Windows
Analysis Report
INVOICE 135658-01 04_17_24 08_19_23 422.PDF
Overview
General Information
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- Acrobat.exe (PID: 7056 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\I NVOICE 135 658-01 04_ 17_24 08_1 9_23 422.P DF" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) - AcroCEF.exe (PID: 5076 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 7240 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --user-d ata-dir="C :\Users\us er\AppData \Local\CEF \User Data " --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=21 00 --field -trial-han dle=1604,i ,135228737 8070868432 6,15572357 3526145564 85,131072 --disable- features=B ackForward Cache,Calc ulateNativ eWinOcclus ion,WinUse BrowserSpe llChecker /prefetch: 8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | ML Model on OCR Text: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Source: | Process information queried: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 Process Discovery | Remote Services | Data from Local System | Data Obfuscation | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | 1 System Information Discovery | Remote Desktop Protocol | Data from Removable Media | Junk Data | Exfiltration Over Bluetooth | Network Denial of Service |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1431080 |
Start date and time: | 2024-04-24 14:46:06 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 7s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowspdfcookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 10 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | INVOICE 135658-01 04_17_24 08_19_23 422.PDF |
Detection: | CLEAN |
Classification: | clean0.winPDF@15/43@0/0 |
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 23.3.84.164, 107.22.247.231, 18.207.85.246, 54.144.73.197, 34.193.227.236, 23.219.38.26, 23.219.38.58, 162.159.61.3, 172.64.41.3, 23.219.38.57, 23.219.38.56, 23.219.38.48, 23.219.38.50, 23.1.236.34, 23.1.236.16, 23.219.38.35, 23.219.38.51, 23.219.38.32, 23.219.38.34, 23.219.38.19, 23.219.38.33
- Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, fs.microsoft.com, slscr.update.microsoft.com, acroipm2.adobe.com.edgesuite.net, ctldl.windowsupdate.com, p13n.adobe.io, acroipm2.adobe.com, fe3cr.delivery.mp.microsoft.com, ocsp.digicert.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, geo2.adobe.com
- Not all processes where analyzed, report is missing behavior information
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.1869308279605 |
Encrypted: | false |
SSDEEP: | 6:gMM+q2Pwkn2nKuAl9OmbnIFUt8fZZmw+YFcMVkwOwkn2nKuAl9OmbjLJ:gN+vYfHAahFUt8fZ/+q9V5JfHAaSJ |
MD5: | D75ED9B8AAA894883E0F75BE1756CAB4 |
SHA1: | 4833DDBBFB2A52DB08D4C945515E9E158A9A6549 |
SHA-256: | 7529636862A8213680C9AE2A012EE56F20292C7BD997582BF39D8D4175927420 |
SHA-512: | B18807C61043D734CB50E39455B2F1A4522A06D820379564E8297EACCA5A0BA37B833131DD138C020911C36172FE7FCCDFC05AEF8DCEEC37A6F7081FB0CB9F2E |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.1869308279605 |
Encrypted: | false |
