................................................................c.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
      File Type:SQLite Rollback Journal
      Category:dropped
      Size (bytes):8720
      Entropy (8bit):1.3431281654646798
      Encrypted:false
      SSDEEP:
      MD5:71071993F102EA5F1C61B81142181D4F
      SHA1:67100276AACA74C60580131A3BC899CE3A08D445
      SHA-256:70E750C146AC79529FA9813552B795906F2C2447EE27558BE198D6730896D1C9
      SHA-512:20BE1EA7EC7D6C44E4E26B47BE5CA3556A158FF7A70A427D4E5987597752400E2A4F778B2AF302A373A78184C23187A1F267CCDEC5C1B850F91F8D72FD259368
      Malicious:false
      Reputation:unknown
      Preview:.... .c......E........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................j...#..#.#.#.#.#.#.#.#.7.7........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache64.bin

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
      File Type:data
      Category:dropped
      Size (bytes):66726
      Entropy (8bit):5.392739213842091
      Encrypted:false
      SSDEEP:
      MD5:ABAB633772A35362DF6537828D5D04D7
      SHA1:9BBCAE0141B27E9E9BCE81E0CA30800AE271487A
      SHA-256:5FD820DAD42208328EE57E1D4275BD0666992067C5B51D63D160736D27BD5242
      SHA-512:702F27A52748C0AF7B1A5B28605117B4AE70E844C5478C20AB35EEAD5C4600D78C0C9DADC64D0D86D0E5FA8F57D9BC57C21D3571FF840E8A2DBEEB864C7605F2
      Malicious:false
      Reputation:unknown
      Preview:4.397.90.FID.2:o:..........:F:AgencyFB-Reg.P:Agency FB.L:$.........................."F:Agency FB.#.96.FID.2:o:..........:F:AgencyFB-Bold.P:Agency FB Bold.L:%.........................."F:Agency FB.#.84.FID.2:o:..........:F:Algerian.P:Algerian.L:$..........................RF:Algerian.#.95.FID.2:o:..........:F:ArialNarrow.P:Arial Narrow.L:$.........................."F:Arial Narrow.#.109.FID.2:o:..........:F:ArialNarrow-Italic.P:Arial Narrow Italic.L:$.........................."F:Arial Narrow.#.105.FID.2:o:..........:F:ArialNarrow-Bold.P:Arial Narrow Bold.L:%.........................."F:Arial Narrow.#.118.FID.2:o:..........:F:ArialNarrow-BoldItalic.P:Arial Narrow Bold Italic.L:%.........................."F:Arial Narrow.#.77.FID.2:o:..........:F:ArialMT.P:Arial.L:$.........................."F:Arial.#.91.FID.2:o:..........:F:Arial-ItalicMT.P:Arial Italic.L:$.........................."F:Arial.#.87.FID.2:o:..........:F:Arial-BoldMT.P:Arial Bold.L:$.........................."F:Arial.#.100.FID.2

      C:\Users\user\AppData\Local\Temp\MSIe4921.LOG

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
      File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
      Category:dropped
      Size (bytes):246
      Entropy (8bit):3.5197430193686525
      Encrypted:false
      SSDEEP:
      MD5:8D0AF31B0D6F91B71E823C39312B86B2
      SHA1:3EF80365C658E5AA869A28D3476F09FB79744200
      SHA-256:0BF25AB907B159CD895C728F4FFE5EAC52B3FE4E91CDB6CC832A2E1E018D47E1
      SHA-512:7F1135FEF0AE20F31AAD35AAB3CEE1741BE68AEE7A070F6D09E2486DE1964815474930361024974DCA3B7FFBC0A3B07F04C33214001A2DB1DB1BD6A44BFBF53B
      Malicious:false
      Reputation:unknown
      Preview:..E.r.r.o.r. .2.7.1.1...T.h.e. .s.p.e.c.i.f.i.e.d. .F.e.a.t.u.r.e. .n.a.m.e. .(.'.A.R.M.'.). .n.o.t. .f.o.u.n.d. .i.n. .F.e.a.t.u.r.e. .t.a.b.l.e.......=.=.=. .L.o.g.g.i.n.g. .s.t.o.p.p.e.d.:. .0.9./.1.2./.2.0.2.4. . .0.5.:.4.9.:.0.9. .=.=.=.....

