Windows
Analysis Report
$DS_122189.pdf
Overview
General Information
Detection
Score: | 22 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 60% |
Signatures
Classification
Analysis Advice
No malicious behavior found, analyze the document also on other version of Office / Acrobat |
Uses HTTPS for network communication, use the 'Proxy HTTPS (port 443) to read its encrypted data' cookbook for further analysis |
- System is w10x64_ra
- Acrobat.exe (PID: 7108 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\$ DS_122189. pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) - AcroCEF.exe (PID: 6376 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 6544 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=18 48 --field -trial-han dle=1556,i ,407398874 3436467059 ,121954748 6935494178 1,131072 - -disable-f eatures=Ba ckForwardC ache,Calcu lateNative WinOcclusi on,WinUseB rowserSpel lChecker / prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
- Taskmgr.exe (PID: 7836 cmdline:
"C:\Window s\system32 \taskmgr.e xe" /4 MD5: 58D5BC7895F7F32EE308E34F06F25DD5)
- Taskmgr.exe (PID: 7876 cmdline:
"C:\Window s\system32 \taskmgr.e xe" /4 MD5: 58D5BC7895F7F32EE308E34F06F25DD5)
- cleanup
Click to jump to signature section
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | Classification label: |
Source: | File created: |
Source: | Mutant created: |
Source: | File created: |
Source: | Key opened: |
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: |
Source: | Key value queried: |
Source: | Window found: |
Source: | Window detected: |
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | Initial sample: |
Boot Survival |
---|
Source: | Registry key monitored: | ||
Source: | Registry key monitored: | ||
Source: | Registry key monitored: |
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: |
Source: | File opened / queried: |
Source: | Process information queried: |
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 2 Exploitation for Client Execution | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 Query Registry | Remote Services | Data from Local System | 2 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Virtualization/Sandbox Evasion | LSASS Memory | 1 Security Software Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 Process Injection | Security Account Manager | 1 Virtualization/Sandbox Evasion | SMB/Windows Admin Shares | Data from Network Shared Drive | Steganography | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | 1 Process Discovery | Distributed Component Object Model | Input Capture | Protocol Impersonation | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | Software Packing | LSA Secrets | 11 System Information Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
104.72.156.136 | unknown | United States | 3257 | GTT-BACKBONEGTTDE | false | |
162.159.61.3 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
23.221.240.182 | unknown | United States | 8612 | TISCALI-IT | false | |
107.22.247.231 | unknown | United States | 14618 | AMAZON-AESUS | false |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1430204 |
Start date and time: | 2024-04-23 10:12:40 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 20 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 1 |
Technologies: |
|
Analysis Mode: | stream |
Analysis stop reason: | Timeout |
Sample name: | $DS_122189.pdf |
Detection: | SUS |
Classification: | sus22.winPDF@19/37@0/36 |
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe
- Excluded IPs from analysis (whitelisted): 23.221.240.182, 107.22.247.231, 54.144.73.197, 18.207.85.246, 34.193.227.236, 162.159.61.3, 172.64.41.3
- Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, ssl-delivery.adobe.com.edgekey.net, p13n.adobe.io, geo2.adobe.com
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtEnumerateKey calls found.
- Report size getting too big, too many NtOpenFile calls found.
