IOC Report
https://buildertrend.net/app/share/1c675fd9-2a1b-4285-889d-b0a43edfd0b1

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
ASCII text
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240425215341Z-183.bmp
PC bitmap, Windows 3.x format, 117 x -152 x 32, cbSize 71190, bits offset 54
dropped
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
SQLite 3.x database, last written using SQLite version 3040000, file counter 15, database pages 21, cookie 0x5, schema 4, UTF-8, version-valid-for 15
dropped
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
SQLite Rollback Journal
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.5004
PostScript document text
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt23.lst (copy)
PostScript document text
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING
data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents
SQLite 3.x database, last written using SQLite version 3040000, file counter 25, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 25
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal
SQLite Rollback Journal
dropped
C:\Users\user\AppData\Local\Temp\MSI36607.LOG
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-04-25 23-53-38-428.log
ASCII text, with very long lines (393)
dropped
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
ASCII text, with very long lines (393), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\acrocef_low\1f7a6b33-5834-4589-952f-a3d4e4463f4f.tmp
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
dropped
C:\Users\user\AppData\Local\Temp\acrocef_low\844cc12d-5e12-4f28-9f63-d6c0fabb61f7.tmp
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
dropped
C:\Users\user\AppData\Local\Temp\acrocef_low\b8da25b7-7f54-4b61-ab24-b5b46d5c83cb.tmp
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
dropped
C:\Users\user\AppData\Local\Temp\acrocef_low\da4d38f0-d1bb-462c-a988-2606959582f4.tmp
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
dropped
C:\Users\user\Downloads\1529_Figarden ES_Confidentual Space_IFB.pdf (copy)
PDF document, version 1.7
dropped
C:\Users\user\Downloads\1529_Figarden ES_Confidentual Space_IFB.pdf.crdownload
PDF document, version 1.7
dropped
C:\Users\user\Downloads\1529_Figarden ES_Confidentual Space_Specs.pdf (copy)
PDF document, version 1.7
dropped
C:\Users\user\Downloads\1529_Figarden ES_Confidentual Space_Specs.pdf.crdownload
PDF document, version 1.7
dropped
C:\Users\user\Downloads\222b0643-6303-44e9-b246-b5b5f88a46e9.tmp
PDF document, version 1.7
dropped
C:\Users\user\Downloads\24dec278-e0d9-4f37-96d1-5f352fce25ec.tmp
PDF document, version 1.7
dropped
Chrome Cache Entry: 376
ASCII text
downloaded
Chrome Cache Entry: 377
ASCII text, with very long lines (2160)
downloaded
Chrome Cache Entry: 378
ASCII text, with very long lines (828)
downloaded
Chrome Cache Entry: 379
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 380
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
downloaded
Chrome Cache Entry: 381
ASCII text, with very long lines (5150)
downloaded
Chrome Cache Entry: 382
ASCII text, with very long lines (11649)
downloaded
Chrome Cache Entry: 383
ASCII text, with very long lines (3146)
downloaded
Chrome Cache Entry: 384
ASCII text, with very long lines (6780)
downloaded
Chrome Cache Entry: 385
ASCII text, with very long lines (5588)
downloaded
Chrome Cache Entry: 386
ASCII text
downloaded
Chrome Cache Entry: 387
GIF image data, version 89a, 66 x 66
dropped
Chrome Cache Entry: 388
ASCII text
downloaded
Chrome Cache Entry: 389
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 390
ASCII text, with very long lines (1516)
downloaded
Chrome Cache Entry: 391
ASCII text, with very long lines (392)
downloaded
Chrome Cache Entry: 392
ASCII text, with very long lines (65049)
downloaded
Chrome Cache Entry: 394
ASCII text, with very long lines (10443)
downloaded
Chrome Cache Entry: 395
ASCII text
downloaded
Chrome Cache Entry: 396
ASCII text, with very long lines (5006), with no line terminators
downloaded
Chrome Cache Entry: 397
ASCII text, with very long lines (1930)
downloaded
Chrome Cache Entry: 398
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 399