SSDEEP: | 6:gMM+q2Pwkn2nKuAl9OmbnIFUt8fZZmw+YFcMVkwOwkn2nKuAl9OmbjLJ:gN+vYfHAahFUt8fZ/+q9V5JfHAaSJ |
MD5: | D75ED9B8AAA894883E0F75BE1756CAB4 |
SHA1: | 4833DDBBFB2A52DB08D4C945515E9E158A9A6549 |
SHA-256: | 7529636862A8213680C9AE2A012EE56F20292C7BD997582BF39D8D4175927420 |
SHA-512: | B18807C61043D734CB50E39455B2F1A4522A06D820379564E8297EACCA5A0BA37B833131DD138C020911C36172FE7FCCDFC05AEF8DCEEC37A6F7081FB0CB9F2E |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 336 |
Entropy (8bit): | 5.166618031261816 |
Encrypted: | false |
SSDEEP: | 6:MuoL+q2Pwkn2nKuAl9Ombzo2jMGIFUt8WU+1Zmw+WUoLVkwOwkn2nKuAl9Ombzos:MuoL+vYfHAa8uFUt8k/+ELV5JfHAa8RJ |
MD5: | 0026E833F08A8FADF1B9F06BEBD89E9C |
SHA1: | 6CC4BD2C83B9EBD3CE8B4414B3F1B67950BA2CC8 |
SHA-256: | 6F6BD8E9DE6CAA7FD6D9B104CFFE81A79A1CC80573EECAEB7795B53BA98525CA |
SHA-512: | 6DABE5F9824C8393035A69CDF4132D382B63D1B60300C97D34F3C3A1E7DA6670DE7D7283C880D611D2FE1603FC0494762DE3B3DAA449A82D6ADEA5D86F2263D9 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 336 |
Entropy (8bit): | 5.166618031261816 |
Encrypted: | false |
SSDEEP: | 6:MuoL+q2Pwkn2nKuAl9Ombzo2jMGIFUt8WU+1Zmw+WUoLVkwOwkn2nKuAl9Ombzos:MuoL+vYfHAa8uFUt8k/+ELV5JfHAa8RJ |
MD5: | 0026E833F08A8FADF1B9F06BEBD89E9C |
SHA1: | 6CC4BD2C83B9EBD3CE8B4414B3F1B67950BA2CC8 |
SHA-256: | 6F6BD8E9DE6CAA7FD6D9B104CFFE81A79A1CC80573EECAEB7795B53BA98525CA |
SHA-512: | 6DABE5F9824C8393035A69CDF4132D382B63D1B60300C97D34F3C3A1E7DA6670DE7D7283C880D611D2FE1603FC0494762DE3B3DAA449A82D6ADEA5D86F2263D9 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\464fa6b2-750d-41ff-96b7-511bb7f655a1.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 475 |
Entropy (8bit): | 4.96509579916514 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqZksBdOg2HAcaq3QYiubInP7E4T3y:Y2sRds2dMHr3QYhbG7nby |
MD5: | 3426F540646EF0285D2AF302664C708D |
SHA1: | 799824C0650ECE7A2A0A5AD4CEC66F92DBC14F82 |
SHA-256: | 50546C83B9369FE56C1737B4A8E166B6C26F159285D38C06EC2AB56AE76ACB73 |
SHA-512: | 5EAD311C3BCBEB25428BE532AE937312A90624A72A899D63B034F1A1E94E80613207EA0CD6A0AA569B7902057832C0526C4975375AE57B063FE4D7668B774469 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 475 |
Entropy (8bit): | 4.96509579916514 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqZksBdOg2HAcaq3QYiubInP7E4T3y:Y2sRds2dMHr3QYhbG7nby |
MD5: | 3426F540646EF0285D2AF302664C708D |
SHA1: | 799824C0650ECE7A2A0A5AD4CEC66F92DBC14F82 |
SHA-256: | 50546C83B9369FE56C1737B4A8E166B6C26F159285D38C06EC2AB56AE76ACB73 |
SHA-512: | 5EAD311C3BCBEB25428BE532AE937312A90624A72A899D63B034F1A1E94E80613207EA0CD6A0AA569B7902057832C0526C4975375AE57B063FE4D7668B774469 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4443 |
Entropy (8bit): | 5.256994717579897 |
Encrypted: | false |
SSDEEP: | 96:etJCV4FAsszrNamjTN/2rjYMta02fDtehgO7BtTgo7EcbD6:etJCV4FiN/jTN/2r8Mta02fEhgO73goc |
MD5: | 358CC3BDAE5CCCB8D53E54034206385C |
SHA1: | B186603644ED6C06928D0EFE1ADA467607138099 |
SHA-256: | 28C41B9CCA295362D666D1FC6C3F615F1350E7828637B8FCF43A27811BA4712B |
SHA-512: | 09349163EC0148A071AAEEB46453490747CF1613DF29DEE40382536ABF5EB3DADCB1B7A0EA5A774EDF3436974C63319271DFEB77AE3ADF5EC5F09F4733578749 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 324 |
