Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Security + 701 Book.pdf

Overview

General Information

Sample name:Security + 701 Book.pdf
Analysis ID:1431490
MD5:eca24bd2b1640581057c4a8397983636
SHA1:aaebf4b94cfdf384cf224627866247af1969d530
SHA256:92d9336a7067668704d64697504e5318207edfbdde6592f3321bcc5771751949
Infos:

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

No high impact signatures.

Classification

Process Tree

  • System is w10x64
  • Acrobat.exe (PID: 6488 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Security + 701 Book.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)
    • AcroCEF.exe (PID: 1172 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
      • AcroCEF.exe (PID: 1996 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2096 --field-trial-handle=1756,i,13787741220776474547,12914720541817298454,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: Security + 701 Book.pdfString found in binary or memory: http://calibre-ebook.com/xmp-namespace
Source: Security + 701 Book.pdfString found in binary or memory: http://calibre-ebook.com/xmp-namespace-custom-columns
Source: Security + 701 Book.pdfString found in binary or memory: http://calibre-ebook.com/xmp-namespace-series-index
Source: Security + 701 Book.pdfString found in binary or memory: http://getcertifiedgetahead.com/)
Source: Security + 701 Book.pdfString found in binary or memory: http://prismstandard.org/namespaces/basic/2.0/
Source: Security + 701 Book.pdfString found in binary or memory: https://getcertifiedgetahead.com/)
Source: Security + 701 Book.pdfString found in binary or memory: https://ics-training.inl.gov/learn/)
Source: Security + 701 Book.pdfString found in binary or memory: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf)
Source: Security + 701 Book.pdfString found in binary or memory: https://www.wireshark.org/)
Source: classification engineClassification label: clean0.winPDF@14/41@0/0
Source: Security + 701 Book.pdfInitial sample: mailto:homer@hacker.com
Source: Security + 701 Book.pdfInitial sample: mailto:attacker@gcgacert.com
Source: Security + 701 Book.pdfInitial sample: https://getcertifiedgetahead.com/
Source: Security + 701 Book.pdfInitial sample: mailto:lisa@simpsons.com
Source: Security + 701 Book.pdfInitial sample: https://www.wireshark.org/
Source: Security + 701 Book.pdfInitial sample: mailto:homer@springfield.com
Source: Security + 701 Book.pdfInitial sample: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf
Source: Security + 701 Book.pdfInitial sample: https://ics-training.inl.gov/learn/
Source: Security + 701 Book.pdfInitial sample: https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-61r2.pdf
Source: Security + 701 Book.pdfInitial sample: https transport encryption
Source: Security + 701 Book.pdfInitial sample: http://getcertifiedgetahead.com/
Source: Security + 701 Book.pdfInitial sample: http headers
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.5512Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-04-25 10-10-48-690.logJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CAJump to behavior
Source: unknownProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Security + 701 Book.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2096 --field-trial-handle=1756,i,13787741220776474547,12914720541817298454,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2096 --field-trial-handle=1756,i,13787741220776474547,12914720541817298454,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: Security + 701 Book.pdfStatic file information: File size 7811522 > 6291456
Source: Security + 701 Book.pdfInitial sample: PDF keyword /JS count = 0
Source: Security + 701 Book.pdfInitial sample: PDF keyword /JavaScript count = 0
Source: Security + 701 Book.pdfInitial sample: PDF keyword /Page count = 1083
Source: Security + 701 Book.pdfInitial sample: PDF keyword stream count = 1219
Source: Security + 701 Book.pdfInitial sample: PDF keyword /EmbeddedFile count = 0
Source: Security + 701 Book.pdfInitial sample: PDF keyword endobj count = 3839
Source: Security + 701 Book.pdfInitial sample: PDF keyword endstream count = 1219
Source: Security + 701 Book.pdfInitial sample: PDF keyword obj count = 3839
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire Infrastructure1
Spearphishing Link		Windows Management InstrumentationPath Interception1
Process Injection		1
Masquerading		OS Credential Dumping1
System Information Discovery		Remote ServicesData from Local SystemData ObfuscationExfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaJunk DataExfiltration Over BluetoothNetwork Denial of Service

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1431490 Sample: Security + 701 Book.pdf Startdate: 25/04/2024 Architecture: WINDOWS Score: 0 6 Acrobat.exe 18 65 2->6         started        process3 8 AcroCEF.exe 104 6->8         started        process4 10 AcroCEF.exe 2 8->10         started       

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
Security + 701 Book.pdf0%VirustotalBrowse
Security + 701 Book.pdf0%ReversingLabs

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://prismstandard.org/namespaces/basic/2.0/0%Avira URL Cloudsafe
http://prismstandard.org/namespaces/basic/2.0/0%VirustotalBrowse

Domains and IPs

Contacted Domains

No contacted domains info

URLs from Memory and Binaries

NameSourceMaliciousAntivirus DetectionReputation
http://getcertifiedgetahead.com/)Security + 701 Book.pdffalse
    		high
    http://calibre-ebook.com/xmp-namespace-series-indexSecurity + 701 Book.pdffalse
      		high
      https://www.wireshark.org/)Security + 701 Book.pdffalse
        		high
        https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf)Security + 701 Book.pdffalse
          		high
          http://calibre-ebook.com/xmp-namespaceSecurity + 701 Book.pdffalse
            		high
            http://prismstandard.org/namespaces/basic/2.0/Security + 701 Book.pdffalse
            • 0%, Virustotal, Browse
            • Avira URL Cloud: safe
            		unknown
            https://getcertifiedgetahead.com/)Security + 701 Book.pdffalse
              		high
              https://ics-training.inl.gov/learn/)Security + 701 Book.pdffalse
                		high
                http://calibre-ebook.com/xmp-namespace-custom-columnsSecurity + 701 Book.pdffalse
                  		high

                  World Map of Contacted IPs

                  No contacted IP infos

                  General Information

                  Joe Sandbox version:40.0.0 Tourmaline
                  Analysis ID:1431490
                  Start date and time:2024-04-25 10:09:53 +02:00
                  Joe Sandbox product:CloudBasic
                  Overall analysis duration:0h 4m 37s
                  Hypervisor based Inspection enabled:false
                  Report type:full
                  Cookbook file name:defaultwindowspdfcookbook.jbs
                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                  Number of analysed new started processes analysed:9
                  Number of new started drivers analysed:0
                  Number of existing processes analysed:0
                  Number of existing drivers analysed:0
                  Number of injected processes analysed:0
                  Technologies:
                  • HCA enabled
                  • EGA enabled
                  • AMSI enabled
                  Analysis Mode:default
                  Analysis stop reason:Timeout
                  Sample name:Security + 701 Book.pdf
                  Detection:CLEAN
                  Classification:clean0.winPDF@14/41@0/0
                  EGA Information:Failed
                  HCA Information:
                  • Successful, ratio: 100%
                  • Number of executed functions: 0
                  • Number of non-executed functions: 0
                  Cookbook Comments:
                  • Found application associated with file extension: .pdf
                  • Found PDF document
                  • Close Viewer

                  Warnings

                  • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                  • Excluded IPs from analysis (whitelisted): 23.55.252.138, 18.207.85.246, 107.22.247.231, 34.193.227.236, 54.144.73.197, 172.64.41.3, 162.159.61.3, 23.46.201.17, 23.34.82.7, 23.34.82.6
                  • Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, fs.microsoft.com, slscr.update.microsoft.com, e4578.dscb.akamaiedge.net, acroipm2.adobe.com.edgesuite.net, ctldl.windowsupdate.com, p13n.adobe.io, acroipm2.adobe.com, fe3cr.delivery.mp.microsoft.com, ssl.adobe.com.edgekey.net, ocsp.digicert.com, armmf.adobe.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, geo2.adobe.com

