Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
10112771961.pdf
|
PDF document, version 1.4, 0 pages
|
initial sample
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\055e74d3-bdcd-4919-91d0-c6f59372b72c.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\849a29f6-f853-4526-84c2-e6b9dfde20d3.tmp
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\TransportSecurity (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-250610165820Z-190.bmp
|
PC bitmap, Windows 3.x format, 117 x -152 x 32, cbSize 71190, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 19, database pages 3, cookie 0x2, schema 4, UTF-8,
version-valid-for 19
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSIc9fd6.LOG
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\A91kzuqwj_t2mgqq_6kg.tmp
|
PDF document, version 1.6, 0 pages
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2025-06-10 12-58-17-537.log
|
ASCII text, with very long lines (393)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
|
ASCII text, with very long lines (393), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\1a39a2a0-5d1a-4873-9221-9877cd4e2bbd.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\372cabec-43f7-4282-992b-3a6e4a1271fe.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\4d7666d3-fb1f-4d54-99bc-c1edcf720e45.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\ad8f9443-ed42-4ed2-9610-6cc92efb9939.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
|
dropped
|
||
|
Chrome Cache Entry: 280
|
data
|
downloaded
|
||
|
Chrome Cache Entry: 281
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 282
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 283
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 284
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 285
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 286
|
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
|
downloaded
|
||
|
Chrome Cache Entry: 287
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 288
|
MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 289
|
Unicode text, UTF-8 text, with very long lines (35190)
|
downloaded
|
||
|
Chrome Cache Entry: 290
|
HTML document, ASCII text, with very long lines (910), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 291
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 292
|
Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 293
|
data
|
downloaded
|
||
|
Chrome Cache Entry: 294
|
ASCII text, with very long lines (52857)
|
downloaded
|
||
|
Chrome Cache Entry: 295
|
Unicode text, UTF-8 text, with very long lines (37052)
|
downloaded
|
||
|
Chrome Cache Entry: 296
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 297
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 298
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 299
|
ASCII text, with very long lines (5359)
|
downloaded
|
||
|
Chrome Cache Entry: 300
|
ASCII text, with very long lines (769)
|
downloaded
|
||
|
Chrome Cache Entry: 301
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 302
|
HTML document, ASCII text, with very long lines (910), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 303
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 304
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 305
|
HTML document, ASCII text, with very long lines (910), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 306
|
exported SGML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 307
|
Unicode text, UTF-8 text, with very long lines (36003)
|
dropped
|
||
|
Chrome Cache Entry: 308
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 309
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 310
|
Unicode text, UTF-8 text, with very long lines (65464)
|
downloaded
|
||
|
Chrome Cache Entry: 311
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 312
|
Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 313
|
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 314
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 315
|
ASCII text, with very long lines (1168)
|
downloaded
|
||
|
Chrome Cache Entry: 316
|
ASCII text, with very long lines (21283)
|
downloaded
|
||
|
Chrome Cache Entry: 317
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 318
|
Unicode text, UTF-8 text, with very long lines (22173), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 319
|
ASCII text, with very long lines (12282)
|
downloaded
|
||
|
Chrome Cache Entry: 320
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 321
|
Unicode text, UTF-8 text, with very long lines (35190)
|
dropped
|
||
|
Chrome Cache Entry: 322
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 323
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 324
|
Unicode text, UTF-8 text, with very long lines (65464)
|
dropped
|
||
|
Chrome Cache Entry: 325
|
ASCII text, with very long lines (7566)
|
dropped
|
||
|
Chrome Cache Entry: 326
|
ASCII text, with very long lines (3720)
|
downloaded
|
||
|
Chrome Cache Entry: 327
|
ASCII text, with very long lines (7566)
|
downloaded
|
||
|
Chrome Cache Entry: 328
|
data
|
downloaded
|
||
|
Chrome Cache Entry: 329
|
ASCII text, with very long lines (11137), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 330
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 331
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
|
Chrome Cache Entry: 332
|
HTML document, ASCII text, with very long lines (910), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 333
|
ASCII text, with very long lines (42897)
|
downloaded
|
||
|
Chrome Cache Entry: 334
|