- Report size getting too big, too many NtOpenKey calls found.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtProtectVirtualMemory calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 290 |
Entropy (8bit): | 5.171698628109069 |
Encrypted: | false |
SSDEEP: | |
MD5: | 57E820204B59D414163BFF8B8228C92D |
SHA1: | F367DE11FC36D2E3CED170FD797A6252FD45ED79 |
SHA-256: | 52E7C7954129D3F41F25497217BA36E3F0E8DA7282F463C529F709AF3E4848DB |
SHA-512: | 0EFC66859EA101B4E1F0A735D3CAA315DBA52AFD29407111A8F7A8BE331D02F27075F45BE0F242ECCCCF5781864120F83284D9B7671C47BFA1210AA41A5133B6 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 334 |
Entropy (8bit): | 5.184944746542216 |
Encrypted: | false |
SSDEEP: | |
MD5: | 2B6025B053F506813CF6C6D9BF0AC4B6 |
SHA1: | 89639B8A9F2F6EB7CE58374C1EB392B060C1C5A1 |
SHA-256: | 7182BB828033471C40C17875A1D7F8252666014B2A2BA074F65D6E439E4879E9 |
SHA-512: | 1F6BD9CEA6EDE3F2B4A2503CB0126C2EE7936A00E0E81FF61BAA17F500CD9CD3FA8616D94C8FC99C5FE544D4D710EA1CBBA05321B9472A8F08BEAA0FE049D6B3 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 48F580637A10FBB69C0C270D0D1A27D8 |
SHA1: | 989701C236B138B27EFC8D90E110DEC2EA094765 |
SHA-256: | DEC75B40391B661DBFB207EE303308D3F79413354D9EEB5EB47B7DCD89774C52 |
SHA-512: | 8CB4E90F337FB7EC6C6312BAF509A116C777EECED26F60F92C6B0F237E3718DC3E984C42DA526E127423C08F0F8FA7794C492D4040AAD1A24D8A52817EEB8B00 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\d6d82c44-7576-4295-9646-f7b12d673735.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 403 |
Entropy (8bit): | 4.990782865900337 |
Encrypted: | false |
SSDEEP: | |
MD5: | 48F580637A10FBB69C0C270D0D1A27D8 |
SHA1: | 989701C236B138B27EFC8D90E110DEC2EA094765 |
SHA-256: | DEC75B40391B661DBFB207EE303308D3F79413354D9EEB5EB47B7DCD89774C52 |
SHA-512: | 8CB4E90F337FB7EC6C6312BAF509A116C777EECED26F60F92C6B0F237E3718DC3E984C42DA526E127423C08F0F8FA7794C492D4040AAD1A24D8A52817EEB8B00 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4099 |
Entropy (8bit): | 5.229964831598193 |
Encrypted: | false |
SSDEEP: | |
MD5: | B072604024FE007D07B884C3CABD706D |
SHA1: | 2C7B21D2F644CF4063DAAD4E2758A18DE7D50DB2 |
SHA-256: | D5949761D4E22E320CB49E0E39FD060ABEB8EFF55594375D3FC1364903C4E66B |
SHA-512: | 64412A0CBA3A9EA163DD938E7E92F9D95ABAC0A2B888CD59339D24E0D7C4DC50AA70C7419698F1CCACF271A933080317D31755DA3FBB82980AF9EDA4D1539C53 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 322 |
Entropy (8bit): | 5.137836109301929 |
Encrypted: | false |
SSDEEP: | |
MD5: | E72FA39EA10CE82B61860C340C9F69D7 |
SHA1: | 83C0B844D0FD2F6CC6FA2AA2D507FDABEAA73DB2 |
SHA-256: | 18E3665390693105DAEE7A8FB5B395DE1A1039A52DF1EA6B372F4330D349D9B9 |
SHA-512: | C2C694929864B30C53FEA5677726E4761F72B8FABF08363A924007258EC2567E2AB305B694F939EFBA351D77655C7BF2848C8F6D4DA9E2E801A184E87F5BCCFA |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240423081312Z-161.bmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 65110 |