                  Simulations

                  Behavior and APIs

                  No simulations

                  Joe Sandbox View / Context

                  IPs

                  No context

                  Domains

                  No context

                  ASNs

                  No context

                  JA3 Fingerprints

                  No context

                  Dropped Files

                  No context

                  Created / dropped Files

                  C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                  File Type:ASCII text
                  Category:dropped
                  Size (bytes):291
                  Entropy (8bit):5.148320519583465
                  Encrypted:false
                  SSDEEP:6:aKqM+q2P92nKuAl9OmbnIFUt8hKXZmw+h4MVkwO92nKuAl9OmbjLJ:5+v4HAahFUt8c/+TV5LHAaSJ
                  MD5:38320867DC6B9A21E7462179943C6128
                  SHA1:59CBE4DCCA940915EEA967C6EEF4FED65F2E5D2C
                  SHA-256:7604AE65059FF8ACD776BB62ADAABC576676F3928921298A378A094BDE0657E1
                  SHA-512:7CEC2C8AA42A9344C28CFBB7EE75930A7889A541020A9EBA517CB8042087D6A6EC5ECAC62052BA2BC895DA6FB65A70F201541357FCFE8580D3653699AC4A0121
                  Malicious:false
                  Reputation:low
                  Preview:2024/04/25-10:10:46.415 6ac Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/04/25-10:10:46.415 6ac Recovering log #3.2024/04/25-10:10:46.416 6ac Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

                  C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                  File Type:ASCII text
                  Category:dropped
                  Size (bytes):291
                  Entropy (8bit):5.148320519583465
                  Encrypted:false
                  SSDEEP:6:aKqM+q2P92nKuAl9OmbnIFUt8hKXZmw+h4MVkwO92nKuAl9OmbjLJ:5+v4HAahFUt8c/+TV5LHAaSJ
                  MD5:38320867DC6B9A21E7462179943C6128
                  SHA1:59CBE4DCCA940915EEA967C6EEF4FED65F2E5D2C
                  SHA-256:7604AE65059FF8ACD776BB62ADAABC576676F3928921298A378A094BDE0657E1
                  SHA-512:7CEC2C8AA42A9344C28CFBB7EE75930A7889A541020A9EBA517CB8042087D6A6EC5ECAC62052BA2BC895DA6FB65A70F201541357FCFE8580D3653699AC4A0121
                  Malicious:false
                  Reputation:low
                  Preview:2024/04/25-10:10:46.415 6ac Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/04/25-10:10:46.415 6ac Recovering log #3.2024/04/25-10:10:46.416 6ac Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

                  C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                  File Type:ASCII text
                  Category:dropped
                  Size (bytes):338
                  Entropy (8bit):5.167101699859653
                  Encrypted:false
                  SSDEEP:6:0fq2P92nKuAl9Ombzo2jMGIFUt8xZZmw+IekwO92nKuAl9Ombzo2jMmLJ:0fv4HAa8uFUt8b/+Ie5LHAa8RJ
                  MD5:7DE101F25404EF0F3FA691C42FB46EBF
                  SHA1:6DA6E8AB90E825BF00040D8A769AC23408EC51BB
                  SHA-256:AFEECB31A8C05328A0B163195515B3A56B8E029DFDD003BB7C62C251C4529297
                  SHA-512:34B540FA98FF81426C7992FCC6B7BF5FADA4156E9068B979F97C9B138D234F89E1A8C9CC5A601034490ABBA688503729D744D735B70419177696B5445574F21A
                  Malicious:false
                  Reputation:low
                  Preview:2024/04/25-10:10:46.567 1c04 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/04/25-10:10:46.579 1c04 Recovering log #3.2024/04/25-10:10:46.580 1c04 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

                  C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                  File Type:ASCII text
                  Category:dropped
                  Size (bytes):338
                  Entropy (8bit):5.167101699859653
                  Encrypted:false
                  SSDEEP:6:0fq2P92nKuAl9Ombzo2jMGIFUt8xZZmw+IekwO92nKuAl9Ombzo2jMmLJ:0fv4HAa8uFUt8b/+Ie5LHAa8RJ
                  MD5:7DE101F25404EF0F3FA691C42FB46EBF
                  SHA1:6DA6E8AB90E825BF00040D8A769AC23408EC51BB
                  SHA-256:AFEECB31A8C05328A0B163195515B3A56B8E029DFDD003BB7C62C251C4529297
                  SHA-512:34B540FA98FF81426C7992FCC6B7BF5FADA4156E9068B979F97C9B138D234F89E1A8C9CC5A601034490ABBA688503729D744D735B70419177696B5445574F21A
                  Malicious:false
                  Reputation:low
                  Preview:2024/04/25-10:10:46.567 1c04 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/04/25-10:10:46.579 1c04 Recovering log #3.2024/04/25-10:10:46.580 1c04 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

                  C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\7337dc18-324e-4f3b-a5a8-c19cb7f0cd7c.tmp

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                  File Type:JSON data
                  Category:modified
                  Size (bytes):508
                  Entropy (8bit):5.052046258977293
                  Encrypted:false
                  SSDEEP:12:YH/um3RA8sqZ+3ksBdOg2Hocaq3QYiubxnP7E4T3OF+:Y2sRdsb5dMHD3QYhbxP7nbI+
                  MD5:CC24AC65DA44C4E44344423EBE0413F7
                  SHA1:FA59B6B03ABA583D0B87E3BA9EA4FC0B46D28FDC
                  SHA-256:606CD3F2ACCF2F97DE4BA8F76F5A5F0C3EF7E4240F3D5C6D0C41F526E96B9B3E
                  SHA-512:2420782418FF607EF8CAF4662368071BAE94D443C417607EF5E1DD97CDA517AABAB8E6049E62184137DEDAC15A43CAFCF4516C1671AADB827570461C80DC7037
                  Malicious:false
                  Reputation:low
                  Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13358592652353209","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":115096},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.5","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G","CAYSABiAgICA+P////8B":"Offline"}}}

                  C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                  File Type:JSON data
                  Category:dropped
                  Size (bytes):508
                  Entropy (8bit):5.052046258977293
                  Encrypted:false
                  SSDEEP:12:YH/um3RA8sqZ+3ksBdOg2Hocaq3QYiubxnP7E4T3OF+:Y2sRdsb5dMHD3QYhbxP7nbI+
                  MD5:CC24AC65DA44C4E44344423EBE0413F7
                  SHA1:FA59B6B03ABA583D0B87E3BA9EA4FC0B46D28FDC
                  SHA-256:606CD3F2ACCF2F97DE4BA8F76F5A5F0C3EF7E4240F3D5C6D0C41F526E96B9B3E
                  SHA-512:2420782418FF607EF8CAF4662368071BAE94D443C417607EF5E1DD97CDA517AABAB8E6049E62184137DEDAC15A43CAFCF4516C1671AADB827570461C80DC7037
                  Malicious:false
                  Reputation:low
                  Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13358592652353209","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":115096},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.5","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G","CAYSABiAgICA+P////8B":"Offline"}}}

                  C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                  File Type:data
                  Category:dropped
                  Size (bytes):4509
                  Entropy (8bit):5.229194426987319
                  Encrypted:false
                  SSDEEP:96:QqBpCqGp3Al+NehBmkID2w6bNMhugoKTNY+No/KTNcygLPGLLURx5DuZ:rBpJGp3AoqBmki25ZEVoKTNY+NoCTNLT
                  MD5:3419A698B67081F23E65421E1CAD3544
                  SHA1:AF4B204BAE810F243E4486FD7D0C29A31C5A0CEF
                  SHA-256:AB5187DD31E252F3D8DBBA2869664AF9F181B9EA4EC3083B124B8B9D3FB17295
                  SHA-512:BC74D36B488E5F7D126927172AB62AFCA7A2817089DAADC0238EB9F1C92E3690A9725BDFC0092FAA28228713EE170C6E176BCC7F689D2B3C8224FEE2DCB4EF8C
                  Malicious:false
                  Reputation:low
                  Preview:*...#................version.1..namespace-.1a.o................next-map-id.1.Pnamespace-047a745d_5c98_4926_b446_942fb948d072-https://rna-resource.acrobat.com/.0.K..r................next-map-id.2.Snamespace-bdf2fbfe_e08b_407d_8a81_9a6094e373a0-https://rna-v2-resource.acrobat.com/.1.m.Fr................next-map-id.3.Snamespace-24b9c7f4_3e31_4d11_a607_ac91d6485c9e-https://rna-v2-resource.acrobat.com/.2.8.o................next-map-id.4.Pnamespace-bc60f291_faa7_4492_8b22_e186b4ce62c1-https://rna-resource.acrobat.com/.3.A-N^...............Pnamespace-047a745d_5c98_4926_b446_942fb948d072-https://rna-resource.acrobat.com/-j..^...............Pnamespace-bc60f291_faa7_4492_8b22_e186b4ce62c1-https://rna-resource.acrobat.com/[.|.a...............Snamespace-bdf2fbfe_e08b_407d_8a81_9a6094e373a0-https://rna-v2-resource.acrobat.com/....a...............Snamespace-24b9c7f4_3e31_4d11_a607_ac91d6485c9e-https://rna-v2-resource.acrobat.com/.W.@o................next-map-id.5.Pnamespace-8fb46ac3_c992_47ca_bb04_

