Windows
Analysis Report
Security + 701 Book.pdf
Overview
General Information
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- Acrobat.exe (PID: 6488 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\S ecurity + 701 Book.p df" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) - AcroCEF.exe (PID: 1172 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 1996 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --user-d ata-dir="C :\Users\us er\AppData \Local\CEF \User Data " --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=20 96 --field -trial-han dle=1756,i ,137877412 2077647454 7,12914720 5418172984 54,131072 --disable- features=B ackForward Cache,Calc ulateNativ eWinOcclus ion,WinUse BrowserSpe llChecker /prefetch: 8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Classification label: |
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Source: | Static file information: |
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 1 Spearphishing Link | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 System Information Discovery | Remote Services | Data from Local System | Data Obfuscation | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | Junk Data | Exfiltration Over Bluetooth | Network Denial of Service |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
0% | ReversingLabs |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Virustotal | Browse |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1431490 |
Start date and time: | 2024-04-25 10:09:53 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 37s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowspdfcookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 9 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | Security + 701 Book.pdf |
Detection: | CLEAN |
Classification: | clean0.winPDF@14/41@0/0 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 23.55.252.138, 18.207.85.246, 107.22.247.231, 34.193.227.236, 54.144.73.197, 172.64.41.3, 162.159.61.3, 23.46.201.17, 23.34.82.7, 23.34.82.6
- Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, fs.microsoft.com, slscr.update.microsoft.com, e4578.dscb.akamaiedge.net, acroipm2.adobe.com.edgesuite.net, ctldl.windowsupdate.com, p13n.adobe.io, acroipm2.adobe.com, fe3cr.delivery.mp.microsoft.com, ssl.adobe.com.edgekey.net, ocsp.digicert.com, armmf.adobe.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, geo2.adobe.com
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.148320519583465 |
Encrypted: | false |
SSDEEP: | 6:aKqM+q2P92nKuAl9OmbnIFUt8hKXZmw+h4MVkwO92nKuAl9OmbjLJ:5+v4HAahFUt8c/+TV5LHAaSJ |
MD5: | 38320867DC6B9A21E7462179943C6128 |
SHA1: | 59CBE4DCCA940915EEA967C6EEF4FED65F2E5D2C |
SHA-256: | 7604AE65059FF8ACD776BB62ADAABC576676F3928921298A378A094BDE0657E1 |
SHA-512: | 7CEC2C8AA42A9344C28CFBB7EE75930A7889A541020A9EBA517CB8042087D6A6EC5ECAC62052BA2BC895DA6FB65A70F201541357FCFE8580D3653699AC4A0121 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.148320519583465 |
