Windows
Analysis Report
VTL-1535.pdf
Overview
General Information
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- Acrobat.exe (PID: 744 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\V TL-1535.pd f" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) - AcroCEF.exe (PID: 7364 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 7588 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --user-d ata-dir="C :\Users\us er\AppData \Local\CEF \User Data " --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=21 00 --field -trial-han dle=1664,i ,446678279 2045461819 ,795058525 2457877801 ,131072 -- disable-fe atures=Bac kForwardCa che,Calcul ateNativeW inOcclusio n,WinUseBr owserSpell Checker /p refetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 System Information Discovery | Remote Services | Data from Local System | Data Obfuscation | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | Junk Data | Exfiltration Over Bluetooth | Network Denial of Service |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | ReversingLabs |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1431067 |
Start date and time: | 2024-04-24 14:34:27 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 22s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowspdfcookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 11 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | VTL-1535.pdf |
Detection: | CLEAN |
Classification: | clean0.winPDF@14/44@0/0 |
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 23.61.208.184, 23.1.236.34, 23.1.236.16, 54.227.187.23, 52.202.204.11, 52.5.13.197, 23.22.254.206, 162.159.61.3, 172.64.41.3, 184.28.81.158, 184.28.81.142
- Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, fs.microsoft.com, slscr.update.microsoft.com, acroipm2.adobe.com.edgesuite.net, ctldl.windowsupdate.com, p13n.adobe.io, acroipm2.adobe.com, fe3cr.delivery.mp.microsoft.com, ocsp.digicert.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, geo2.adobe.com
- Not all processes where analyzed, report is missing behavior information
- VT rate limit hit for: VTL-1535.pdf
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.197093080520967 |
Encrypted: | false |
SSDEEP: | 6:v7Vq2Pwkn2nKuAl9OmbnIFUt8YrFYTgZmw+YrFYTIkwOwkn2nKuAl9OmbjLJ:BvYfHAahFUt8GH/+GV5JfHAaSJ |
MD5: | C4CB809A7B7F1073FE082EB597753645 |
SHA1: | E37104A0ACE3F7CA3BE49B0A2247646865C7D24D |
SHA-256: | 430DB4B218B53DD4C79B5554811924D4960AD485BFDCE3D7ECF5A90FB2E46578 |
SHA-512: | 5019BF9BC54783D8E2BF9832E5BE635596C9E56D2C580E4E95A6B4E995AF3E0485181898C98BF211E52A09CC5C6A31397FB93FCDF45720D51741E2B967093C1D |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.197093080520967 |
Encrypted: | false |
SSDEEP: | 6:v7Vq2Pwkn2nKuAl9OmbnIFUt8YrFYTgZmw+YrFYTIkwOwkn2nKuAl9OmbjLJ:BvYfHAahFUt8GH/+GV5JfHAaSJ |
MD5: | C4CB809A7B7F1073FE082EB597753645 |
SHA1: | E37104A0ACE3F7CA3BE49B0A2247646865C7D24D |
SHA-256: | 430DB4B218B53DD4C79B5554811924D4960AD485BFDCE3D7ECF5A90FB2E46578 |
SHA-512: | 5019BF9BC54783D8E2BF9832E5BE635596C9E56D2C580E4E95A6B4E995AF3E0485181898C98BF211E52A09CC5C6A31397FB93FCDF45720D51741E2B967093C1D |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 336 |
