Windows
Analysis Report
VTL-1535.pdf
Overview
General Information
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- Acrobat.exe (PID: 6412 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\V TL-1535.pd f" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) - AcroCEF.exe (PID: 6548 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 3004 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --user-d ata-dir="C :\Users\us er\AppData \Local\CEF \User Data " --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=20 80 --field -trial-han dle=1720,i ,288129784 4661282025 ,982293235 2563221621 ,131072 -- disable-fe atures=Bac kForwardCa che,Calcul ateNativeW inOcclusio n,WinUseBr owserSpell Checker /p refetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 System Information Discovery | Remote Services | Data from Local System | Data Obfuscation | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | Junk Data | Exfiltration Over Bluetooth | Network Denial of Service |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | ReversingLabs | |||
2% | Virustotal | Browse |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1431047 |
Start date and time: | 2024-04-24 13:52:51 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 7s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowspdfcookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 11 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | VTL-1535.pdf |
Detection: | CLEAN |
Classification: | clean0.winPDF@14/44@0/0 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 23.3.84.164, 54.227.187.23, 52.202.204.11, 52.5.13.197, 23.22.254.206, 162.159.61.3, 172.64.41.3, 23.219.38.42, 23.219.38.40, 23.219.38.48, 23.219.38.58, 23.219.38.33, 23.219.38.51, 23.219.38.41, 23.219.38.57, 23.219.38.16
- Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, fs.microsoft.com, slscr.update.microsoft.com, acroipm2.adobe.com.edgesuite.net, ctldl.windowsupdate.com, p13n.adobe.io, acroipm2.adobe.com, fe3cr.delivery.mp.microsoft.com, ocsp.digicert.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, geo2.adobe.com
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.22400411846469 |
Encrypted: | false |
SSDEEP: | 6:iEuFN+q2PN72nKuAl9OmbnIFUt8nq+Zmw+nq6VkwON72nKuAl9OmbjLJ:SIvVaHAahFUt8q+/+qy5OaHAaSJ |
MD5: | 316A5F8BCF3B84E7B288BAA917323E4C |
SHA1: | 2D8433ACA11DE1BC3177B3B99843619D10763DAA |
SHA-256: | 8A371F0BB1A1B300A5B5A25284D04311F46BE7743DAD54FCF0B141F9A89D1C30 |
SHA-512: | 89664FCE5C401AB27A83DCB79677826611C78D20843E1D38566EF27D149DAC2CA91CCD246A3817234906164B58BD358287AF57153F94EF82D7BABD9DA854EE24 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.22400411846469 |
Encrypted: | false |
SSDEEP: | 6:iEuFN+q2PN72nKuAl9OmbnIFUt8nq+Zmw+nq6VkwON72nKuAl9OmbjLJ:SIvVaHAahFUt8q+/+qy5OaHAaSJ |
MD5: | 316A5F8BCF3B84E7B288BAA917323E4C |
SHA1: | 2D8433ACA11DE1BC3177B3B99843619D10763DAA |
SHA-256: | 8A371F0BB1A1B300A5B5A25284D04311F46BE7743DAD54FCF0B141F9A89D1C30 |
SHA-512: | 89664FCE5C401AB27A83DCB79677826611C78D20843E1D38566EF27D149DAC2CA91CCD246A3817234906164B58BD358287AF57153F94EF82D7BABD9DA854EE24 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 339 |