                  C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                  File Type:ASCII text
                  Category:dropped
                  Size (bytes):326
                  Entropy (8bit):5.170163741288483
                  Encrypted:false
                  SSDEEP:6:Lq2P92nKuAl9OmbzNMxIFUt8cuSZmw+kkwO92nKuAl9OmbzNMFLJ:Lv4HAa8jFUt8tS/+k5LHAa84J
                  MD5:DBE48ABE1ECFC25616DE26F417250290
                  SHA1:7B7F16359BDC81C29AF68AD53768D5A3491B2A25
                  SHA-256:427CA36219265DEDC5962D2019C1BFD495936C64D51E860E54095F12CA586153
                  SHA-512:9A22D5A05BBCDDE6CFB2834F3FDF0DC4AC541CC1543BCD5124EDA9D55718EE7405F32BC2E924E7281CA735162C32BF8D12740EC5EBDB8942CCDEFCE14D9A4287
                  Malicious:false
                  Reputation:low
                  Preview:2024/04/25-10:10:46.915 1c04 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/04/25-10:10:46.923 1c04 Recovering log #3.2024/04/25-10:10:46.938 1c04 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

                  C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                  File Type:ASCII text
                  Category:dropped
                  Size (bytes):326
                  Entropy (8bit):5.170163741288483
                  Encrypted:false
                  SSDEEP:6:Lq2P92nKuAl9OmbzNMxIFUt8cuSZmw+kkwO92nKuAl9OmbzNMFLJ:Lv4HAa8jFUt8tS/+k5LHAa84J
                  MD5:DBE48ABE1ECFC25616DE26F417250290
                  SHA1:7B7F16359BDC81C29AF68AD53768D5A3491B2A25
                  SHA-256:427CA36219265DEDC5962D2019C1BFD495936C64D51E860E54095F12CA586153
                  SHA-512:9A22D5A05BBCDDE6CFB2834F3FDF0DC4AC541CC1543BCD5124EDA9D55718EE7405F32BC2E924E7281CA735162C32BF8D12740EC5EBDB8942CCDEFCE14D9A4287
                  Malicious:false
                  Reputation:low
                  Preview:2024/04/25-10:10:46.915 1c04 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/04/25-10:10:46.923 1c04 Recovering log #3.2024/04/25-10:10:46.938 1c04 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

                  C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240425081051Z-178.bmp

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:PC bitmap, Windows 3.x format, 117 x -152 x 32, cbSize 71190, bits offset 54
                  Category:dropped
                  Size (bytes):71190
                  Entropy (8bit):5.140090663337727
                  Encrypted:false
                  SSDEEP:768:Mpq728IopoNwoi8xo1ebRpylJq2WIO6gDOrXsCyTwldEHNCSlVFjY2uA:qy28IoptDI9cWypXqT7tBlDYi
                  MD5:8FADDB6FEA635B79E78AD000FA3772A5
                  SHA1:168C6979B2477F5CDB11C3F273EF20C0A4C5EE5D
                  SHA-256:DFCAFAD81D40C47CEB91F62B6B72D07FC0FA0CDFFF33A3776461923AC4AB4FC2
                  SHA-512:02DD5EBC59231CBF74B492287CCFA04F97A852E86B6B4333C506184A26574C1CAE2EEF146290D371D46F37790041929C73CA2D04E2D65F6B228E658DD5732F2C
                  Malicious:false
                  Reputation:low
                  Preview:BM........6...(...u...h..... .........................CG..0,..!...GJ..ca..\]..64..:8..KL..OR..NQ..?=..3...HI..:9.. ... ..DC..65...... ...,*../-..87..rs..........ZZ..NO..MO..42..'".. !..CC..02..-,..-,..JL..ee..][..UT..HI..LN.. .....y."...FF..SR..UU..,'....w.8;..94..85..KI..<=..?=......!...QP..?@..''..SN..:7..==....~.]`..!...KH...... ......42..=:..FG..84..52......b`..DC..LM..A?..""..A?......GG..97..,)..IG..)$..FD....m..._.SS....x.PM..GI..1,..FF..ec..ZV..ii....w...f...f...t...t.84..LF..UU..QM......xs....k.[W..tp......10..*%..QP..xx..wx..MH..%...;8..ff..bb..LM..,$..) ..LL..lm..Z\...(..%...CD..NM..!...'...03..RT..CB..su...........|..JN..22..........>=..98..".....y.HD..fb..hh..jl..hh..?=../*..)#..65..RQ..oq..rq..po..>:......C>.. ..HD............v...}.*)..2/..KF......;8..D@.."...;5..HC......?<......30..@=..><..96..=<..AA......ZU..NN..a`..SN..%!..B;......LK..;8..KG..55..Z\..!.........u.db......b[..VU..<9..bc..ig..gi...{..!...............;5..fc..yv..\V......................#.......#!..VU..vz

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.5512

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:PostScript document text
                  Category:dropped
                  Size (bytes):185099
                  Entropy (8bit):5.182478651346149
                  Encrypted:false
                  SSDEEP:1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC
                  MD5:94185C5850C26B3C6FC24ABC385CDA58
                  SHA1:42F042285037B0C35BC4226D387F88C770AB5CAA
                  SHA-256:1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808
                  SHA-512:652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344
                  Malicious:false
                  Reputation:moderate, very likely benign file
                  Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Reg.FamilyName:Agency FB.StyleName:Regular.MenuName:Agency FB.StyleBits:0.WeightClass:400.WidthClass:3.AngleClass:0.FullName:Agency FB.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB.FileLength:58920.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Bold.FamilyName:Agency FB.StyleName:Bold.MenuName:Agency FB.StyleBits:2.WeightClass:700.WidthClass:3.AngleClass:0.FullName:Agency FB Bold.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB Bold.FileLength:60656.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB Bold.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Algerian.FamilyName:Algerian.StyleName:Regular.MenuName:Algerian.StyleBits:0.We

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt23.lst (copy)

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:PostScript document text
                  Category:dropped
                  Size (bytes):185099
                  Entropy (8bit):5.182478651346149
                  Encrypted:false
                  SSDEEP:1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC
                  MD5:94185C5850C26B3C6FC24ABC385CDA58
                  SHA1:42F042285037B0C35BC4226D387F88C770AB5CAA
                  SHA-256:1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808
                  SHA-512:652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344
                  Malicious:false
                  Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Reg.FamilyName:Agency FB.StyleName:Regular.MenuName:Agency FB.StyleBits:0.WeightClass:400.WidthClass:3.AngleClass:0.FullName:Agency FB.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB.FileLength:58920.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Bold.FamilyName:Agency FB.StyleName:Bold.MenuName:Agency FB.StyleBits:2.WeightClass:700.WidthClass:3.AngleClass:0.FullName:Agency FB Bold.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB Bold.FileLength:60656.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB Bold.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Algerian.FamilyName:Algerian.StyleName:Regular.MenuName:Algerian.StyleBits:0.We