Encrypted: | false |
SSDEEP: | 6:aKqM+q2P92nKuAl9OmbnIFUt8hKXZmw+h4MVkwO92nKuAl9OmbjLJ:5+v4HAahFUt8c/+TV5LHAaSJ |
MD5: | 38320867DC6B9A21E7462179943C6128 |
SHA1: | 59CBE4DCCA940915EEA967C6EEF4FED65F2E5D2C |
SHA-256: | 7604AE65059FF8ACD776BB62ADAABC576676F3928921298A378A094BDE0657E1 |
SHA-512: | 7CEC2C8AA42A9344C28CFBB7EE75930A7889A541020A9EBA517CB8042087D6A6EC5ECAC62052BA2BC895DA6FB65A70F201541357FCFE8580D3653699AC4A0121 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 338 |
Entropy (8bit): | 5.167101699859653 |
Encrypted: | false |
SSDEEP: | 6:0fq2P92nKuAl9Ombzo2jMGIFUt8xZZmw+IekwO92nKuAl9Ombzo2jMmLJ:0fv4HAa8uFUt8b/+Ie5LHAa8RJ |
MD5: | 7DE101F25404EF0F3FA691C42FB46EBF |
SHA1: | 6DA6E8AB90E825BF00040D8A769AC23408EC51BB |
SHA-256: | AFEECB31A8C05328A0B163195515B3A56B8E029DFDD003BB7C62C251C4529297 |
SHA-512: | 34B540FA98FF81426C7992FCC6B7BF5FADA4156E9068B979F97C9B138D234F89E1A8C9CC5A601034490ABBA688503729D744D735B70419177696B5445574F21A |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 338 |
Entropy (8bit): | 5.167101699859653 |
Encrypted: | false |
SSDEEP: | 6:0fq2P92nKuAl9Ombzo2jMGIFUt8xZZmw+IekwO92nKuAl9Ombzo2jMmLJ:0fv4HAa8uFUt8b/+Ie5LHAa8RJ |
MD5: | 7DE101F25404EF0F3FA691C42FB46EBF |
SHA1: | 6DA6E8AB90E825BF00040D8A769AC23408EC51BB |
SHA-256: | AFEECB31A8C05328A0B163195515B3A56B8E029DFDD003BB7C62C251C4529297 |
SHA-512: | 34B540FA98FF81426C7992FCC6B7BF5FADA4156E9068B979F97C9B138D234F89E1A8C9CC5A601034490ABBA688503729D744D735B70419177696B5445574F21A |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\7337dc18-324e-4f3b-a5a8-c19cb7f0cd7c.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 508 |
Entropy (8bit): | 5.052046258977293 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqZ+3ksBdOg2Hocaq3QYiubxnP7E4T3OF+:Y2sRdsb5dMHD3QYhbxP7nbI+ |
MD5: | CC24AC65DA44C4E44344423EBE0413F7 |
SHA1: | FA59B6B03ABA583D0B87E3BA9EA4FC0B46D28FDC |
SHA-256: | 606CD3F2ACCF2F97DE4BA8F76F5A5F0C3EF7E4240F3D5C6D0C41F526E96B9B3E |
SHA-512: | 2420782418FF607EF8CAF4662368071BAE94D443C417607EF5E1DD97CDA517AABAB8E6049E62184137DEDAC15A43CAFCF4516C1671AADB827570461C80DC7037 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 508 |
Entropy (8bit): | 5.052046258977293 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqZ+3ksBdOg2Hocaq3QYiubxnP7E4T3OF+:Y2sRdsb5dMHD3QYhbxP7nbI+ |
MD5: | CC24AC65DA44C4E44344423EBE0413F7 |
SHA1: | FA59B6B03ABA583D0B87E3BA9EA4FC0B46D28FDC |
SHA-256: | 606CD3F2ACCF2F97DE4BA8F76F5A5F0C3EF7E4240F3D5C6D0C41F526E96B9B3E |
SHA-512: | 2420782418FF607EF8CAF4662368071BAE94D443C417607EF5E1DD97CDA517AABAB8E6049E62184137DEDAC15A43CAFCF4516C1671AADB827570461C80DC7037 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4509 |
Entropy (8bit): | 5.229194426987319 |
Encrypted: | false |
SSDEEP: | 96:QqBpCqGp3Al+NehBmkID2w6bNMhugoKTNY+No/KTNcygLPGLLURx5DuZ:rBpJGp3AoqBmki25ZEVoKTNY+NoCTNLT |
MD5: | 3419A698B67081F23E65421E1CAD3544 |
SHA1: | AF4B204BAE810F243E4486FD7D0C29A31C5A0CEF |