Entropy (8bit): | 5.207966259888897 |
Encrypted: | false |
SSDEEP: | 6:iiM+q2PN72nKuAl9Ombzo2jMGIFUt8nl96Zmw+nUTpMVkwON72nKuAl9Ombzo2jz:lM+vVaHAa8uFUt8v6/+sMV5OaHAa8RJ |
MD5: | A7E8B8F236AFCF576AC97DF69238DBA3 |
SHA1: | EF9FE7D191A95C4677752431D60A438D042D988D |
SHA-256: | 092F9F48BC0354F43D0D8F3E96D341872F94AC50389DD8E99182271B56DDA15D |
SHA-512: | AF971C1E4D6B747D8E1DF084CCD5771A64AFE99C3B192162F6E69AB0C2C46B572D79D618F2D081016C3A1949D562F8B03B2B0A62A89FD8BB5A660B48DD02CC64 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 339 |
Entropy (8bit): | 5.207966259888897 |
Encrypted: | false |
SSDEEP: | 6:iiM+q2PN72nKuAl9Ombzo2jMGIFUt8nl96Zmw+nUTpMVkwON72nKuAl9Ombzo2jz:lM+vVaHAa8uFUt8v6/+sMV5OaHAa8RJ |
MD5: | A7E8B8F236AFCF576AC97DF69238DBA3 |
SHA1: | EF9FE7D191A95C4677752431D60A438D042D988D |
SHA-256: | 092F9F48BC0354F43D0D8F3E96D341872F94AC50389DD8E99182271B56DDA15D |
SHA-512: | AF971C1E4D6B747D8E1DF084CCD5771A64AFE99C3B192162F6E69AB0C2C46B572D79D618F2D081016C3A1949D562F8B03B2B0A62A89FD8BB5A660B48DD02CC64 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\02013571-b65f-427f-a361-6f94831f9e9c.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 475 |
Entropy (8bit): | 4.964484232732606 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqZYpsBdOg2Hycaq3QYiubcP7E4T3y:Y2sRdst6dMHd3QYhbA7nby |
MD5: | D2465C92BEDC2BD8CD3D5D77C964380D |
SHA1: | 1FDF876E4B5DEE7EE46F32A338503FCB01A340FB |
SHA-256: | 1567A1930E20E14502CF57CC1F4107F1CB36A600F4F68BC24CC69217F85EFEFD |
SHA-512: | 33F1E0D02C7445AB98FA488303DCA68608E18E2A277D04F12F6B23E8878BCB6CCE1C58921AA5C380B57FB8C4FE1E5F905408946B2A224580EFA7DB9943132954 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 475 |
Entropy (8bit): | 4.964484232732606 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqZYpsBdOg2Hycaq3QYiubcP7E4T3y:Y2sRdst6dMHd3QYhbA7nby |
MD5: | D2465C92BEDC2BD8CD3D5D77C964380D |
SHA1: | 1FDF876E4B5DEE7EE46F32A338503FCB01A340FB |
SHA-256: | 1567A1930E20E14502CF57CC1F4107F1CB36A600F4F68BC24CC69217F85EFEFD |
SHA-512: | 33F1E0D02C7445AB98FA488303DCA68608E18E2A277D04F12F6B23E8878BCB6CCE1C58921AA5C380B57FB8C4FE1E5F905408946B2A224580EFA7DB9943132954 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 5859 |
Entropy (8bit): | 5.2475911772703565 |
Encrypted: | false |
SSDEEP: | 96:av+Nkkl+2GAouz3z3xfNLUS3vHp5OuDzUrMzh28qXAXFP74LRXOtW7ANwE7CiIVb:av+Nkkl+2G1uz3zhfZUyPp5OuDzUwzhu |
MD5: | 9A211C1D5052809B303A420CCA27905F |
SHA1: | 85F403352F419D8A5D1746CE808ADE00006F6A40 |
SHA-256: | 8B33504EAAD24BDA150D4E87E02577F09481FD7DB0A111560FDBD2C4F87CC684 |
SHA-512: | 2932FA9C2FB5EF79F9261DA06A0C0BA6D2DA9DB2F9568304670537E0BAEE4C66A673D72CFEEDE6015367253693DA41079C09B128F8756EFFCB65BCC0EDD75DF8 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 327 |
Entropy (8bit): | 5.199360147422053 |
Encrypted: | false |
SSDEEP: | 6:6M+q2PN72nKuAl9OmbzNMxIFUt86Zmw+IMVkwON72nKuAl9OmbzNMFLJ:6M+vVaHAa8jFUt86/+IMV5OaHAa84J |
MD5: | 9AFA2B9539458C3FE07B8BF32316C36E |
SHA1: | 8FDE551C27B92D97BBE1EBD627261F266F5B88B8 |
SHA-256: | 3DB9187E157F13F663FB1E35D4BBD2558463E41D160E2F76A7C273C1471E6D10 |
