Windows
Analysis Report
Liftone ..pdf
Overview
General Information
Detection
Score: | 56 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64_ra
- Acrobat.exe (PID: 6564 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\L iftone ..p df" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) - AcroCEF.exe (PID: 6332 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 6652 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=22 48 --field -trial-han dle=1544,i ,124129682 6629441675 ,870163600 650370802, 131072 --d isable-fea tures=Back ForwardCac he,Calcula teNativeWi nOcclusion ,WinUseBro wserSpellC hecker /pr efetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - chrome.exe (PID: 8176 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t https:// roads.dent istsinchat tanoogaten nessee.com /signedbox / MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7360 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =1908 --fi eld-trial- handle=191 2,i,329899 8996130585 35,1190710 9387911769 218,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
Click to jump to signature section
Phishing |
---|
Source: | Page Title: | ||
Source: | Page Title: |
Source: | File source: | ||
Source: | File source: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | ML Model on OCR Text: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: |
Source: | Memory has grown: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Initial sample: |
Source: | File created: |
Source: | File created: |
Source: | Key opened: |
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: |
Source: | Window detected: |
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | Initial sample: |
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: |
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: |
Source: | Process information queried: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 1 Spearphishing Link | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 Process Discovery | Remote Services | Data from Local System | 2 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | 1 System Information Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 1 Extra Window Memory Injection | 1 Extra Window Memory Injection | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 2 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
part-0013.t-0009.t-msedge.net | 13.107.213.41 | true | false | unknown | |
a.nel.cloudflare.com | 35.190.80.1 | true | false | high | |
dashboard.spamfather.com | 172.67.172.36 | true | false | unknown | |
code.jquery.com | 151.101.194.137 | true | false | high | |
cdnjs.cloudflare.com | 104.17.24.14 | true | false | high | |
maxcdn.bootstrapcdn.com | 104.18.11.207 | true | false | high | |
www.google.com | 172.253.124.99 | true | false | high | |
part-0042.t-0009.t-msedge.net | 13.107.246.70 | true | false | unknown | |
use.fontawesome.com | unknown | unknown | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
104.21.47.193 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
162.159.61.3 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
13.107.213.41 | part-0013.t-0009.t-msedge.net | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
142.250.9.95 | unknown | United States | 15169 | GOOGLEUS | false | |
172.67.167.250 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
64.233.185.84 | unknown | United States | 15169 | GOOGLEUS | false | |
142.251.15.95 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.9.94 | unknown | United States | 15169 | GOOGLEUS | false | |
151.101.194.137 | code.jquery.com | United States | 54113 | FASTLYUS | false | |
35.190.80.1 | a.nel.cloudflare.com | United States | 15169 | GOOGLEUS | false | |
23.36.68.10 | unknown | United States | 16625 | AKAMAI-ASUS | false | |
107.22.247.231 | unknown | United States | 14618 | AMAZON-AESUS | false | |
184.25.164.138 | unknown | United States | 9498 | BBIL-APBHARTIAirtelLtdIN | false | |
104.17.24.14 | cdnjs.cloudflare.com | United States | 13335 | CLOUDFLARENETUS | false | |
172.217.215.113 | unknown | United States | 15169 | GOOGLEUS | false | |