SHA-256: | AB5187DD31E252F3D8DBBA2869664AF9F181B9EA4EC3083B124B8B9D3FB17295 |
SHA-512: | BC74D36B488E5F7D126927172AB62AFCA7A2817089DAADC0238EB9F1C92E3690A9725BDFC0092FAA28228713EE170C6E176BCC7F689D2B3C8224FEE2DCB4EF8C |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 326 |
Entropy (8bit): | 5.170163741288483 |
Encrypted: | false |
SSDEEP: | 6:Lq2P92nKuAl9OmbzNMxIFUt8cuSZmw+kkwO92nKuAl9OmbzNMFLJ:Lv4HAa8jFUt8tS/+k5LHAa84J |
MD5: | DBE48ABE1ECFC25616DE26F417250290 |
SHA1: | 7B7F16359BDC81C29AF68AD53768D5A3491B2A25 |
SHA-256: | 427CA36219265DEDC5962D2019C1BFD495936C64D51E860E54095F12CA586153 |
SHA-512: | 9A22D5A05BBCDDE6CFB2834F3FDF0DC4AC541CC1543BCD5124EDA9D55718EE7405F32BC2E924E7281CA735162C32BF8D12740EC5EBDB8942CCDEFCE14D9A4287 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 326 |
Entropy (8bit): | 5.170163741288483 |
Encrypted: | false |
SSDEEP: | 6:Lq2P92nKuAl9OmbzNMxIFUt8cuSZmw+kkwO92nKuAl9OmbzNMFLJ:Lv4HAa8jFUt8tS/+k5LHAa84J |
MD5: | DBE48ABE1ECFC25616DE26F417250290 |
SHA1: | 7B7F16359BDC81C29AF68AD53768D5A3491B2A25 |
SHA-256: | 427CA36219265DEDC5962D2019C1BFD495936C64D51E860E54095F12CA586153 |
SHA-512: | 9A22D5A05BBCDDE6CFB2834F3FDF0DC4AC541CC1543BCD5124EDA9D55718EE7405F32BC2E924E7281CA735162C32BF8D12740EC5EBDB8942CCDEFCE14D9A4287 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240425081051Z-178.bmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71190 |
Entropy (8bit): | 5.140090663337727 |
Encrypted: | false |
SSDEEP: | 768:Mpq728IopoNwoi8xo1ebRpylJq2WIO6gDOrXsCyTwldEHNCSlVFjY2uA:qy28IoptDI9cWypXqT7tBlDYi |
MD5: | 8FADDB6FEA635B79E78AD000FA3772A5 |
SHA1: | 168C6979B2477F5CDB11C3F273EF20C0A4C5EE5D |
SHA-256: | DFCAFAD81D40C47CEB91F62B6B72D07FC0FA0CDFFF33A3776461923AC4AB4FC2 |
SHA-512: | 02DD5EBC59231CBF74B492287CCFA04F97A852E86B6B4333C506184A26574C1CAE2EEF146290D371D46F37790041929C73CA2D04E2D65F6B228E658DD5732F2C |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 227002 |
Entropy (8bit): | 3.392780893644728 |
Encrypted: | false |
SSDEEP: | 1536:WKPC4iyzDtrh1cK3XEivK7VK/3AYvYwgF/rRoL+sn:DPCaJ/3AYvYwglFoL+sn |
MD5: | 87EDBEE38F56C20298F25D5D3D4D1B5C |
SHA1: | 7F904E9615AC3186A87472EF366DD8202855B0B7 |
SHA-256: | A46B56D3ABCC137D1872DDF20EED4BCD7D04518282282ADB32DDCCF70D7FFBA6 |
SHA-512: | BBEBC1FCD5BC9AE042DD5782425BA8C47BF3EAC283B2487FC4E3FF6BF8101306DAB081E5135594165D4DC1AC120FF125AADBC5B3FFE7C646183C04DF77865E0D |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.3326378294957815 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJM3g98kUwPeUkwRe9:YvXKXDp1UYpW7eGMbLUkee9 |
MD5: | B3FCE11C2138AD19EA98A51CDFAD98B2 |
SHA1: | 8227F88B539114F70BF74DE79837C9AA9EB8DBE2 |
SHA-256: | A9FB87ECACD34DC6DD749FE9D40D487A1A8B44A68857129A951DDABF70EB8659 |
SHA-512: | 9302494C067863386D982C57F1C6F346B018326B12931E2ED34F9D81D5B7BF28DE610C615DB471599BEC1DFB28816515E4B73E904C7D9B6B33D0732D3F122E84 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.270090945330062 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfBoTfXpnrPeUkwRe9:YvXKXDp1UYpW7eGWTfXcUkee9 |