Entropy (8bit): | 5.167820336917319 |
Encrypted: | false |
SSDEEP: | 6:HYL+q2Pwkn2nKuAl9OmbzNMxIFUt82811Zmw+gzLVkwOwkn2nKuAl9OmbzNMFLJ:HYL+vYfHAa8jFUt8v/+uLV5JfHAa84J |
MD5: | 830502EEE13D16E36B35C31DB12B149D |
SHA1: | C1B89A5C69C8A1A9FD3ACA47F0C676EF374DB22B |
SHA-256: | 087241EC856184DC3495AD9B0A98D9C71DDEB382CB5BDE48E719EF32F910C677 |
SHA-512: | 3415C68E93B446C894B12DC3EF14D9C846A674177DD8C49D219588882376FDC465E9245A8C181F29C066B310BB418FC89710151C1E56CB64A9DAF591A09FDA3F |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 324 |
Entropy (8bit): | 5.167820336917319 |
Encrypted: | false |
SSDEEP: | 6:HYL+q2Pwkn2nKuAl9OmbzNMxIFUt82811Zmw+gzLVkwOwkn2nKuAl9OmbzNMFLJ:HYL+vYfHAa8jFUt8v/+uLV5JfHAa84J |
MD5: | 830502EEE13D16E36B35C31DB12B149D |
SHA1: | C1B89A5C69C8A1A9FD3ACA47F0C676EF374DB22B |
SHA-256: | 087241EC856184DC3495AD9B0A98D9C71DDEB382CB5BDE48E719EF32F910C677 |
SHA-512: | 3415C68E93B446C894B12DC3EF14D9C846A674177DD8C49D219588882376FDC465E9245A8C181F29C066B310BB418FC89710151C1E56CB64A9DAF591A09FDA3F |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240424124705Z-158.bmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71190 |
Entropy (8bit): | 1.1055354227982366 |
Encrypted: | false |
SSDEEP: | 48:T+t9M79QdiGyu3zyoVIIpXURan1aWp7ibvMy6MItMMM5MISG4bXsb1HtTKHu:CfM78iGv1pXFnQWQ4MItMMM5MIRKHu |
MD5: | 1D11ABBFFC9A9741CE5E5D9B7FF47852 |
SHA1: | F0F9DC6662EDCFA62766E2919675C3EB211C519A |
SHA-256: | EFCDF92457469AF5EA2031FF3EE86CDB6DA6F38D4131A6C8BFC0900E91BB2AC9 |
SHA-512: | 5C45B74256B5D9783FF88BA406087A144076ACC4FD4160CFC0CD89DC19CA2065C56C10352758C20E9D2FBB97FDB2A375109A9A58DE408E1439202249DD8FA8C5 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 86016 |
Entropy (8bit): | 4.445276158233256 |
Encrypted: | false |
SSDEEP: | 384:yezci5tbiBA7aDQPsknQ0UNCFOa14ocOUw6zyFzqFkdZ+EUTTcdUZ5yDQhJL:rYs3OazzU89UTTgUL |
MD5: | DAB1E3D445B846C743763B31A0CFD328 |
SHA1: | 75A8952F1CC5E6140CBB5C4228D36C2248E6F205 |
SHA-256: | CF5D74DDF716C97BA71EE3790AA38E4EE87A601E015B71E7FB26E9B62DF38593 |
SHA-512: | 7E1B8432C18FD5698B1CE5F1D416B6E5B2F30686C4BB37615A129816150CA1E6F4C9F9D3FFF512941E88624CF8B5FB969FEFAF606D5D85716EBCB5639DFBB363 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 3.7764545683067863 |
Encrypted: | false |
SSDEEP: | 48:7M7p/E2ioyVVioy9oWoy1Cwoy1dKOioy1noy1AYoy1Wioy1hioybioytoy1noy1D:70pjuVFIXKQ00b9IVXEBodRBki |
MD5: | 6DE0CD533DC29C32F47B64B27099B255 |
SHA1: | 4C5FF0B78EDCA4193C80ECEEA28073FE3BA22EF2 |
SHA-256: | A50A2BBC271BFB351B881134C0519C5EBE06A6B262EB55E46FBEFF9A50142123 |
SHA-512: | C291BFD04BE0D3820389F5EFCA1D97F6E7377AB446CC7DB6A9EAF3CBFD16378B241EEF4DF4F1A5006998CBF2A321CF6205D37B2888F0ED04FA610C9E20847094 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.387906541530667 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX7VgOsVoZcg1vRcR0Y3RUoAvJM3g98kUwPeUkwRe9:YvXKX76OtZc0vCnGMbLUkee9 |
MD5: | 8EC8DD7DBD7582F1540CED0D2897926E |
SHA1: | E22CF9B4960437E2BA86240402CDDC9837462F42 |