Entropy (8bit): | 5.176996555546948 |
Encrypted: | false |
SSDEEP: | 6:vnUwE9+q2Pwkn2nKuAl9Ombzo2jMGIFUt8YNQ2WZmw+YP9VkwOwkn2nKuAl9OmbX:8wE9+vYfHAa8uFUt8SQJ/+89V5JfHAaU |
MD5: | DD5998AEAB4239CE6549A16CD24C257E |
SHA1: | F1FC67BAABCF082AA751EB92705C0A8AA56CFE9F |
SHA-256: | C8DC0C3997B9758670A212BDBF944BB8CFC7CCAB3837D5BCB894E9C9BD5205A3 |
SHA-512: | E8A3796D3B3D396A274DC1B75A7E98747673A6B8B56CC41247BD577FD42C1D9B64B6523CC98F0A4EEA108BBD757272D023217CC3FB80E18C1795644A56A0C41B |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 336 |
Entropy (8bit): | 5.176996555546948 |
Encrypted: | false |
SSDEEP: | 6:vnUwE9+q2Pwkn2nKuAl9Ombzo2jMGIFUt8YNQ2WZmw+YP9VkwOwkn2nKuAl9OmbX:8wE9+vYfHAa8uFUt8SQJ/+89V5JfHAaU |
MD5: | DD5998AEAB4239CE6549A16CD24C257E |
SHA1: | F1FC67BAABCF082AA751EB92705C0A8AA56CFE9F |
SHA-256: | C8DC0C3997B9758670A212BDBF944BB8CFC7CCAB3837D5BCB894E9C9BD5205A3 |
SHA-512: | E8A3796D3B3D396A274DC1B75A7E98747673A6B8B56CC41247BD577FD42C1D9B64B6523CC98F0A4EEA108BBD757272D023217CC3FB80E18C1795644A56A0C41B |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 475 |
Entropy (8bit): | 4.968015424318641 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqZnsBdOg2Hncaq3QYiubInP7E4T3y:Y2sRds7dMHG3QYhbG7nby |
MD5: | DF9954063ACE27A785B2A8593A2E99B8 |
SHA1: | 65CB851B3C5BB8456D3CBC6D4BABE86D3BB37AE8 |
SHA-256: | FA8666477CAE0735AD6127CDBAA6634688A7D82E1C3C5A917A6047466C93361F |
SHA-512: | 0B1502637A0414852B6A801FC8B9621F803C3ED297A02A00106EA017A91FF244CA1274652C159815B870F4B1729BAB5DB31F23283CC7E6998D355FC02E663F5F |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\cde6ff0b-477c-42ec-aa8b-03bff2c196bc.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 475 |
Entropy (8bit): | 4.968015424318641 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqZnsBdOg2Hncaq3QYiubInP7E4T3y:Y2sRds7dMHG3QYhbG7nby |
MD5: | DF9954063ACE27A785B2A8593A2E99B8 |
SHA1: | 65CB851B3C5BB8456D3CBC6D4BABE86D3BB37AE8 |
SHA-256: | FA8666477CAE0735AD6127CDBAA6634688A7D82E1C3C5A917A6047466C93361F |
SHA-512: | 0B1502637A0414852B6A801FC8B9621F803C3ED297A02A00106EA017A91FF244CA1274652C159815B870F4B1729BAB5DB31F23283CC7E6998D355FC02E663F5F |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4730 |
Entropy (8bit): | 5.258801943704671 |
Encrypted: | false |
SSDEEP: | 96:etJCV4FAsszrNamjTN/2rjYMta02fDtehgO7BtTgo7roeCZ:etJCV4FiN/jTN/2r8Mta02fEhgO73goA |
MD5: | D6C39C50727AC2BB3AEA7692D7196A27 |
SHA1: | EED9D1061EDA162E4C39F79396AFF8BAE8A65E6C |
SHA-256: | 95E0D9919B972A6BDA9EDD893E5B5056A34600BD3EA114851FBA712E1DA23114 |
SHA-512: | AAB14BE408CE93655AF4ECE1B0CF5B0C84648404F994178B4E987A897EA6E79214928ABC7F4167E63A81C9433B234B98F6D9AE0DFFFC90074B25BD488CE2AD3F |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 324 |
Entropy (8bit): | 5.178868138714307 |
Encrypted: | false |
SSDEEP: | 6:vR09+q2Pwkn2nKuAl9OmbzNMxIFUt8YuPVE2WZmw+Y1E9VkwOwkn2nKuAl9OmbzE:O9+vYfHAa8jFUt8LP+J/+N9V5JfHAa8E |
MD5: | 98B37715F9888833A7D0FF919726398F |
SHA1: | DB19E2B6877214835E8181253FE17734F968C49F |
SHA-256: | F9D83815FD682A19A414082F257B01840B773A8BAC2D63FC93A41B60C11B2C8C |