MD5: | 9F2DC183841EB878B13F877134EB1BE2 |
SHA1: | 3BEAA5EB8E7123F12F47049D501E87856F05F8D1 |
SHA-256: | A9B3315B0014DF3AA11089347F00ADDB5A49BF8040D379886C4D45C06B1AD7EF |
SHA-512: | 79C5BE240075C95242670336EF3FC52D905F03DCC5A4F2BBB458DE7E5C82B858819E11E4E9B66B38A09342677C9738735DBAB4A7712C80A66D0904B9409BDB28 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.249850272987058 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfBD2G6UpnrPeUkwRe9:YvXKXDp1UYpW7eGR22cUkee9 |
MD5: | 59072AFA43DCBEBDD9BC1CF826E36CA5 |
SHA1: | 49DC8543FB154D84C8A1E5FEF4F99A51F0E5240F |
SHA-256: | 486D9677CA25CC40543A27C51DC8B566D25E8F254A02F6FDF5A49CD1DA351398 |
SHA-512: | 56C1DF9E9394B4E11DFA2D0DE0C91FCB5490772A000CB8E41F4DC5F6C5C50CC2100AF738C772C7964F077CC5CB38A72353E6EE4267BC547ED584C2CDC8955B83 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.3104526174366855 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfPmwrPeUkwRe9:YvXKXDp1UYpW7eGH56Ukee9 |
MD5: | 4C4196EA8EDFAC719B692EE5B2C2FB60 |
SHA1: | 326CEF78A5AB91C80F5D7EA86160C6C983C82AD7 |
SHA-256: | 783A13838F47305E4F2C2852E7E31B93132D8425B77C234EA2BB273C99CB6691 |
SHA-512: | 5FD1C2D35996E936FFEE02A0C9C36B3724A512DC097EF43DB1E2E29D279921DE1506DBE8560E892BE6D13D985E1C926E394C30A873184A40E1BE02FE347B7949 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.269138629004063 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfJWCtMdPeUkwRe9:YvXKXDp1UYpW7eGBS8Ukee9 |
MD5: | F6F0275B1DB45F5DCDFC6A545A5C3CEC |
SHA1: | B3D5441C0752AE754453E9BA1C55B5FFD1B32BD5 |
SHA-256: | 4D22B9EC4FE2A406A3ADD4B0520813F7041A1C0B9E3176D8BC6230C7F4EF6387 |
SHA-512: | 45B832A30A89BCC1F9D894247D775817D7656AF3756FB3CD47A6E7ED498CE51E408532CDECBF6B471223F7DCFC7CFF293070CBFC605CE7E6A64CE5BB0B1AEAE4 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.2562578957880755 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJf8dPeUkwRe9:YvXKXDp1UYpW7eGU8Ukee9 |
MD5: | 304A0A651DEA078604701998FFD2458D |
SHA1: | 4AF4B0A1E5650BA3BD951DBDFBA9F7C5315A9C9A |
SHA-256: | 366A65A030F27E9B26CCDA267793271F9A2D581A804DD52D597F7CF287DE85CC |
SHA-512: | 7AAEE6562A6C9A465DB1BB68710AC362451A6897F39D2482B99A378B9C6DDCD1BB884CAD3A56B2FB25EB1DE63A2C77F94394F98BD2D8E8CC881AD685BB339C4F |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.257406073657622 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfQ1rPeUkwRe9:YvXKXDp1UYpW7eGY16Ukee9 |
MD5: | 4B45C064133A5AD3517C4BDB77C1D3CC |
SHA1: | B84B1A0DE06609EA133608B8D0B6D9B400590B30 |
SHA-256: | FEC2CA40DC31574CFDF15BE567C52F3CF0508D8405405E739639A9323995E13E |
SHA-512: | A8E6C3FB6181F8F5618C13E304B62CA2B37D5D4E334CAA813DAC4D3F4BD8AA6B20236AF060D552B2DDD3F54A94ECB872799A28B00E8DA8F6F139CB27343AF2F9 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.276724270589433 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfFldPeUkwRe9:YvXKXDp1UYpW7eGz8Ukee9 |