SHA-512: | A838A11CD919C97ED83642CBC630DFAA49828A458A91D1446904BE8F2E1776B56C3668C4819CBC50AD55F71BFFE8EB67F4EA7D1B35FFB4400333559B5FF3E87B |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 327 |
Entropy (8bit): | 5.199360147422053 |
Encrypted: | false |
SSDEEP: | 6:6M+q2PN72nKuAl9OmbzNMxIFUt86Zmw+IMVkwON72nKuAl9OmbzNMFLJ:6M+vVaHAa8jFUt86/+IMV5OaHAa84J |
MD5: | 9AFA2B9539458C3FE07B8BF32316C36E |
SHA1: | 8FDE551C27B92D97BBE1EBD627261F266F5B88B8 |
SHA-256: | 3DB9187E157F13F663FB1E35D4BBD2558463E41D160E2F76A7C273C1471E6D10 |
SHA-512: | A838A11CD919C97ED83642CBC630DFAA49828A458A91D1446904BE8F2E1776B56C3668C4819CBC50AD55F71BFFE8EB67F4EA7D1B35FFB4400333559B5FF3E87B |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240424115343Z-168.bmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71190 |
Entropy (8bit): | 1.7505174757137598 |
Encrypted: | false |
SSDEEP: | 192:iCXahjdtXo6CbwuPzQ5Tcq38bpOH03vG27v:LIdhCbwuLQtgOU3+27v |
MD5: | A81728809BDFCC0C42912C2C5223A6A7 |
SHA1: | 8B056D77CA9DCF483B1526C69CDB24C687D13564 |
SHA-256: | F7A0F77762A74E7A8CDC3FAEF68F09913293F79DB0D095EE830D52EC75A2B2DA |
SHA-512: | 5DDE77CE246393DAB8365F074366ACF161A5FBE99AFB1F7EB8B578C79EBB417207FC991D092E156B5F5D3ED060ECF3603844722D6E2925D1F87F597E44B0C05B |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 86016 |
Entropy (8bit): | 4.445087089518916 |
Encrypted: | false |
SSDEEP: | 384:ye6ci5tRiBA7aDQPsknQ0UNCFOa14ocOUw6zyFzqFkdZ+EUTTcdUZ5yDQhJL:mis3OazzU89UTTgUL |
MD5: | 5B1DF0B8BAAED5128A169191CDC9E843 |
SHA1: | A6BB71B1B636D8FDFF23E1A30DB602EACE5A6702 |
SHA-256: | FAB233D102DEE0E5C9D9F5DF8DB313A26E2EEF082EC3DEF02ECA04B418906B0F |
SHA-512: | 46898851B40C60D50D95C9DD0D4D853F22E004364BB389FCBCE1A762E12F012E0327A41C156780F173D33EF0F108FA229D2EBF84051DC1CA81DF09FB699DC870 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 3.77054823913998 |
Encrypted: | false |
SSDEEP: | 48:7MKo7JioyVjioyXoy1C7oy16oy11KOioy1noy1AYoy1Wioy1oioykioyBoy1noy2:7SJujZoXjBidvb9IVXEBodRBka |
MD5: | AEA5960E53974963276059E127B43D3B |
SHA1: | 9E40D55703F637FDD8A2EBB9E0A98E9174B78DD8 |
SHA-256: | FAC7456281DCA5618BD782C013D77384BA802006FF4D33C4E25973D2E34E98ED |
SHA-512: | AA0130DDFD97007C35A96846528BA1A7FFA021A1BF778C9381A547CE4A580B9663A86910697465612C023739F87256E1254778714A5EEEABDF9B37EC3521CB9C |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 227002 |
Entropy (8bit): | 3.392780893644728 |
Encrypted: | false |
SSDEEP: | 1536:qKPC4iyzDtrh1cK3XEivK7VK/3AYvYwgF/rRoL+sn:XPCaJ/3AYvYwglFoL+sn |
MD5: | 265E3E1166312A864FB63291EA661C6A |
SHA1: | 80DFF3187FF929596EB22E1DB9021BAD6F97178C |
SHA-256: | C13E08B1887A4E44DC39609D7234E8D732A6BC11313B55D6F4ECFB060CD87728 |
SHA-512: | 48776A2BFE8F25E5601DCC0137F7AB103D5684517334B806E3ACF61683DD9B283828475FC85CE0CBE4E8AF88E6F8B25EED0A77640E2CFFF2CC73708726519AFA |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.369082868216791 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXN0EkJoInZiQ0YaDoAvJM3g98kUwPeUkwRe9:YvXKXsoIc9sGMbLUkee9 |
MD5: | 7905E7460A9122DD318E3762A2AFCD7B |
SHA1: | 2A4432C58060B45FF6FCD24C0E76E7E775BE15D7 |