SHA-256: | B327B10E3772450B4A961C5872EF03A2D559E2AE70862BE0592E6C825B0AD367 |
SHA-512: | 79DDA14DF8045171E96D23B0DF705B577B7EB586C3FE7A0CC39B9C7F83A04E07E9E6C90297B41DC2F777FF1BD69DE4AC1D59537791DD28379B43C9B7337B2606 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.340201326578247 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX7VgOsVoZcg1vRcR0Y3RUoAvJfBoTfXpnrPeUkwRe9:YvXKX76OtZc0vCnGWTfXcUkee9 |
MD5: | D080184A44FBD68F3C36A082AE0F604E |
SHA1: | 8ABF23361FFF9B900A01CFC67A9E0857E9A05EB7 |
SHA-256: | 03F27A19A7BD603F630F073FD4FE52CF362B43ADC6060A7A905D440E8894365B |
SHA-512: | 5E222E960B6EA6F5337237F975294248A2CE5B0B087C39A6F2B80A9AE5FDB1C0C0B305F1761FCFCF0AF30BE7D5E4C49965AB342339669A8EEC8528D6FECF3F40 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.319092179189004 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX7VgOsVoZcg1vRcR0Y3RUoAvJfBD2G6UpnrPeUkwRe9:YvXKX76OtZc0vCnGR22cUkee9 |
MD5: | D35581F6DBA204F1091EE270979BD559 |
SHA1: | DABA319F91CBBF8F704E1521E6D7D8065E316DD7 |
SHA-256: | 3CCE3F80E3DAB4120CC790DE26459EA25D90A7BB5FFCD3AD7EFCA847F53DEE51 |
SHA-512: | 10851F1BAB2E8768472B235AD4125D0D2E250B6B50FA6F36D49CE03B0A6BC9D49BCA906FC6FAB1623FF27DDEB9BD52C7233EF6DA5C0841E703E8AD2A816BD957 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.375778211066651 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX7VgOsVoZcg1vRcR0Y3RUoAvJfPmwrPeUkwRe9:YvXKX76OtZc0vCnGH56Ukee9 |
MD5: | CA9905B6D3867E7477B27DDE39A41969 |
SHA1: | 35C983CADD66B66F3F3156CCE07D7C0DD59E4E24 |
SHA-256: | C8DC5A70102788A690E1B842BD11BCDEF32B9CF037B25FFB859D2E664F35C643 |
SHA-512: | 15B45A26BAEB353FAF5BA4E37BB951B98A8EB434F5F808773148E5BBBAE268712403681FBF61EDED3CDC7A981C6869EC46BA553DE2D036CC56944CAE683E2811 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.33701953425822 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX7VgOsVoZcg1vRcR0Y3RUoAvJfJWCtMdPeUkwRe9:YvXKX76OtZc0vCnGBS8Ukee9 |
MD5: | AD3A445D42EEBAA7303957BEF053A23E |
SHA1: | 83C8E621DA8CA01842BE6D87CA998DBDB581E846 |
SHA-256: | 7EF3E34A8456BA1C82976061E06FF151E043173789D56F4A32138D1F2E625545 |
SHA-512: | 037DC05CB20D83FF62690CE9130BA2C6A3136932321BA2FD0463254D5CB04FC7788E09373B656FA5F97B94A0FF8C20EEE2E33FAAA10ABA74761B54E4149C6D8B |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.324636269233424 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX7VgOsVoZcg1vRcR0Y3RUoAvJf8dPeUkwRe9:YvXKX76OtZc0vCnGU8Ukee9 |
MD5: | D59F22E181A9F2F9B8B7A23051A82134 |
SHA1: | 2817EEE36667708DBB2953B2CA36910563A5F217 |
SHA-256: | 05E842061395FB5ED1C8C01DEB51086350574A3BCC64B5898ECB1C12F7B4C57F |
SHA-512: | 3AA148FBEFCA6241E6E7FC8DFA5DBA8E0CAB188620D3B572C7192A6503314DF5203817F0593818F6BF0DD85F4250B93B00D8F497A181186E20E2D5889C6EBA84 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.328244965046798 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX7VgOsVoZcg1vRcR0Y3RUoAvJfQ1rPeUkwRe9:YvXKX76OtZc0vCnGY16Ukee9 |
MD5: | C43B28E2E0B79BD2816C23CCA1D937B6 |
SHA1: | B6C3909610C2B7EB7D97CEE719A84C95B2D038B1 |
SHA-256: | F8C3DB5A4A5043DC8E69E8FB911B2FA0B06569F5F7FA38A7916940CF5B6E704B |