MD5: | AB00B868BC4C59707B8F521A55778E56 |
SHA1: | EB4DCDD880ABA8F4CD42BC23B8A59FEC1C19710E |
SHA-256: | 7D13DA537D37DA55422FF643B36B8581A5714048F50DB9FF29B2ABC87C189E01 |
SHA-512: | 80F9937F7251CF39DEB39FF9A738A379A67305F29530BEF6A841F23161138A1CC53A5CFDAD2AB95969E8B5371775DB8ACBAD720C5C92DBC6A82DF50855A68A75 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1372 |
Entropy (8bit): | 5.737233007587575 |
Encrypted: | false |
SSDEEP: | 24:Yv6XDp3iaKLgENRcbrZbq00iCCBrwJo++ns8ct4mFJNn:YvDaEgigrNt0wSJn+ns8cvFJB |
MD5: | 17F2C80C30AA8B25DA8606E32C7C1641 |
SHA1: | 1E215D6CAF77F647D5150DCD21B21CE7C0E0065A |
SHA-256: | E628F037C6C8B480D44A7CC03E58470AC68B1735F77CF8F8A2DDEC3C9BB4F48B |
SHA-512: | A19377904FE7A05366D2E37E4005AB531F6013F42164200DC6189A450C1F97D2DD2AE7889AD7EBCCEB34383B49A384FB96851EEFE11500AB5A9A4C03356B4BD0 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.262896737432268 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfYdPeUkwRe9:YvXKXDp1UYpW7eGg8Ukee9 |
MD5: | 0DF992B05CFF1A2E8FDBB28647FBBA18 |
SHA1: | E25E717832B6E7E308E664CE78DD5DD07E257699 |
SHA-256: | C76E7202A0F0B5E4E339D2AC62A9784B98F179493FD3DEF89ACD272FB2547F2B |
SHA-512: | A62B41F3DA375B3D3EB622C4C8F8F68E446999A31FA01145944200FE8744ADD2DB7A7C51BF567C8F20536AD2B4CDD59EF409BFB16EA74CAB67ED04F8F2C1DFDD |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1395 |
Entropy (8bit): | 5.77369766517744 |
Encrypted: | false |
SSDEEP: | 24:Yv6XDp3iJrLgEGOc93W2JeFmaR7CQzttgBcu141CjrWpHfRzVCV9FJN/:YvDJHgDv3W2aYQfgB5OUupHrQ9FJt |
MD5: | 0E219718C9D67522362D4690ECA64E1B |
SHA1: | 623174498523213DB72C1A8F45B4DB7F3B787776 |
SHA-256: | 0A9DC2F356311C1A8322C40A8D8594E1F90434A610720B8BCE9753F173979968 |
SHA-512: | 8B4B45878716AEBF7D40D62ADA25D09524FB54CDB21A9A34D1038D395BDAF6B80C2E3069A5B7F3AF45C3A773ACED413A6BA6992F8EE7B065FA93056911035EB1 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.246698840347147 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfbPtdPeUkwRe9:YvXKXDp1UYpW7eGDV8Ukee9 |
MD5: | F44D1D48DAD7811377C4FB46DEBDD05D |
SHA1: | 2475E4E5F35A45365A8177673998B9CB75B7A83C |
SHA-256: | A9FFB6A7448BE61161797756B33EABFBDA44AFFD69E3AF17C6636EA6687A4CE9 |
SHA-512: | C0FD67E49F84D87B698CEB611A9AF74DF559A5B34698F3B37868DFE6733AE4F7F5C989552045F2247EE77436CB136C306FC8945602A04C86398BA021590E67A4 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.247858495068459 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJf21rPeUkwRe9:YvXKXDp1UYpW7eG+16Ukee9 |
MD5: | 6C880F8D374A63701B893F438C9455C0 |
SHA1: | F43FA16E51E1F9792EAA943518BE47AE7ABCD849 |
SHA-256: | F9E416788D268DA079164824B770F40271D2567847CC3B5F457C93A721E427E4 |
SHA-512: | 320A994C94D4582CB073E41FCDC282BE7AD6C7C240FD143C0C5C115886726DF79CD7D64C6A800ED499892DAEA42D2184D59A5A99DB297AA0FBA593D5699521CD |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.2700093437155395 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfbpatdPeUkwRe9:YvXKXDp1UYpW7eGVat8Ukee9 |
MD5: | 991210362D5CA8DB36A906305E49F0BA |