SHA-512: | 84874D052E97379C09895CBF74710D3565FA0B287350BB75552A999FCF2E69107BABB96DA750FA3EE48F65A1A5E8014C43A768CFEDB311CB94618FC98168444D |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 324 |
Entropy (8bit): | 5.178868138714307 |
Encrypted: | false |
SSDEEP: | 6:vR09+q2Pwkn2nKuAl9OmbzNMxIFUt8YuPVE2WZmw+Y1E9VkwOwkn2nKuAl9OmbzE:O9+vYfHAa8jFUt8LP+J/+N9V5JfHAa8E |
MD5: | 98B37715F9888833A7D0FF919726398F |
SHA1: | DB19E2B6877214835E8181253FE17734F968C49F |
SHA-256: | F9D83815FD682A19A414082F257B01840B773A8BAC2D63FC93A41B60C11B2C8C |
SHA-512: | 84874D052E97379C09895CBF74710D3565FA0B287350BB75552A999FCF2E69107BABB96DA750FA3EE48F65A1A5E8014C43A768CFEDB311CB94618FC98168444D |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240424123543Z-170.bmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71190 |
Entropy (8bit): | 1.7505174757137598 |
Encrypted: | false |
SSDEEP: | 192:iCXahjdtXo6CbwuPzQ5Tcq38bpOH03vG27v:LIdhCbwuLQtgOU3+27v |
MD5: | A81728809BDFCC0C42912C2C5223A6A7 |
SHA1: | 8B056D77CA9DCF483B1526C69CDB24C687D13564 |
SHA-256: | F7A0F77762A74E7A8CDC3FAEF68F09913293F79DB0D095EE830D52EC75A2B2DA |
SHA-512: | 5DDE77CE246393DAB8365F074366ACF161A5FBE99AFB1F7EB8B578C79EBB417207FC991D092E156B5F5D3ED060ECF3603844722D6E2925D1F87F597E44B0C05B |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 86016 |
Entropy (8bit): | 4.4453293634865885 |
Encrypted: | false |
SSDEEP: | 384:yezci5t4iBA7aDQPsknQ0UNCFOa14ocOUw6zyFzqFkdZ+EUTTcdUZ5yDQhJL:rfs3OazzU89UTTgUL |
MD5: | 5B7A3EBFA58F8B20C525E809F380CEE2 |
SHA1: | 62855A4C0F5A124D482DE076D4640AAC94B844F3 |
SHA-256: | 99FDB652EDFE00D4EDA26107B3F07B19101EC106E8D3C612B7C339DAE9458B28 |
SHA-512: | 5FBA597866747BB9616BC647F4E7331B56DF453EAB12766C9F0515D955B1B19E9C216B116CDACCC236451869638BD68E71ACC66F6718AC3723F50CF64417D1E1 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 3.7769778770579645 |
Encrypted: | false |
SSDEEP: | 48:7Mrp/E2ioyViioy9oWoy1Cwoy1+KOioy1noy1AYoy1Wioy1hioybioy8oy1noy1H:70pjuiFpXKQFlb9IVXEBodRBkF |
MD5: | 43C9D5AABEED25A30EDD8EB47232D722 |
SHA1: | 4250659134FF2849EF9F848AF68187E435E66259 |
SHA-256: | 85B93A67A9AEF0384B6E3F109DEE7A97E04A05F5B1FEFA344CDA02639E2D46CB |
SHA-512: | 049C6CAD25CC0DC605E54CE3BCD2C4A7AA0EC293F0AF3E75D2C4CD2C82808979A274D88E28A43BF708E0F915F2A212392FBEF9B55F1ED954B0A9E24C35A4473D |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 243196 |
Entropy (8bit): | 3.3450692389394283 |
Encrypted: | false |
SSDEEP: | 1536:vKPCPiyzDtrh1cK3XEivK7VK/3AYvYwgqErRo+RQn:yPClJ/3AYvYwghFo+RQn |
MD5: | F5567C4FF4AB049B696D3BE0DD72A793 |
SHA1: | EBEADDE9FF0AF2C201A5F7CC747C9EA61CFA6916 |
SHA-256: | D8DBFE71873929825A420F73821F3FF0254D51984FAAA82E1B89D31188F77C04 |
SHA-512: | E769735991E5B1331E259608854D00CDA4F3E92285FDC500158CBD09CBCCEAD8A387F78256A43919B13EBE70C995D19242377C315B0CCBBD4F813251608C1D56 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.383054830138272 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX1cD3fGjXmVoZcg1vRcR0YBQ2DoAvJM3g98kUwPeUkwRe9:YvXKX1CvGbZc0vULsGMbLUkee9 |
MD5: | 8EE7844B0204EA5D5C7C4CBEC420B7A4 |
SHA1: | 5ABD528ECC982C800F0ACFC948CDB815AC9DBBF9 |
SHA-256: | B36C00B8D254DB3783D69FA90FC7AEFDBEF97BADE2A5BC466BBAC31F0B191F3B |