SHA-512: | D06C5B29A0208599984BF261C4346B48EAA360F243B01261A242EF59E177ADBCBB3C13EA06F2D3EC2FF1BD450EEB08FC768F9CFD6AFC84CC3FE79966DBC2F9A7 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.3320475997844605 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX7VgOsVoZcg1vRcR0Y3RUoAvJfFldPeUkwRe9:YvXKX76OtZc0vCnGz8Ukee9 |
MD5: | 1429A4FFA82818867CA84F1DFC93F3A6 |
SHA1: | D34F675124F2304A0C1FAE45B41AE543CAC57640 |
SHA-256: | 0AB0E4FA9BE4AA5171D61DF21A01E85F3577CAB49FA59D7BBE365D6B00683A0A |
SHA-512: | 70DA68AFC37CE25D83F25D9B7400510C3C4083400164638E344319B578D8FD7384D22CF229FAD67F3E740193C2938937B6BCCE6381C459D57E9E7BA562CD04DB |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1372 |
Entropy (8bit): | 5.743060932745491 |
Encrypted: | false |
SSDEEP: | 24:Yv6X7tzvC/KLgENRcbrZbq00iCCBrwJo++ns8ct4mFJNee1:Yvsx6/EgigrNt0wSJn+ns8cvFJYe1 |
MD5: | C2C3ACD808B48680DB0F519EF5F088B2 |
SHA1: | F79AF66A349AC7E7C090B0402807E67A76C79724 |
SHA-256: | AA89257B8469CB3BA2F73AE0A52054004C5B26502898605E73FBE186C39B28AF |
SHA-512: | 5987D4EB26AA02D47F755AD329939D80EEB0D7DBE513B724217432F35DD519B0607E34704FC27DCA5B79D70C046B391CA22BDD2E106C2B328DD18EB0D35421F1 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.330477119019673 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX7VgOsVoZcg1vRcR0Y3RUoAvJfYdPeUkwRe9:YvXKX76OtZc0vCnGg8Ukee9 |
MD5: | 5D3D9C24B976E66226B3F7D563DA87FB |
SHA1: | 546EF0C9CBCCE763FC2D900FF712DD033BEA2A28 |
SHA-256: | 3D6672AA540B8B3AB852ACBDE59DCAF1013144BE29C210842C75D8CFD2E35207 |
SHA-512: | DE3F1DC1F86E6ACAB8F849EB73AD4487BFA3DC86D75BF89E36DE31BAD2806AF0F68142F74DCD5C9F197057CCFBC2B9474897B8A6886FC80EC24F864F9C39C72B |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1395 |
Entropy (8bit): | 5.780214050668082 |
Encrypted: | false |
SSDEEP: | 24:Yv6X7tzvCCrLgEGOc93W2JeFmaR7CQzttgBcu141CjrWpHfRzVCV9FJNGe1:Yvsx6CHgDv3W2aYQfgB5OUupHrQ9FJU4 |
MD5: | 84948D13BA42CDCD915C487E405A2D41 |
SHA1: | 6047CC9E77FEF19C966282C72F2FD89F56DC16F0 |
SHA-256: | 820597202212A6A3D090EFCBD03DEE10109916E1DE9FE1C7363C79CF1833C427 |
SHA-512: | FE89680A34DB8E283ED43DA3DFD6CC8F195F6FA2C52DA1135A44DAD5ED35C05A08A0C349020DC3FAC4043A3463F4FC7FD18CEE7D301B2E56522C8739B00598D1 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.313814751958006 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX7VgOsVoZcg1vRcR0Y3RUoAvJfbPtdPeUkwRe9:YvXKX76OtZc0vCnGDV8Ukee9 |
MD5: | D84AA9E5FA8BEBB1EC0C9E9D6DD4814D |
SHA1: | FB55221C3210C78F676390ACF306FED97FDF2C7E |
SHA-256: | 4BB5A40D444FE948848BEC8AB2E58BE026FD4AC54365495A49F52AC33D4B3401 |
SHA-512: | 4FCF1462D03BCF70D9DD21698F89CA8E4165757DDDD2851809FD473109AF7B9406E3093F85DA83465AB7809ED520CC34EA803607A7EE223ADF7309A5937C117D |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.3182383033440646 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX7VgOsVoZcg1vRcR0Y3RUoAvJf21rPeUkwRe9:YvXKX76OtZc0vCnG+16Ukee9 |
MD5: | 6B5E6314A544C7EDD600E1ACCE51E601 |
SHA1: | F5A102C2921E75192EA1E44737C17F0D9405815E |
SHA-256: | F0B9C7B9AC5E9F26E1401F32EB4F1B452CD4B6A4B7647590E07284FB6ADB2DA5 |