SHA-256: | 0B84596154B76A6AA58B329475FAE79564D9A4B7109AF77E5C643E4888E610EB |
SHA-512: | 62A9EAA6F4EFC9EC18142B6B0A3ADC52042DCE40F0F510D85CD8DB5119A08657B869B977891C718C70F2DB565ECDB0E232196325072DE407B428D3EE56EB6674 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.321399751339432 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXN0EkJoInZiQ0YaDoAvJfBoTfXpnrPeUkwRe9:YvXKXsoIc9sGWTfXcUkee9 |
MD5: | 95B3A6F037CFFA2BC47EF4A12A70D2E4 |
SHA1: | 94B889A54CE1E85EA598A0312DF8607479DF45D6 |
SHA-256: | 822FCEDAA8F5E53B0ED521C6A7C2DA0FF53649024C700B0EE3A6749A52438BA0 |
SHA-512: | 1404272537CE60D146B76E506DEF0229039EECF6AB6482011639D983AF2ED047DFE724A3454BAA6F8AFDFF7C871141737A85C3B4919296C29F78E86D067E7AEF |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.30010596556631 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXN0EkJoInZiQ0YaDoAvJfBD2G6UpnrPeUkwRe9:YvXKXsoIc9sGR22cUkee9 |
MD5: | CDB1F1EFE7055B7B8336C733780FAB77 |
SHA1: | 3CAA5D8CD9360A00760CD676D90404873BDEC691 |
SHA-256: | 603DCD90D643534DD9F4B534B8CBA054B4FFBAB885579EF30145FB7ECF4FF150 |
SHA-512: | 297B26608A7C15367BFA31F4E4C0ADBF985DA305EB57EA6F5A7F7F054BEB12304D5D3AFFE74831104C828D6E35BE74742672820172110F1E374469C6F9631944 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.349306127456151 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXN0EkJoInZiQ0YaDoAvJfPmwrPeUkwRe9:YvXKXsoIc9sGH56Ukee9 |
MD5: | C2F993D69C241C977B829FF41460FC92 |
SHA1: | BF5D46D7B23259FD1D4F866915870FE4BB049408 |
SHA-256: | 4976C4032B597029FD8CF58ABDEFE05CC47A37830A9F6E30889AFA848CD38617 |
SHA-512: | 75DD62C9B1F4D93D365E5E0D69ACBC57BC2686AC218701C30F22AE3B2E795E65E9E3896E90C4AF8B74E37BD81FC2B27EA156B4F4D7AA57D275F9EF04A026A085 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.31566019475933 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXN0EkJoInZiQ0YaDoAvJfJWCtMdPeUkwRe9:YvXKXsoIc9sGBS8Ukee9 |
MD5: | F37F3EA3CB725F9A32EF0BE3BC6110F2 |
SHA1: | 48BEC2A01D3385DC331017445DE3C265B2EF30AF |
SHA-256: | B3EDA11118A859D65014194A26D0990F5F135CBB67E5A52F1A58A26279A576B0 |
SHA-512: | D06089ACC88A854B9714195128EEE5F8083A3F9192491294925733E1980D193314934175962843C4BE6C0372049D8C842CAFCB516091CC2422D8300A4EA46B9D |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.300368797994321 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXN0EkJoInZiQ0YaDoAvJf8dPeUkwRe9:YvXKXsoIc9sGU8Ukee9 |
MD5: | CBF8DAF9E8B6B194D4E040314E324D19 |
SHA1: | CF26D3055964D74A9BF260F531DD9EA39B791A1B |
SHA-256: | 749AED474C9B2457BB22462C22D81913515DADD0CB2A5AE800F48D0C6CF146D3 |
SHA-512: | 70AB41B258906FCD29F939E5D435F6457C46564C22C6B088B363114D3EDFC2AB971B53DAE55CF4013A72DD150968FF4B9F60AB65F609DB7F8B3B325FA4978B48 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.302999063130585 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXN0EkJoInZiQ0YaDoAvJfQ1rPeUkwRe9:YvXKXsoIc9sGY16Ukee9 |
MD5: | 65E12ABB0BD29908BD6677655A448C9F |
SHA1: | 9475748A6B737E8E7153716C06245EE74589F090 |
SHA-256: | FA98E2B65B045A53D80DE121D60C742CB384ADA46FC9CE53D52A528D5F99F9EA |