SHA-512: | 9CD1A23245BD6C08FA6971EF15F08D051FF19EACCDA1325C304FF2CFB7CD9D23C38AEEF60C378BE02A6D1D1E6FA02083A39744B9DE2AA0B5492F2B221E786C48 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.33561141999215 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX1cD3fGjXmVoZcg1vRcR0YBQ2DoAvJfBoTfXpnrPeUkwRe9:YvXKX1CvGbZc0vULsGWTfXcUkee9 |
MD5: | 1C6A3D349FF093C14FF9D71888303F5E |
SHA1: | 73F157E6B965535FEA7C63540BBA0B19B41C8D44 |
SHA-256: | C61B3DE84DA108A593E346E88CA1CC8A3DEF0D7AB04C7588EF0070025F3DD2E7 |
SHA-512: | 6AF404B88E633433C1C2F8912A4253C5D2BEC5DCC4D388F271A62C9F3F2826CB7BC44CD34F55E9BCD16D57B1E2656E95C834396ADE1DA70F46F2AE0E1641837B |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.31401073886058 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX1cD3fGjXmVoZcg1vRcR0YBQ2DoAvJfBD2G6UpnrPeUkwRe9:YvXKX1CvGbZc0vULsGR22cUkee9 |
MD5: | C816F2CDAB5080FE44BCD571178D4831 |
SHA1: | 5A941BD0120E117A7E349B65069EC082BA838789 |
SHA-256: | ECBC050AF0DC453ABCD879CC951661634A3FF5F7F27CEC0B3AE398CAF1B9A36A |
SHA-512: | F156E2BD1397C036D6CC0074D0C0E5B4D0E5DC770F3DC22BADC15AF62F1B3E1B116F82FBAADBA4CB61B50662D9F72DBD9D2711D6B728CB7AFE18AD8B3B4842B2 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.370756264186804 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX1cD3fGjXmVoZcg1vRcR0YBQ2DoAvJfPmwrPeUkwRe9:YvXKX1CvGbZc0vULsGH56Ukee9 |
MD5: | D26C2A660D1D48C5ED3B80608BFF6610 |
SHA1: | 2A0C820D21D8B08DB99635209659A46282C49407 |
SHA-256: | 427F0A331E1FD48D69ED6ACA7144373DD04A7C3E41A8A807ADBF1073B31CA85D |
SHA-512: | 9DDB8EDC1B941EAE369C88EA18C99065DDBEC159F9A1E231D9439D039FE0A4A6D44D5972E5B2CBC88B9208901456272ED9D63E6240E8614399E0BF137FD6BA30 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.334118797064049 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX1cD3fGjXmVoZcg1vRcR0YBQ2DoAvJfJWCtMdPeUkwRe9:YvXKX1CvGbZc0vULsGBS8Ukee9 |
MD5: | AD0A2CC16A1849EDB762E743796FD7E9 |
SHA1: | D602013EEF8F173A64B0FF50E09F0F21115902E8 |
SHA-256: | FB69A67120311FF6235CB0E3499DFAE647C83B1A104E00C987AA08E1F05C68E9 |
SHA-512: | 703C34B6E611456E66577070AAF53522F3FDF3ADB2339383A3B0F2DEC8E594C73205564DB10659E2429D200BE6EB088283384FB3C8FFBD49D6B46ED44E580ECA |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.321149604238234 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX1cD3fGjXmVoZcg1vRcR0YBQ2DoAvJf8dPeUkwRe9:YvXKX1CvGbZc0vULsGU8Ukee9 |
MD5: | 5A4CB2030E705542A6E165297BCE4315 |
SHA1: | 9C62C77CB86DA2A011B8739A567228F5CBB4C210 |
SHA-256: | 871FEF0F760B80AAA41E0D7AA6D1EA08C4A173991088375EF1853583880D5CFA |
SHA-512: | 81CCCC1B6AAB9ED17177C8073CC776CA291157E56DAB086AF9E4237263C8B763CB605CC859D0F0F5BA395307942E5117FE666E8B0FD2478CFDD9DB9DD9038132 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.3257235455802725 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX1cD3fGjXmVoZcg1vRcR0YBQ2DoAvJfQ1rPeUkwRe9:YvXKX1CvGbZc0vULsGY16Ukee9 |
MD5: | 1BC6EB5B7CF725EE1B62238C6A686A93 |
SHA1: | 29CFC944C03F70A5144A0D16BD761798F356BD57 |
SHA-256: | D8897E6F4A971A0C591EB374A4BC4C74A1C484C209E1E0A0384A1D419AAC403E |