SHA-512: | 3398746A42D916F8A19567F6C44ACFD76431F792AF0FFDC42011190A5A61E73AABBE845416394EBDFB23E373E4B447E1BC80F8E900C21E22AFE33DDB15BE2857 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.336706224736874 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX7VgOsVoZcg1vRcR0Y3RUoAvJfbpatdPeUkwRe9:YvXKX76OtZc0vCnGVat8Ukee9 |
MD5: | BFEF71BAFB3CCB69E98320B2873F16F4 |
SHA1: | 6215590E6AA4A61DB2785F468B9B934A639A035D |
SHA-256: | 3351BD77C0D80708ECBA6CBE5A30E7FFA9666AA6C4459086819D3972B762817F |
SHA-512: | 1D25B0737A9667BE980871134751AD904D03F341BA4A56BDC2DDFB3BF5ABAD178322195588EAB8692A897DE175893301BA71017D23C8D0DAD546550C99CF1143 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 286 |
Entropy (8bit): | 5.293179657890844 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HX7VgOsVoZcg1vRcR0Y3RUoAvJfshHHrPeUkwRe9:YvXKX76OtZc0vCnGUUUkee9 |
MD5: | AA08920AA34135F051CEA73DE79923B8 |
SHA1: | 1B0644F5C0030CC91F6A0E73FC20387FCA8EF44F |
SHA-256: | 46F39D46B07BFE9B4CD20484695274DCB0B68B4B47E97B19B4717A8834DC44BB |
SHA-512: | DF7FE3194B304EE080D4C19C84DE3FD9D2015FAD4F40EF2DCC00EDB3D5739D8375D6F3C8BD8F558907E4ED155A72A0571FE528918CB75DE8FBBD3C3A6182FC71 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 782 |
Entropy (8bit): | 5.376180356545225 |
Encrypted: | false |
SSDEEP: | 12:YvXKX76OtZc0vCnGTq16Ukee1+3CEJ1KXd15kcyKMQo7P70c0WM6ZB/uhWKe1:Yv6X7tzvCn168CgEXX5kcIfANhBe1 |
MD5: | 6728680F5847240024693C499FA6D59F |
SHA1: | D2D09F19737B75C3129B72CBF1643C9F2A19B6F0 |
SHA-256: | 316B51E9E8308DEBC8A66846C889F97B88CAD539F0923E49B22EBA53DF50A15C |
SHA-512: | 35CE9C43675350C8F5B5063ED1600FC49231623780D762F1E7A912AA27C9E7AABB70393D6E885350E9DBDA495EF811B5E870058BB15DD80CE3757F2EA694BBF4 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | 3:e:e |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2814 |
Entropy (8bit): | 5.138718430679621 |
Encrypted: | false |
SSDEEP: | 48:YVS1JdO1lggktRSZHRwnDh6p2JPc1rWYqh9OcWZv:YSDk1lggktRSZHRwnd6pQU1rWL/OcWZv |
MD5: | 83D5A3404F0CCE731470FA407FD242E0 |
SHA1: | 7D54490544E7B9A6AAEDA81E43334EE731419661 |
SHA-256: | 22663DF4622DCA0D1B314B74067B433FD68B2594B6D4359D8D17F4CACA7196A1 |
SHA-512: | F308B49D0E7D4D1C147F6684413CD4C000A7FFF2A6A2228924D0379AD19E33645C7E69474906BD81A5953166D6AABC2B0AF4B26548635D439EA3B98984365929 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 1.187796128310411 |
Encrypted: | false |
SSDEEP: | 48:TGufl2GL7msEHUUUUUUUUQSvR9H9vxFGiDIAEkGVvpa:lNVmswUUUUUUUUQ+FGSItO |
MD5: | 5903C80C93BEEF788E09B36975DB5448 |
SHA1: | 26E547FCF329DC19E324329D4752760B660277BC |
SHA-256: | 805C8C22E7893318C88A1AB9B6F32858C427FDB7D9EDF2BE824CB3E969ECC2A6 |
SHA-512: | EA324641DB6E30F0D8A94BA5F0EB54DB85B02FEFFA4E261FA551D589B8EC7CC6823360748F7A5C5A52E6929201AC1A687A4FA9D7716BB3ED2BF9C56DC9D44704 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.607423844454006 |
Encrypted: | false |
SSDEEP: | 48:7MhKUUUUUUUUUUivR9H9vxFGiDIAEkGVviqFl2GL7mshn:7DUUUUUUUUUUuFGSItAKVmshn |
MD5: | 499F7D1BD67591C252DD8F24B006B86F |
SHA1: | 2A6F1D33A66C98FE38376A995808DC6741853970 |
SHA-256: | 7AA106E478007EFEBF2554CCEC65D661C5D24C55BCCAA9277C33A95014D3C7E4 |