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 400
ASCII text, with very long lines (7315)
downloaded
Chrome Cache Entry: 401
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 402
ASCII text, with very long lines (2578)
downloaded
Chrome Cache Entry: 403
ASCII text, with very long lines (10926)
downloaded
Chrome Cache Entry: 404
ASCII text, with very long lines (3755)
downloaded
Chrome Cache Entry: 405
ASCII text, with very long lines (9177)
downloaded
Chrome Cache Entry: 406
ASCII text, with very long lines (38593)
downloaded
Chrome Cache Entry: 407
ASCII text, with very long lines (2394)
downloaded
Chrome Cache Entry: 408
ASCII text, with very long lines (2921)
downloaded
Chrome Cache Entry: 409
JSON data
downloaded
Chrome Cache Entry: 410
ASCII text, with very long lines (12170)
downloaded
Chrome Cache Entry: 411
GIF image data, version 89a, 66 x 66
downloaded
Chrome Cache Entry: 412
GIF image data, version 89a, 16 x 16
downloaded
Chrome Cache Entry: 413
ASCII text, with very long lines (447)
downloaded
Chrome Cache Entry: 414
ASCII text
downloaded
Chrome Cache Entry: 415
Unicode text, UTF-8 text, with very long lines (32114), with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 416
ASCII text, with very long lines (7616)
downloaded
Chrome Cache Entry: 417
ASCII text, with very long lines (715)
downloaded
Chrome Cache Entry: 418
data
downloaded
Chrome Cache Entry: 419
ASCII text, with very long lines (6182)
downloaded
Chrome Cache Entry: 420
ASCII text, with very long lines (2694)
downloaded
Chrome Cache Entry: 421
ASCII text, with very long lines (1784)
downloaded
Chrome Cache Entry: 422
ASCII text, with very long lines (1265)
downloaded
Chrome Cache Entry: 423
ASCII text, with very long lines (607)
downloaded
Chrome Cache Entry: 424
ASCII text, with very long lines (13752)
downloaded
Chrome Cache Entry: 425
ASCII text, with very long lines (2926)
downloaded
Chrome Cache Entry: 426
ASCII text, with very long lines (16743)
downloaded
Chrome Cache Entry: 427
ASCII text, with very long lines (10227), with no line terminators
downloaded
Chrome Cache Entry: 428
ASCII text, with very long lines (8300)
downloaded
Chrome Cache Entry: 429
ASCII text, with very long lines (44988), with no line terminators
downloaded
Chrome Cache Entry: 430
ASCII text, with very long lines (3458)
downloaded
Chrome Cache Entry: 431
ASCII text, with very long lines (1959), with no line terminators
downloaded
Chrome Cache Entry: 432
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
downloaded
Chrome Cache Entry: 433
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 434
ASCII text, with very long lines (603)
downloaded
Chrome Cache Entry: 435
PNG image data, 11 x 11, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 436
ASCII text, with very long lines (505)
downloaded
Chrome Cache Entry: 437
PNG image data, 16 x 2064, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 438
ASCII text, with very long lines (8989)
downloaded
Chrome Cache Entry: 439
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 440
ASCII text, with very long lines (9320)
downloaded
Chrome Cache Entry: 441
ASCII text, with very long lines (3441)
downloaded
Chrome Cache Entry: 442
ASCII text, with very long lines (64983)
downloaded
Chrome Cache Entry: 443
ASCII text, with very long lines (3209)
downloaded
Chrome Cache Entry: 444
Unicode text, UTF-8 text, with very long lines (40208)
downloaded
Chrome Cache Entry: 445
ASCII text, with very long lines (693)
downloaded
Chrome Cache Entry: 446
ASCII text, with very long lines (6349)
downloaded
Chrome Cache Entry: 447
ASCII text, with very long lines (31377)
downloaded
Chrome Cache Entry: 448
ASCII text, with very long lines (337)
downloaded
Chrome Cache Entry: 449
ASCII text
downloaded
Chrome Cache Entry: 450
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 451
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 452
ASCII text, with very long lines (1083)
downloaded
Chrome Cache Entry: 453
ASCII text
downloaded
Chrome Cache Entry: 454
ASCII text, with very long lines (5722)
downloaded
Chrome Cache Entry: 455
ASCII text, with very long lines (16315)