SHA-512: | 4F83EE4FCC128B8C20B698D596CFB7BEE72ADA7FE4F8460E6B571FD60B3D1015E83E70444F814B0CB9649DF87473CE060E44DEFDD82C8B523B1A7438DB3DF727 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.332219162730972 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX1cD3fGjXmVoZcg1vRcR0YBQ2DoAvJfFldPeUkwRe9:YvXKX1CvGbZc0vULsGz8Ukee9 |
MD5: | 9DD7493F838FA272B3ADDA25FCC17F97 |
SHA1: | 9F85A56BD7EF5D8F5752AFE563926732DF8BE800 |
SHA-256: | 2325493071E820E575F53A7BA6704F798FDBDC3EBCD14B45AE2B6F7D9E74C5AC |
SHA-512: | 15454D7720204D5896274726C536632C4B30702C633BF7C408A2399F98FB322670AF4E530C9A0408791223CF8489A483B5773B25FFB1536FD81C6801B158DD62 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1372 |
Entropy (8bit): | 5.745580419358557 |
Encrypted: | false |
SSDEEP: | 24:Yv6X1CvOzvULUKLgENRcbrZbq00iCCBrwJo++ns8ct4mFJNez1:YvBvmcoEgigrNt0wSJn+ns8cvFJYh |
MD5: | 4496F5B6FB5A6B022F20D60525204826 |
SHA1: | CD10DD87BBE150443CE59D15D21FDDE79CA679C6 |
SHA-256: | BA8B2CFC604413BE775D360D2517BE3112D0866B74FB28EF6A12F8C7EC3CA6A7 |
SHA-512: | B2965EEAAA867C1C8EF5C89D491B9D932335713E85E23564377B58D5976B47EFE284CCA9DEE9032F588CB0CB1D69D36E7379BE0A1D2D14D93AF96A0451135E23 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.3275462703667396 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX1cD3fGjXmVoZcg1vRcR0YBQ2DoAvJfYdPeUkwRe9:YvXKX1CvGbZc0vULsGg8Ukee9 |
MD5: | 4A85CF465D5AF71552A14C0535B1E021 |
SHA1: | 2C647267FBB1B70B63B56BAB0DEDAC56B5ED7BF8 |
SHA-256: | D12BC153D5A2BCBAF45D378F56869A9183E7B998D48CAC6B3D3D6CFD3DE2C421 |
SHA-512: | 98E5C4EF9D6A656BC9A53B6489C92952D20043459449E844DC3B6258D3455E1D40F87B95953DFCED1A014639BADE611CAFF297511FA4F80D9378C9BEEB965C58 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1395 |
Entropy (8bit): | 5.782106173845349 |
Encrypted: | false |
SSDEEP: | 24:Yv6X1CvOzvUL7rLgEGOc93W2JeFmaR7CQzttgBcu141CjrWpHfRzVCV9FJNGG:YvBvmcHHgDv3W2aYQfgB5OUupHrQ9FJT |
MD5: | 484AA7E697B1D9302BEBF3781ACF6459 |
SHA1: | 282C8EF49DC849F17BC0A98EE5B556821378FB00 |
SHA-256: | 026BA2E6B3525641A69AC3A4135680DE36B14CD509E1257145F804F5991D411C |
SHA-512: | 41E71C3A629977E12DB1241B7000326D65338D980C0B221C18E749A5DADF2EC45435D41697370B1B98E48E6B0753F2A7A8C2E8653B8D2160B52CFC71ED9BB791 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.310904046594783 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX1cD3fGjXmVoZcg1vRcR0YBQ2DoAvJfbPtdPeUkwRe9:YvXKX1CvGbZc0vULsGDV8Ukee9 |
MD5: | BDC376AA1509559BC469BEDA98923165 |
SHA1: | 9B363D5998A3F9D473BB53460F024586DA93F73F |
SHA-256: | E17BD39A14F431D840436704CEA1220B018957243549FDAD6D52741A111BC1BD |
SHA-512: | C9F5A0C1E30EF533919AEDCF0944BAD81CC1172DF1B8620CC2C7B722F0E397E04B12E4218C61F7FF8EBF7452D1FC9770DFA26A9FEBB44D50F9CFE0ADC2063426 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.316232646336004 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX1cD3fGjXmVoZcg1vRcR0YBQ2DoAvJf21rPeUkwRe9:YvXKX1CvGbZc0vULsG+16Ukee9 |
MD5: | 1DFA3E7C486EC217199422F9C81AA240 |
SHA1: | 4FF7F610827127E91D7E88539AF9820E0280E1E3 |
SHA-256: | 1E0CA5A5192C4B7954CE2D0C0271258987DDDF1C9098D4967911D846DE564B5D |