      C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-12-09 05-49-04-048.log

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
      File Type:ASCII text, with very long lines (393)
      Category:dropped
      Size (bytes):16525
      Entropy (8bit):5.353642815103214
      Encrypted:false
      SSDEEP:
      MD5:91F06491552FC977E9E8AF47786EE7C1
      SHA1:8FEB27904897FFCC2BE1A985D479D7F75F11CEFC
      SHA-256:06582F9F48220653B0CB355A53A9B145DA049C536D00095C57FCB3E941BA90BB
      SHA-512:A63E6E0D25B88EBB6602885AB8E91167D37267B24516A11F7492F48876D3DDCAE44FFC386E146F3CF6EB4FA6AF251602143F254687B17FCFE6F00783095C5082
      Malicious:false
      Reputation:unknown
      Preview:SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:072+0200 ThreadID=6404 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:072+0200 ThreadID=6404 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:072+0200 ThreadID=6404 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:073+0200 ThreadID=6404 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:073+0200 ThreadID=6404 Component=ngl-lib_NglAppLib Description="SetConfig:

      C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
      File Type:ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):29752
      Entropy (8bit):5.4218635929369325
      Encrypted:false
      SSDEEP:
      MD5:388C1B658339E65B5D30DBAA1FA9ED98
      SHA1:E3109419235617610F1E8C4D5E1BE845B9154539
      SHA-256:7CF25C6420D910C9F45BBFF80BE8B53215C8B9156B6514EC129F758B071F9D0C
      SHA-512:82062EC6CA0B6B680F55427E9790B2668484DB13F13EC23E2E84AFFF6491DF609BEE8575BCAEC7EAF0CF81BFD3D1AF98496B6CBDDCEBD96BC455FFEB56FE7852
      Malicious:false
      Reputation:unknown
      Preview:06-10-2023 10:08:42:.---2---..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : ***************************************..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : ***************************************..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : ******** Starting new session ********..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : Starting NGL..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : Setting synchronous launch...06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 ::::: Configuring as AcrobatReader1..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : NGLAppVersion 23.6.20320.6..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : NGLAppMode NGL_INIT..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : AcroCEFPath, NGLCEFWorkflowModulePath - C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1 C:\Program Files\Adobe\Acrobat DC\Acrobat\NGL\cefWorkflow..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : isNGLExternalBrowserDisabled - No..06-10-2023 10:08:42:.Closing File..06-10-

      C:\Users\user\AppData\Local\Temp\acrocef_low\04b487f6-4ea2-44e1-b1d8-7066a80e340a.tmp

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
      File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
      Category:dropped
      Size (bytes):758601
      Entropy (8bit):7.98639316555857
      Encrypted:false
      SSDEEP:
      MD5:3A49135134665364308390AC398006F1
      SHA1:28EF4CE5690BF8A9E048AF7D30688120DAC6F126
      SHA-256:D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B
      SHA-512:BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5
      Malicious:false
      Reputation:unknown
      Preview:...........kWT..0...W`.........b..@..nn........5.._..I.R3I..9g.x....s.\+.J......F...P......V]u......t....jK...C.fD..]..K....;......y._.U..}......S.........7...Q.............W.D..S.....y......%..=.....e..^.RG......L..].T.9.y.zqm.Q]..y..(......Q]..~~..}..q...@.T..xI.B.L.a.6...{..W..}.mK?u...5.#.{...n...........z....m^.6!.`.....u...eFa........N....o..hA-..s.N..B.q..{..z.{=..va4_`5Z........3.uG.n...+...t...z.M."2..x.-...DF..VtK.....o]b.Fp.>........c....,..t..an[............5.1.(}..q.q......K3.....[>..;e..f.Y.........mV.cL...]eF..7.e.<.._.o\.S..Z...`..}......>@......|.......ox.........h.......o....-Yj=.s.g.Cc\.i..\..A.B>.X..8`...P......[..O...-.g...r..u\...k..7..#E....N}...8.....(..0....w....j.......>.L....H.....y.x3...[>..t......0..z.qw..]X..i8..w.b..?0.wp..XH.A.[.....S..g.g..I.A.15.0?._n.Q.]..r8.....l..18...(.].m...!|G.1...... .3.`./....`~......G.............|..pS.e.C....:o.u_..oi.:..|....joi...eM.m.K...2%...Z..j...VUh..9.}.....