downloaded
Chrome Cache Entry: 456
ASCII text, with very long lines (6829)
downloaded
Chrome Cache Entry: 457
ASCII text
downloaded
Chrome Cache Entry: 458
ASCII text, with very long lines (2742)
downloaded
Chrome Cache Entry: 459
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 460
ASCII text, with very long lines (27552)
downloaded
Chrome Cache Entry: 461
ASCII text, with very long lines (8617)
downloaded
Chrome Cache Entry: 462
ASCII text, with very long lines (6504)
downloaded
Chrome Cache Entry: 463
ASCII text, with very long lines (10347)
downloaded
Chrome Cache Entry: 464
ASCII text, with very long lines (534)
downloaded
Chrome Cache Entry: 465
ASCII text, with very long lines (5838)
downloaded
Chrome Cache Entry: 466
ASCII text, with very long lines (921)
downloaded
Chrome Cache Entry: 467
Unicode text, UTF-8 text, with very long lines (3273), with no line terminators
downloaded
Chrome Cache Entry: 468
ASCII text, with very long lines (5773)
downloaded
Chrome Cache Entry: 469
ASCII text, with very long lines (6665)
downloaded
Chrome Cache Entry: 470
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 471
ASCII text, with very long lines (5555)
downloaded
Chrome Cache Entry: 472
ASCII text
downloaded
Chrome Cache Entry: 473
ASCII text, with very long lines (65465)
downloaded
Chrome Cache Entry: 475
ASCII text, with very long lines (4631)
downloaded
Chrome Cache Entry: 476
ASCII text, with very long lines (688)
downloaded
Chrome Cache Entry: 477
Unicode text, UTF-8 text, with very long lines (7393), with CRLF line terminators
downloaded
Chrome Cache Entry: 478
ASCII text, with very long lines (1845)
downloaded
Chrome Cache Entry: 479
ASCII text, with very long lines (5880)
downloaded
Chrome Cache Entry: 480
ASCII text, with very long lines (347)
downloaded
Chrome Cache Entry: 481
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, wscicomoon
downloaded
Chrome Cache Entry: 482
ASCII text, with very long lines (439)
downloaded
Chrome Cache Entry: 483
ASCII text
downloaded
Chrome Cache Entry: 484
ASCII text, with very long lines (405)
downloaded
Chrome Cache Entry: 485
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 486
ASCII text, with very long lines (2631)
downloaded
Chrome Cache Entry: 487
ASCII text, with very long lines (6118)
downloaded
Chrome Cache Entry: 488
PNG image data, 11 x 11, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 489
ASCII text, with very long lines (11343)
downloaded
Chrome Cache Entry: 490
ASCII text, with very long lines (339)
downloaded
Chrome Cache Entry: 491
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
downloaded
Chrome Cache Entry: 492
ASCII text, with very long lines (11725)
downloaded
Chrome Cache Entry: 493
ASCII text, with very long lines (1920), with no line terminators
downloaded
Chrome Cache Entry: 494
PDF document, version 1.7
downloaded
Chrome Cache Entry: 495
ASCII text, with very long lines (3766)
downloaded
Chrome Cache Entry: 496
ASCII text, with very long lines (834)
downloaded
Chrome Cache Entry: 497
ASCII text, with very long lines (594)
downloaded
Chrome Cache Entry: 498
ASCII text, with very long lines (16547)
downloaded
Chrome Cache Entry: 499
ASCII text, with very long lines (3518), with no line terminators
downloaded
Chrome Cache Entry: 500
ASCII text, with very long lines (64980)
downloaded
Chrome Cache Entry: 501
ASCII text, with very long lines (5555)
downloaded
Chrome Cache Entry: 502
ASCII text, with very long lines (621)
downloaded
Chrome Cache Entry: 503
ASCII text, with very long lines (4857)
downloaded
Chrome Cache Entry: 504
ASCII text, with very long lines (473)
downloaded
Chrome Cache Entry: 505
ASCII text, with very long lines (7662)
downloaded
Chrome Cache Entry: 506
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 507
ASCII text, with very long lines (1138)
downloaded
Chrome Cache Entry: 508
ASCII text, with very long lines (47810), with CRLF line terminators
downloaded
Chrome Cache Entry: 509
ASCII text, with very long lines (7470), with no line terminators
downloaded
Chrome Cache Entry: 510
ASCII text, with very long lines (601)
downloaded
Chrome Cache Entry: 511
ASCII text
downloaded