Entropy (8bit): | 1.5455147439922712 |
Encrypted: | false |
SSDEEP: | |
MD5: | CFB31DB14C1CA566154293E53215BDEF |
SHA1: | F9C3E7CEACB9A5297CA88F04FF39501E4C2E4A5E |
SHA-256: | B04931F1ADDB13AA14E16410361E0B9CC8EB4FB1FC95ADD9432ECADBB88AAEE7 |
SHA-512: | 51323C4B9F8E9395E0AC9BA9275849665E7ED0C3054E476AF448D60D5C7B069D69F4687FE0ADF5BBE28F24E91232C42F446FDF95376C3D6D5C1564590839AC38 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 57344 |
Entropy (8bit): | 3.291927920232006 |
Encrypted: | false |
SSDEEP: | |
MD5: | A4D5FECEFE05F21D6F81ACF4D9A788CF |
SHA1: | 1A9AC236C80F2A2809F7DE374072E2FCCA5A775C |
SHA-256: | 83BE4623D80FFB402FBDEC4125671DF532845A3828A1B378D99BD243A4FD8FF2 |
SHA-512: | FF106C6B9E1EA4B1F3E3AB01FAEA21BA24A885E63DDF0C36EB0A8C3C89A9430FE676039C076C50D7C46DC4E809F6A7E35A4BFED64D9033FEBD6121AC547AA5E9 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16928 |
Entropy (8bit): | 1.2157987320354982 |
Encrypted: | false |
SSDEEP: | |
MD5: | 0C1CE16F9BC9701A4661184614AC99A2 |
SHA1: | F3A8D1460382EA47C5A547A5FC68E9145C48C642 |
SHA-256: | 2FF1A46537FFCD24B75D6D0DF3414D9C918FF110995052565CF439226CF60A3C |
SHA-512: | 28523A01957D9B514D3793C72F0EFE4E09878D4A42F55741E73B08542CDA8014BF7F6F42A134AA6B064F56F88906B533B96338A18DE8A8EE3407648C3C5A263F |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 0 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.381569900066226 |
Encrypted: | false |
SSDEEP: | |
MD5: | 45BFEED8E893721253B9B01D1A05E8F7 |
SHA1: | 64EF957ADDC4878A7C18A668CCEF29AAABC7F35E |
SHA-256: | 1767211F1E9AA39B1BE2E09FC049F423AB4C87A4D4613252AB2A2E83011A3CCE |
SHA-512: | 0C0F531EC05C9AF84927196780601D8D3749C3B909A8BC1EDC06A5E83824773DA0405385399A9A9B52F6793A43AC165FA724FCEF7BE013F38268C4C54FCB415F |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.333392787103052 |
Encrypted: | false |
SSDEEP: | |
MD5: | 04765562EDAD2F1B42C4C6690257A828 |
SHA1: | C275679F85901D448C906505F0C5D9B55F3F8E0E |
SHA-256: | 07B2D8042EDADDEA0B8D0DB466290A1FCCDF32AB52581C6FF312BC973EAD380D |
SHA-512: | 8E349C0C8D0B0455D967B4B53ACB4746383C8C4E6586B25DC06259C663C70521AB64D30F8EA4789A6A344F8DC6AF7A36EF5FA4DC03267232C8FE0AF842163DA3 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.31209900132993 |
Encrypted: | false |
SSDEEP: | |
MD5: | 31BE602EFEEA682E0B3A104EF35DAF86 |
SHA1: | 61C017C7F4FC328F27CF9A0B466E9C50F2B71B49 |
SHA-256: | B4FD6A4A0FFC269D559BD7B94D4CB9FA67DEE90E6A99FE63E230EC9CE5416C18 |
SHA-512: | A51B93A1F605FC834DB9426ABA488E37A753E6C60D5362860E3181C7795219366F4580A48B74FC832BC3A55AB4C52066475E1EAC37994F28CCBAB9FC1AC070A8 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.370588913851046 |
Encrypted: | false |
SSDEEP: | |
MD5: | BD7BCC7CF6E8CCEF48A570B2E611F147 |