SHA-512: | F12E1C17CEF3CFE8F2E1523A204D9974AFAB3FD8F130BD0DAD4822997E9037839C56428BB0F11DF24855601B6DBFD7AC4CD0760A46D68BEABDF4563F36F30AC9 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.33377537608394 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX1cD3fGjXmVoZcg1vRcR0YBQ2DoAvJfbpatdPeUkwRe9:YvXKX1CvGbZc0vULsGVat8Ukee9 |
MD5: | 961B9088BD6E37693ACFD71C0DF328B9 |
SHA1: | 853BB60D732EDF0086B1E0094748D46E2D5666B2 |
SHA-256: | C1B3C5D28ECE38D6033056FC01C75E5B6B7CB98AA90555F998F46B2FE535A81E |
SHA-512: | 8DADDDC0C9B68328FE823147FF6528C258B4DF36CF75CCFD5861FC864E14FF0391B7D8E0DBB4732B18B8E2029CB798B8B57847B8B4AA23DA6BCE3B99D9D22BDA |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 286 |
Entropy (8bit): | 5.2933530204486825 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX1cD3fGjXmVoZcg1vRcR0YBQ2DoAvJfshHHrPeUkwRe9:YvXKX1CvGbZc0vULsGUUUkee9 |
MD5: | BFC481BDE6A3B1B00A5D4C7A55324753 |
SHA1: | 68B98C31B2439BE91967F3CD9A1F66E80E5E76E6 |
SHA-256: | A684E01E30309783D99AC1AE8299DE4DBD2482DC2CEC6F1B3BE4B054C4EA0A98 |
SHA-512: | 780672CEE8B4856F15E79DA7D835117F4338BBF3887448155828D268AFCF5D963844A1118776C7A77B3DF887F72D281C15F1A8FC9AE3313BF3732875D69ED90D |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 782 |
Entropy (8bit): | 5.377597423030982 |
Encrypted: | false |
SSDEEP: | 12:YvXKX1CvGbZc0vULsGTq16Ukee1+3CEJ1KXd15kcyKMQo7P70c0WM6ZB/uhWKz1:Yv6X1CvOzvULC168CgEXX5kcIfANhBz1 |
MD5: | AC819A4A632CD63C92B7E21D94517BD2 |
SHA1: | 455426DFB2FEE554C29657E19B2BB1594451EA8E |
SHA-256: | 52692AFB1621B523B043059B2D73AE083B6DE3668483EF2CB9A0698E791953E1 |
SHA-512: | 005E632B6A24780FCF675AD925E5E2C3BAD0F5DC7F572DA1AE76BADF01835C5AEC02D25F5E616D0DDF93C6CF46D55751FC16921B957946E3D6A7984E5B23ED64 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | 3:e:e |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2814 |
Entropy (8bit): | 5.140398642975479 |
Encrypted: | false |
SSDEEP: | 48:YxJKcOrYx3fh4gQvXx54bc6Hoz2G+6nK9xcx2Pg6W8HI9OWj9h:mgvUx3fh4gur4bnIzX+6nRxJ6W1OWj9h |
MD5: | 8D8E456E21CF1460A679E4C59D0397DC |
SHA1: | 197B16627CC8D5FFFDE359452D7F627471BF3EE4 |
SHA-256: | C4B5EC7100D27CC4CC4E98535D76DA7B57C85E87351BFAEF07D4E3333AD47350 |
SHA-512: | 8F915AC79EC6F03872C751D13E637BBE83B402A564D4664B36F0CE1B41AE12506AD95E8E977F1430ED73B852094274FF5443206D77D3999A25C22DFF5C246C1E |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 1.1873224299974618 |
Encrypted: | false |
SSDEEP: | 48:TGufl2GL7msEHUUUUUUUUOSvR9H9vxFGiDIAEkGVvp8:lNVmswUUUUUUUUO+FGSItI |
MD5: | FAAE12B5042BC5F0D23F6AB4982E0A61 |
SHA1: | 6EE2E8690EE18039C0AA7A997A6BF3F124A40CB4 |
SHA-256: | 9A1C8783B8DB5527DFD1719D62230199D9F671BEB4C650517CB14A5C4288DB57 |
SHA-512: | 1C7ED5270CB6813FAF68507571A8DD8CEE0571F809B4AFCF41ACDA798930016C6899673D9F5B709AFDF0D1A13CF50DBF047283E9F325297148BD4AC91365814C |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.6069871296816616 |
Encrypted: | false |
SSDEEP: | 48:7MeKUUUUUUUUUUcvR9H9vxFGiDIAEkGVvNqFl2GL7msu:7CUUUUUUUUUUsFGSItTKVmsu |
MD5: | 1C1CAB29E845E79692AE3DA9D73BFC03 |
SHA1: | 4ECB3DC7DF417C6673BC77A53AB4F9257D32D36E |
SHA-256: | 00029280B122293ED18C4159B514F8527A187659469CFEAB52C80F7F86A81386 |