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\IconCacheAcro65536.dat

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:data
                  Category:dropped
                  Size (bytes):227002
                  Entropy (8bit):3.392780893644728
                  Encrypted:false
                  SSDEEP:1536:WKPC4iyzDtrh1cK3XEivK7VK/3AYvYwgF/rRoL+sn:DPCaJ/3AYvYwglFoL+sn
                  MD5:87EDBEE38F56C20298F25D5D3D4D1B5C
                  SHA1:7F904E9615AC3186A87472EF366DD8202855B0B7
                  SHA-256:A46B56D3ABCC137D1872DDF20EED4BCD7D04518282282ADB32DDCCF70D7FFBA6
                  SHA-512:BBEBC1FCD5BC9AE042DD5782425BA8C47BF3EAC283B2487FC4E3FF6BF8101306DAB081E5135594165D4DC1AC120FF125AADBC5B3FFE7C646183C04DF77865E0D
                  Malicious:false
                  Preview:Adobe Acrobat Reader (64-bit) 23.6.20320....?A12_AV2_Search_18px.............................................................................................................KKK KKK.KKK.KKK.KKK.KKK.KKK@........................................KKK`KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK.............................KKKPKKK.KKK.KKK.KKK.........KKKPKKK.KKK.KKK.........................KKK.KKK.KKK.KKK0....................KKK.KKK.KKK.KKK`....................KKK`KKK.KKK.............................KKK@KKK.KKK.....................KKK.KKK.KKK0................................KKK.KKK.....................KKK.KKK.....................................KKK.KKK.....................KKK.KKK.KKK0................................KKK.KKK.....................KKK`KKK.KKK.............................KKK@KKK.KKK.....................KKK.KKK.KKK.KKK@....................KKK.KKK.KKK.KKK`........................KKKPKKK.KKK.KKK.KKK.........KKKPKKK.KKK.KKK.KKK.............................KKK`KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:JSON data
                  Category:dropped
                  Size (bytes):295
                  Entropy (8bit):5.3326378294957815
                  Encrypted:false
                  SSDEEP:6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJM3g98kUwPeUkwRe9:YvXKXDp1UYpW7eGMbLUkee9
                  MD5:B3FCE11C2138AD19EA98A51CDFAD98B2
                  SHA1:8227F88B539114F70BF74DE79837C9AA9EB8DBE2
                  SHA-256:A9FB87ECACD34DC6DD749FE9D40D487A1A8B44A68857129A951DDABF70EB8659
                  SHA-512:9302494C067863386D982C57F1C6F346B018326B12931E2ED34F9D81D5B7BF28DE610C615DB471599BEC1DFB28816515E4B73E904C7D9B6B33D0732D3F122E84
                  Malicious:false
                  Preview:{"analyticsData":{"responseGUID":"fbb9183f-499b-4e79-9e49-ea946168ab2d","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1714207177046,"statusCode":200,"surfaceID":"ACROBAT_READER_MASTER_SURFACEID","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:JSON data
                  Category:dropped
                  Size (bytes):294
                  Entropy (8bit):5.270090945330062
                  Encrypted:false
                  SSDEEP:6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfBoTfXpnrPeUkwRe9:YvXKXDp1UYpW7eGWTfXcUkee9
                  MD5:9F2DC183841EB878B13F877134EB1BE2
                  SHA1:3BEAA5EB8E7123F12F47049D501E87856F05F8D1
                  SHA-256:A9B3315B0014DF3AA11089347F00ADDB5A49BF8040D379886C4D45C06B1AD7EF
                  SHA-512:79C5BE240075C95242670336EF3FC52D905F03DCC5A4F2BBB458DE7E5C82B858819E11E4E9B66B38A09342677C9738735DBAB4A7712C80A66D0904B9409BDB28
                  Malicious:false
                  Preview:{"analyticsData":{"responseGUID":"fbb9183f-499b-4e79-9e49-ea946168ab2d","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1714207177046,"statusCode":200,"surfaceID":"DC_FirstMile_Home_View_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:JSON data
                  Category:dropped
                  Size (bytes):294
                  Entropy (8bit):5.249850272987058
                  Encrypted:false
                  SSDEEP:6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfBD2G6UpnrPeUkwRe9:YvXKXDp1UYpW7eGR22cUkee9
                  MD5:59072AFA43DCBEBDD9BC1CF826E36CA5
                  SHA1:49DC8543FB154D84C8A1E5FEF4F99A51F0E5240F
                  SHA-256:486D9677CA25CC40543A27C51DC8B566D25E8F254A02F6FDF5A49CD1DA351398
                  SHA-512:56C1DF9E9394B4E11DFA2D0DE0C91FCB5490772A000CB8E41F4DC5F6C5C50CC2100AF738C772C7964F077CC5CB38A72353E6EE4267BC547ED584C2CDC8955B83
                  Malicious:false
                  Preview:{"analyticsData":{"responseGUID":"fbb9183f-499b-4e79-9e49-ea946168ab2d","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1714207177046,"statusCode":200,"surfaceID":"DC_FirstMile_Right_Sec_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:JSON data
                  Category:dropped
                  Size (bytes):285
                  Entropy (8bit):5.3104526174366855
                  Encrypted:false
                  SSDEEP:6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfPmwrPeUkwRe9:YvXKXDp1UYpW7eGH56Ukee9
                  MD5:4C4196EA8EDFAC719B692EE5B2C2FB60
                  SHA1:326CEF78A5AB91C80F5D7EA86160C6C983C82AD7
                  SHA-256:783A13838F47305E4F2C2852E7E31B93132D8425B77C234EA2BB273C99CB6691
                  SHA-512:5FD1C2D35996E936FFEE02A0C9C36B3724A512DC097EF43DB1E2E29D279921DE1506DBE8560E892BE6D13D985E1C926E394C30A873184A40E1BE02FE347B7949
                  Malicious:false
                  Preview:{"analyticsData":{"responseGUID":"fbb9183f-499b-4e79-9e49-ea946168ab2d","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1714207177046,"statusCode":200,"surfaceID":"DC_READER_LAUNCH_CARD","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:JSON data
                  Category:dropped
                  Size (bytes):292
                  Entropy (8bit):5.269138629004063
                  Encrypted:false
                  SSDEEP:6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfJWCtMdPeUkwRe9:YvXKXDp1UYpW7eGBS8Ukee9
                  MD5:F6F0275B1DB45F5DCDFC6A545A5C3CEC
                  SHA1:B3D5441C0752AE754453E9BA1C55B5FFD1B32BD5
                  SHA-256:4D22B9EC4FE2A406A3ADD4B0520813F7041A1C0B9E3176D8BC6230C7F4EF6387
                  SHA-512:45B832A30A89BCC1F9D894247D775817D7656AF3756FB3CD47A6E7ED498CE51E408532CDECBF6B471223F7DCFC7CFF293070CBFC605CE7E6A64CE5BB0B1AEAE4
                  Malicious:false
                  Preview:{"analyticsData":{"responseGUID":"fbb9183f-499b-4e79-9e49-ea946168ab2d","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1714207177046,"statusCode":200,"surfaceID":"DC_Reader_Convert_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:JSON data
                  Category:dropped
                  Size (bytes):289
                  Entropy (8bit):5.2562578957880755
                  Encrypted:false
                  SSDEEP:6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJf8dPeUkwRe9:YvXKXDp1UYpW7eGU8Ukee9
                  MD5:304A0A651DEA078604701998FFD2458D
                  SHA1:4AF4B0A1E5650BA3BD951DBDFBA9F7C5315A9C9A
                  SHA-256:366A65A030F27E9B26CCDA267793271F9A2D581A804DD52D597F7CF287DE85CC
                  SHA-512:7AAEE6562A6C9A465DB1BB68710AC362451A6897F39D2482B99A378B9C6DDCD1BB884CAD3A56B2FB25EB1DE63A2C77F94394F98BD2D8E8CC881AD685BB339C4F
                  Malicious:false
                  Preview:{"analyticsData":{"responseGUID":"fbb9183f-499b-4e79-9e49-ea946168ab2d","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1714207177046,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:JSON data
                  Category:dropped
                  Size (bytes):292
                  Entropy (8bit):5.257406073657622
                  Encrypted:false
                  SSDEEP:6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfQ1rPeUkwRe9:YvXKXDp1UYpW7eGY16Ukee9
                  MD5:4B45C064133A5AD3517C4BDB77C1D3CC
                  SHA1:B84B1A0DE06609EA133608B8D0B6D9B400590B30
                  SHA-256:FEC2CA40DC31574CFDF15BE567C52F3CF0508D8405405E739639A9323995E13E
                  SHA-512:A8E6C3FB6181F8F5618C13E304B62CA2B37D5D4E334CAA813DAC4D3F4BD8AA6B20236AF060D552B2DDD3F54A94ECB872799A28B00E8DA8F6F139CB27343AF2F9
                  Malicious:false
                  Preview:{"analyticsData":{"responseGUID":"fbb9183f-499b-4e79-9e49-ea946168ab2d","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1714207177046,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:JSON data
                  Category:dropped
                  Size (bytes):289
                  Entropy (8bit):5.276724270589433
                  Encrypted:false
                  SSDEEP:6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfFldPeUkwRe9:YvXKXDp1UYpW7eGz8Ukee9
                  MD5:AB00B868BC4C59707B8F521A55778E56
                  SHA1:EB4DCDD880ABA8F4CD42BC23B8A59FEC1C19710E
                  SHA-256:7D13DA537D37DA55422FF643B36B8581A5714048F50DB9FF29B2ABC87C189E01
                  SHA-512:80F9937F7251CF39DEB39FF9A738A379A67305F29530BEF6A841F23161138A1CC53A5CFDAD2AB95969E8B5371775DB8ACBAD720C5C92DBC6A82DF50855A68A75
                  Malicious:false
                  Preview:{"analyticsData":{"responseGUID":"fbb9183f-499b-4e79-9e49-ea946168ab2d","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1714207177046,"statusCode":200,"surfaceID":"DC_Reader_Edit_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:JSON data
                  Category:dropped
                  Size (bytes):1372
                  Entropy (8bit):5.737233007587575
                  Encrypted:false
                  SSDEEP:24:Yv6XDp3iaKLgENRcbrZbq00iCCBrwJo++ns8ct4mFJNn:YvDaEgigrNt0wSJn+ns8cvFJB
                  MD5:17F2C80C30AA8B25DA8606E32C7C1641
                  SHA1:1E215D6CAF77F647D5150DCD21B21CE7C0E0065A
                  SHA-256:E628F037C6C8B480D44A7CC03E58470AC68B1735F77CF8F8A2DDEC3C9BB4F48B
                  SHA-512:A19377904FE7A05366D2E37E4005AB531F6013F42164200DC6189A450C1F97D2DD2AE7889AD7EBCCEB34383B49A384FB96851EEFE11500AB5A9A4C03356B4BD0
                  Malicious:false
                  Preview:{"analyticsData":{"responseGUID":"fbb9183f-499b-4e79-9e49-ea946168ab2d","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1714207177046,"statusCode":200,"surfaceID":"DC_Reader_Home_LHP_Trial_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Home_LHP_Trial_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"79887_247329ActionBlock_0","campaignId":79887,"containerId":"1","controlGroupId":"","treatmentId":"acc56846-d570-4500-a26e-7f8cf2b4acad","variationId":"247329"},"containerId":1,"containerLabel":"JSON for DC_Reader_Home_LHP_Trial_Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJUcnkgQWNyb2JhdCBQcm8ifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNSIsImZvbnRfc3R5bGUiOiIwIn0sImRlc2NyaXB0aW9uX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTMiLCJmb250X3N0eWxlIjoiLTEifSwidGl0bGUiOiJGcmVlIDctZGF5IHRyaWFsIiwiZGVzY3JpcHRpb24iOiJHZXQgdW5saW1pdGVkIGFjY2VzcyB0byBwcmVtaXVtIFBERiBhbmQgZS1zaWduaW5nIHRvb2xzLiIsImJ