SHA1: | 1BC7FBBA4FFFF9E9E5594E3F8475F184015D0954 |
SHA-256: | E7F9B402908B3C15B0A35E4331CAB147747F00BEC5F674FD84D26422AE9F4510 |
SHA-512: | C445CD47D53D8783D97111A03D1206558E204F56B310206258231978B25BC700E1A77562E5DBC2098DF7B897EAB78BF2C00F0455BF5DC64C80630041C0EBBA7C |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.332142759801476 |
Encrypted: | false |
SSDEEP: | |
MD5: | E8C02DC81071FE73738DF601527FFBBA |
SHA1: | AF95B32E52778E3C5A0C320C3B01A53CDDFE682B |
SHA-256: | 77ABA45653A693E7AA4000EE7FFDE47C11628EF9E6D1820E9BB05FEFF46D311B |
SHA-512: | F20E56A3723838872A1F05CF9B573E2C55BB7DB26C73F073202C35FB29DB34E21D380A109318B86B84C8E0C1911C1002AEA241A6F34FC99402AED53C9F6CB122 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.319465259444851 |
Encrypted: | false |
SSDEEP: | |
MD5: | C81F9ACAB1E783C06A2E4CA04720674D |
SHA1: | B1588A1A5FEDBE0D16D8186F7EE4C98E75A44928 |
SHA-256: | 8C79B6784E5DF5FC7B831105A523F3608634B8591AA9DB7515A5A6C12E03A0CA |
SHA-512: | 38360938579A636E41A7E772C69DB1B259E3D8DB4F7925A3CB3B787BDEFCB81EFE2BE376480E7F36A913BAC7E7487BEE55B47BCA132F87DBBEDBDB209D682CD6 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.321899328059363 |
Encrypted: | false |
SSDEEP: | |
MD5: | FBEAAFD7E90D74745E68AAEB4ADB5CA3 |
SHA1: | 74D45A3408CB6C1C9BD5D7020AEDB1B04B488A11 |
SHA-256: | A71232FDAF02A46FE7D7EC6AD37BF807280483CBDB8A9C8E86363E8616BC37E1 |
SHA-512: | F7FF73D439BBC0895003D04E5FA21317846CA3500E1F1C2286808F2EAB2AA65709551CC316DFA743F53D43075CD28C427A9F115E0149C2097556877CC29B83DA |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.32826830571595 |
Encrypted: | false |
SSDEEP: | |
MD5: | 7B639DE4286019DF422BEAF6EFADD695 |
SHA1: | 88430B5050149E3200C08BEEFDC7E5463DCE67CD |
SHA-256: | 6D41110E9F2389714C6EB3200B1C5350CAF50DEAC6F7DC36E9DCBC2A58532349 |
SHA-512: | D3BD5648A948329EABAA9C07B2C18213B752A5174E8E6DD5F31B0D3F7B860DF31E78E10ACDBD9BB1FE4A2613D91309AA4DB519D9AB3492FAE57169F91856F599 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1372 |
Entropy (8bit): | 5.744623239739905 |
Encrypted: | false |
SSDEEP: | |
MD5: | 449598FDD35878E5EFAFABF9D30A1240 |
SHA1: | 6F64EB3FBAB12650F18A89846A94091C0CA30D93 |
SHA-256: | 94468833EEE3759E702FD351AA22ECE38DE72AFF6D776482D7F41B02E83E2649 |
SHA-512: | D7EBD860634B9D0738E3A8B49E4FA5261C17F08CD78340FDFB65F43B83DC425482552F0203AA35A09BC4C4C3D1A8F88ABDBB9438D47FFE37CBF4E86BC8AF16C1 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.325549720606631 |
Encrypted: | false |
SSDEEP: | |
MD5: | 82C8A2490A8F6C1EC0CFF491FB32CDA5 |
SHA1: | BFAB10A46C54D31AB81D0C41CBCE2CCE82C367ED |
SHA-256: | 4CC3A1394E18D0F1BEFA576F67A78ADC7F6E016432D87A2310685838CDB6CDDE |
SHA-512: | 44A8FF97200E766E2D24D12F74033A2994B5C2E183DD8D45E1AD69A260F787E492853A4FE91F1D1F242E5DF198617CEAB343C217643D7190599BCB1B380D90BF |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1395 |