172.253.124.99 | www.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.105.94 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.105.95 | unknown | United States | 15169 | GOOGLEUS | false | |
13.107.246.70 | part-0042.t-0009.t-msedge.net | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
104.18.11.207 | maxcdn.bootstrapcdn.com | United States | 13335 | CLOUDFLARENETUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
104.21.27.152 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
172.67.172.36 | dashboard.spamfather.com | United States | 13335 | CLOUDFLARENETUS | false | |
104.21.74.57 | unknown | United States | 13335 | CLOUDFLARENETUS | false |
IP |
---|
192.168.2.16 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1428249 |
Start date and time: | 2024-04-18 18:16:31 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 20 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | stream |
Analysis stop reason: | Timeout |
Sample name: | Liftone ..pdf |
Detection: | MAL |
Classification: | mal56.phis.winPDF@31/58@16/188 |
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe
- Excluded IPs from analysis (whitelisted): 23.36.68.10, 107.22.247.231, 18.207.85.246, 34.193.227.236, 54.144.73.197, 162.159.61.3, 172.64.41.3
- Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, fs.microsoft.com, slscr.update.microsoft.com, ssl-delivery.adobe.com.edgekey.net, p13n.adobe.io, geo2.adobe.com, fe3cr.delivery.mp.microsoft.com
- Not all processes where analyzed, report is missing behavior information
- VT rate limit hit for: Liftone ..pdf
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 290 |
Entropy (8bit): | 5.193906217137377 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4783FFEB2A7AE4F552636D25CF47F394 |
SHA1: | EDCF2560C389C9BDC3AD26CCDD2879FC5D8090A5 |
SHA-256: | 16E5C3337FFC70AEFBE04A7429B5B67F49F0F2B92ADD8EB23811E49AFB634B05 |
SHA-512: | 4658440D6200BCD217CB2750AAD40B64258E0FD8F0CD32D678FF05D94D7FDB0BCE186E58A4FA4ADC8B35E2B8C5EC8EBB6D936DFE4F8AF007507E71A22A2DBD0C |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 334 |
Entropy (8bit): | 5.161684648259099 |
Encrypted: | false |
SSDEEP: | |
MD5: | 7D90EC8A88B860836F28845CA7EC13BA |
SHA1: | 76548DD0529502B8A3EABA725BE2249C3D98DE7A |
SHA-256: | BD790418593513A5CA46651EC61C956B905B4F7C9368CB05151824888309C73E |
SHA-512: | 6C689601AAD82914433EAEEB905B9B7F65F6FE01813E1E2F23E54AF013B88D1171C9E88AA18EDD2E4CE1DAEE9E4D5A41909A5435096114AB7D0405FDFFBA14C2 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\3fcf2670-2d7a-48f8-b35e-7e53356ee444.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 403 |
Entropy (8bit): | 4.983692302786362 |
Encrypted: | false |
SSDEEP: | |
MD5: | 99F60F872E7776ED390D9BF72A92917A |
SHA1: | D25E06FB8CD7B6CB9F6643FAF6652AA62F10E182 |
SHA-256: | F2EB62F245701C0D5687B27D30A5ECB21762DC67A2DA2AECDE6509227BF2EF69 |
SHA-512: | CBA62BDCF561DE2EF0DCD860209C124869373A71ADE068D45B960284733263D4D9A9826AC0BAEF57849687A5E9E84E1427CC063C2C357D7061F35198064D0160 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\81981eb1-134a-47a6-b15d-e3656fd94179.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 403 |
Entropy (8bit): | 4.953858338552356 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4C313FE514B5F4E7E89329630909F8DC |
SHA1: | 916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56 |
SHA-256: | 1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873 |
SHA-512: | 1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4C313FE514B5F4E7E89329630909F8DC |
SHA1: | 916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56 |
SHA-256: | 1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873 |
SHA-512: | 1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State~RF47b721.TMP (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4C313FE514B5F4E7E89329630909F8DC |
SHA1: | 916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56 |
SHA-256: | 1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873 |
SHA-512: | 1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4099 |
Entropy (8bit): | 5.224265483456842 |
Encrypted: | false |
SSDEEP: | |
MD5: | 8056F0411F9BC2D9EAA324BA4D2E7087 |
SHA1: | 7F4765EFDC5A8D8117CB03A4E4A929FC9B858E5A |