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:JSON data
                  Category:dropped
                  Size (bytes):289
                  Entropy (8bit):5.262896737432268
                  Encrypted:false
                  SSDEEP:6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfYdPeUkwRe9:YvXKXDp1UYpW7eGg8Ukee9
                  MD5:0DF992B05CFF1A2E8FDBB28647FBBA18
                  SHA1:E25E717832B6E7E308E664CE78DD5DD07E257699
                  SHA-256:C76E7202A0F0B5E4E339D2AC62A9784B98F179493FD3DEF89ACD272FB2547F2B
                  SHA-512:A62B41F3DA375B3D3EB622C4C8F8F68E446999A31FA01145944200FE8744ADD2DB7A7C51BF567C8F20536AD2B4CDD59EF409BFB16EA74CAB67ED04F8F2C1DFDD
                  Malicious:false
                  Preview:{"analyticsData":{"responseGUID":"fbb9183f-499b-4e79-9e49-ea946168ab2d","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1714207177046,"statusCode":200,"surfaceID":"DC_Reader_More_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:JSON data
                  Category:dropped
                  Size (bytes):1395
                  Entropy (8bit):5.77369766517744
                  Encrypted:false
                  SSDEEP:24:Yv6XDp3iJrLgEGOc93W2JeFmaR7CQzttgBcu141CjrWpHfRzVCV9FJN/:YvDJHgDv3W2aYQfgB5OUupHrQ9FJt
                  MD5:0E219718C9D67522362D4690ECA64E1B
                  SHA1:623174498523213DB72C1A8F45B4DB7F3B787776
                  SHA-256:0A9DC2F356311C1A8322C40A8D8594E1F90434A610720B8BCE9753F173979968
                  SHA-512:8B4B45878716AEBF7D40D62ADA25D09524FB54CDB21A9A34D1038D395BDAF6B80C2E3069A5B7F3AF45C3A773ACED413A6BA6992F8EE7B065FA93056911035EB1
                  Malicious:false
                  Preview:{"analyticsData":{"responseGUID":"fbb9183f-499b-4e79-9e49-ea946168ab2d","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1714207177046,"statusCode":200,"surfaceID":"DC_Reader_RHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_RHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"57802_176003ActionBlock_0","campaignId":57802,"containerId":"1","controlGroupId":"","treatmentId":"d0374f2d-08b2-49b9-9500-3392758c9e2e","variationId":"176003"},"containerId":1,"containerLabel":"JSON for Reader DC RHP Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJGcmVlIDctRGF5IFRyaWFsIiwiZ29fdXJsIjoiaHR0cHM6Ly9hY3JvYmF0LmFkb2JlLmNvbS9wcm94eS9wcmljaW5nL3VzL2VuL3NpZ24tZnJlZS10cmlhbC5odG1sP3RyYWNraW5naWQ9UEMxUFFMUVQmbXY9aW4tcHJvZHVjdCZtdjI9cmVhZGVyIn0sInVpIjp7InRpdGxlX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTQiLCJmb250X3N0eWxlIjoiMyJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjEyIiwiZm9udF9zdHlsZSI6IjMifSwidGl0

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:JSON data
                  Category:dropped
                  Size (bytes):291
                  Entropy (8bit):5.246698840347147
                  Encrypted:false
                  SSDEEP:6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfbPtdPeUkwRe9:YvXKXDp1UYpW7eGDV8Ukee9
                  MD5:F44D1D48DAD7811377C4FB46DEBDD05D
                  SHA1:2475E4E5F35A45365A8177673998B9CB75B7A83C
                  SHA-256:A9FFB6A7448BE61161797756B33EABFBDA44AFFD69E3AF17C6636EA6687A4CE9
                  SHA-512:C0FD67E49F84D87B698CEB611A9AF74DF559A5B34698F3B37868DFE6733AE4F7F5C989552045F2247EE77436CB136C306FC8945602A04C86398BA021590E67A4
                  Malicious:false
                  Preview:{"analyticsData":{"responseGUID":"fbb9183f-499b-4e79-9e49-ea946168ab2d","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1714207177046,"statusCode":200,"surfaceID":"DC_Reader_RHP_Intent_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:JSON data
                  Category:dropped
                  Size (bytes):287
                  Entropy (8bit):5.247858495068459
                  Encrypted:false
                  SSDEEP:6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJf21rPeUkwRe9:YvXKXDp1UYpW7eG+16Ukee9
                  MD5:6C880F8D374A63701B893F438C9455C0
                  SHA1:F43FA16E51E1F9792EAA943518BE47AE7ABCD849
                  SHA-256:F9E416788D268DA079164824B770F40271D2567847CC3B5F457C93A721E427E4
                  SHA-512:320A994C94D4582CB073E41FCDC282BE7AD6C7C240FD143C0C5C115886726DF79CD7D64C6A800ED499892DAEA42D2184D59A5A99DB297AA0FBA593D5699521CD
                  Malicious:false
                  Preview:{"analyticsData":{"responseGUID":"fbb9183f-499b-4e79-9e49-ea946168ab2d","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1714207177046,"statusCode":200,"surfaceID":"DC_Reader_RHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:JSON data
                  Category:dropped
                  Size (bytes):289
                  Entropy (8bit):5.2700093437155395
                  Encrypted:false
                  SSDEEP:6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfbpatdPeUkwRe9:YvXKXDp1UYpW7eGVat8Ukee9
                  MD5:991210362D5CA8DB36A906305E49F0BA
                  SHA1:1ACBA4F0CF3AB580DB40CF5F55A97E55E6DE9D4A
                  SHA-256:37D5EA1FE81F46E649C844239F2BFE1C0D9B619F001DE00CD445A6FBDE17AFFE
                  SHA-512:B7D089E61F23FF09051250D8C3329618B9B4C68A1210BA8E741D263AB75D2AB75C049005550283EB235A1259C85F70BFE39515D3B844BCF6ADFA287228BA1B7C
                  Malicious:false
                  Preview:{"analyticsData":{"responseGUID":"fbb9183f-499b-4e79-9e49-ea946168ab2d","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1714207177046,"statusCode":200,"surfaceID":"DC_Reader_Sign_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:JSON data
                  Category:dropped
                  Size (bytes):286
                  Entropy (8bit):5.223639180033316
                  Encrypted:false
                  SSDEEP:6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfshHHrPeUkwRe9:YvXKXDp1UYpW7eGUUUkee9
                  MD5:DE69301921E3612FB0F49CA4CB6A45C3
                  SHA1:0734E2580D0531E58D12AC9C63A4304366034015
                  SHA-256:A1D3ECF1657F11AF0DDA308176F602C5AC2DDD681736930A990D3C58C284B668
                  SHA-512:A73699A12D9AE2767F8442D79F7C82CF843EDF5BEEBF781718D6073468E0F4021CF8350E1715DCBB751A04AE36CD6EA3FC4242FE6FBA970AC6B4BEB0A6561ECE
                  Malicious:false
                  Preview:{"analyticsData":{"responseGUID":"fbb9183f-499b-4e79-9e49-ea946168ab2d","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1714207177046,"statusCode":200,"surfaceID":"DC_Reader_Upsell_Cards","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:JSON data
                  Category:dropped
                  Size (bytes):782
                  Entropy (8bit):5.364997765081773
                  Encrypted:false
                  SSDEEP:12:YvXKXDp1UYpW7eGTq16Ukee1+3CEJ1KXd15kcyKMQo7P70c0WM6ZB/uhWYa1:Yv6XDp3io168CgEXX5kcIfANhi
                  MD5:A113004A333393F038987CF0F2491A15
                  SHA1:18629432EBF9D1E1E92FE6CE00F417AE86138755
                  SHA-256:FD9A97D4947DA1FF559B819E705046DFF3421F466209A76142E6848C124D3740
                  SHA-512:B4C7CBA70E2FA25D1CC7C98B0A74FA3FCBA87854A48D3AE22F2EF3D7E78EEF904CD355566619B563C00CE8E2C179084F6E72ED6F1BC534BF8182B2E1B40DA1F3
                  Malicious:false
                  Preview:{"analyticsData":{"responseGUID":"fbb9183f-499b-4e79-9e49-ea946168ab2d","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1714207177046,"statusCode":200,"surfaceID":"Edit_InApp_Aug2020","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"Edit_InApp_Aug2020"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"20360_57769ActionBlock_0","campaignId":20360,"containerId":"1","controlGroupId":"","treatmentId":"3c07988a-9c54-409d-9d06-53885c9f21ec","variationId":"57769"},"containerId":1,"containerLabel":"JSON for switching in-app test","content":{"data":"eyJ1cHNlbGxleHBlcmltZW50Ijp7InRlc3RpZCI6IjEiLCJjb2hvcnQiOiJicm93c2VyIn19","dataType":"application\/json","encodingScheme":true},"endDTS":1735804679000,"startDTS":1714032652078}}}}