Unicode text, UTF-8 text, with very long lines (65459)
|
dropped
|
||
|
Chrome Cache Entry: 335
|
MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 336
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 337
|
data
|
downloaded
|
||
|
Chrome Cache Entry: 338
|
ASCII text, with very long lines (5359)
|
downloaded
|
||
|
Chrome Cache Entry: 339
|
Unicode text, UTF-8 text, with very long lines (65459)
|
downloaded
|
||
|
Chrome Cache Entry: 340
|
ASCII text, with very long lines (7303), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 341
|
exported SGML document, ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 342
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 343
|
ASCII text, with very long lines (7568)
|
downloaded
|
||
|
Chrome Cache Entry: 344
|
ASCII text, with very long lines (6989), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 345
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 346
|
ASCII text, with very long lines (60967)
|
downloaded
|
||
|
Chrome Cache Entry: 347
|
ASCII text, with very long lines (15413), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 348
|
MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel
|
downloaded
|
||
|
Chrome Cache Entry: 349
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 350
|
MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 351
|
Web Open Font Format (Version 2), TrueType, length 52280, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 352
|
ASCII text, with very long lines (3422), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 353
|
ASCII text, with very long lines (7566)
|
dropped
|
||
|
Chrome Cache Entry: 354
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
|
Chrome Cache Entry: 355
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
|
Chrome Cache Entry: 356
|
ASCII text, with very long lines (2154), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 357
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 358
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 359
|
ASCII text, with very long lines (2242)
|
downloaded
|
||
|
Chrome Cache Entry: 360
|
ASCII text, with very long lines (12282)
|
dropped
|
||
|
Chrome Cache Entry: 361
|
HTML document, ASCII text, with very long lines (740)
|
downloaded
|
||
|
Chrome Cache Entry: 362
|
Unicode text, UTF-8 text, with very long lines (37052)
|
downloaded
|
||
|
Chrome Cache Entry: 363
|
Unicode text, UTF-8 text, with very long lines (62797)
|
downloaded
|
||
|
Chrome Cache Entry: 364
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 365
|
data
|
downloaded
|
||
|
Chrome Cache Entry: 366
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 367
|
ASCII text, with very long lines (46853)
|
downloaded
|
||
|
Chrome Cache Entry: 368
|
ASCII text, with very long lines (3720)
|
dropped
|
||
|
Chrome Cache Entry: 369
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 370
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 371
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 372
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 373
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 374
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 375
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
|
Chrome Cache Entry: 376
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 377
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 378
|
MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel
|
downloaded
|
||
|
Chrome Cache Entry: 379
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 380
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 381
|
ASCII text, with very long lines (7851)
|
downloaded
|
||
|
Chrome Cache Entry: 382
|
ASCII text, with very long lines (1924)
|
downloaded
|
||
|
Chrome Cache Entry: 383
|
HTML document, ASCII text, with very long lines (882), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 384
|
ASCII text, with very long lines (65469)
|
dropped
|
||
|
Chrome Cache Entry: 385
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
|
Chrome Cache Entry: 386
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 387
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 388
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 389
|
ASCII text, with very long lines (523)
|
downloaded
|
||
|
Chrome Cache Entry: 390
|
data
|
downloaded
|
||
|
Chrome Cache Entry: 391
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
|
Chrome Cache Entry: 392
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 393
|
ASCII text, with very long lines (65469)
|
downloaded
|
||
|
Chrome Cache Entry: 394
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 395
|
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
|
dropped
|
||
|
Chrome Cache Entry: 396
|
data
|
downloaded
|
||
|
Chrome Cache Entry: 397
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 398
|
data
|
downloaded
|
||
|
Chrome Cache Entry: 399
|
HTML document, ASCII text, with very long lines (815)
|
downloaded
|
||
|
Chrome Cache Entry: 400
|
data
|
downloaded
|
||
|
Chrome Cache Entry: 401
|
ASCII text, with very long lines (7576), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 402
|
ASCII text, with very long lines (5359)
|
downloaded
|
||
|
Chrome Cache Entry: 403
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 404
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 405
|
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 406
|
ASCII text, with very long lines (17668), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 407
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 408
|
ASCII text, with very long lines (7500)