SHA-256: | 0B79B7310C9AFAC6D88BA4F260565C5D08F881E96C69DF1BDA8FAC369E4544DB |
SHA-512: | 560B05EC711B4D1DBBBBEAA21FA8EB09A28F4985E418C8695E442F812000F8011FEF4DDA838CA37DC9A0035FDE045D1892B5D687F012124CDD07584D0818DA73 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 322 |
Entropy (8bit): | 5.161794513344343 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4357F2779AC08B3F9FA552144E8E69D4 |
SHA1: | A739A1928F4747A798512CA2189072963CA3FB3C |
SHA-256: | 7D3C3C07A96B0C24314295E560A734075B29D22C5DDC91E5300DDDF621CEBF4E |
SHA-512: | 1CB4A231AA319F421095C2F07B9D5914A0D003EE9D6A302497A7EBDAE1CC867BBF505C45DB8BE02A22F42C10E6D94F122639931DD5867E2E52A0FA2EC14CEFA1 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240418161708Z-163.bmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71190 |
Entropy (8bit): | 1.26907083035639 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3B56FF93BBF148C3CA52F9B26F9B866F |
SHA1: | 23E85C5D21B3C28BF999359954E2D294C87EF981 |
SHA-256: | DE3A12FA87B4204A1725D81065804E1C425CF28A143FE3AC67432B53C9B172E0 |
SHA-512: | 490629F8C50ED37B1F352AFAD95E5A4970A394D9602F84EA541B611AC3F1E251DAA033387910A49DA4CCC2D790A8E67580399B0356D457CCD63E27869E28D245 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 57344 |
Entropy (8bit): | 3.291927920232006 |
Encrypted: | false |
SSDEEP: | |
MD5: | A4D5FECEFE05F21D6F81ACF4D9A788CF |
SHA1: | 1A9AC236C80F2A2809F7DE374072E2FCCA5A775C |
SHA-256: | 83BE4623D80FFB402FBDEC4125671DF532845A3828A1B378D99BD243A4FD8FF2 |
SHA-512: | FF106C6B9E1EA4B1F3E3AB01FAEA21BA24A885E63DDF0C36EB0A8C3C89A9430FE676039C076C50D7C46DC4E809F6A7E35A4BFED64D9033FEBD6121AC547AA5E9 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16928 |
Entropy (8bit): | 1.2152251553610804 |
Encrypted: | false |
SSDEEP: | |
MD5: | E49864340E53046178278D607E80E7F6 |
SHA1: | 3BAA19F1B0D2A3C88F223DD4B1E05CD60C03EBDD |
SHA-256: | E7E41E59E2BE900445D884597B82915C41A8981AEAF6B91C65CBB0E799FAD699 |
SHA-512: | 349D19B794419546C4970ED4AB660DF8311B0B718944D7759E5CF943DA342DE64A569077A81130478D978A73219E51C5D9DBBDBB674B50FD873010F2644FBEE5 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.362519164069989 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4FDD9B2CC6805110E51FABE4628133C0 |
SHA1: | C933C1672D532055649C22A321CEAF97EACB819E |
SHA-256: | C4E817FC67C8862FB4712D4CBDE40D0CD72B6C87244C82CCAB78BE50526E195B |
SHA-512: | C16E1048EE76790E8FC5C2BFB4CD6F26A5D0DC4E42FC3037928502F89825A585FFF8B4E9D94052675D6ABBF36891FBD8C4A58EC8239D520B5042530DFAACB43C |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.309933313540795 |
Encrypted: | false |
SSDEEP: | |
MD5: | 083E2ADB9BE6623D8D165D02F2B9E924 |
SHA1: | C6D261D4F745883132D875BA76CFEB5E60DD1726 |
SHA-256: | 400865BA260162495B7C87D5D8D0B31885D2B1E519FE0E855788D6DFAEBBD1F8 |
SHA-512: | 807510DAC8DC14750A718901D5BDF46CEBDECBE128B3563104E4F0A0B8E61F64ED2500FDB39D331831A1FC61A9DA19216409E9E05D41051243878DE08F35097C |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.289201107455465 |
Encrypted: | false |
SSDEEP: | |
MD5: | F5D3A40B46BDB2ED44CF5F80C2DD8834 |
SHA1: | 4AE2497249FAC265E313F25D0762515F4C206211 |
SHA-256: | 062D2B97987ECC2763CFC4078875CB3E3A502E2EB0863C61FBF0A0935BBBB149 |
SHA-512: | AE62F78A2BD95CBA6164FB8B3F43658B866FC08325FB10CD432851D04C46485209C0F90BEAC04CF7A28CB1AAFCB0FAAF96B1FD9FE8E5370F02BBB7F2D2F1E561 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.350869730977749 |
Encrypted: | false |
SSDEEP: | |
MD5: | 54C0FCA89732624971E339D1B25B7370 |
SHA1: | C604ECB3635E18DDE897DA59E4B1968DD5255BE8 |
SHA-256: | 32077FDD64400FADCD48A87A19127DED484A686C4EC77D8F8D174B2646791757 |
SHA-512: | 10BB595874A174D48174C57C89392555609FF5590F2B5CDC7DECF5E8BFCAA092F1D01621F55CD740EA5798253F502FDFC88A1F8C561C234925194DAC6C56542D |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.31041957509964 |
Encrypted: | false |
SSDEEP: | |
MD5: | BA6A53D334D5873F6EC7EA1D0DFCD821 |
SHA1: | CD003D2842F050BE3D6092321F27F79919888B1A |
SHA-256: | A5A7FDC01B8DDDD93B10033976AABC12194E3F83764AC9693501762FF05334F3 |
SHA-512: | 641DA90159A41EA32220776BF41E29894C922C3ECB165136A5486F02E1D2CCE8033B73683E8EE6FDAE31D0360FD68968BF62399E001AD206F118FD39419EC2CB |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.298087870155144 |