Chrome Cache Entry: 512
ASCII text, with very long lines (538)
downloaded
Chrome Cache Entry: 513
ASCII text, with very long lines (6996)
downloaded
Chrome Cache Entry: 514
ASCII text, with very long lines (10903), with no line terminators
downloaded
Chrome Cache Entry: 515
Unicode text, UTF-8 (with BOM) text, with very long lines (18737), with CRLF line terminators
downloaded
Chrome Cache Entry: 516
ASCII text, with very long lines (20828)
downloaded
Chrome Cache Entry: 517
ASCII text
downloaded
Chrome Cache Entry: 518
ASCII text, with very long lines (1250)
downloaded
Chrome Cache Entry: 519
ASCII text, with very long lines (2762)
downloaded
Chrome Cache Entry: 520
ASCII text, with very long lines (1572)
downloaded
Chrome Cache Entry: 521
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 522
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
downloaded
Chrome Cache Entry: 524
ASCII text
downloaded
Chrome Cache Entry: 525
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 526
ASCII text, with very long lines (2762)
downloaded
Chrome Cache Entry: 527
ASCII text, with very long lines (693)
downloaded
Chrome Cache Entry: 528
ASCII text, with very long lines (12209)
downloaded
Chrome Cache Entry: 529
ASCII text, with very long lines (8240)
downloaded
Chrome Cache Entry: 530
ASCII text, with very long lines (1815)
downloaded
Chrome Cache Entry: 531
ASCII text, with very long lines (6574)
downloaded
Chrome Cache Entry: 532
ASCII text, with very long lines (4645)
downloaded
Chrome Cache Entry: 533
ASCII text, with very long lines (6607)
downloaded
Chrome Cache Entry: 534
ASCII text, with very long lines (576)
downloaded
Chrome Cache Entry: 535
ASCII text, with very long lines (9503), with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 536
ASCII text
downloaded
Chrome Cache Entry: 537
ASCII text, with very long lines (421)
downloaded
Chrome Cache Entry: 538
ASCII text
downloaded
Chrome Cache Entry: 539
ASCII text, with very long lines (11547)
downloaded
Chrome Cache Entry: 540
ASCII text, with very long lines (2869)
downloaded
Chrome Cache Entry: 541
ASCII text, with very long lines (6820)
downloaded
Chrome Cache Entry: 542
HTML document, ASCII text
downloaded
Chrome Cache Entry: 543
MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel
downloaded
Chrome Cache Entry: 544
ASCII text, with very long lines (1479)
downloaded
Chrome Cache Entry: 545
ASCII text, with very long lines (1055)
downloaded
Chrome Cache Entry: 546
JSON data
dropped
Chrome Cache Entry: 547
ASCII text, with very long lines (1305)
downloaded
Chrome Cache Entry: 548
ASCII text
downloaded
Chrome Cache Entry: 549
ASCII text, with very long lines (2879)
downloaded
Chrome Cache Entry: 550
ASCII text, with very long lines (1357)
downloaded
Chrome Cache Entry: 551
ASCII text, with very long lines (18867)
downloaded
Chrome Cache Entry: 552
ASCII text
downloaded
Chrome Cache Entry: 553
Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
downloaded
Chrome Cache Entry: 554
ASCII text, with very long lines (687)
downloaded
Chrome Cache Entry: 555
ASCII text, with very long lines (4051)
downloaded
Chrome Cache Entry: 556
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 557
ASCII text, with very long lines (7337)
downloaded
Chrome Cache Entry: 558
ASCII text, with very long lines (14465), with no line terminators
downloaded
Chrome Cache Entry: 559
ASCII text, with very long lines (6186)
downloaded
Chrome Cache Entry: 560
ASCII text
downloaded
Chrome Cache Entry: 561
ASCII text, with very long lines (617)
downloaded
Chrome Cache Entry: 562
ASCII text, with very long lines (6245)
downloaded
Chrome Cache Entry: 563
ASCII text, with very long lines (13721)
downloaded
Chrome Cache Entry: 564
ASCII text, with very long lines (4070)
downloaded
Chrome Cache Entry: 565
ASCII text, with very long lines (4857)
downloaded
Chrome Cache Entry: 566
ASCII text
downloaded
Chrome Cache Entry: 567
ASCII text, with very long lines (4024)
downloaded
Chrome Cache Entry: 568
ASCII text, with very long lines (2395)
downloaded
Chrome Cache Entry: 569
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 570
MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel
dropped
Chrome Cache Entry: 571
ASCII text, with very long lines (821)
downloaded
Chrome Cache Entry: 572
ASCII text, with very long lines (10160)
downloaded
Chrome Cache Entry: 573
ASCII text, with very long lines (6245)
downloaded
Chrome Cache Entry: 574
ASCII text, with very long lines (4857)
downloaded
Chrome Cache Entry: 575
ASCII text
downloaded
Chrome Cache Entry: 576
ASCII text, with very long lines (3634)
downloaded
Chrome Cache Entry: 577
ASCII text, with very long lines (730)
downloaded
Chrome Cache Entry: 578
ASCII text
downloaded
Chrome Cache Entry: 579
ASCII text, with very long lines (8384)
downloaded
Chrome Cache Entry: 580
ASCII text
downloaded
Chrome Cache Entry: 581
ASCII text, with very long lines (480)
downloaded
Chrome Cache Entry: 582
ASCII text, with very long lines (3941)
downloaded
Chrome Cache Entry: 583
ASCII text, with very long lines (17240)
downloaded
Chrome Cache Entry: 584
ASCII text, with very long lines (1388)
downloaded
Chrome Cache Entry: 585
ASCII text, with very long lines (3627)
downloaded
Chrome Cache Entry: 586
ASCII text
downloaded
Chrome Cache Entry: 587
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 588
ASCII text, with very long lines (18884)
downloaded
Chrome Cache Entry: 589
PNG image data, 11 x 11, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 590
ASCII text, with very long lines (9687)
downloaded
Chrome Cache Entry: 591
ASCII text, with very long lines (343)
downloaded
Chrome Cache Entry: 592
ASCII text, with very long lines (9061)
downloaded
Chrome Cache Entry: 593
ASCII text, with very long lines (562)
downloaded
Chrome Cache Entry: 594
ASCII text, with very long lines (6271)
downloaded
Chrome Cache Entry: 595
ASCII text, with very long lines (3904)
downloaded
Chrome Cache Entry: 596
ASCII text, with very long lines (1438)
downloaded
Chrome Cache Entry: 597
ASCII text, with very long lines (32057)
downloaded
Chrome Cache Entry: 598
ASCII text
downloaded
Chrome Cache Entry: 599
ASCII text, with very long lines (19329)
downloaded
Chrome Cache Entry: 600
ASCII text, with very long lines (7031)
downloaded
Chrome Cache Entry: 601
ASCII text, with very long lines (621)
downloaded
Chrome Cache Entry: 602
ASCII text, with very long lines (4095)
downloaded
Chrome Cache Entry: 603
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 604
ASCII text, with very long lines (7408)
downloaded
Chrome Cache Entry: 605
ASCII text, with very long lines (38283)
downloaded
Chrome Cache Entry: 606
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
downloaded
Chrome Cache Entry: 607
PDF document, version 1.7
downloaded
Chrome Cache Entry: 608
ASCII text, with very long lines (589)
downloaded
Chrome Cache Entry: 609
ASCII text, with very long lines (4726)
downloaded
Chrome Cache Entry: 610
HTML document, ASCII text, with very long lines (14438), with no line terminators
downloaded
Chrome Cache Entry: 611
ASCII text, with very long lines (1974)
downloaded
Chrome Cache Entry: 612
ASCII text, with very long lines (3816)
downloaded
Chrome Cache Entry: 613
ASCII text, with very long lines (2722)
downloaded
Chrome Cache Entry: 614
ASCII text, with very long lines (3554)
downloaded
Chrome Cache Entry: 615
ASCII text, with very long lines (337)
downloaded
Chrome Cache Entry: 616
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 617
ASCII text, with very long lines (6242), with no line terminators
downloaded
Chrome Cache Entry: 618
ASCII text, with very long lines (8488)
downloaded
Chrome Cache Entry: 619
GIF image data, version 89a, 16 x 16
dropped
Chrome Cache Entry: 620
ASCII text, with very long lines (4996)
downloaded
Chrome Cache Entry: 621
ASCII text, with very long lines (63194)
downloaded
Chrome Cache Entry: 622
ASCII text, with very long lines (14930)
downloaded
Chrome Cache Entry: 623
PNG image data, 11 x 11, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 624
ASCII text, with very long lines (11523)
downloaded
Chrome Cache Entry: 625
ASCII text, with very long lines (8131)
downloaded
Chrome Cache Entry: 626
ASCII text, with very long lines (4956)
downloaded
Chrome Cache Entry: 627
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 628