|
downloaded
|
||
|
Chrome Cache Entry: 409
|
ASCII text, with very long lines (52857)
|
dropped
|
||
|
Chrome Cache Entry: 410
|
HTML document, ASCII text, with very long lines (909), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 411
|
HTML document, ASCII text, with very long lines (910), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 412
|
data
|
downloaded
|
||
|
Chrome Cache Entry: 413
|
ASCII text, with very long lines (1354)
|
downloaded
|
||
|
Chrome Cache Entry: 414
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 415
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 416
|
Unicode text, UTF-8 text, with very long lines (36003)
|
downloaded
|
||
|
Chrome Cache Entry: 417
|
data
|
downloaded
|
||
|
Chrome Cache Entry: 418
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 419
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 420
|
ASCII text, with very long lines (769)
|
dropped
|
||
|
Chrome Cache Entry: 421
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
|
Chrome Cache Entry: 422
|
ASCII text, with very long lines (3410), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 423
|
GIF image data, version 89a, 1 x 1
|
dropped
|
There are 176 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\10112771961.pdf"
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0"
--lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log"
--mojo-platform-channel-handle=1620 --field-trial-handle=1580,i,2713693411659859882,3006164246240994889,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1944,i,10331604489722337832,4096008444869663411,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
--variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2192 /prefetch:3
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.UnsandboxedPrintBackendHost
--lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1944,i,10331604489722337832,4096008444869663411,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
--variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=3832 /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://lnkd.in/billinghelp"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US
--service-sandbox-type=audio --no-pre-read-main-dll --field-trial-handle=1944,i,10331604489722337832,4096008444869663411,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
--variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=4156 /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService
--lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1944,i,10331604489722337832,4096008444869663411,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
--variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=4344 /prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://lnkd.in/billinghelp)
|
unknown
|
||
|
https://developers.google.com/identity/gsi/web/guides/fedcm-migration?s=dc#layout
|
unknown
|
||
|
https://ad.doubleclick.net/activity;register_conversion=1;
|
unknown
|
||
|
https://adservice.google.com/ddm/fls/z/dc_pre=CJSUgouq540DFT4JaAgd0JYhBA;src=9261636;type=bcs_cap;ca
|
unknown
|
||
|
https://github.com/zloirock/core-js
|
unknown
|
||
|
https://developers.google.com/identity/gsi/web/guides/fedcm-migration?s=dc#cross_origin)
|
unknown
|
||
|
https://www.google.com/ccm/conversion
|
unknown
|
||
|
https://google.com/ccm/form-data
|
unknown
|
||
|
https://tagassistant.google.com/
|
unknown
|
||
|
https://www.google.com/ccm/form-data
|
unknown
|
||
|
http://c.pki.goog/r/r4.crl
|
142.251.40.195
|
||
|
https://google.com/pagead/form-data
|
unknown
|
||
|
https://www.linkedin.com/checkpoint/lg/login-submit
|
|||
|
https://td.doubleclick.net/td/rul/
|
unknown
|
||
|
https://googleads.g.doubleclick.net/pagead/viewthroughconversion
|
unknown
|
||
|
https://admincenter.linkedin.com)
|
unknown
|
||
|
https://cct.google/taggy/agent.js
|
unknown
|
||
|
https://developers.google.com/identity/gsi/web/guides/fedcm-migration?s=dc#skipped_moment
|
unknown
|
||
|
https://www.linkedin.com/checkpoint/lg/login?session_redirect=https%3A%2F%2Fwww%2Elinkedin%2Ecom%2Fhelp%2Fbilling
|
|||
|
https://www.youtube.com
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://jarvis.corp.linkedin.com/codesearch/result/?path=flock-templates%2Fflock%2Femail%2Femail_ser
|
unknown
|
||
|
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
|
unknown
|
||
|
https://raw.githubusercontent.com/stefanpenner/es6-promise/master/LICENSE
|
unknown
|
||
|
https://developers.google.com/identity/gsi/web/guides/fedcm-migration
|
unknown
|
||
|
https://feross.org/opensource
|
unknown
|
||
|
https://ad.doubleclick.net/activity;
|
unknown
|
||
|
https://www.google.com/travel/flights/click/conversion
|
unknown
|
||
|
https://meet.google.com
|
unknown
|
||
|
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;
|
unknown
|
||
|
https://www.linkedin.com/signup/cold-join?csrfToken=4058842e-0019-4aa7-80d4-bbc037227ede
|
|||
|
https://m.youtube.com
|
unknown
|
||
|
https://www.linkedin.com/help/billing
|
|||
|
https://github.com/zloirock/core-js/blob/v3.42.0/LICENSE
|
unknown
|
||
|
https://services.google.com/sitestats/
|
unknown
|
||
|
https://www.google.com/gmp/conversion;
|
unknown
|
||
|
https://www.figma.com/file/egkKv7mudRwk2dVPM0WCR6/NBA-Digest-Email?type=design&node-id=2927-186236&t
|
unknown
|
||
|
https://www.google.com/ccm/collect
|
unknown
|
||
|
http://feross.org
|
unknown
|
||
|
https://www.google.com/pagead/1p-conversion
|
unknown
|
||
|
https://developers.google.com/identity/gsi/web/guides/fedcm-migration?s=dc#display_moment
|
unknown
|
||
|
https://adservice.google.com/pagead/regclk?