Encrypted: | false |
SSDEEP: | |
MD5: | 25830B912E8CC9DEF8CD5F43119BC6FE |
SHA1: | 855B1C1179F159A8920B2FBD0B1B471400D79F0C |
SHA-256: | 1A9FDD3E617D0B1B3C9B229146D3644DC727C19085169941C7BA5B9B6F5B23D3 |
SHA-512: | 777A8A0FAE1B48A8B9E7AFFE9338096DE456DF08BE795461CD6B895B8121476445FDA7BD02E229552DE6748D69A7E06EC535CF383C546DD3E72551D62CEA18AC |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.300775940134354 |
Encrypted: | false |
SSDEEP: | |
MD5: | 50C11E38F2597C92B9C9F50457C5A694 |
SHA1: | 139B0A29E0B25864CF39E6D2A80F74C88C976014 |
SHA-256: | A3636A783F356E62354A37E5FBDC54C5AA8CC3AA6ACD6722908D81EF7597971F |
SHA-512: | EAA5898EA599BA0694B551ED228EF6D08EB326A12C92387C64962DE366654CED7D3E6D02739389AD6F1CFE3707568EEA93D3D71CA9001741AB3772F592DD3490 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.307896086168297 |
Encrypted: | false |
SSDEEP: | |
MD5: | ED0262883E52B01BFDB570369227F425 |
SHA1: | 4C272D1C09757171D703823BC9C9D1BA3D0F146A |
SHA-256: | 150FE0B9A1F748A302EDB93BAF70460FAF214C08B7D69FD06F19D9F0F8EFAD50 |
SHA-512: | A6A9D86B635125556242B83AF45166FDEA83605228243DC96D2F8781B429FA196EAF4371C1AE2AE4E7E60130024EE01EEC13B93E63A07A6BA81B3FBCB44F9887 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1372 |
Entropy (8bit): | 5.737697831008116 |
Encrypted: | false |
SSDEEP: | |
MD5: | CE2C94A688C2BAB25B39905D0B259DAD |
SHA1: | 7F97DE18ACCB6091AFC6B0B0397F4C95C82088E7 |
SHA-256: | 83C6A8308002FB77AA886270660F976D386BD582C33DDF6F609CBBA2257408CF |
SHA-512: | C05B7570B2551E1B1ACE8FDC8E3EECC98F7A6FAA6D79B5E348AA6EE7A9EDF13668528FB41D6CF04EE2C64BFCFF69F79C7EA534A74A3CE86E9DC5AB4D06CA05D3 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.303601035717579 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4053F03E968E801E365014682D1D77A8 |
SHA1: | 01AEBE22D9C1D30983F21665BC18DA0BC623AA8D |
SHA-256: | D153CC0F39B3AF32E2936F8E9EEAD62C0C92B3E2B96EEF18152EACC4142E9E2F |
SHA-512: | 474500571D5B09FEF5910759D2A42034A90F30BA268A1D07BC23BF0658B202063DAF1577A3194AE69AF8D3975311A656D43BF639C66AFF51BBB0E57C751B578A |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1395 |
Entropy (8bit): | 5.77117215212348 |
Encrypted: | false |
SSDEEP: | |
MD5: | 683887C9B0987E8F78EE87D497A35DC1 |
SHA1: | 17DF5867F59D581CE909D0BDE0CF9D8503A40CA0 |
SHA-256: | C210B194B1CE6BB8DCB48B810D8D6351E62772D05FDC1A299D2FFE02FB594CE6 |
SHA-512: | C7C9FF306494471F64D3D922EB2D34E1172BBB452873BFD44FE08BED9060BD575DAFA70CA0304BBB6D192377695B4AAB602EB105E80678500ED1055CD7F150A3 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.287123384005067 |
Encrypted: | false |
SSDEEP: | |
MD5: | 1A61EE420518C37D45B56348795EA4F0 |
SHA1: | 0BD536B19B9897AEA0F7E8CAB57A84E89B5C615F |
SHA-256: | 614C09CB1587A26C9F9306C5CDFFCEA27299B91610E5D09E4A85681FBFAF29F2 |
SHA-512: | 89AC2869DD7D75D04B813C2A0B4A0C56E71FF8F01F9E1E29D7F5F29E7DE3CA3129EE4F5DE9F5D2ACA2DE7A219A189480F640C10A004B0B1E13E5A5EFB5005A89 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.29085041361751 |
Encrypted: | false |
SSDEEP: | |
MD5: | 00A401F9A3169071D7CA6A730C6F93A6 |
SHA1: | DB49B4547006C79EBC477853B47B5F7AC088FFDE |
SHA-256: | 866E19D759ADB0977FBBE1CCE99D4F43D69260DEA233FFDEAF33A779C029E429 |
SHA-512: | 98FE1EBE386571560B33B0EECB5C9BF1C4FC9C6320BBF232650D37541BD5355E0BA4C1B43A6EE2580E9C357AB290F0AD42CCFD23E11767CBAA59C56D06A22D0D |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.3107136420008505 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4335BCD2A955713517377A4CEBEB79C7 |
SHA1: | C332C6C7977B01056C201DA827022E4B68338CD6 |
SHA-256: | 28783425E759DA825D067294BF3689D167E4714C84132ACE1D152C6A932528CB |
SHA-512: | 5DEE256885324CBA29EAA8EBAC0485D843329FB4C99C76E7694993D2D04CE3EFCA1747B2A52F2D8FD5ECB44BD1C0BA55A5410A8AFE190BD7152EFCA3549E33A8 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 286 |
Entropy (8bit): | 5.267500233374508 |
Encrypted: | false |
SSDEEP: | |
MD5: | 770239EC1B1BF88F0341DFD4D1719109 |
SHA1: | C6350F49646682A3261B520834D66298D970ADDF |
SHA-256: | D4A78C0367873E2156CB0A460DBC9335E02571FA0BE9F478671EEDB920D92B52 |