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:data
                  Category:dropped
                  Size (bytes):4
                  Entropy (8bit):0.8112781244591328
                  Encrypted:false
                  SSDEEP:3:e:e
                  MD5:DC84B0D741E5BEAE8070013ADDCC8C28
                  SHA1:802F4A6A20CBF157AAF6C4E07E4301578D5936A2
                  SHA-256:81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
                  SHA-512:65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
                  Malicious:false
                  Preview:....

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:JSON data
                  Category:dropped
                  Size (bytes):2814
                  Entropy (8bit):5.130740759019158
                  Encrypted:false
                  SSDEEP:48:YzAChX+MvQ30ZwZ6QqfjKgaqjMvmrfgTYSJZ9JZXEYF9vuu5b:Y9iiw0lrNQgohlZ1rX
                  MD5:94F6ED10A9D529FB83EDADF51B9A46AD
                  SHA1:6607A931547733EE5D50D2B3556FD181D77E317E
                  SHA-256:EE9020C56C566F6961DDF3235C79B38D1AC4636D30C6BA691F3C300A1436F17A
                  SHA-512:B1B878DEAB5D6CED31C494E8C38C7CAF31D9A6F65F352F43EF6BB27503CE9F0C0B0EFCA9E1BECB37700746301FB534E32EF76E9D029C7AB9BA930BB06828DE8B
                  Malicious:false
                  Preview:{"all":[{"id":"DC_Reader_Disc_LHP_Banner","info":{"dg":"26e1229a77988f1bd8a8c3dfa183fe71","sid":"DC_Reader_Disc_LHP_Banner"},"mimeType":"file","size":289,"ts":1714032651000},{"id":"DC_Reader_Home_LHP_Trial_Banner","info":{"dg":"5a5e96f03be80a8990f7834226ca7c22","sid":"DC_Reader_Home_LHP_Trial_Banner"},"mimeType":"file","size":1372,"ts":1714032651000},{"id":"Edit_InApp_Aug2020","info":{"dg":"5525415d5ac1bdd15653125cff18918f","sid":"Edit_InApp_Aug2020"},"mimeType":"file","size":782,"ts":1714032651000},{"id":"DC_Reader_RHP_Banner","info":{"dg":"52bbb5b9677813e2a13b40c74bf1820f","sid":"DC_Reader_RHP_Banner"},"mimeType":"file","size":1395,"ts":1714032651000},{"id":"DC_Reader_Disc_LHP_Retention","info":{"dg":"bc7347191d2cb3ee8bdae96c2afe3ae0","sid":"DC_Reader_Disc_LHP_Retention"},"mimeType":"file","size":292,"ts":1714032651000},{"id":"DC_Reader_More_LHP_Banner","info":{"dg":"2a968c115c72db181a6a3d4ed5fc9511","sid":"DC_Reader_More_LHP_Banner"},"mimeType":"file","size":289,"ts":1714032651000},

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 19, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 19
                  Category:dropped
                  Size (bytes):12288
                  Entropy (8bit):0.9857468212176155
                  Encrypted:false
                  SSDEEP:24:TLHRx/XYKQvGJF7urs6I1RZKHs/Ds/SpI14zJwtNBwtNbRZ6bRZ4z1F:TVl2GL7ms6ggOVpIOzutYtp6P2f
                  MD5:3A67254E884458414D06CD952EC2402F
                  SHA1:9BD1FC448B8523C60059825CA0DCF8920AEE6FA6
                  SHA-256:C487820044C2E60EFB4038D205DBBB02C7C537AF5A3A368ADEB8CC12158A1076
                  SHA-512:B1284D72BE9E1539A6B681FB0B18BEF867D30FF4E6F17E47509BE78386A5EEEFC3F78934BBFC4B987B6DF0238487B28B475DF00DE58591F27CDEC67B9CCAA4BE
                  Malicious:false
                  Preview:SQLite format 3......@ ..........................................................................c.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:SQLite Rollback Journal
                  Category:dropped
                  Size (bytes):8720
                  Entropy (8bit):1.3390382263097123
                  Encrypted:false
                  SSDEEP:24:7+t6AD1RZKHs/Ds/SpI1PzJwtNBwtNbRZ6bRZWf1RZKiqLBx/XYKQvGJF7ursr:7M6GgOVpI1zutYtp6PMLqll2GL7msr
                  MD5:D6204B1CF5AE80A099465B3DC6C8A6DA
                  SHA1:9E9CFFF222F1A80DD75B12FCE179601346B19B4B
                  SHA-256:AB3AB262A14985AB57AD1D55336388F826F86148802DDFC8464C4A760D207C88
                  SHA-512:806695A9AAA030A63B6200315569823F9638EC8C1A3B053AE81B1DC4AB50D3F881F9255B86049C0D9128AD272D4B85E89C3AEB166803263ABFDFF0A49156B62B
                  Malicious:false
                  Preview:.... .c.....qY.d......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................j...#..#.#.#.#.#.#.#.#.7.7........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                  C:\Users\user\AppData\Local\Temp\MSI3e914.LOG

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                  Category:dropped
                  Size (bytes):246
                  Entropy (8bit):3.5065515051498046
                  Encrypted:false
                  SSDEEP:6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K8+adN6s9:Qw946cPbiOxDlbYnuRK+9
                  MD5:6C279F46B8D5A98C0F8DF55D17925149
                  SHA1:DD350499A6A3938EE87D084E635C620724570F9E
                  SHA-256:A764590D704EB01BFBCE5FD310F5B2F1BA03A5F2A9EAD8B6A6395A3779ECDC7F
                  SHA-512:09E3AA61F4D689EA06A1189FAF1FEF06D8BF944AE58BF50751BA3D349106926835976CFFD8C3005451D6D6233FF16191AE3353C98C353F0F10A027E4675B2C61
                  Malicious:false
                  Preview:..E.r.r.o.r. .2.7.1.1...T.h.e. .s.p.e.c.i.f.i.e.d. .F.e.a.t.u.r.e. .n.a.m.e. .(.'.A.R.M.'.). .n.o.t. .f.o.u.n.d. .i.n. .F.e.a.t.u.r.e. .t.a.b.l.e.......=.=.=. .L.o.g.g.i.n.g. .s.t.o.p.p.e.d.:. .2.5./.0.4./.2.0.2.4. . .1.0.:.1.0.:.5.4. .=.=.=.....