      C:\Users\user\AppData\Local\Temp\acrocef_low\3d0c6d7a-4757-410b-8fd9-8da20a626bd8.tmp

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
      File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
      Category:dropped
      Size (bytes):1419751
      Entropy (8bit):7.976496077007677
      Encrypted:false
      SSDEEP:
      MD5:BE0B75D7B096B44CBB2A7F9140209151
      SHA1:FCE18CAA51DF1C9E5FA036FF1D1267212A48AAC2
      SHA-256:A571984DB01CF39DA8A828152CDEC864004CB56158C4BF6DFC2888A32A54B0E9
      SHA-512:7090CCAE1C6724F611C54A96D28016FB17E64FA8C9E71EB0A0C8E9034750565068FA279BD2F8FB02A17DC3FC89763D531EEFF4777836E9FDF018ED6BE184E5F3
      Malicious:false
      Reputation:unknown
      Preview:...........}.s.H....W`E.........M9h...q..p......%..!q.p....~..2......DlWtW!)?_.|....?..?.s.w1.i..G...h6.]..y...p..m.b..N..rr..F..Xc...l.4.."..Q.... hL.p......s...x6..:.....x.~.6.Q..~......~b7..k.l......Yc.G[....hY3...C..n..|.'6......i4f...,.."...O.b...x..,..jgc..bTn....,u.F..0......V.K,u..p....X.wAap...+.G..v....i.z...E.Rj8.a.r..<@.q.'...!.4..]...|..3...-.2...`...4..i...w......$0D.....i./a......Z.]..e.mj..c}.?.....o......c...W..+....c...W...?8...n.......U..7..O........@....'...^.z..=.m....o.o<..~....... ...C{......w.m.h.-Q...6.(..uk/w!...Z..n.....p.U........T^w..[....1l...../i......0..1U|}../xS}.q..B|.......h>....S....g...A.s6.=.&....~.\.......-N.p...._.xex.....}.r..q$..<.S;l=. ..P..55;....[.}.T......d.p..vd'vl.].DN..o...................D...].......I}.t...D`?..n.A.zT..:@.`S5.K..,R....h...XzT....F..Xt...R...+N.....ee...P...F+C.....dq...r..5..aP.zY....c.f/..Pn...:f.>.Z..s.+.......7...O.C.#..6.....=.K.5{.%6,..Z.....DqZ.4....g-%.p..n...\

      C:\Users\user\AppData\Local\Temp\acrocef_low\8d918156-2e8f-4904-81f3-4ed3927630ad.tmp

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
      File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
      Category:dropped
      Size (bytes):386528
      Entropy (8bit):7.9736851559892425
      Encrypted:false
      SSDEEP:
      MD5:5C48B0AD2FEF800949466AE872E1F1E2
      SHA1:337D617AE142815EDDACB48484628C1F16692A2F
      SHA-256:F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE
      SHA-512:44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324
      Malicious:false
      Reputation:unknown
      Preview:...........]s[G. Z...{....;...J$%K&..%.[..k...S....$,.`. )Z..m........a.......o..7.VfV...S..HY}Ba.<.NUVVV~W.].;qG4..b,N..#1.=1.#1..o.Fb.........IC.....Z...g_~.OO.l..g.uO...bY.,[..o.s.D<..W....w....?$4..+..%.[.?..h.w<.T.9.vM.!..h0......}..H..$[...lq,....>..K.)=..s.{.g.O...S9".....Q...#...+..)>=.....|6......<4W.'.U.j$....+..=9...l.....S..<.\.k.'....{.1<.?..<..uk.v;.7n.!...g....."P..4.U........c.KC..w._G..u..g./.g....{'^.-|..h#.g.\.PO.|...]x..Kf4..s..............+.Y.....@.K....zI..X......6e?[..u.g"{..h.vKbM<.?i6{%.q)i...v..<P8P3.......CW.fwd...{:@h...;........5..@.C.j.....a.. U.5...].$.L..wW....z...v.......".M.?c.......o..}.a.9..A..%V..o.d....'..|m.WC.....|.....e.[W.p.8...rm....^..x'......5!...|......z..#......X_..Gl..c..R..`...*.s-1f..]x......f...g...k........g....... ).3.B..{"4...!r....v+As...Zn.]K{.8[..M.r.Y..........+%...]...J}f]~}_..K....;.Z.[..V.&..g...>...{F..{I..@~.^.|P..G.R>....U..../HY...(.z.<.~.9OW.Sxo.Y