SHA-512: | 24EDE0A2DBF8C02C8F224BD44067FA67B33E40D7DE56152C6929A420473923E509D082BFA77DE24146ED17901455A388AF67FF260CAF70E49A7D8ED2BC72B340 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.310353298903123 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXN0EkJoInZiQ0YaDoAvJfFldPeUkwRe9:YvXKXsoIc9sGz8Ukee9 |
MD5: | 754CF9F30072AAD3C641123BBA3B7390 |
SHA1: | 30D5B75F29DE30F24660B0C35158BD192B46D1A9 |
SHA-256: | 4480D88FD53E3557762AC36CDE613FBF554821E5E6D04B86FD73A90621BBAAEE |
SHA-512: | E7923BDFA1B6C2CF6BAEDAE49A1681CF74EEC8EFCE1CC8E9383529CE0418C7788BFC9E40ECE9889E423E09B269F01A763DDDF8F22E414F0823E1EFFF4CC7A72C |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1372 |
Entropy (8bit): | 5.744540773739331 |
Encrypted: | false |
SSDEEP: | 24:Yv6Xt9UKLgENRcbrZbq00iCCBrwJo++ns8ct4mFJNT:YvgUEgigrNt0wSJn+ns8cvFJ1 |
MD5: | 4872E7ABEB31DD95A270E24F0970D27C |
SHA1: | 4DEAD2D182C614018D9E2432C6A7413EE101B075 |
SHA-256: | 247C16F504B1EB869E522137154072CBE1A40574EE8E57B373C91815234F1C6B |
SHA-512: | 30E1E18169109AFB2F2A9AEB135CBAD5C447B6A336739F6B891827C20C51D1FA9B8F38CB764E951F44F49E834A8AF5D09DFACF3709F297ACB825B71362840F02 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.307634713793803 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXN0EkJoInZiQ0YaDoAvJfYdPeUkwRe9:YvXKXsoIc9sGg8Ukee9 |
MD5: | 6E0477367D21976432D088648001428A |
SHA1: | BB892869DBFD6F0687AFF43804D6B91C7D7DAFDF |
SHA-256: | 4D9B6C9AC6166FFA04FE0CE82A4D6D6D222ACCC1186B673CC9C2D24BA5F5D3AC |
SHA-512: | F3FFC99D8E99EBDD778535EC8284B18BD61CF6E410616D3BE454690D7DA1C62069C1D660099931A88C669E2ED4EE468758087EC16DA7B5AADD692BE5C3F7B862 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1395 |
Entropy (8bit): | 5.779544708273034 |
Encrypted: | false |
SSDEEP: | 24:Yv6Xt97rLgEGOc93W2JeFmaR7CQzttgBcu141CjrWpHfRzVCV9FJN7:Yvg7HgDv3W2aYQfgB5OUupHrQ9FJB |
MD5: | 69A96EE7D15DDEA687DA6F5C7D921DB5 |
SHA1: | FA0D3430FC1FAE23FEAD9D5885B9DB7B9E0F9E7B |
SHA-256: | 856BDF04A3B72045F9641AF0F3C862F1B53C283823B0AA130F313E8538408902 |
SHA-512: | 0DD24ECDC2B3AB2E24A9A5E291E742B634DA538FE1468E65CA5AAEA0A6CFE8B17DF03DFDCD8867181809D8FECDA23082C8D18067EBF49E7547A92958B88826FB |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.291129339207916 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXN0EkJoInZiQ0YaDoAvJfbPtdPeUkwRe9:YvXKXsoIc9sGDV8Ukee9 |
MD5: | B19F1FD51B43219BFBB5596EFE5DA020 |
SHA1: | FE95B8D2FFD28DABC50A977F21745D0341B94A79 |
SHA-256: | FB697FFF1BBCE16DA14356B0B4B4D4BC5C6EAC1C0338B776E72FC567F36C8E75 |
SHA-512: | 83F58136522AE1E68FA1C6F30ED72E73964DF0EA403ADE36E3003D6EFF811EB0D2C2AAEF10D5F8D5DE3374CC3D0BCC8B5C2ED59B2E7530C8BBBE982C1D45DE71 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.294301954750595 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXN0EkJoInZiQ0YaDoAvJf21rPeUkwRe9:YvXKXsoIc9sG+16Ukee9 |
MD5: | 5FACA033854A304C9910CC6C2F40C84D |
SHA1: | 0BF27138F6A371A23863710C51484D6D44F6C919 |
SHA-256: | 1E2F3BE2ABE7AE9A530443C13927E986D4E1C925CEF7510C77B7A7659F0E99A1 |
SHA-512: | 6F9BE78100A909082D637A37D85AF33996B9002C3ED9F95184D28F04D338696D491EACBF2E9F092703658BA906D63B740FFF39FD9EA501A798FE1E1D5BCBBEBB |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.31417602447773 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXN0EkJoInZiQ0YaDoAvJfbpatdPeUkwRe9:YvXKXsoIc9sGVat8Ukee9 |