PNG image data, 16 x 2064, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 629
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 630
ASCII text, with very long lines (63740)
downloaded
There are 289 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2376 --field-trial-handle=2260,i,7258768783310918451,11796454287831117865,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://buildertrend.net/app/share/1c675fd9-2a1b-4285-889d-b0a43edfd0b1"
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Downloads\1529_Figarden ES_Confidentual Space_Specs.pdf"
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2080 --field-trial-handle=1624,i,14979412311987819446,17980175442050967771,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8

URLs

Name
IP
Malicious
https://buildertrend.net/app/share/1c675fd9-2a1b-4285-889d-b0a43edfd0b1
https://buildertrend.net/app/service-worker.js?config=%7B%22firebase%22%3A%7B%22apiKey%22%3A%22AIzaSyCp7uAmwrGDzN-WZM5g8Z3c8pTJMVXhDq8%22%2C%22authDomain%22%3A%22api-project-925398045647.firebaseapp.com%22%2C%22databaseURL%22%3A%22https%3A%2F%2Fapi-project-925398045647.firebaseio.com%22%2C%22projectId%22%3A%22api-project-925398045647%22%2C%22storageBucket%22%3A%22api-project-925398045647.appspot.com%22%2C%22messagingSenderId%22%3A%22925398045647%22%2C%22appId%22%3A%221%3A925398045647%3Aweb%3A237dce4d6db126be09f8ba%22%2C%22measurementId%22%3A%22G-35FTZJ54TT%22%7D%7D
34.160.176.84
https://redux.js.org/Errors?code=
unknown
https://buildertrend.net/app/static/css/30057.7be615fc.chunk.css
34.160.176.84
https://buildertrend.net/app/static/js/49138.6f6af35c.chunk.js
34.160.176.84
https://svc.webspellchecker.net/spellcheck31/wscbundle/themes/icomoon/fonts/wscicomoon.ttf?dfrui2
3.226.208.169
https://buildertrend.net/app/static/css/20519.351ece3a.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/44013.7f2a7657.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/29471.428bde6c.chunk.css
34.160.176.84
http://g.co/dev/maps-no-account
unknown
http://www.businessdictionary.com/definition/element.html)
unknown
https://buildertrend.net/app/static/css/27711.4154fc13.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/33715.0a90e765.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/24184.1adddf06.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/33994.761d9496.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/16398.223c57c8.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/43765.111c4cb5.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/22420.677b5bf0.chunk.css
34.160.176.84
https://buildertrend.net/btbundles/rootMasterReact.chunk.da9e9f55cbae2747be01.js
34.160.176.84
https://buildertrend.net/btbundles/bannerAlerts.chunk.53a82c791ab1466e9faf.js
34.160.176.84
https://buildertrend.net/app/static/css/21998.28de2301.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/10135.ee3519b9.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/44806.5c773a68.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/49138.43bd7b97.chunk.css
34.160.176.84
https://buildertrend.net/app/static/js/64081.b0fbe725.chunk.js
34.160.176.84
https://buildertrend.net/app/static/css/2651.fb8b6bf8.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/46323.faf540c4.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/10181.0b04ccfe.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/22738.ee3519b9.chunk.css
34.160.176.84
http://www.businessdictionary.com/definition/completed.html)
unknown
https://buildertrend.net/app/static/css/14365.c08307c8.chunk.css
34.160.176.84
https://home.treasury.gov/policy-issues/financial-sanctions/sanctions-programs-and-country-informati
unknown
https://buildertrend.net/app/static/css/19304.9ab31235.chunk.css
34.160.176.84
http://getbootstrap.com)
unknown
https://goo.gle/js-api-loading
unknown
https://worker-proxy.buildertrend.paragon.so
unknown
https://buildertrend.net/app/static/css/main.a2f5f767.css
34.160.176.84
https://developers.google.com/maps/documentation/javascript/styling#cloud_tooling
unknown
https://buildertrend.net/app/static/css/39859.8c3fe8c0.chunk.css
34.160.176.84
https://support.google.com/fusiontables/answer/9185417).