      C:\Users\user\AppData\Local\Temp\acrocef_low\be5649ab-e552-438a-a2f6-13bdc6852174.tmp

      Download File
      Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
      File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
      Category:dropped
      Size (bytes):1407294
      Entropy (8bit):7.97605879016224
      Encrypted:false
      SSDEEP:
      MD5:A0CFC77914D9BFBDD8BC1B1154A7B364
      SHA1:54962BFDF3797C95DC2A4C8B29E873743811AD30
      SHA-256:81E45F94FE27B1D7D61DBC0DAFC005A1816D238D594B443BF4F0EE3241FB9685
      SHA-512:74A8F6D96E004B8AFB4B635C0150355CEF5D7127972EA90683900B60560AA9C7F8DE780D1D5A4A944AF92B63C69F80DCDE09249AB99696932F1955F9EED443BE
      Malicious:false
      Reputation:unknown
      Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

      Static File Info

      General

      File type:PDF document, version 1.7
      Entropy (8bit):7.970596459489748
      TrID:
      • Adobe Portable Document Format (5005/1) 100.00%
      File name:Excellence in Digital Banking & Product Development- International Summit 2025.pdf
      File size:780'892 bytes
      MD5:38dbb5060226bc9040432914b04f1217
      SHA1:5f0bfb5eeaa2f20bfda31d3624fc700f1c864266
      SHA256:ee6b50340c51e45708c10e8ff5259d3a9b129eb9ae7546093adb727db67e1828
      SHA512:e46998554e0061d0bf8e5a2e560c96840c57ba42cf3ec3bb46bf4e7511127d03188731d5852a12818fe50659ba82f84bb566c6d7af262acf59bb67ca5b81af8c
      SSDEEP:12288:rL2vaFyZQ82GEI1QHIWeBNUvublkmSTInXIkNsB6kR4BC4KdCCNH67GHBsO:f2vadG12grUvKkfTIBGQkRy3C2Y
      TLSH:30F4127C717D801EC4C28EE1FB0D36D2098D62E35C6D156239AD89C9374ECA5F12AAF9
      File Content Preview:%PDF-1.7.%.....29 0 obj.<<./BitsPerComponent 8./ColorSpace /DeviceGray./Height 705./Intent /RelativeColorimetric./Name /X./Subtype /Image./Type /XObject./Width 564./Filter [/FlateDecode /DCTDecode]./DecodeParms [null <<./Quality 65.>>]./Length 353.>>.stre

      File Icon

      Icon Hash:62cc8caeb29e8ae0

      Static PDF Info

      General

      Header:%PDF-1.7
      Total Entropy:7.970596
      Total Bytes:780892
      Stream Entropy:7.997191
      Stream Bytes:728867
      Entropy outside Streams:5.231459
      Bytes outside Streams:52025
      Number of EOF found:2
      Bytes after EOF:

      Keywords Statistics

      NameCount
      obj235
      endobj235
      stream216
      endstream216
      xref0
      trailer0
      startxref2
      /Page0
      /Encrypt0
      /ObjStm10
      /URI0
      /JS0
      /JavaScript0
      /AA0
      /OpenAction0
      /AcroForm2
      /JBIG2Decode0
      /RichMedia0
      /Launch0
      /EmbeddedFile0

      Image Streams

      IDDHASHMD5Preview
      679000b4d418800800fbecdf9edbdbb8bc398efcea3e013bd7
      690000000000000000ff3af1f5c6bbea5b60b3452980ba7539
      194b2706970b170c0b300409f20f76fe52dec8cccae987000f5
      288918489d7d4909000901bc34480b2cfd1b84caca3628b7c5a
      344b22f193333630bb23fb6b50fa5bf6ce2baebdbc9ef4811af