MD5: | 4008D5C05042153E69CC64E612729F15 |
SHA1: | 5917ED1B77E86BDB6C64C575E295A80CD90181E9 |
SHA-256: | 0A7B9F1CBF6D3A446C8CF58F938B3C293287B725E319AA87DFCCF1BC44868BAD |
SHA-512: | B79D590919E1E257290B7BE0AD16666D0D99025B73B3E148AD0D1DBC8D9E57C16778F60A6BE85AD9AA56E7D57A280419CC31B8BC3FA77B2C89159BEEFECADBCB |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 286 |
Entropy (8bit): | 5.271257794412849 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXN0EkJoInZiQ0YaDoAvJfshHHrPeUkwRe9:YvXKXsoIc9sGUUUkee9 |
MD5: | 6AAB72C7C243D4D7485CEBCB2B96BB82 |
SHA1: | 9EFF979BA0B9D6EC751EBC077B81841B5DCF3587 |
SHA-256: | 84C8D7F71FF1675EB9BC344B7122902E9E1B5A24BB12F825FDE0B3BEEB69A622 |
SHA-512: | FED9B3F3D628ED726CFFDCADA239136E36B3BE4365C66409D62503785337739C5C7E568E44A9D3897AD3CC4F9C8EC5311F46FCF65D916E7F1E9CAB4024C8E68A |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 782 |
Entropy (8bit): | 5.367381921302291 |
Encrypted: | false |
SSDEEP: | 12:YvXKXsoIc9sGTq16Ukee1+3CEJ1KXd15kcyKMQo7P70c0WM6ZB/uhWGY:Yv6Xt9C168CgEXX5kcIfANhe |
MD5: | AA2DFE10FF40413A08ADE80F6FF7B74A |
SHA1: | A846A0BA384EF0B6BDA8BD03C56863AF4BA521CC |
SHA-256: | A6646AD57BD99EF16838042CC92C80CA935CAB0EBE34C5E31E92D37137BB05E9 |
SHA-512: | 22A3B26BB074C326E36F9D6A4C8BC444AB0953D2B60B75D130DF26CC1D7BA9F41091C6F446D0016D9CDD58BAE953A1097A0CA6A08D8746076192915A53B26548 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | 3:e:e |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2814 |
Entropy (8bit): | 5.136531963143788 |
Encrypted: | false |
SSDEEP: | 48:YAa1lzWoboEwH9ul3wKBFiWQwzgPQnO1O2U9W3g:NoboEwH9ul3wKBFiWQfYn6OfW3g |
MD5: | 0E24348A087E29EF0D5FD30617AC91E1 |
SHA1: | AE0E0FEDE2037656AA1641BFD186A1D34B1111C0 |
SHA-256: | DA04089F227B5D3749B135533070C36D35EF23F505C5421E88487F56FF0B63C7 |
SHA-512: | 6B29E20148CB42E9DD9FB83043BB3568F9A72D6CF97D1621D1BE7AB3730CFE504403FB3DA9CC9295E39E609EF48C46B193247DE3F28FE455941EFD0179470FF1 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 1.1462750934274777 |
Encrypted: | false |
SSDEEP: | 24:TLhx/XYKQvGJF7urs3fUQZRZXcMRZXcMZgux3Fmu3n9u1oGuDyIX4uDyvuOudIUO:TFl2GL7msvUsXc+XcGNFlRYIX2v3kiUy |
MD5: | A03213286ED01100B38846B361F88005 |
SHA1: | A2255E7E604EEE7B08E8B995B625B317E9444F04 |
SHA-256: | F35BD0F9EFDF9B0238F2EAFF8AE9F8A01AA946E6A9EBB7100AB447014736074B |
SHA-512: | 582EBB671AA600999349DCBD49DA9E1935383B6395CA81A77DE8570513DDDB82AB41C8560801E240DA4372DD1736FA0521B7BD7081692B5B4C5954A896A95930 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.552483086042294 |
Encrypted: | false |
SSDEEP: | 24:7+tk4fUQZUXcMRZXcMZgux3Fmu3n9u1oGuDyIX4uDyvuOudIUudcHRuLuxmqLxx0:7MdUbXc+XcGNFlRYIX2vzqVl2GL7ms6 |
MD5: | B08CF0D555F78361F994D273353B6E56 |
SHA1: | D33DB746DB466B2024CD1D164311D0528CA6195C |
SHA-256: | E6F0B4F0AF2A282ADA996B8C1A0B82B2FFB0808BA1B84A1E800BD007DC341015 |
SHA-512: | 96687C302871D73F9C7E012DD7E8A5D55E807B6901CBAC663C9F82D227BB3D8CB351B68A70D612ED9EF93763CC80FD8B03446B01BCB57141DDAAAC51BEF8293D |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.522811667751431 |