SHA-512: | 33DFC6A8498C4E488AAC0367FCC079A9D4F9EAF4B82BA5A59511DE46A80047692BE10A0517A1861DD1C92D7DA7B3FC8377D34B0407B1F26FA36493D6F092E60F |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.524398495091119 |
Encrypted: | false |
SSDEEP: | 6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K8c+aRd6e:Qw946cPbiOxDlbYnuRKHz |
MD5: | 9D1A8B15E43C8303A900028E9DDC095E |
SHA1: | 1B7D5001D1C55726A353AE156ED1639F1B611978 |
SHA-256: | 89507B6366190070E93C3B025697897A92E9A284D60213B27C442B8D7B902E77 |
SHA-512: | E7D2E25D9A98B6EB92AA0BF037DBE511BDAAF101A9C574556FE4975A59C0824BFDD8CB8F457749FC6C5F80972ECB5167A459EEB89764A46B5A9ED379CBF1E77D |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 358 |
Entropy (8bit): | 5.077618690959493 |
Encrypted: | false |
SSDEEP: | 6:IngVMrexJzJT0y9VEQIFVmb/eu2g/86S1kxROOVonnkAMannnkAM+CSyAAO:IngVMre9T0HQIDmy9g06JXenLM6nLM+R |
MD5: | 502E6BC9241DD33964389FA3B82B99D2 |
SHA1: | 763B6ABFB51668EEC2DC13B1749A3DB16574E69E |
SHA-256: | FAD8B23BA3F390CD01047DC39E0DF31D4FDEB921537CCDDE4F0CD9A80A85C1F5 |
SHA-512: | 827F3F08F4CB2DDA8EABB1748A7FD8EF4ACDD2A5FD233DBCEA1B05D4B84241D725AC0D111D36F76F5934D55E4A4EAEA6FE1F94BED86A57C7372CF4C43528593A |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-04-24 14-35-40-919.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.345946398610936 |
Encrypted: | false |
SSDEEP: | 384:zHIq8qrq0qoq/qUILImCIrImI9IWdFdDdoPtPTPtP7ygyAydy0yGV///X/J/VokV:nNW |
MD5: | 8947C10F5AB6CFFFAE64BCA79B5A0BE3 |
SHA1: | 70F87EEB71BA1BE43D2ABAB7563F94C73AB5F778 |
SHA-256: | 4F3449101521DA7DF6B58A2C856592E1359BA8BD1ACD0688ECF4292BA5388485 |
SHA-512: | B76DB9EF3AE758F00CAF0C1705105C875838C7801F7265B17396466EECDA4BCD915DA4611155C5F2AD1C82A800C1BEC855E52E2203421815F915B77AA7331CA0 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16603 |
Entropy (8bit): | 5.372167109654566 |
Encrypted: | false |
SSDEEP: | 384:WsdRMRRQd8oVYL7OP7t2ttj6j7YbUrfOe5H0A8ayvC625sskX/7i5ijqkCbAVt9g:WYz885 |
MD5: | 0F02CF4BF4051EDCD34290B6E86CE579 |
SHA1: | 189599051860819C350AB45AEF53CD46A6FD5D75 |
SHA-256: | 03E2101AD959D6D6EBE82D8CDB8D7D00485E57A5CA975C1C094CAE147D452572 |
SHA-512: | 94B33213C64ACF8AA547AB3F2DBE12E6017C6E5DD94195F8DDE0B18AFB8F50887718035CC2072519A816DD0521E9FBAACF877EC8DE95BD7B5551690DAC934C96 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 29845 |
Entropy (8bit): | 5.382020423432386 |
Encrypted: | false |
SSDEEP: | 768:anddBuBYZwcfCnwZCnR8Bu5hx18HoCnLlAY+iCBuzhLCnx1CnPrRRFS10l8gT2ru:S |
MD5: | 638B945FAA33114DB679BA0523E53B75 |
SHA1: | 46249DE1CC58E35F8FA46A31F378A0BF373C68DE |
SHA-256: | 81C90A13BAEB617E99489CFA72B99BA8B59AE51B54B4EC4DC9AD04245CD4AE30 |
SHA-512: | 87317685A018EBF2022B17E2FF3975D99610D892C63A46F8CB236AEACE03AD461A7F538B4DC46B58883D19914D544DEACFBF79A72A2A30E52C8B7B5647DA89E6 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | 12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg |
MD5: | 3A49135134665364308390AC398006F1 |
SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | 6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | 24576:/xA7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R07/WLaGZDwYIGNPJe:JVB3mlind9i4ufFXpAXkrfUs0jWLaGZo |
MD5: | A0CFC77914D9BFBDD8BC1B1154A7B364 |