SHA-512: | 54EFCA0E6D2C10F547B07AF3D2F635A5090A824023E1B13B1759EDA616463B3EFC5E944C2412AD86FEE62CB186498B5807024A3B2DFBDF09D298F46B10177358 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 782 |
Entropy (8bit): | 5.361774325872741 |
Encrypted: | false |
SSDEEP: | |
MD5: | 29F8DC1A80EA906F2126337B5388C0C4 |
SHA1: | BFD4F71B5FF2BCF64D9EC76161561D0B257D494C |
SHA-256: | 4C5A30FC68F249C3DBDFBA7961DE7F3BA96D253CCE085D12BE448BD1B41A16CE |
SHA-512: | 688EF2DDB7BC9FE21726CF03402E91B7BCF1DF786CEA294F922B8528DA1C766DBF8984CB1245CD8DCAB909C81DB0655EF5828302BF4D37B9CC1EF7EFD8385FCC |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2814 |
Entropy (8bit): | 5.1406405984230705 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3F804B89896876FA17D4E77D4C55B312 |
SHA1: | 0A6F9B2074184B594F12C3C98654D7E3A58C6845 |
SHA-256: | D5E139508D620B22128C41B8953AAAC9038C884F94DDFD92119BD41EA78E387C |
SHA-512: | 8FD9679966D64582A562CE366206495D8D581329A08167C05C81E556509D3008621F0065AACD653966D3C7447F52821A569288452E01D7D0D66E208001B23D03 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 0.9874856172652001 |
Encrypted: | false |
SSDEEP: | |
MD5: | 98506EF0AAA61A5BD2E4361AA4C1D638 |
SHA1: | 59AC132E021E3D312DF5B1570A712AE7746FE95B |
SHA-256: | C2B27DAC1B481FD5A023E00B02F5287D5A1966B1140FE7C7642E94D50E6DE241 |
SHA-512: | 3333B138B9F2C2F6B77B802146ECB75C213038335864A174FFB3ECEE1E184B32CB05C9073DC2525AB1DCAA38349ED15B27893D6901C650A00F2162DFE01FABD1 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.3423142784559587 |
Encrypted: | false |
SSDEEP: | |
MD5: | D1716501B88A868247D63EF41E4DFFC2 |
SHA1: | 53EE98F9D6EF85BE8D1B65D9F89D03F3E6D0427E |
SHA-256: | F3DCFF755A02CEABD7CBE3FA13EEFE6B58EDCF2D0F937995F02192127651D22C |
SHA-512: | EC0175CECAD11542DF682BE883A097DF250612C5256D71BC291D621CBECDD50948B4C9E71EF8D6E78B6307F44FF00D6FA6F95EED91CFB7D74FFBB86F4CBAB8A5 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.499838153709142 |
Encrypted: | false |
SSDEEP: | |
MD5: | 05240A60EF483E381FBEB9B20B0B3C77 |
SHA1: | CF7B417ED93320E4F1C620CF72640A3B7687BE07 |
SHA-256: | 78CC8541FEA2E18A0A4611BF0EE3DB28A7DD95D6898E446FF5A078DD5D0A59AA |
SHA-512: | B9615F64E4FCAFC3BE7746348A007CFEF28D41B99248EB9310BC5EF8D63C9009B43DCCEF2D7A1E0A7979620C70AA587CFF2DD2896202197B5EE94B200B2583DE |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-04-18 18-17-06-581.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.353642815103214 |
Encrypted: | false |
SSDEEP: | |
MD5: | 91F06491552FC977E9E8AF47786EE7C1 |
SHA1: | 8FEB27904897FFCC2BE1A985D479D7F75F11CEFC |
SHA-256: | 06582F9F48220653B0CB355A53A9B145DA049C536D00095C57FCB3E941BA90BB |
SHA-512: | A63E6E0D25B88EBB6602885AB8E91167D37267B24516A11F7492F48876D3DDCAE44FFC386E146F3CF6EB4FA6AF251602143F254687B17FCFE6F00783095C5082 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 29752 |
Entropy (8bit): | 5.421239123137467 |
Encrypted: | false |
SSDEEP: | |
MD5: | E28E9031ED06B9B669D0247143BA8477 |
SHA1: | 75823ED7E01EA583E44AD1EE0064FAD97F5A126E |
SHA-256: | 7CA3A539D4E5AC25A76373794AD02D7B4393314A2AE222CE5C2F14AEBFF04425 |
SHA-512: | DBE13CBA393C8AB5C9E5176DBA0D5F2BA3819E74F14A7C37D43C488CE5F79A52B724CAD41BC8DBA5CDD214200AF7FD914BB6B64E6EE0431A6188007000409B13 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3A49135134665364308390AC398006F1 |
SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | |
MD5: | 22B260CB8C51C0D68C6550E4B061E25A |
SHA1: | DF9A5999C58A8D5ADBB3F8D1111EAB9E4778637E |
SHA-256: | DAB1231CC22DAB591EBB91C853E3EE41C10D3DA85D2EFAB67E9A52CCB3A3A5A0 |
SHA-512: | 503218D83C511A7F7CEA8BC171921D1435664B964F01A8C77DC0F4D0196DD2815D9444DA98278E1369552D004E9B091DD9B89663209F0C52ACB97FCE6AFFE7A9 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | |
MD5: | F4058A9619A8A6E9B90852CDC593A3A5 |
SHA1: | 97C7CD56D5DA56FC9AB8AA04EB5704178B017310 |
SHA-256: | 237014787D4547E2418AF2D490AD45AFBF7893AAE2F655AA6ABB91CA21EF11F6 |
SHA-512: | A05060A3184A9F2043AD043A24909361DF0A65F12767784EBF5E8B5A86FBB909CBCE0DAB5C2705DA59DA84748B604ADE7F00D11B97FD87DBB5383AC9096A1203 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2673 |
Entropy (8bit): | 3.988519080732302 |
Encrypted: | false |
SSDEEP: | |
MD5: | A380A51696500E65686DD91A7AF04C73 |