                  C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-04-25 10-10-48-690.log

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:ASCII text, with very long lines (393)
                  Category:dropped
                  Size (bytes):16525
                  Entropy (8bit):5.376360055978702
                  Encrypted:false
                  SSDEEP:384:6b1sdmfenwop+WP21h2RPjRNg7JjO2on6oU6CyuJw1oaNIIu9EMuJuF6MKK9g9JQ:vIn
                  MD5:1336667A75083BF81E2632FABAA88B67
                  SHA1:46E40800B27D95DAED0DBB830E0D0BA85C031D40
                  SHA-256:F81B7C83E0B979F04D3763B4F88CD05BC8FBB2F441EBFAB75826793B869F75D1
                  SHA-512:D039D8650CF7B149799D42C7415CBF94D4A0A4BF389B615EF7D1B427BC51727D3441AA37D8C178E7E7E89D69C95666EB14C31B56CDFBD3937E4581A31A69081A
                  Malicious:false
                  Preview:SessionID=03c9683a-b9c7-43c5-80d5-ee4bbf74fb26.1696428955961 Timestamp=2023-10-04T16:15:55:961+0200 ThreadID=6596 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------".SessionID=03c9683a-b9c7-43c5-80d5-ee4bbf74fb26.1696428955961 Timestamp=2023-10-04T16:15:55:962+0200 ThreadID=6596 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found".SessionID=03c9683a-b9c7-43c5-80d5-ee4bbf74fb26.1696428955961 Timestamp=2023-10-04T16:15:55:962+0200 ThreadID=6596 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!".SessionID=03c9683a-b9c7-43c5-80d5-ee4bbf74fb26.1696428955961 Timestamp=2023-10-04T16:15:55:962+0200 ThreadID=6596 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1".SessionID=03c9683a-b9c7-43c5-80d5-ee4bbf74fb26.1696428955961 Timestamp=2023-10-04T16:15:55:962+0200 ThreadID=6596 Component=ngl-lib_NglAppLib Description="SetConfig:

                  C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:ASCII text, with very long lines (393), with CRLF line terminators
                  Category:dropped
                  Size (bytes):16603
                  Entropy (8bit):5.356173205783931
                  Encrypted:false
                  SSDEEP:384:bOKXKHGLCRZESyvcviKyA32WJuIgbT3FiyGckgZE4v+4ZD8ELFRqVqLutLkhgw4x:pJS
                  MD5:4F8ED9113541E17FAD57918998249F90
                  SHA1:C372091247D674D9A8A14CBC8A512E3ACCF6C8B1
                  SHA-256:2A83E8E7D0FA5F2D9BB27BEF62FF4176A00F55624A5ACB0A7F0B8EDABDAB8475
                  SHA-512:2362A136CEA38B4C70466E58527072B6870089C344FFEAD376A91AA171B8424A8DA077354E3FB8331F75D7C926A263D50E6BA46B1AF96C1B2CB9A71B6BFACCF5
                  Malicious:false
                  Preview:SessionID=2006df37-83a8-444f-bfcc-3f397333a236.1714032648705 Timestamp=2024-04-25T10:10:48:705+0200 ThreadID=7600 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------"..SessionID=2006df37-83a8-444f-bfcc-3f397333a236.1714032648705 Timestamp=2024-04-25T10:10:48:706+0200 ThreadID=7600 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found"..SessionID=2006df37-83a8-444f-bfcc-3f397333a236.1714032648705 Timestamp=2024-04-25T10:10:48:706+0200 ThreadID=7600 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!"..SessionID=2006df37-83a8-444f-bfcc-3f397333a236.1714032648705 Timestamp=2024-04-25T10:10:48:706+0200 ThreadID=7600 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1"..SessionID=2006df37-83a8-444f-bfcc-3f397333a236.1714032648705 Timestamp=2024-04-25T10:10:48:706+0200 ThreadID=7600 Component=ngl-lib_NglAppLib Description="SetConf

                  C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  File Type:ASCII text, with CRLF line terminators
                  Category:dropped
                  Size (bytes):29845
                  Entropy (8bit):5.388948409270333
                  Encrypted:false
                  SSDEEP:768:GLxxlyVUFcAzWL8VWL1ANSFld5YjMWLvJ8Uy++NSXl3WLd5WLrbhhVClkVMwDGbJ:N
                  MD5:4BD716337B2D33481B7A1A589960E0AB
                  SHA1:5083D5ECC8442F782B0DA32464F431F2B819E7A6
                  SHA-256:5B19ECD6AFDFFE1027D466A5C10B3243252B1089EB592B784FC25CB4A40B97B1
                  SHA-512:6B791BF4654F8587C691D32D4866AD2918EC651719B19D240569309524BEB5473A74E46592A03D9B6766D62D84D3D2C2508E8A17E98C12D27CB714960878DF4C
                  Malicious:false
                  Preview:04-10-2023 02:39:31:.---2---..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : ***************************************..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : ***************************************..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : ******** Starting new session ********..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : Starting NGL..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : Setting synchronous launch...04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 ::::: Configuring as AcrobatReader1..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : NGLAppVersion 23.6.20320.6..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : NGLAppMode NGL_INIT..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : AcroCEFPath, NGLCEFWorkflowModulePath - C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1 C:\Program Files\Adobe\Acrobat DC\Acrobat\NGL\cefWorkflow..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : isNGLExternalBrowserDisabled - No..04-10-2023 02:39:31:.Closing File..04-10-

                  C:\Users\user\AppData\Local\Temp\acrocef_low\68f2bfdc-9310-438b-8c0c-eeefbf0bcfa7.tmp

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                  File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
                  Category:dropped
                  Size (bytes):386528
                  Entropy (8bit):7.9736851559892425
                  Encrypted:false
                  SSDEEP:6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m
                  MD5:5C48B0AD2FEF800949466AE872E1F1E2
                  SHA1:337D617AE142815EDDACB48484628C1F16692A2F
                  SHA-256:F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE
                  SHA-512:44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324
                  Malicious:false
                  Preview:...........]s[G. Z...{....;...J$%K&..%.[..k...S....$,.`. )Z..m........a.......o..7.VfV...S..HY}Ba.<.NUVVV~W.].;qG4..b,N..#1.=1.#1..o.Fb.........IC.....Z...g_~.OO.l..g.uO...bY.,[..o.s.D<..W....w....?$4..+..%.[.?..h.w<.T.9.vM.!..h0......}..H..$[...lq,....>..K.)=..s.{.g.O...S9".....Q...#...+..)>=.....|6......<4W.'.U.j$....+..=9...l.....S..<.\.k.'....{.1<.?..<..uk.v;.7n.!...g....."P..4.U........c.KC..w._G..u..g./.g....{'^.-|..h#.g.\.PO.|...]x..Kf4..s..............+.Y.....@.K....zI..X......6e?[..u.g"{..h.vKbM<.?i6{%.q)i...v..<P8P3.......CW.fwd...{:@h...;........5..@.C.j.....a.. U.5...].$.L..wW....z...v.......".M.?c.......o..}.a.9..A..%V..o.d....'..|m.WC.....|.....e.[W.p.8...rm....^..x'......5!...|......z..#......X_..Gl..c..R..`...*.s-1f..]x......f...g...k........g....... ).3.B..{"4...!r....v+As...Zn.]K{.8[..M.r.Y..........+%...]...J}f]~}_..K....;.Z.[..V.&..g...>...{F..{I..@~.^.|P..G.R>....U..../HY...(.z.<.~.9OW.Sxo.Y

                  C:\Users\user\AppData\Local\Temp\acrocef_low\765eedbd-47c4-4193-9f5a-9b615e555317.tmp