|
unknown
|
||
|
https://www.google.com/pagead/form-data
|
unknown
|
There are 33 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
dart.l.doubleclick.net
|
142.250.176.198
|
||
|
beacons3.gvt2.com
|
142.250.65.163
|
||
|
beacons-handoff.gcp.gvt2.com
|
64.233.185.94
|
||
|
adservice.google.com
|
142.251.41.2
|
||
|
dcs-public-edge-va6-158015560.us-east-1.elb.amazonaws.com
|
44.219.239.105
|
||
|
collect.tealiumiq.com
|
52.21.10.101
|
||
|
beacons5.gvt2.com
|
216.239.32.116
|
||
|
cm.g.doubleclick.net
|
142.251.32.98
|
||
|
gce-beacons.gcp.gvt2.com
|
35.186.238.177
|
||
|
www.google.com
|
142.250.80.36
|
||
|
linkedin.map.fastly.net
|
151.101.131.42
|
||
|
star-mini.c10r.facebook.com
|
157.240.241.35
|
||
|
google.com
|
142.251.40.110
|
||
|
ad.doubleclick.net
|
142.250.65.166
|
||
|
beacons2.gvt2.com
|
216.239.32.3
|
||
|
beacons.gvt2.com
|
142.251.165.94
|
||
|
pki-goog.l.google.com
|
142.251.40.195
|
||
|
ax-0001.ax-msedge.net
|
150.171.28.10
|
||
|
lnkd.in
|
150.171.22.12
|
||
|
ln-0002.ln-msedge.net
|
150.171.22.12
|
||
|
play.google.com
|
142.251.40.238
|
||
|
googleads.g.doubleclick.net
|
142.251.32.98
|
||
|
static.licdn.com.cdn.cloudflare.net
|
104.18.33.206
|
||
|
td.doubleclick.net
|
142.250.65.226
|
||
|
stun.l.google.com
|
74.125.250.129
|
||
|
beacons4.gvt2.com
|
216.239.32.116
|
||
|
static.licdn.com
|
unknown
|
||
|
lnkd.demdex.net
|
unknown
|
||
|
beacons.gcp.gvt2.com
|
unknown
|
||
|
platform.linkedin.com
|
unknown
|
||
|
dpm.demdex.net
|
unknown
|
||
|
c.pki.goog
|
unknown
|
||
|
www.facebook.com
|
unknown
|
||
|
www.linkedin.com
|
unknown
|
||
|
9261636.fls.doubleclick.net
|
unknown
|
There are 25 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.7
|
unknown
|
unknown
|
||
|
192.168.2.9
|
unknown
|
unknown
|
||
|
157.240.241.35
|
star-mini.c10r.facebook.com
|
United States
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
150.171.22.12
|
lnkd.in
|
United States
|
||
|
54.156.159.123
|
unknown
|
United States
|
||
|
142.250.80.36
|
www.google.com
|
United States
|
||
|
44.219.239.105
|
dcs-public-edge-va6-158015560.us-east-1.elb.amazonaws.com
|
United States
|
||
|
107.22.31.163
|
unknown
|
United States
|
||
|
34.194.254.95
|
unknown
|
United States
|
||
|
104.18.33.206
|
static.licdn.com.cdn.cloudflare.net
|
United States
|
||
|
54.211.32.100
|
unknown
|
United States
|
||
|
142.250.65.166
|
ad.doubleclick.net
|
United States
|
||
|
142.251.41.2
|
adservice.google.com
|
United States
|
||
|
142.251.40.102
|
unknown
|
United States
|
||
|
142.251.40.110
|
google.com
|
United States
|
||
|
192.168.2.23
|
unknown
|
unknown
|
||
|
142.251.32.98
|
cm.g.doubleclick.net
|
United States
|
||
|
150.171.28.10
|
ax-0001.ax-msedge.net
|
United States
|
||
|
74.125.250.129
|
stun.l.google.com
|
United States
|
||
|
142.250.176.198
|
dart.l.doubleclick.net
|
United States
|
||
|
142.250.176.196
|
unknown
|
United States
|
||
|
151.101.67.42
|
unknown
|
United States
|
||
|
142.250.81.228
|
unknown
|
United States
|
||
|
52.21.10.101
|
collect.tealiumiq.com
|
United States
|
||
|
151.101.131.42
|
linkedin.map.fastly.net
|
United States
|
||
|
142.251.40.98
|
unknown
|
United States
|
||
|
192.168.2.14
|
unknown
|
unknown
|
||
|
23.200.196.138
|
unknown
|
United States
|
||
|
142.250.65.226
|
td.doubleclick.net
|
United States
|
There are 20 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
aFS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
tDIText
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
tFileName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
tFileSource
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sFileAncestors
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sDI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sDate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