SHA1: | 6BDD7366E21F95440A84D482123317610D1D1AC3 |
SHA-256: | C67CFC328391F6891650027AADE366ED9B04CE80F2809A96367AAA91EC60AC28 |
SHA-512: | E5812CC0164C3C33351943C87D6B21B2BEB3331A5C427267984FB13B11837F8E23FF3E16CF56A3DC38BBCC45D41FC19A11E0F464C60B1A8D49C72740E4A9FB00 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2675 |
Entropy (8bit): | 4.004234807683469 |
Encrypted: | false |
SSDEEP: | |
MD5: | E9224C1C3BB0FE9D9212EA7DE68311BF |
SHA1: | C069834A2CAB2AB31430FA88EEE16BB5C8934D51 |
SHA-256: | E91EF5055B3C811183024F3E678C2E5CF2B578BB531668A7914F3100E36EFE5E |
SHA-512: | 59B23E39B2BF5BC30B71AEB431AF8CBB332B540972C6441A694D4479DBC2E3DBE22445380016BE738E700F6E15D1D4BD3880FA64AE2B22AC111BFC7F03EADD75 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2689 |
Entropy (8bit): | 4.009948878523068 |
Encrypted: | false |
SSDEEP: | |
MD5: | C8F604F52B70F674154664BA099092AA |
SHA1: | E457E3D213BA4E4DBB28F13B0ED7461D40F40D20 |
SHA-256: | 1B5EBD02BFB5B5E029DEAFE56440EDA45D4B62B413104421725B1AF5AA37E5AC |
SHA-512: | A091561977B4AAAB9BCA1275198C81F881674EAAAEA7D479871A31894AA712647B2D96DD61831B160D47C1F2BA83EF88DED4DB391FF9D28EE9120EB5AC09534B |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 4.0040726157640565 |
Encrypted: | false |
SSDEEP: | |
MD5: | 7D958A884753B0E9C362625B2FB7A8D7 |
SHA1: | 31C4C1CFA091018721CE5B5B305A8605BF445261 |
SHA-256: | CF0683E57E3E56421473715026C1DA073E8A2D5191D51D9F1D0347F65338DC9E |
SHA-512: | 1F0D669963E48E1ECF4433E4D964098DC243547F6737FCFD3060B92802684557F8B4AB74281567DB92DD71326491FE9C047BF58C5415597EBA3C9021A94DBF4F |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.991698605929537 |
Encrypted: | false |
SSDEEP: | |
MD5: | 83DBEE9918E2B151CBBC9AB4B3A11F4C |
SHA1: | 8C57BCE7F51E91A0913286EF6542BFA55C4A0A96 |
SHA-256: | 85253BFF29CA796DE0DBFC5BE151F93D1331DC5C49A023E29ED0DCD2E790D242 |
SHA-512: | 7497774E3CE6B66554F9E30573A45B2182148C346E84899E9811E2793D90D1A9752030054214823B400D6E16A5A42343B606F386F98818B7227B319889A16F08 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 4.002022484352761 |
Encrypted: | false |
SSDEEP: | |
MD5: | EF3E42496B774974D63995EBB5ED9BA1 |
SHA1: | 171FC410157BF646CFED4A77F22E68C3D15585B1 |
SHA-256: | 7377908BEF0A47DB3CB5CCE98539B3CA5981099894F4FA08E41B906568DDE804 |
SHA-512: | 340E8B835BDFAD10FA87BB516EA4B784EA2779C8940BC0FA5DD9979C103FB4A996A76F498849C39960C7E29C15B98363243CB674B15EFCAD03A3C197F7BCF0BF |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 315 |
Entropy (8bit): | 5.0572271090563765 |
Encrypted: | false |
SSDEEP: | |
MD5: | A34AC19F4AFAE63ADC5D2F7BC970C07F |
SHA1: | A82190FC530C265AA40A045C21770D967F4767B8 |
SHA-256: | D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3 |
SHA-512: | 42E53D96E5961E95B7A984D9C9778A1D3BD8EE0C87B8B3B515FA31F67C2D073C8565AFC2F4B962C43668C4EFA1E478DA9BB0ECFFA79479C7E880731BC4C55765 |
Malicious: | false |
Reputation: | unknown |
URL: | https://roads.dentistsinchattanoogatennessee.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 85578 |
Entropy (8bit): | 5.366055229017455 |
Encrypted: | false |
SSDEEP: | |
MD5: | 2F6B11A7E914718E0290410E85366FE9 |
SHA1: | 69BB69E25CA7D5EF0935317584E6153F3FD9A88C |
SHA-256: | 05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E |
SHA-512: | 0D40BCCAA59FEDECF7243D63B33C42592541D0330FEFC78EC81A4C6B9689922D5B211011CA4BE23AE22621CCE4C658F52A1552C92D7AC3615241EB640F8514DB |
Malicious: | false |
Reputation: | unknown |
URL: | https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1239 |
Entropy (8bit): | 5.068464054671174 |
Encrypted: | false |
SSDEEP: | |
MD5: | 9E8F56E8E1806253BA01A95CFC3D392C |
SHA1: | A8AF90D7482E1E99D03DE6BF88FED2315C5DD728 |
SHA-256: | 2595496FE48DF6FCF9B1BC57C29A744C121EB4DD11566466BC13D2E52E6BBCC8 |
SHA-512: | 63F0F6F94FBABADC3F774CCAA6A401696E8A7651A074BC077D214F91DA080B36714FD799EB40FED64154972008E34FC733D6EE314AC675727B37B58FFBEBEBEE |
Malicious: | false |
Reputation: | unknown |
URL: | https://roads.dentistsinchattanoogatennessee.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 19188 |
Entropy (8bit): | 5.212814407014048 |
Encrypted: | false |
SSDEEP: | |
MD5: | 70D3FDA195602FE8B75E0097EED74DDE |