SHA1: | 1ACBA4F0CF3AB580DB40CF5F55A97E55E6DE9D4A |
SHA-256: | 37D5EA1FE81F46E649C844239F2BFE1C0D9B619F001DE00CD445A6FBDE17AFFE |
SHA-512: | B7D089E61F23FF09051250D8C3329618B9B4C68A1210BA8E741D263AB75D2AB75C049005550283EB235A1259C85F70BFE39515D3B844BCF6ADFA287228BA1B7C |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 286 |
Entropy (8bit): | 5.223639180033316 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXDd6e4Ox+FIbRI6XVW7+0Y/FWxoAvJfshHHrPeUkwRe9:YvXKXDp1UYpW7eGUUUkee9 |
MD5: | DE69301921E3612FB0F49CA4CB6A45C3 |
SHA1: | 0734E2580D0531E58D12AC9C63A4304366034015 |
SHA-256: | A1D3ECF1657F11AF0DDA308176F602C5AC2DDD681736930A990D3C58C284B668 |
SHA-512: | A73699A12D9AE2767F8442D79F7C82CF843EDF5BEEBF781718D6073468E0F4021CF8350E1715DCBB751A04AE36CD6EA3FC4242FE6FBA970AC6B4BEB0A6561ECE |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 782 |
Entropy (8bit): | 5.364997765081773 |
Encrypted: | false |
SSDEEP: | 12:YvXKXDp1UYpW7eGTq16Ukee1+3CEJ1KXd15kcyKMQo7P70c0WM6ZB/uhWYa1:Yv6XDp3io168CgEXX5kcIfANhi |
MD5: | A113004A333393F038987CF0F2491A15 |
SHA1: | 18629432EBF9D1E1E92FE6CE00F417AE86138755 |
SHA-256: | FD9A97D4947DA1FF559B819E705046DFF3421F466209A76142E6848C124D3740 |
SHA-512: | B4C7CBA70E2FA25D1CC7C98B0A74FA3FCBA87854A48D3AE22F2EF3D7E78EEF904CD355566619B563C00CE8E2C179084F6E72ED6F1BC534BF8182B2E1B40DA1F3 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | 3:e:e |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2814 |
Entropy (8bit): | 5.130740759019158 |
Encrypted: | false |
SSDEEP: | 48:YzAChX+MvQ30ZwZ6QqfjKgaqjMvmrfgTYSJZ9JZXEYF9vuu5b:Y9iiw0lrNQgohlZ1rX |
MD5: | 94F6ED10A9D529FB83EDADF51B9A46AD |
SHA1: | 6607A931547733EE5D50D2B3556FD181D77E317E |
SHA-256: | EE9020C56C566F6961DDF3235C79B38D1AC4636D30C6BA691F3C300A1436F17A |
SHA-512: | B1B878DEAB5D6CED31C494E8C38C7CAF31D9A6F65F352F43EF6BB27503CE9F0C0B0EFCA9E1BECB37700746301FB534E32EF76E9D029C7AB9BA930BB06828DE8B |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 0.9857468212176155 |
Encrypted: | false |
SSDEEP: | 24:TLHRx/XYKQvGJF7urs6I1RZKHs/Ds/SpI14zJwtNBwtNbRZ6bRZ4z1F:TVl2GL7ms6ggOVpIOzutYtp6P2f |
MD5: | 3A67254E884458414D06CD952EC2402F |
SHA1: | 9BD1FC448B8523C60059825CA0DCF8920AEE6FA6 |
SHA-256: | C487820044C2E60EFB4038D205DBBB02C7C537AF5A3A368ADEB8CC12158A1076 |
SHA-512: | B1284D72BE9E1539A6B681FB0B18BEF867D30FF4E6F17E47509BE78386A5EEEFC3F78934BBFC4B987B6DF0238487B28B475DF00DE58591F27CDEC67B9CCAA4BE |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.3390382263097123 |
Encrypted: | false |
SSDEEP: | 24:7+t6AD1RZKHs/Ds/SpI1PzJwtNBwtNbRZ6bRZWf1RZKiqLBx/XYKQvGJF7ursr:7M6GgOVpI1zutYtp6PMLqll2GL7msr |
MD5: | D6204B1CF5AE80A099465B3DC6C8A6DA |
SHA1: | 9E9CFFF222F1A80DD75B12FCE179601346B19B4B |
SHA-256: | AB3AB262A14985AB57AD1D55336388F826F86148802DDFC8464C4A760D207C88 |
SHA-512: | 806695A9AAA030A63B6200315569823F9638EC8C1A3B053AE81B1DC4AB50D3F881F9255B86049C0D9128AD272D4B85E89C3AEB166803263ABFDFF0A49156B62B |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.5065515051498046 |