uFileSize
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
uPageCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sAssetId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
bisSharedFile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
aFS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
tDIText
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
tFileName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
sFileAncestors
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
sDI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
sDate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
uFileSize
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
uPageCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
bisSharedFile
|
There are 10 hidden registries, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://www.linkedin.com/help/billing
|
||
|
https://www.linkedin.com/help/billing
|
||
|
https://www.linkedin.com/checkpoint/lg/login?session_redirect=https%3A%2F%2Fwww%2Elinkedin%2Ecom%2Fhelp%2Fbilling
|
||
|
https://www.linkedin.com/checkpoint/lg/login?session_redirect=https%3A%2F%2Fwww%2Elinkedin%2Ecom%2Fhelp%2Fbilling
|
||
|
https://www.linkedin.com/checkpoint/lg/login?session_redirect=https%3A%2F%2Fwww%2Elinkedin%2Ecom%2Fhelp%2Fbilling
|
||
|
https://www.linkedin.com/checkpoint/lg/login?session_redirect=https%3A%2F%2Fwww%2Elinkedin%2Ecom%2Fhelp%2Fbilling
|
||
|
https://www.linkedin.com/checkpoint/lg/login?session_redirect=https%3A%2F%2Fwww%2Elinkedin%2Ecom%2Fhelp%2Fbilling
|
||
|
https://www.linkedin.com/checkpoint/lg/login?session_redirect=https%3A%2F%2Fwww%2Elinkedin%2Ecom%2Fhelp%2Fbilling
|
||
|
https://www.linkedin.com/checkpoint/lg/login?session_redirect=https%3A%2F%2Fwww%2Elinkedin%2Ecom%2Fhelp%2Fbilling
|
||
|
https://www.linkedin.com/checkpoint/lg/login-submit
|
||
|
https://www.linkedin.com/checkpoint/lg/login-submit
|
||
|
https://www.linkedin.com/checkpoint/lg/login-submit
|
||
|
https://www.linkedin.com/checkpoint/lg/login-submit
|
||
|
https://www.linkedin.com/checkpoint/lg/login-submit
|
||
|
https://www.linkedin.com/checkpoint/lg/login-submit
|
||
|
https://www.linkedin.com/checkpoint/lg/login-submit
|
||
|
https://www.linkedin.com/signup/cold-join?csrfToken=4058842e-0019-4aa7-80d4-bbc037227ede
|
||
|
https://www.linkedin.com/signup/cold-join?csrfToken=4058842e-0019-4aa7-80d4-bbc037227ede
|
||
|
https://www.linkedin.com/signup/cold-join?csrfToken=4058842e-0019-4aa7-80d4-bbc037227ede
|
||
|
https://www.linkedin.com/signup/cold-join?csrfToken=4058842e-0019-4aa7-80d4-bbc037227ede
|
||
|
https://www.linkedin.com/signup/cold-join?csrfToken=4058842e-0019-4aa7-80d4-bbc037227ede
|
||
|
https://www.linkedin.com/signup/cold-join?csrfToken=4058842e-0019-4aa7-80d4-bbc037227ede
|
||
|
https://www.linkedin.com/signup/cold-join?csrfToken=4058842e-0019-4aa7-80d4-bbc037227ede
|
||
|
https://www.linkedin.com/signup/cold-join?csrfToken=4058842e-0019-4aa7-80d4-bbc037227ede
|
||
|
https://www.linkedin.com/signup/cold-join?csrfToken=4058842e-0019-4aa7-80d4-bbc037227ede
|
||
|
https://www.linkedin.com/signup/cold-join?csrfToken=4058842e-0019-4aa7-80d4-bbc037227ede
|
||
|
https://www.linkedin.com/signup/cold-join?csrfToken=4058842e-0019-4aa7-80d4-bbc037227ede
|
||
|
https://www.linkedin.com/signup/cold-join?csrfToken=4058842e-0019-4aa7-80d4-bbc037227ede
|
||
|
https://www.linkedin.com/signup/cold-join?csrfToken=4058842e-0019-4aa7-80d4-bbc037227ede
|
||
|
https://www.linkedin.com/signup/cold-join?csrfToken=4058842e-0019-4aa7-80d4-bbc037227ede
|
||
|
https://www.linkedin.com/signup/cold-join?csrfToken=4058842e-0019-4aa7-80d4-bbc037227ede
|
||
|
https://www.linkedin.com/signup/cold-join?csrfToken=4058842e-0019-4aa7-80d4-bbc037227ede
|
There are 22 hidden doms, click here to show them.