Entropy (8bit): | 5.775114871243359 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4D2FA9EB80F2F476DB13325E1BB1081F |
SHA1: | D367F63666B1A0A18BDF11B05B4D6FB3DB8C2559 |
SHA-256: | 0962DC2D769CD2EF4131303498285A56F5DC619A7BBCB1EB8B30645AC801525C |
SHA-512: | DDC8772E05E847CD849B98F0DCA090D8C35D7040F53F8056AA0FE1B1BABECF4823481671F61020FDB3607CB50206E857AB4896D76B0C7A63BB049D9353B4EDE0 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.308921218826153 |
Encrypted: | false |
SSDEEP: | |
MD5: | 7B8A5F2D8D9CEEE7B18D57C50795DEEB |
SHA1: | 5F770381E22E4196941B9E9C9B2CADBA35C1E49B |
SHA-256: | 88757DB1B6F732C43BF3BF7A55DDE682D55A0D1178E536A20FE4B2158198F439 |
SHA-512: | 46C5D491EB850F02EAFF4497E7DF5CAA454DD5BEA8DC40B4B337F6520C43C743DFA8851A9887F6F0E3F16339DB15CD05C53E8FF69CFC804213CB6528C4DC7B73 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.312341804816474 |
Encrypted: | false |
SSDEEP: | |
MD5: | 428A190701C77BD0D3B470DC6E16F58E |
SHA1: | E7A9C546A83BD39FE7AB9602029B274F7214F3F9 |
SHA-256: | 94490A834EA2CA041DFFDC4E82460E2E2B838A4ECBB2C236973B03986FA12836 |
SHA-512: | 609A9D8584F8B6D8C14DD53B9CE528045F27F6C7A80CCCB6B52E2FCCC31CBE7E1DDDC9541ACDC3FF3D0BF5F9414DC66CC6B83804DF12D14412E184E9E5D120D7 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.332091031290557 |
Encrypted: | false |
SSDEEP: | |
MD5: | CA94631A9565C30ADF4213B06981B1CC |
SHA1: | 2037B09CFD827B28A6B6A12E03167315E61BFC46 |
SHA-256: | 6634AFDD917882D4AC5DF9EF9BD80E291C071A14A43D9C184E4BA2EEA619D17A |
SHA-512: | D2A5A55C5087A9C99C63AA53D8254F006230B4490DFBE4AB2A0AE91086087F35BE5B945515D7893A2DBD25A21B02A19CC2C74B95C4A91B89F91458BA212945FA |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 286 |
Entropy (8bit): | 5.288086147532804 |
Encrypted: | false |
SSDEEP: | |
MD5: | 7A86793E39ABBEC8A7861BFBB0ED8B8C |
SHA1: | E8A2BC6A3C5619E537766376E5BD1E829688918D |
SHA-256: | 8D6577E9BB1D17BC331C7E2C62E82DA5F61F707A4EDF872D5352812E9F63DC2B |
SHA-512: | F390FD80541FC34FA147C9F49EEFF1812FFC240D4AE01DB0FB28A71CDF963322561858D41DC06D4339B2F122121514AFB1A9396C9C5C7E977CAB1F54A3609F36 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 782 |
Entropy (8bit): | 5.369766570048153 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4A53C43FD28550821CF35D17A0D3DEAE |
SHA1: | 647331CA1B4710EF86DBC3439F03FD9520AD4998 |
SHA-256: | 4F8952E5F233F7DF168E9BA395A2E004A7184E29A84E5850CB8C9D5E974B9288 |
SHA-512: | C732DDA0B49F754878AD987CD3EBC0499E58B08AF7795D1A6117D80D5AEFA8B983EBE9F01B6171B940CF04AA68FCC6452D845FB65394E6AA7F397B664C7AC82B |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2814 |
Entropy (8bit): | 5.129299012650546 |
Encrypted: | false |
SSDEEP: | |
MD5: | 739396893CA2916FE946C1F4DFC27780 |
SHA1: | 67237F0CB1FA07395B3C7B99FDD84C9816A9F07A |