SHA1: | C3B977AA4B8DFB69D651E07015031D385DED964B |
SHA-256: | A52F7AA54D7BCAAFA056EE0A050262DFC5694AE28DEE8B4CAC3429AF37FF0D66 |
SHA-512: | 51AFFB5A8CFD2F93B473007F6987B19A0A1A0FB970DDD59EF45BD77A355D82ABBBD60468837A09823496411E797F05B1F962AE93C725ED4C00D514BA40269D14 |
Malicious: | false |
Reputation: | unknown |
URL: | https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17453 |
Entropy (8bit): | 3.890509953257612 |
Encrypted: | false |
SSDEEP: | |
MD5: | 7916A894EBDE7D29C2CC29B267F1299F |
SHA1: | 78345CA08F9E2C3C2CC9B318950791B349211296 |
SHA-256: | D8F5AB3E00202FD3B45BE1ACD95D677B137064001E171BC79B06826D98F1E1D3 |
SHA-512: | 2180ABE47FBF76E2E0608AB3A4659C1B7AB027004298D81960DC575CC2E912ECCA8C131C6413EBBF46D2AAA90E392EB00E37AED7A79CDC0AC71BA78D828A84C7 |
Malicious: | false |
Reputation: | unknown |
URL: | https://roads.dentistsinchattanoogatennessee.com/signedbox/images/bg.jpg |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 32 |
Entropy (8bit): | 4.390319531114783 |
Encrypted: | false |
SSDEEP: | |
MD5: | EB3CE3190D8A58E048D35E620747D3A5 |
SHA1: | 76B5B6461189F839B018EF5C785DB4836B818B7D |
SHA-256: | 2D670E2962D8D805B95912CACA0822CE7C6913636BA40373C6E6AEA73CAC8457 |
SHA-512: | 08F9C680B09CC25919A91F8E080CFC517F7354F49759DDC8CF6FFEB5ADE2E46F80A866E7531B6EA97188A5E4647093350F91ED51254351C47BCE3488EF88A595 |
Malicious: | false |
Reputation: | unknown |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAkEG-dxYufS8BIFDa0JrrESEAm9nAbcJ9d1jRIFDUPzdjk=?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1293 |
Entropy (8bit): | 5.448893852817212 |
Encrypted: | false |
SSDEEP: | |
MD5: | CBA4ED6C809962AC6C2A26842183B67A |
SHA1: | 3F8E077AFC8EF5BAB7FA626EA782DAE34D419BBE |
SHA-256: | AAE65C231008861C6430EBE296C926E728C4D2CCB1492F86E42D760E9B67D9A5 |
SHA-512: | 84894B90DDA3CA3487F3E4F87F8244C78BA726331AC3EA290F6BD64830B0A21856A42333CC4EDBBF23DC2F063C53AD71B3F41864275D874AEBD37C198AE1CBE0 |
Malicious: | false |
Reputation: | unknown |
URL: | https://fonts.googleapis.com/css?family=Archivo+Narrow&display=swap |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 48944 |
Entropy (8bit): | 5.272507874206726 |
Encrypted: | false |
SSDEEP: | |
MD5: | 14D449EB8876FA55E1EF3C2CC52B0C17 |
SHA1: | A9545831803B1359CFEED47E3B4D6BAE68E40E99 |
SHA-256: | E7ED36CEEE5450B4243BBC35188AFABDFB4280C7C57597001DE0ED167299B01B |
SHA-512: | 00D9069B9BD29AD0DAA0503F341D67549CCE28E888E1AFFD1A2A45B64A4C1BC460D81CFC4751857F991F2F4FB3D2572FD97FCA651BA0C2B0255530209B182F22 |
Malicious: | false |
Reputation: | unknown |
URL: | https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 153 |
Entropy (8bit): | 4.903392883614388 |
Encrypted: | false |
SSDEEP: | |
MD5: | C73BFB3D2FEBE6A8B37A1B76D39B164D |
SHA1: | 71037FA792E298C52F77870A3214775DC8D67834 |
SHA-256: | FA6B47916793235789A40DF7E5ABB3F219BE7C3BE0C88B41E915A302E86B7BFE |
SHA-512: | 5F09134ED1E41852910E21A1FD9638A9C6378A99BB1A1ECB8CC27D21529C2FE7F13B9B4896D164C1BAFB95F3D5F45F9BE7F1B6C1E5F4D3A300127B39E3C49F63 |
Malicious: | false |
Reputation: | unknown |
URL: | https://dashboard.spamfather.com/web/site/go-back?token=9704A-4FC48-AE885-98DCB-DCDF5-7F3FD-EF-16-81851-875&usr= |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 54641 |
Entropy (8bit): | 4.712564291864468 |
Encrypted: | false |
SSDEEP: | |
MD5: | 251D28BD755F5269A4531DF8A81D5664 |
SHA1: | C0F035B41B23C6E8FAB735F618AA3CFF0897B4F9 |
SHA-256: | AFDC6BF2DE981FFD7D370B76F44E7580572F197EFBE214B9CFA4005D189D8EAE |
SHA-512: | 8111F411C21C6011644139DBA4EF24D1696C0F6D31E55CE384E0353A0F3E65402170C502BDDF803C3DF9149C371B31C03F77BE98FDBC61C0C9C55AFBE399681F |
Malicious: | false |
Reputation: | unknown |
URL: | https://use.fontawesome.com/releases/v5.7.0/css/all.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 271751 |
Entropy (8bit): | 5.0685414131801165 |
Encrypted: | false |
SSDEEP: | |
MD5: | 6A07DA9FAE934BAF3F749E876BBFDD96 |
SHA1: | 46A436EBA01C79ACDB225757ED80BF54BAD6416B |
SHA-256: | D8AA24ECC6CECB1A60515BC093F1C9DA38A0392612D9AB8AE0F7F36E6EEE1FAD |
SHA-512: | E525248B09A6FB4022244682892E67BBF64A3E875EB889DB43B0A24AB4A75077B5D5D26943CA382750D4FEBC3883193F3BE581A4660065B6FC7B5EC20C4A044B |
Malicious: | false |