Encrypted: | false |
SSDEEP: | 6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K8c+aB:Qw946cPbiOxDlbYnuRKHF |
MD5: | 6680DC9F519EF0939BA6308BDEBE0993 |
SHA1: | 563D4AB444AD9A92FAC764A634A41ACCE2C6A7AE |
SHA-256: | F25387822DEABBC146759DA8F4CDE5299EE6D4860E01C8F2AA1A684D43A3F268 |
SHA-512: | 3F298DBB9982F4EE13E8D3CC99C2F24A946558469B3615D959A9CB19DD866C21B85CF13524221D35177AF94A809219DF39D4746682F848DF273D350398667A59 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 358 |
Entropy (8bit): | 5.023567066106634 |
Encrypted: | false |
SSDEEP: | 6:IngVMrexJzJT0y9VEQIFVmb/eu2g/86S1kxROOvIqGhJqGhqmCSyAAO:IngVMre9T0HQIDmy9g06JXOxqmlX |
MD5: | 94794524342ED5D99B742BC57E59EAF0 |
SHA1: | 709508D89070537A7AB86C384AA13639AA4F1F35 |
SHA-256: | 429066651EF442320ACA19FB31C23C827596F970ED7A272DB12E5266FB2CAD8E |
SHA-512: | 3A8CD389992C78C73C522BF32C7ACDAE10AA681CAD7CA83D521E8AEC9C06992265414E1AEB6AB5ED603B9073E31582BA245FC280A915095B83E1B185B94231AE |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-04-24 13-53-40-864.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.338264912747007 |
Encrypted: | false |
SSDEEP: | 384:lH4ZASLaTgKoBKkrNdOZTfUY9/B6u6AJ8dbBNrSVNspYiz5LkiTjgjQLhDydAY8s:kIb |
MD5: | 128A51060103D95314048C2F32A15C66 |
SHA1: | EEB64761BE485729CD12BF4FBF7F2A68BA1AD7DB |
SHA-256: | 601388D70DFB723E560FEA6AE08E5FEE8C1A980DF7DF9B6C10E1EC39705D4713 |
SHA-512: | 55099B6F65D6EF41BC0C077BF810A13BA338C503974B4A5F2AA8EB286E1FCF49DF96318B1DA691296FB71AA8F2A2EA1406C4E86F219B40FB837F2E0BF208E677 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16587 |
Entropy (8bit): | 5.363734387367229 |
Encrypted: | false |
SSDEEP: | 384:XKbXHX8t/t7tItPt8t5tJtet0g7gltnLxGxExmkMkzkzk2k/J92eLhL9LDeTppp4:T3pn |
MD5: | 05CA079E303614D62FF6153182471F49 |
SHA1: | AD168C004D748B7D293CA7C57220D2C21A18C99B |
SHA-256: | AAE6D0E1BE2DB705603E64D6408B30040B8BF23BCCB64A76B6055A8160E36D5F |
SHA-512: | 34FA6A2E399285C41C4FD294478EF0B61AB36FA2E23B93520A569967F6284903B3A29F2B3A7430AD4CD47510A742E32E7FED65B6722BDEBCD9B9632555735A07 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 29845 |
Entropy (8bit): | 5.39133997823613 |
Encrypted: | false |
SSDEEP: | 192:acb4I3dcbPcbaIO4cbYcbqnIdjcb6acbaIewcbKcbOI0Mcbr:V3fOCIdJDet05 |
MD5: | 3EE735D6AF81D8BFB3BAF058A7C384F0 |
SHA1: | 1BE70F6254389F2A0799C52C606EF98032D3FEF2 |
SHA-256: | 1D9C99FF4D3A61951D5FD8AE23FB4F7CB04CB8D277DD4DF57409008BD7A8C579 |
SHA-512: | DEFE103A3DD60B015700791F162D4135A6ACFADCADAEFB81669B2F928230B7915E6234D28E91F3FDE276FF2938367D20BC406BDB09FB4473FDFFF738BE016B08 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | 6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | 24576:/xA7owWLaGZDwYIGNPJodpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:JVwWLaGZDwZGk3mlind9i4ufFXpAXkru |
MD5: | 18E3D04537AF72FDBEB3760B2D10C80E |
SHA1: | B313CD0B25E41E5CF0DFB83B33AB3E3C7678D5CC |
SHA-256: | BBEF113A2057EE7EAC911DC960D36D4A62C262DAE5B1379257908228243BD6F4 |