SHA-512: | 142F04C700403F31E03A08E2F97EA53C5E3DB0B759A7ECE7526EE02B756C7BAAB435D0E283D27E4FD65CE4375A5824D5CD7ED1FFA171E624DBCB33BBBDC1E9ED |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.505069684106714 |
Encrypted: | false |
SSDEEP: | 6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K8c+aRMF:Qw946cPbiOxDlbYnuRKHWF |
MD5: | D0A8850DAE9F38608BCD9A11C26D99FD |
SHA1: | B9D048C108533EAC53BEA5CA5DBF63AD6AC1B74B |
SHA-256: | BE11ADE7B22A9C920BB6DD53D46AEFC4EE0F3157B44335EC24611FEB1C1F9024 |
SHA-512: | 3148C6083230DDA03CAC8158BA615A12F201A82EE11A0F1AAC8BD67A206023DA7F902B37270D72DCFF84AF5F6922F87637D612F71B3F3FD18289133F6091C9C1 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-04-24 14-47-03-284.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.345946398610936 |
Encrypted: | false |
SSDEEP: | 384:zHIq8qrq0qoq/qUILImCIrImI9IWdFdDdoPtPTPtP7ygyAydy0yGV///X/J/VokV:nNW |
MD5: | 8947C10F5AB6CFFFAE64BCA79B5A0BE3 |
SHA1: | 70F87EEB71BA1BE43D2ABAB7563F94C73AB5F778 |
SHA-256: | 4F3449101521DA7DF6B58A2C856592E1359BA8BD1ACD0688ECF4292BA5388485 |
SHA-512: | B76DB9EF3AE758F00CAF0C1705105C875838C7801F7265B17396466EECDA4BCD915DA4611155C5F2AD1C82A800C1BEC855E52E2203421815F915B77AA7331CA0 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 15114 |
Entropy (8bit): | 5.368778325378305 |
Encrypted: | false |
SSDEEP: | 384:VLtWlLnwP+IfJPuP1B0obGt8qVyavbGtAt9tdBX7naHNXKWATKi13RwXwB41nHOS:jGCPa |
MD5: | 80E627F33E8515188579524EAE8564DA |
SHA1: | 6D4CEF458E944803990D88892F0AED26E84D7CBE |
SHA-256: | 2B19E39F364E6F243B8486DC2DDC26274D99C5EB662FEC5035BD9D8FFD0578D2 |
SHA-512: | B18FC091BB9F84012E7C8B3E391F191CC9A76CE3A0341E72483B7264CA7231A11C8ADFC1FBA9CAD82326F1A18346D2F1EB6EDD05CF32A9AB4EC00D9ADBECCBAC |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 29752 |
Entropy (8bit): | 5.382848704142609 |
Encrypted: | false |
SSDEEP: | 768:anddBuBYZwcfCnwZCnR8Bu5hx18HoCnLlAY+iCBuzhLCnx1CnPrRRFS10l8gT2r9:J |
MD5: | 483DBF67B5B73F6E0512A6C0D8675A74 |
SHA1: | A8BE9DC392EB424D4181701155DD2FCCC5A679FE |
SHA-256: | 23F86E73D86E02CCD611DE38B28249D880B874478F0AD592DB7048BF377FCFCE |
SHA-512: | F3F507674F0086D7D418492F2812DD16E383FBAB0EFF922F3633FC49FD0483B1F5E0F0B023A42A527C5BE6647E182011B3998664A48CDB2FD19169AD0155AD0F |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | 6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | 24576:/M7ouWLaGZjZwYIGNPJodpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:RuWLaGZjZwZGk3mlind9i4ufFXpAXkru |
MD5: | AE1E8A5D3E7B2198980A0CA16DE5F3D3 |
SHA1: | A1DB2C58AFC81E6A114A8EB47BE0243956F79460 |
SHA-256: | 8C2E1B13F6658714D51737D6745FE065B87497923945AB3028706A4171C8328F |
SHA-512: | 5B36CF0982C5AFED5CCEA4B30A0B31A2B5312FBF5438623D53153E076B59F1B4BEF8C08695EA74E086BCA4EF7221889DB977B5DCFF4C684BA0683FDDECDE2EC4 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | 12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg |
MD5: | 3A49135134665364308390AC398006F1 |
SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 669332 |
Entropy (8bit): | 7.976659911351141 |
Encrypted: | false |
SSDEEP: | 12288:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1mabFhOXZ/fEa+DNh3P6Q21IvHx75/eOMn:6JJJJm942egf6MNB1Dofjc3PJ21k7Rev |