Encrypted: | false |
SSDEEP: | 6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K8+adN6s9:Qw946cPbiOxDlbYnuRK+9 |
MD5: | 6C279F46B8D5A98C0F8DF55D17925149 |
SHA1: | DD350499A6A3938EE87D084E635C620724570F9E |
SHA-256: | A764590D704EB01BFBCE5FD310F5B2F1BA03A5F2A9EAD8B6A6395A3779ECDC7F |
SHA-512: | 09E3AA61F4D689EA06A1189FAF1FEF06D8BF944AE58BF50751BA3D349106926835976CFFD8C3005451D6D6233FF16191AE3353C98C353F0F10A027E4675B2C61 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-04-25 10-10-48-690.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.376360055978702 |
Encrypted: | false |
SSDEEP: | 384:6b1sdmfenwop+WP21h2RPjRNg7JjO2on6oU6CyuJw1oaNIIu9EMuJuF6MKK9g9JQ:vIn |
MD5: | 1336667A75083BF81E2632FABAA88B67 |
SHA1: | 46E40800B27D95DAED0DBB830E0D0BA85C031D40 |
SHA-256: | F81B7C83E0B979F04D3763B4F88CD05BC8FBB2F441EBFAB75826793B869F75D1 |
SHA-512: | D039D8650CF7B149799D42C7415CBF94D4A0A4BF389B615EF7D1B427BC51727D3441AA37D8C178E7E7E89D69C95666EB14C31B56CDFBD3937E4581A31A69081A |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16603 |
Entropy (8bit): | 5.356173205783931 |
Encrypted: | false |
SSDEEP: | 384:bOKXKHGLCRZESyvcviKyA32WJuIgbT3FiyGckgZE4v+4ZD8ELFRqVqLutLkhgw4x:pJS |
MD5: | 4F8ED9113541E17FAD57918998249F90 |
SHA1: | C372091247D674D9A8A14CBC8A512E3ACCF6C8B1 |
SHA-256: | 2A83E8E7D0FA5F2D9BB27BEF62FF4176A00F55624A5ACB0A7F0B8EDABDAB8475 |
SHA-512: | 2362A136CEA38B4C70466E58527072B6870089C344FFEAD376A91AA171B8424A8DA077354E3FB8331F75D7C926A263D50E6BA46B1AF96C1B2CB9A71B6BFACCF5 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 29845 |
Entropy (8bit): | 5.388948409270333 |
Encrypted: | false |
SSDEEP: | 768:GLxxlyVUFcAzWL8VWL1ANSFld5YjMWLvJ8Uy++NSXl3WLd5WLrbhhVClkVMwDGbJ:N |
MD5: | 4BD716337B2D33481B7A1A589960E0AB |
SHA1: | 5083D5ECC8442F782B0DA32464F431F2B819E7A6 |
SHA-256: | 5B19ECD6AFDFFE1027D466A5C10B3243252B1089EB592B784FC25CB4A40B97B1 |
SHA-512: | 6B791BF4654F8587C691D32D4866AD2918EC651719B19D240569309524BEB5473A74E46592A03D9B6766D62D84D3D2C2508E8A17E98C12D27CB714960878DF4C |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | 6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | 24576:/xA7owWLaGZoYIGNPgwodpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:JVwWLaGZoZG+/3mlind9i4ufFXpAXkru |
MD5: | 5D047C0ECBCCBC59239E24DE7D8EBE31 |
SHA1: | 2988C206226D5D000A97D53A1F251710995B5E95 |
SHA-256: | 26BBB5D9BBE07306683B03FB763D6B46AF39CA519BF9800240100297A8B3CE2D |
SHA-512: | D91637DC41E68D80A64CFE9C6B1CD1A54EFDDAB533B05244D734E20DB8FB72E7F0C5F01D9E5C62887D0B5951370ED56C65C01EC39ADAE25BCA359FBA4879541C |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | 12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg |
MD5: | 3A49135134665364308390AC398006F1 |
SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | 24576:/xA7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R07/WLaGZDwYIGNPJe:JVB3mlind9i4ufFXpAXkrfUs0jWLaGZo |