unknown
https://developers.google.com/maps/deprecations
unknown
https://buildertrend.net/app/static/js/54096.725577c5.chunk.js
34.160.176.84
https://buildertrend.net/app/static/css/30140.6acd6489.chunk.css
34.160.176.84
https://buildertrend.net/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZKnuDsfz_ITHjzQQHpPiZNY4p76nCFowsZLzdvWH0zxSceqgtg2&t=638368850615952268
34.160.176.84
https://buildertrend.net/app/share/1c675fd9-2a1b-4285-889d-b0a43edfd0b1
34.160.176.84
https://buildertrend.net/app/static/css/14443.dcebe884.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/15292.3884132b.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/26900.197a58ac.chunk.css
34.160.176.84
https://github.com/truckingsim/Ajax-Bootstrap-Select
unknown
https://bugs.webkit.org/show_bug.cgi?id=53341
unknown
https://buildertrend.net/app/static/css/28835.3c765601.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/34090.378246cd.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/46033.81ea9f36.chunk.css
34.160.176.84
http://www.businessdictionary.com/definition/working-drawing.html)
unknown
https://buildertrend.net/app/static/css/12884.82dde9d0.chunk.css
34.160.176.84
https://buildertrend.net/btbundles/vendor.chunk.7ab029c78768b0cec127.css
34.160.176.84
https://buildertrend.net/app/static/css/36473.789aadcd.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/17225.ed22fc47.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/36742.a4d1abb1.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/10887.1b3b0f8a.chunk.css
34.160.176.84
https://buildertrend.net/favicon.ico
34.160.176.84
https://buildertrend.net/app/static/css/17238.cce78f0c.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/21565.018b1c7d.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/40636.e964d764.chunk.css
34.160.176.84
https://sentry.io/api/1760151/envelope/?sentry_key=2ad9893180f040e8b0c04b35cbe9477c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.47.0
35.186.247.156
https://buildertrend.net/app/static/media/bt-logo-minimal-white-blue.31134db65101e5b44c8d6ae01199629d.svg
34.160.176.84
http://www.businessdictionary.com/definition/job.html)
unknown
https://developers.google.com/maps/documentation/javascript/versions#beta-channel
unknown
https://buildertrend.net/app/static/css/36684.c42ce960.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/23119.32b24678.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/4713.22281366.chunk.css
34.160.176.84
https://buildertrend.net/app/static/js/79489.e1fae8aa.chunk.js
34.160.176.84
https://buildertrend.net/app/static/css/21959.3257b4e7.chunk.css
34.160.176.84
https://github.com/twbs/bootstrap/blob/master/LICENSE)
unknown
https://developers.google.com/maps/documentation/javascript/advanced-markers/migration
unknown
https://passport.buildertrend.paragon.so
unknown
https://buildertrend.net/app/static/css/48291.7184df98.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/12191.58467f8f.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/46172.e83460dd.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/36065.6b300731.chunk.css
34.160.176.84
https://buildertrend.net/jQuery/bootstrap-switch/boostrapSwitchCss?v=Mr1Nxc1fMdPBwNq2ve8dTV3UM9Bia34cclahOD0gjA01
34.160.176.84
https://buildertrend.net/api/Bids/External?bidId=xjhn591lEnYeZyhi2_L31A&subId=sgtEcVPV75oeZyhi2_L31A&shareToken=1c675fd9-2a1b-4285-889d-b0a43edfd0b1
34.160.176.84
https://buildertrend.net/app/static/css/12332.6cc385b0.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/13647.187781b8.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/17556.965901a6.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/46646.af238291.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/2973.a6a4e5ef.chunk.css
34.160.176.84
https://buildertrend.net/btbundles/btConstants.chunk.11c0938fef433b79f518.js
34.160.176.84
https://ckeditor.com/license
unknown
https://buildertrend.net/app/static/css/48444.ac198107.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/44852.8cc7ca02.chunk.css