SHA1: | 54962BFDF3797C95DC2A4C8B29E873743811AD30 |
SHA-256: | 81E45F94FE27B1D7D61DBC0DAFC005A1816D238D594B443BF4F0EE3241FB9685 |
SHA-512: | 74A8F6D96E004B8AFB4B635C0150355CEF5D7127972EA90683900B60560AA9C7F8DE780D1D5A4A944AF92B63C69F80DCDE09249AB99696932F1955F9EED443BE |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | 24576:/M7ouWLaGZjZwYIGNPJodpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:RuWLaGZjZwZGk3mlind9i4ufFXpAXkru |
MD5: | AE1E8A5D3E7B2198980A0CA16DE5F3D3 |
SHA1: | A1DB2C58AFC81E6A114A8EB47BE0243956F79460 |
SHA-256: | 8C2E1B13F6658714D51737D6745FE065B87497923945AB3028706A4171C8328F |
SHA-512: | 5B36CF0982C5AFED5CCEA4B30A0B31A2B5312FBF5438623D53153E076B59F1B4BEF8C08695EA74E086BCA4EF7221889DB977B5DCFF4C684BA0683FDDECDE2EC4 |
Malicious: | false |
Preview: |
File type: | |
Entropy (8bit): | 7.767217007254646 |
TrID: |
|
File name: | VTL-1535.pdf |
File size: | 94'924 bytes |
MD5: | 22b84969b0a5b9b175542d9ee54cedee |
SHA1: | 6b57d5080f3d5960bfe9bf89ccd68d8fc6b2d792 |
SHA256: | 6e7611dd2d06666bc97b347061883dfe2fe581b27915c1f3a5827bc62b5fef86 |
SHA512: | ac82555d85e6a0ee4c758fda582a824bd26e353fdce7cb44783495b7200e92032a0d6f0d21a6ef058f33613ba7b5d0e479a6755865eca48e143417c1c321654f |
SSDEEP: | 1536:RdJTX1p76huLvWB6huLvt0rR7Lv2Xf7c3OapNYhHxKd/l4p99:fJJYTs20ZviU1ooVMr |
TLSH: | 1B935824494C7CEED75697D60B1F7C1DB5AC7272F2D81621332CDB4207A4ABBA12B20E |
File Content Preview: | %PDF-1.7..%......1 0 obj..<</Type/Catalog/Pages 2 0 R/Lang(en) /StructTreeRoot 23 0 R/MarkInfo<</Marked true>>/Metadata 392 0 R/ViewerPreferences 393 0 R>>..endobj..2 0 obj..<</Type/Pages/Count 2/Kids[ 3 0 R 19 0 R] >>..endobj..3 0 obj..<</Type/Page/Paren |
Icon Hash: | 62cc8caeb29e8ae0 |
General | |
---|---|
Header: | %PDF-1.7 |
Total Entropy: | 7.767217 |
Total Bytes: | 94924 |
Stream Entropy: | 7.942044 |
Stream Bytes: | 81193 |
Entropy outside Streams: | 4.461449 |
Bytes outside Streams: | 13731 |
Number of EOF found: | 2 |
Bytes after EOF: |
Name | Count |
---|---|
obj | 32 |
endobj | 32 |
stream | 9 |
endstream | 9 |
xref | 2 |
trailer | 2 |
startxref | 2 |
/Page | 2 |
/Encrypt | 0 |
/ObjStm | 1 |
/URI | 0 |
/JS | 0 |
/JavaScript | 0 |
/AA | 0 |
/OpenAction | 0 |
/AcroForm | 0 |
/JBIG2Decode | 0 |
/RichMedia | 0 |
/Launch | 0 |
/EmbeddedFile | 0 |
Image Streams |
---|
ID | DHASH | MD5 | Preview |
---|---|---|---|
5 | a4676b6b525a1451 | b63b63a532f372998f17ded15df83d49 | |
21 | a4676b6b525a1451 | b63b63a532f372998f17ded15df83d49 |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 14:35:37 |
Start date: | 24/04/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6bc1b0000 |
File size: | 5'641'176 bytes |
MD5 hash: | 24EAD1C46A47022347DC0F05F6EFBB8C |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Has exited: | true |
Target ID: | 2 |
Start time: | 14:35:38 |
Start date: | 24/04/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff74bb60000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Has exited: | true |
Target ID: | 4 |
Start time: | 14:35:39 |
Start date: | 24/04/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff74bb60000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Has exited: | true |