Reputation: | unknown |
URL: | https://code.jquery.com/jquery-3.3.1.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 259986 |
Entropy (8bit): | 5.1376199523115975 |
Encrypted: | false |
SSDEEP: | |
MD5: | E5B092EBE9C62DDA644B20CFADAAD465 |
SHA1: | 6536141EC59052BABF125B92163F29D2A76A2DFD |
SHA-256: | 04FF1AA0D349B007653F0BF27D4E707000E6D6D8D17AF49FA062A5DB1663F71C |
SHA-512: | 45BB0FD16588C9F4708B0B0E7F7A6B7C808717C1C0178E4F5DC8FA46F347E6E7ADD91A5E647034B52A20D4AABD8B47D1879181A9BE5B8E3536517F8FF3E3EB56 |
Malicious: | false |
Reputation: | unknown |
URL: | https://roads.dentistsinchattanoogatennessee.com/signedbox/ |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 69597 |
Entropy (8bit): | 5.369216080582935 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5F48FC77CAC90C4778FA24EC9C57F37D |
SHA1: | 9E89D1515BC4C371B86F4CB1002FD8E377C1829F |
SHA-256: | 9365920887B11B33A3DC4BA28A0F93951F200341263E3B9CEFD384798E4BE398 |
SHA-512: | CAB8C4AFA1D8E3A8B7856EE29AE92566D44CEEAD70C8D533F2C98A976D77D0E1D314719B5C6A473789D8C6B21EBB4B89A6B0EC2E1C9C618FB1437EBC77D3A269 |
Malicious: | false |
Reputation: | unknown |
URL: | https://code.jquery.com/jquery-3.2.1.slim.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 86709 |
Entropy (8bit): | 5.367391365596119 |
Encrypted: | false |
SSDEEP: | |
MD5: | E071ABDA8FE61194711CFC2AB99FE104 |
SHA1: | F647A6D37DC4CA055CED3CF64BBC1F490070ACBA |
SHA-256: | 85556761A8800D14CED8FCD41A6B8B26BF012D44A318866C0D81A62092EFD9BF |
SHA-512: | 53A2B560B20551672FBB0E6E72632D4FD1C7E2DD2ECF7337EBAAAB179CB8BE7C87E9D803CE7765706BC7FCBCF993C34587CD1237DE5A279AEA19911D69067B65 |
Malicious: | false |
Reputation: | unknown |
URL: | https://code.jquery.com/jquery-3.1.1.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 144877 |
Entropy (8bit): | 5.049937202697915 |
Encrypted: | false |
SSDEEP: | |
MD5: | 450FC463B8B1A349DF717056FBB3E078 |
SHA1: | 895125A4522A3B10EE7ADA06EE6503587CBF95C5 |
SHA-256: | 2C0F3DCFE93D7E380C290FE4AB838ED8CADFF1596D62697F5444BE460D1F876D |
SHA-512: | 93BF1ED5F6D8B34F53413A86EFD4A925D578C97ABC757EA871F3F46F340745E4126C48219D2E8040713605B64A9ECF7AD986AA8102F5EA5ECF9228801D962F5D |
Malicious: | false |
Reputation: | unknown |
URL: | https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css |
Preview: |
File type: | |
Entropy (8bit): | 7.910035354793396 |
TrID: |
|
File name: | Liftone ..pdf |
File size: | 108'188 bytes |
MD5: | 6cadac337776aba6aa6946d42f92a840 |
SHA1: | b8751f2c08df20b3294752afa5d7cc00a7812e55 |
SHA256: | 8e62130c954dedb2e0ce62e3a007384ffa8101bb2d9144d955dde46488743c89 |
SHA512: | d45b1f6e874141f8d0e317909ea1cfc53c9b0eba5c8c60533271f2195af6919e808835c59d2aeab663756b9510f48b8c58f730cf35a92a3cacdb3e1a8920b2ac |
SSDEEP: | 1536:H9ocyr0ElFrurTS87ftAYH9Svfjpd2fCyesKJhXK6D80HDxUmvRDISK7LiVCjv:H2cyjdMTSeUp4ChswhX9D8i22kb |
TLSH: | 0AB3D085845C0D9AE063862A6B735FEB787DB3A7A2C490C43BCC565347C4F66F12261F |
File Content Preview: | %PDF-1.7..%......1 0 obj..<</Type/Catalog/Pages 2 0 R/Lang(en) /StructTreeRoot 17 0 R/MarkInfo<</Marked true>>/Metadata 43 0 R/ViewerPreferences 44 0 R>>..endobj..2 0 obj..<</Type/Pages/Count 1/Kids[ 3 0 R] >>..endobj..3 0 obj..<</Type/Page/Parent 2 0 R/R |
Icon Hash: | 62cc8caeb29e8ae0 |
General | |
---|---|
Header: | %PDF-1.7 |
Total Entropy: | 7.910035 |
Total Bytes: | 108188 |
Stream Entropy: | 7.926811 |
Stream Bytes: | 103294 |
Entropy outside Streams: | 5.272483 |
Bytes outside Streams: | 4894 |
Number of EOF found: | 2 |
Bytes after EOF: |
Name | Count |
---|---|
obj | 22 |
endobj | 22 |
stream | 11 |
endstream | 11 |
xref | 2 |
trailer | 2 |
startxref | 2 |
/Page | 1 |
/Encrypt | 0 |
/ObjStm | 1 |
/URI | 2 |
/JS | 0 |
/JavaScript | 0 |
/AA | 0 |
/OpenAction | 0 |
/AcroForm | 0 |
/JBIG2Decode | 0 |
/RichMedia | 0 |
/Launch | 0 |
/EmbeddedFile | 0 |
Image Streams |
---|
ID | DHASH | MD5 | Preview |
---|---|---|---|
5 | a2a2a0a0a2a2a2a2 | b7c17e385aef17ecff9e57dc6f63e41f | |
6 | a280a2a2a2a280a2 | 01db9e9ad35d8459d68fdbab9d0eac3a | |
11 | 405a525a57ba9980 | 23a653b81f770be1d154c61a4d6971b4 | |
12 | 515a525a57ba9980 | 532d7f9f447a46da5b8049ef0839fdb7 | |
14 | c2d8f2cdcdc0dad2 | 87f052cf8f7abbeec6cfb61d89e6e545 |