34.160.176.84
https://github.com/truckingsim
unknown
http://www.dgs.ca.gov/osmb)
unknown
https://developers.google.com/maps/documentation/javascript/error-messages#unsupported-browsers
unknown
https://buildertrend.net/app/static/css/19438.461e4bd4.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/48401.5a473150.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/41143.8541662a.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/44916.45810441.chunk.css
34.160.176.84
https://buildertrend.net/app/static/css/20132.e7411b40.chunk.css
34.160.176.84
https://buildertrend.net/jQuery/ckeditor/plugins/btcollapsetoolbar/icons/btcollapsetoolbar.png?t=JB9C
34.160.176.84
https://buildertrend.net/app/static/css/28393.96682a4f.chunk.css
34.160.176.84
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
paragon-k8-1070586475.us-west-2.elb.amazonaws.com
44.226.71.242
chrome.cloudflare-dns.com
172.64.41.3
cdnjs.cloudflare.com
104.17.24.14
sentry.io
35.186.247.156
svc.webspellchecker.net
3.226.208.169
www.google.com
108.177.122.104
buildertrend.net
34.160.176.84
cdn.mxpnl.com
35.186.235.23
fp2e7a.wpc.phicdn.net
192.229.211.108
connect.buildertrend.paragon.so
unknown

IPs

IP
Domain
Country
Malicious
44.226.71.242
paragon-k8-1070586475.us-west-2.elb.amazonaws.com
United States
23.46.201.17
unknown
United States
35.186.247.156
sentry.io
United States
192.168.2.4
unknown
unknown
192.168.2.5
unknown
unknown
35.81.42.150
unknown
United States
35.186.235.23
cdn.mxpnl.com
United States
172.64.41.3
chrome.cloudflare-dns.com
United States
104.17.24.14
cdnjs.cloudflare.com
United States
34.160.176.84
buildertrend.net
United States
239.255.255.250
unknown
Reserved
3.226.208.169
svc.webspellchecker.net
United States
108.177.122.104
www.google.com
United States
There are 3 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
aFS
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
tDIText
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
tFileName
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
tFileSource
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
sFileAncestors
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
sDI
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
sDate
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
uFileSize
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
uPageCount
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
sAssetId
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
bisSharedFile
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
aFS
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
tDIText
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
tFileName
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
sFileAncestors
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
sDI
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
sDate
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
uFileSize
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
uPageCount
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
bisSharedFile
There are 10 hidden registries, click here to show them.

DOM / HTML

URL
Malicious
https://buildertrend.net/app/subs/share/CGjNtqVQjJY/Bid/xjhn591lEnYeZyhi2_L31A/sgtEcVPV75oeZyhi2_L31A/1c675fd9-2a1b-4285-889d-b0a43edfd0b1
https://buildertrend.net/app/subs/share/CGjNtqVQjJY/Bid/xjhn591lEnYeZyhi2_L31A/sgtEcVPV75oeZyhi2_L31A/1c675fd9-2a1b-4285-889d-b0a43edfd0b1
https://buildertrend.net/app/subs/share/CGjNtqVQjJY/Bid/xjhn591lEnYeZyhi2_L31A/sgtEcVPV75oeZyhi2_L31A/1c675fd9-2a1b-4285-889d-b0a43edfd0b1
https://buildertrend.net/app/subs/share/CGjNtqVQjJY/Bid/xjhn591lEnYeZyhi2_L31A/sgtEcVPV75oeZyhi2_L31A/1c675fd9-2a1b-4285-889d-b0a43edfd0b1
https://connect.buildertrend.paragon.so/ui
file:///C:/Users/user/Downloads/1529_Figarden%20ES_Confidentual%20Space_IFB.pdf
file:///C:/Users/user/Downloads/1529_Figarden%20ES_Confidentual%20Space_IFB.pdf
file:///C:/Users/user/Downloads/1529_Figarden%20ES_Confidentual%20Space_Specs.pdf