MD5: | C4B24E98358EC87C7F853C86A641C2DD |
SHA1: | 037F2682BE3AADCBB7149AC18ED434FE005FB132 |
SHA-256: | 88C547944F788B7B436D7AAE8530462183F5D714A5AAFCA3FF743E66D420E0AC |
SHA-512: | E91D631E4F145E4D9DB6AC5A2ABE3CCA4C096B97A1B092239FB3A694FEB6FE44382670F25B7602FBCBE6BDE5B03FEE5579E14A688CB6FECACE2358753BF38EC5 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | 24576:/xA7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R07/WLaGZDwYIGNPJe:JVB3mlind9i4ufFXpAXkrfUs0jWLaGZo |
MD5: | A0CFC77914D9BFBDD8BC1B1154A7B364 |
SHA1: | 54962BFDF3797C95DC2A4C8B29E873743811AD30 |
SHA-256: | 81E45F94FE27B1D7D61DBC0DAFC005A1816D238D594B443BF4F0EE3241FB9685 |
SHA-512: | 74A8F6D96E004B8AFB4B635C0150355CEF5D7127972EA90683900B60560AA9C7F8DE780D1D5A4A944AF92B63C69F80DCDE09249AB99696932F1955F9EED443BE |
Malicious: | false |
Preview: |
File type: | |
Entropy (8bit): | 5.686942185261857 |
TrID: |
|
File name: | INVOICE 135658-01 04_17_24 08_19_23 422.PDF |
File size: | 9'639 bytes |
MD5: | 8b179c7d9c4def7dff212f7fc1530d9d |
SHA1: | 202d0211391244ac7ed74c7880def34a8f5a1624 |
SHA256: | 523491fc16aed3938f9d74b19ca5d73abe72cecf085cdabbefd0a75d8740a704 |
SHA512: | 8f574998954a8ec2a609972a259790803fe1158ee406fc83bb00bcb44b2ec29abdbee628cbc59fb396d99270fbf868bcd97248e2f6f0e7ceb0678ffc0f814151 |
SSDEEP: | 192:SOiJeEm3H/3TJhNpmarJrXoKLmrOmRTjlrVoKFGO4WrOtc+6O4Y:Ke93/TvB4KLMtTjdKKMncUc1nY |
TLSH: | 9D1286185146C488B69BABCAF73F7AA02568B30783C45CF23D1D0D418E53DEDFA6D19A |
File Content Preview: | %PDF-1.5.%.....1 0 obj.<< . /Type /Catalog. /Pages 2 0 R. /ViewerPreferences << . /FitWindow false. /DisplayDocTitle true. /HideMenubar false. /HideToolbar false. /HideWindowUI false.>>.>>.endobj.2 0 obj.<< . /Type /Pages. /Kids [ 3 0 |
Icon Hash: | 62cc8caeb29e8ae0 |
General | |
---|---|
Header: | %PDF-1.5 |
Total Entropy: | 5.686942 |
Total Bytes: | 9639 |
Stream Entropy: | 7.912476 |
Stream Bytes: | 2150 |
Entropy outside Streams: | 4.330585 |
Bytes outside Streams: | 7489 |
Number of EOF found: | 0 |
Bytes after EOF: |
Name | Count |
---|---|
obj | 17 |
endobj | 17 |
stream | 1 |
endstream | 1 |
xref | 1 |
trailer | 1 |
startxref | 1 |
/Page | 1 |
/Encrypt | 0 |
/ObjStm | 0 |
/URI | 0 |
/JS | 0 |
/JavaScript | 0 |
/AA | 0 |
/OpenAction | 0 |
/AcroForm | 0 |
/JBIG2Decode | 0 |
/RichMedia | 0 |
/Launch | 0 |
/EmbeddedFile | 0 |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 14:47:00 |
Start date: | 24/04/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6bc1b0000 |
File size: | 5'641'176 bytes |
MD5 hash: | 24EAD1C46A47022347DC0F05F6EFBB8C |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Has exited: | false |
Target ID: | 1 |
Start time: | 14:47:00 |
Start date: | 24/04/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff74bb60000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Has exited: | false |
Target ID: | 3 |
Start time: | 14:47:01 |
Start date: | 24/04/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff74bb60000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Has exited: | false |