SHA-256: | 548F151C09ACDAC38F7394C5393C805B68AD89ECAF4E96BCC65FCBDE73273AB3 |
SHA-512: | 5A4EC5DF1EF272026B932E69E1B3F1446CF03AD9C90EB87E34B2F9ABEA3093C226D5A6C57A2305116D4967FFA0AD6D468F8BA7C623C3F44AE158DD62C569E1B0 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 0.9866904824181962 |
Encrypted: | false |
SSDEEP: | |
MD5: | 931A44B647328060005DFAA3A120A8BC |
SHA1: | 947BA86665F262F9397230E180C2DEF550BB3F9F |
SHA-256: | B6F090A35BA49633F42B5F1E3BAB2A888FE092BACE1AB2C2C17D932E08775607 |
SHA-512: | D8F21FACF3F2D5FE726094624BFA1757E57022E5E9E957E204EF25FB76674A62F8D5DFDC15F959C5B9224393B5A4F1BBAF1C171970E1311974BF86A55510727E |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.3426041180046338 |
Encrypted: | false |
SSDEEP: | |
MD5: | C2ED107C309F20F0C0BFCD9FFB11BED1 |
SHA1: | 38ED608CC271995183611849AC2C4E5462532545 |
SHA-256: | 561E24A2470E4B33B0F274B155EC318F663E651E0E4AE96E373599A2871737EE |
SHA-512: | F1F84E3F77360A3A2CCB40CC94C5EACE40975C418BAAC36406BF54B1F28438B6FE75BE381A8BC2BAE549E9BCFB32E5C09DC883953445B14D859884D3E2247B4B |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
Download File
Process: | C:\Windows\System32\Taskmgr.exe |
File Type: | |
Category: | modified |
Size (bytes): | 4 |
Entropy (8bit): | 1.5 |
Encrypted: | false |
SSDEEP: | |
MD5: | F49655F856ACB8884CC0ACE29216F511 |
SHA1: | CB0F1F87EC0455EC349AAA950C600475AC7B7B6B |
SHA-256: | 7852FCE59C67DDF1D6B8B997EAA1ADFAC004A9F3A91C37295DE9223674011FBA |
SHA-512: | 599E93D25B174524495ED29653052B3590133096404873318F05FD68F4C9A5C9A3B30574551141FBB73D7329D6BE342699A17F3AE84554BAB784776DFDA2D5F8 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.5162684137903053 |
Encrypted: | false |
SSDEEP: | |
MD5: | 84014AA643EFB29C45D8642746A8CBB0 |
SHA1: | E84040786487F16E005AD6D9F684F8CF646CDDCC |
SHA-256: | DE5F2E402C059CD5E533FE0B2B4731956349299E6D216C5ADA1766BEEC171E96 |
SHA-512: | AA09947158B76FAA648F44A2A49CD2416054F66302CC98DB66D63BEBA8B0234C1A33672862636795707A4752337466DD9D6C288F90B3C0B228FF7018CDB63939 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-04-23 10-13-10-560.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.353642815103214 |
Encrypted: | false |
SSDEEP: | |
MD5: | 91F06491552FC977E9E8AF47786EE7C1 |
SHA1: | 8FEB27904897FFCC2BE1A985D479D7F75F11CEFC |
SHA-256: | 06582F9F48220653B0CB355A53A9B145DA049C536D00095C57FCB3E941BA90BB |
SHA-512: | A63E6E0D25B88EBB6602885AB8E91167D37267B24516A11F7492F48876D3DDCAE44FFC386E146F3CF6EB4FA6AF251602143F254687B17FCFE6F00783095C5082 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 29752 |
Entropy (8bit): | 5.413576312644119 |
Encrypted: | false |
SSDEEP: | |
MD5: | 2ACA4BD181851A7E49A932358E22ABCE |
SHA1: | 57C8A71F739312B8672A6E6C13B5ACE8EE3ED2F0 |
SHA-256: | E404DBAE4C4A4C0599C8675A5AB22237D5F950575D39D70E19D082315E113D5C |