SHA-512: | 2A5B9B0A5DC98151AD2346055DF2F7BFDE62F6069A4A6A9AB3377B644D61AE31609B9FC73BEE4A0E929F84BF30DA4C1CDE628915AC37C7542FD170D12DE41298 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | 12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg |
MD5: | 3A49135134665364308390AC398006F1 |
SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | 24576:/M7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R077WLaGZjZwYIGNPJe:RB3mlind9i4ufFXpAXkrfUs03WLaGZje |
MD5: | 716C2C392DCD15C95BBD760EEBABFCD0 |
SHA1: | 4B4CE9C6AED6A7F809236B2DAFA9987CA886E603 |
SHA-256: | DD3E6CFC38DA1B30D5250B132388EF73536D00628267E7F9C7E21603388724D8 |
SHA-512: | E164702386F24FF72111A53DA48DC57866D10DAE50A21D4737B5687E149FF9D673729C5D2F2B8DA9EB76A2E5727A2AFCFA5DE6CC0EEEF7D6EBADE784385460AF |
Malicious: | false |
Preview: |
File type: | |
Entropy (8bit): | 7.767217007254646 |
TrID: |
|
File name: | VTL-1535.pdf |
File size: | 94'924 bytes |
MD5: | 22b84969b0a5b9b175542d9ee54cedee |
SHA1: | 6b57d5080f3d5960bfe9bf89ccd68d8fc6b2d792 |
SHA256: | 6e7611dd2d06666bc97b347061883dfe2fe581b27915c1f3a5827bc62b5fef86 |
SHA512: | ac82555d85e6a0ee4c758fda582a824bd26e353fdce7cb44783495b7200e92032a0d6f0d21a6ef058f33613ba7b5d0e479a6755865eca48e143417c1c321654f |
SSDEEP: | 1536:RdJTX1p76huLvWB6huLvt0rR7Lv2Xf7c3OapNYhHxKd/l4p99:fJJYTs20ZviU1ooVMr |
TLSH: | 1B935824494C7CEED75697D60B1F7C1DB5AC7272F2D81621332CDB4207A4ABBA12B20E |
File Content Preview: | %PDF-1.7..%......1 0 obj..<</Type/Catalog/Pages 2 0 R/Lang(en) /StructTreeRoot 23 0 R/MarkInfo<</Marked true>>/Metadata 392 0 R/ViewerPreferences 393 0 R>>..endobj..2 0 obj..<</Type/Pages/Count 2/Kids[ 3 0 R 19 0 R] >>..endobj..3 0 obj..<</Type/Page/Paren |
Icon Hash: | 62cc8caeb29e8ae0 |
General | |
---|---|
Header: | %PDF-1.7 |
Total Entropy: | 7.767217 |
Total Bytes: | 94924 |
Stream Entropy: | 7.942044 |
Stream Bytes: | 81193 |
Entropy outside Streams: | 4.461449 |
Bytes outside Streams: | 13731 |
Number of EOF found: | 2 |
Bytes after EOF: |
Name | Count |
---|---|
obj | 32 |
endobj | 32 |
stream | 9 |
endstream | 9 |
xref | 2 |
trailer | 2 |
startxref | 2 |
/Page | 2 |
/Encrypt | 0 |
/ObjStm | 1 |
/URI | 0 |
/JS | 0 |
/JavaScript | 0 |
/AA | 0 |
/OpenAction | 0 |
/AcroForm | 0 |
/JBIG2Decode | 0 |
/RichMedia | 0 |
/Launch | 0 |
/EmbeddedFile | 0 |
Image Streams |
---|
ID | DHASH | MD5 | Preview |
---|---|---|---|
5 | a4676b6b525a1451 | b63b63a532f372998f17ded15df83d49 | |
21 | a4676b6b525a1451 | b63b63a532f372998f17ded15df83d49 |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 13:53:37 |
Start date: | 24/04/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff651090000 |
File size: | 5'641'176 bytes |
MD5 hash: | 24EAD1C46A47022347DC0F05F6EFBB8C |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Has exited: | true |
Target ID: | 2 |
Start time: | 13:53:38 |
Start date: | 24/04/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff70df30000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Has exited: | true |
Target ID: | 4 |
Start time: | 13:53:38 |
Start date: | 24/04/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff70df30000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Has exited: | true |