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                  File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
                  Category:dropped
                  Size (bytes):1419751
                  Entropy (8bit):7.976496077007677
                  Encrypted:false
                  SSDEEP:24576:/xA7owWLaGZoYIGNPgwodpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:JVwWLaGZoZG+/3mlind9i4ufFXpAXkru
                  MD5:5D047C0ECBCCBC59239E24DE7D8EBE31
                  SHA1:2988C206226D5D000A97D53A1F251710995B5E95
                  SHA-256:26BBB5D9BBE07306683B03FB763D6B46AF39CA519BF9800240100297A8B3CE2D
                  SHA-512:D91637DC41E68D80A64CFE9C6B1CD1A54EFDDAB533B05244D734E20DB8FB72E7F0C5F01D9E5C62887D0B5951370ED56C65C01EC39ADAE25BCA359FBA4879541C
                  Malicious:false
                  Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

                  C:\Users\user\AppData\Local\Temp\acrocef_low\9811664d-49bc-4f44-a9a4-0721f08d4ae8.tmp

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                  File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
                  Category:dropped
                  Size (bytes):758601
                  Entropy (8bit):7.98639316555857
                  Encrypted:false
                  SSDEEP:12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg
                  MD5:3A49135134665364308390AC398006F1
                  SHA1:28EF4CE5690BF8A9E048AF7D30688120DAC6F126
                  SHA-256:D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B
                  SHA-512:BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5
                  Malicious:false
                  Preview:...........kWT..0...W`.........b..@..nn........5.._..I.R3I..9g.x....s.\+.J......F...P......V]u......t....jK...C.fD..]..K....;......y._.U..}......S.........7...Q.............W.D..S.....y......%..=.....e..^.RG......L..].T.9.y.zqm.Q]..y..(......Q]..~~..}..q...@.T..xI.B.L.a.6...{..W..}.mK?u...5.#.{...n...........z....m^.6!.`.....u...eFa........N....o..hA-..s.N..B.q..{..z.{=..va4_`5Z........3.uG.n...+...t...z.M."2..x.-...DF..VtK.....o]b.Fp.>........c....,..t..an[............5.1.(}..q.q......K3.....[>..;e..f.Y.........mV.cL...]eF..7.e.<.._.o\.S..Z...`..}......>@......|.......ox.........h.......o....-Yj=.s.g.Cc\.i..\..A.B>.X..8`...P......[..O...-.g...r..u\...k..7..#E....N}...8.....(..0....w....j.......>.L....H.....y.x3...[>..t......0..z.qw..]X..i8..w.b..?0.wp..XH.A.[.....S..g.g..I.A.15.0?._n.Q.]..r8.....l..18...(.].m...!|G.1...... .3.`./....`~......G.............|..pS.e.C....:o.u_..oi.:..|....joi...eM.m.K...2%...Z..j...VUh..9.}.....

                  C:\Users\user\AppData\Local\Temp\acrocef_low\dd5ab2f8-89a5-42b2-a3ee-1fa7a86e70d4.tmp

                  Download File
                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                  File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
                  Category:dropped
                  Size (bytes):1407294
                  Entropy (8bit):7.97605879016224
                  Encrypted:false
                  SSDEEP:24576:/xA7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R07/WLaGZDwYIGNPJe:JVB3mlind9i4ufFXpAXkrfUs0jWLaGZo
                  MD5:A0CFC77914D9BFBDD8BC1B1154A7B364
                  SHA1:54962BFDF3797C95DC2A4C8B29E873743811AD30
                  SHA-256:81E45F94FE27B1D7D61DBC0DAFC005A1816D238D594B443BF4F0EE3241FB9685
                  SHA-512:74A8F6D96E004B8AFB4B635C0150355CEF5D7127972EA90683900B60560AA9C7F8DE780D1D5A4A944AF92B63C69F80DCDE09249AB99696932F1955F9EED443BE
                  Malicious:false
                  Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

                  Static File Info

                  General

                  File type:PDF document, version 1.4, 1082 pages
                  Entropy (8bit):7.928523858463998
                  TrID:
                  • Adobe Portable Document Format (5005/1) 100.00%
                  File name:Security + 701 Book.pdf
                  File size:7'811'522 bytes
                  MD5:eca24bd2b1640581057c4a8397983636
                  SHA1:aaebf4b94cfdf384cf224627866247af1969d530
                  SHA256:92d9336a7067668704d64697504e5318207edfbdde6592f3321bcc5771751949
                  SHA512:97ae65785032eb715a3331e73eccea4c75babc8e6c88366439233982f48c0068ea3aece87b4570ba111647525dd63ea5cdc8232455503aec63fce5ee16a28231
                  SSDEEP:196608:MLf1OamBcnkpEk/fBHixienK9tD1kZsWblT74uu:wONckpHMiQz8uu
                  TLSH:DF76F162D91E9C9DF9218A38793B3C3C4A1E722767CE39C210F44F45E280A3B5A575E7
                  File Content Preview:%PDF-1.4.%.....1 0 obj.<</Author(Joe Shelley & Darril Gibson)/CreationDate(D:20240111152040+00'00')/Creator(calibre 7.3.0)/ModDate(D:20240111152040+00'00')/Producer(calibre 7.3.0)/Title(CompTIA Security+ Get Certified Get Ahead: SY0-701 Study Guide)>>.end

                  File Icon

                  Icon Hash:62cc8caeb29e8ae0

                  Static PDF Info

                  General

                  Header:%PDF-1.4
                  Total Entropy:7.928524
                  Total Bytes:7811522
                  Stream Entropy:7.983425
                  Stream Bytes:7036334
                  Entropy outside Streams:4.997301
                  Bytes outside Streams:775188
                  Number of EOF found:1
                  Bytes after EOF:

                  Keywords Statistics

                  NameCount
                  obj3839
                  endobj3839
                  stream1219
                  endstream1219
                  xref1
                  trailer1
                  startxref1
                  /Page1083
                  /Encrypt0
                  /ObjStm0
                  /URI68
                  /JS0
                  /JavaScript0
                  /AA0
                  /OpenAction0
                  /AcroForm0
                  /JBIG2Decode0
                  /RichMedia0
                  /Launch0
                  /EmbeddedFile0

                  Image Streams

                  IDDHASHMD5Preview
                  4414e571900006606dc3eeb5b7b2963543434be5582f9920c
                  74f4a297937f3b22e742f34a1173f2182b7747ba2aa0fedf1
                  112071b1b979793174ccc474d708286a66b124d1dcf7c64957e0
                  207970dd5c74c42075c7b94e5cbdb112680f6f1bdd00b6ac75ed
                  208055cacaaababababa01fe6ffa969515cc55096bccd47c0ff5

                  Network Behavior

                  No network behavior found

                  Statistics

                  CPU Usage

                  Click to jump to process

                  Memory Usage

                  Click to jump to process

                  High Level Behavior Distribution

                  Click to dive into process behavior distribution

                  Behavior

                  Click to jump to process

                  System Behavior

                  General

                  Target ID:1
                  Start time:10:10:44
                  Start date:25/04/2024
                  Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                  Wow64 process (32bit):false
                  Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Security + 701 Book.pdf"
                  Imagebase:0x7ff686a00000
                  File size:5'641'176 bytes
                  MD5 hash:24EAD1C46A47022347DC0F05F6EFBB8C
                  Has elevated privileges:true
                  Has administrator privileges:true
                  Programmed in:C, C++ or other language
                  Reputation:moderate
                  Has exited:true

                  General

                  Target ID:2
                  Start time:10:10:46
                  Start date:25/04/2024
                  Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                  Wow64 process (32bit):false
                  Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
                  Imagebase:0x7ff6413e0000
                  File size:3'581'912 bytes
                  MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                  Has elevated privileges:true
                  Has administrator privileges:true
                  Programmed in:C, C++ or other language
                  Reputation:moderate
                  Has exited:true

                  General

                  Target ID:4
                  Start time:10:10:46
                  Start date:25/04/2024
                  Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                  Wow64 process (32bit):false
                  Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2096 --field-trial-handle=1756,i,13787741220776474547,12914720541817298454,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
                  Imagebase:0x7ff6413e0000
                  File size:3'581'912 bytes
                  MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                  Has elevated privileges:true
                  Has administrator privileges:true
                  Programmed in:C, C++ or other language
                  Reputation:moderate
                  Has exited:true

                  Disassembly

                  No disassembly