MD5: | A0CFC77914D9BFBDD8BC1B1154A7B364 |
SHA1: | 54962BFDF3797C95DC2A4C8B29E873743811AD30 |
SHA-256: | 81E45F94FE27B1D7D61DBC0DAFC005A1816D238D594B443BF4F0EE3241FB9685 |
SHA-512: | 74A8F6D96E004B8AFB4B635C0150355CEF5D7127972EA90683900B60560AA9C7F8DE780D1D5A4A944AF92B63C69F80DCDE09249AB99696932F1955F9EED443BE |
Malicious: | false |
Preview: |
File type: | |
Entropy (8bit): | 7.928523858463998 |
TrID: |
|
File name: | Security + 701 Book.pdf |
File size: | 7'811'522 bytes |
MD5: | eca24bd2b1640581057c4a8397983636 |
SHA1: | aaebf4b94cfdf384cf224627866247af1969d530 |
SHA256: | 92d9336a7067668704d64697504e5318207edfbdde6592f3321bcc5771751949 |
SHA512: | 97ae65785032eb715a3331e73eccea4c75babc8e6c88366439233982f48c0068ea3aece87b4570ba111647525dd63ea5cdc8232455503aec63fce5ee16a28231 |
SSDEEP: | 196608:MLf1OamBcnkpEk/fBHixienK9tD1kZsWblT74uu:wONckpHMiQz8uu |
TLSH: | DF76F162D91E9C9DF9218A38793B3C3C4A1E722767CE39C210F44F45E280A3B5A575E7 |
File Content Preview: | %PDF-1.4.%.....1 0 obj.<</Author(Joe Shelley & Darril Gibson)/CreationDate(D:20240111152040+00'00')/Creator(calibre 7.3.0)/ModDate(D:20240111152040+00'00')/Producer(calibre 7.3.0)/Title(CompTIA Security+ Get Certified Get Ahead: SY0-701 Study Guide)>>.end |
Icon Hash: | 62cc8caeb29e8ae0 |
General | |
---|---|
Header: | %PDF-1.4 |
Total Entropy: | 7.928524 |
Total Bytes: | 7811522 |
Stream Entropy: | 7.983425 |
Stream Bytes: | 7036334 |
Entropy outside Streams: | 4.997301 |
Bytes outside Streams: | 775188 |
Number of EOF found: | 1 |
Bytes after EOF: |
Name | Count |
---|---|
obj | 3839 |
endobj | 3839 |
stream | 1219 |
endstream | 1219 |
xref | 1 |
trailer | 1 |
startxref | 1 |
/Page | 1083 |
/Encrypt | 0 |
/ObjStm | 0 |
/URI | 68 |
/JS | 0 |
/JavaScript | 0 |
/AA | 0 |
/OpenAction | 0 |
/AcroForm | 0 |
/JBIG2Decode | 0 |
/RichMedia | 0 |
/Launch | 0 |
/EmbeddedFile | 0 |
Image Streams |
---|
ID | DHASH | MD5 | Preview |
---|---|---|---|
4 | 414e571900006606 | dc3eeb5b7b2963543434be5582f9920c | |
7 | 4f4a297937f3b22e | 742f34a1173f2182b7747ba2aa0fedf1 | |
1120 | 71b1b979793174cc | c474d708286a66b124d1dcf7c64957e0 | |
2079 | 70dd5c74c42075c7 | b94e5cbdb112680f6f1bdd00b6ac75ed | |
2080 | 55cacaaababababa | 01fe6ffa969515cc55096bccd47c0ff5 |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 1 |
Start time: | 10:10:44 |
Start date: | 25/04/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff686a00000 |
File size: | 5'641'176 bytes |
MD5 hash: | 24EAD1C46A47022347DC0F05F6EFBB8C |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Has exited: | true |
Target ID: | 2 |
Start time: | 10:10:46 |
Start date: | 25/04/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6413e0000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Has exited: | true |
Target ID: | 4 |
Start time: | 10:10:46 |
Start date: | 25/04/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6413e0000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Has exited: | true |