SHA-512: | AF057CD7740C2527D1CAC7168DFC7B150CEF9CA0DAE14E944A18BF2A370C717C19C41EC0D6356AC8705F9E934AB4E6ED388DE3DDC290A4980F5EE5691A187D17 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3A49135134665364308390AC398006F1 |
SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | |
MD5: | 1A39CAAE4C5F8AD2A98F0756FFCBA562 |
SHA1: | 279F2B503A0B10E257674D31532B01EA7DE0473F |
SHA-256: | 57D198C7BDB9B002B8C9C1E1CCFABFE81C00FE0A1E30A237196A7C133237AA95 |
SHA-512: | 73D083E92FB59C92049AF8DC31A0AA2F38755453FFB161D18A1C4244747EE88B7A850F7951FC10F842AE65F6CC8F6164231DB6261777EC5379B337CB379BEF99 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | |
MD5: | 22B260CB8C51C0D68C6550E4B061E25A |
SHA1: | DF9A5999C58A8D5ADBB3F8D1111EAB9E4778637E |
SHA-256: | DAB1231CC22DAB591EBB91C853E3EE41C10D3DA85D2EFAB67E9A52CCB3A3A5A0 |
SHA-512: | 503218D83C511A7F7CEA8BC171921D1435664B964F01A8C77DC0F4D0196DD2815D9444DA98278E1369552D004E9B091DD9B89663209F0C52ACB97FCE6AFFE7A9 |
Malicious: | false |
Reputation: | unknown |
Preview: |
File type: | |
Entropy (8bit): | 7.810952516482918 |
TrID: |
|
File name: | $DS_122189.pdf |
File size: | 250'712 bytes |
MD5: | cad17bf73508e70f9b340a734d60f4b5 |
SHA1: | cd2968de952f8af931938a0e1b31a86988fa8276 |
SHA256: | fa4c0ad480121283cfa6a970fc3e9314eb03538f91163612e31547bb3359ba90 |
SHA512: | 13ad5ce96eda8d62a08449c7aa68d09556fc7cb98cee10c76aecbe525ca5ccec13ed91530867e15cb391323191260ff7fc704943ac0fd7578c6c11cdfedf5b38 |
SSDEEP: | 6144:QHNeq+fB2GZoAQU1EbwqefTRON/tZfAoDGhixi:Q6fBIAQU1EUpfTQrZoos |
TLSH: | 7334127C6480F6CCD5A1C7F3AAFDA4D082ADB75BD2488073AC590DD29D86DD4BC2213A |
File Content Preview: | %PDF-1.4.%.....1 0 obj .<<./Lang (fr-FR)./Pages 2 0 R./Metadata 3 0 R./Type /Catalog.>>.endobj .3 0 obj .<<./Subtype /XML./Length 1130./Type /Metadata.>>.stream.<?xpacket begin="......" id="W5M0MpCehiHzreSzNTczkc9d"?>..<x:xmpmeta xmlns:x="adobe:ns:meta/" |
Icon Hash: | 62cc8caeb29e8ae0 |
General | |
---|---|
Header: | %PDF-1.4 |
Total Entropy: | 7.810953 |
Total Bytes: | 250712 |
Stream Entropy: | 7.812942 |
Stream Bytes: | 238524 |
Entropy outside Streams: | 5.007322 |
Bytes outside Streams: | 12188 |
Number of EOF found: | 1 |
Bytes after EOF: |
Name | Count |
---|---|
obj | 43 |
endobj | 43 |
stream | 20 |
endstream | 20 |
xref | 1 |
trailer | 1 |
startxref | 1 |
/Page | 3 |
/Encrypt | 0 |
/ObjStm | 0 |
/URI | 0 |
/JS | 0 |
/JavaScript | 0 |
/AA | 0 |
/OpenAction | 0 |
/AcroForm | 0 |
/JBIG2Decode | 0 |
/RichMedia | 0 |
/Launch | 0 |
/EmbeddedFile | 0 |
Image Streams |
---|
ID | DHASH | MD5 | Preview |
---|---|---|---|
15 | 00020697b5290010 | f70c7198c11dd57573ea2b56733e44a0 | |
9 | 000101494a840080 | e4f981ef4cdbe302ab13f285d40df39f | |
16 | 0000000094aa2090 | ad0b4434ee73776e2d8723230a536955 | |
8 | 0000000094aa2080 | 138ac50dff1ed2337a51e4c92cc88678 | |
19 | 000005100dbd3d03 | b68e41360655d055d0cebc19c547ce66 |