Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0 |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertEVCodeSigningCA-SHA2.crt0 |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt0 |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0 |
Source: AcroRd32.exe, 00000001.00000002.385693605.000000000CFE0000.00000004.00000001.sdmp | String found in binary or memory: http://cipa.jp/exif/1.0/ |
Source: AcroRd32.exe, 00000001.00000002.385693605.000000000CFE0000.00000004.00000001.sdmp | String found in binary or memory: http://cipa.jp/exif/1.0/(15) |
Source: AcroRd32.exe, 00000001.00000002.385693605.000000000CFE0000.00000004.00000001.sdmp | String found in binary or memory: http://cipa.jp/exif/1.0/.3/ |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl0 |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://crl3.digicert.com/EVCodeSigningSHA2-g1.crl07 |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02 |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0: |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0 |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://crl4.digicert.com/EVCodeSigningSHA2-g1.crl0K |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0 |
Source: AcroRd32.exe, 00000001.00000002.382550019.000000000B962000.00000004.00000001.sdmp | String found in binary or memory: http://fontfabrik.comYou |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/ |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://iptc.org/std/Iptc4xmpExt/2008-02-29/ |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://iptc.org/std/Iptc4xmpExt/2008-02-29/EG |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://ns.useplus.org/ldf/xmp/1.0/ |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://ns.useplus.org/ldf/xmp/1.0/00-C66 |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://ocsp.digicert.com0C |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://ocsp.digicert.com0H |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://ocsp.digicert.com0I |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://ocsp.digicert.com0O |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/extension/ |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/field# |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/field#CLSID |
Source: AcroRd32.exe, 00000001.00000002.385693605.000000000CFE0000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/id/ |
Source: AcroRd32.exe, 00000001.00000002.385693605.000000000CFE0000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/id/I |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/property# |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/property#a |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/schema# |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/type# |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/type#332-100 |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/type#j |
Source: AcroRd32.exe, 00000001.00000002.385693605.000000000CFE0000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfe/ns/id/ |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://www.digicert.com/ssl-cps-repository.htm0 |
Source: AcroRd32.exe, 00000001.00000002.382550019.000000000B962000.00000004.00000001.sdmp | String found in binary or memory: http://www.miost.com/pographyonts/default.aspx |
Source: AcroRd32.exe, 00000001.00000002.385693605.000000000CFE0000.00000004.00000001.sdmp | String found in binary or memory: http://www.npes.org/pdfx/ns/id/ |
Source: AcroRd32.exe, 00000001.00000002.385693605.000000000CFE0000.00000004.00000001.sdmp | String found in binary or memory: http://www.npes.org/pdfx/ns/id/e |
Source: AcroRd32.exe, 00000001.00000002.371360278.0000000008000000.00000002.00000001.sdmp | String found in binary or memory: http://www.osmf.org/default/1.0%http://www.osmf.org/mediatype/default |
Source: AcroRd32.exe, 00000001.00000002.371360278.0000000008000000.00000002.00000001.sdmp | String found in binary or memory: http://www.osmf.org/drm/default |
Source: AcroRd32.exe, 00000001.00000002.371360278.0000000008000000.00000002.00000001.sdmp | String found in binary or memory: http://www.osmf.org/elementId%http://www.osmf.org/temporal/embedded$http://www.osmf.org/temporal/dyn |
Source: AcroRd32.exe, 00000001.00000002.371360278.0000000008000000.00000002.00000001.sdmp | String found in binary or memory: http://www.osmf.org/layout/anchor |
Source: AcroRd32.exe, 00000001.00000002.371360278.0000000008000000.00000002.00000001.sdmp | String found in binary or memory: http://www.osmf.org/layout/padding%http://www.osmf.org/layout/attributes |
Source: AcroRd32.exe, 00000001.00000002.371360278.0000000008000000.00000002.00000001.sdmp | String found in binary or memory: http://www.osmf.org/region/target#http://www.osmf.org/layout/renderer#http://www.osmf.org/layout/abs |
Source: AcroRd32.exe, 00000001.00000002.371360278.0000000008000000.00000002.00000001.sdmp | String found in binary or memory: http://www.osmf.org/subclip/1.0 |
Source: AcroRd32.exe, 00000001.00000002.385328984.000000000BC5D000.00000004.00000001.sdmp | String found in binary or memory: http://www.quicktime.com.Acrobat |
Source: AcroRd32.exe, 00000001.00000002.388286509.000000000D24E000.00000004.00000001.sdmp | String found in binary or memory: https://.OKCancelEdit |
Source: AcroRd32.exe, 00000001.00000002.382878528.000000000BAD7000.00000004.00000001.sdmp | String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/ |
Source: AcroRd32.exe, 00000001.00000002.382409726.000000000B938000.00000004.00000001.sdmp | String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/ |
Source: AcroRd32.exe, 00000001.00000002.382409726.000000000B938000.00000004.00000001.sdmp | String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/f |
Source: AcroRd32.exe, 00000001.00000002.382409726.000000000B938000.00000004.00000001.sdmp | String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/l |
Source: AcroRd32.exe, 00000001.00000002.382878528.000000000BAD7000.00000004.00000001.sdmp | String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Ze |
Source: AcroRd32.exe, 00000001.00000002.382878528.000000000BAD7000.00000004.00000001.sdmp | String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/es |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://accounts.google.com |
Source: AcroRd32.exe, 00000001.00000002.388286509.000000000D24E000.00000004.00000001.sdmp | String found in binary or memory: https://api.echosign.com |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://apis.google.com |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://clients2.google.com |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://clients2.googleusercontent.com |
Source: ba6be382-ac6f-4a96-b167-1d78d8d5f8c2.tmp.23.dr, c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://dns.google |
Source: 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://fonts.googleapis.com |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://fonts.gstatic.com |
Source: AcroRd32.exe, 00000001.00000002.374028036.00000000097E0000.00000004.00000001.sdmp | String found in binary or memory: https://ims-na1.adobelogin.com |
Source: AcroRd32.exe, 00000001.00000002.374028036.00000000097E0000.00000004.00000001.sdmp | String found in binary or memory: https://ims-na1.adobelogin.comU |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://ogs.google.com |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://play.google.com |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr | String found in binary or memory: https://r4---sn-4g5e6nlk.gvt1.com |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr | String found in binary or memory: https://redirector.gvt1.com |
Source: Current Session.21.dr | String found in binary or memory: https://shbfinanceonline.com/shbfinanceonline/redirect.html |
Source: Minerva Bunkering (covid-19 stimulus funds).pdf | String found in binary or memory: https://shbfinanceonline.com/shbfinanceonline/redirect.html) |
Source: AcroRd32.exe, 00000001.00000002.388286509.000000000D24E000.00000004.00000001.sdmp | String found in binary or memory: https://shbfinanceonline.com/shbfinanceonline/redirect.html= |
Source: AcroRd32.exe, 00000001.00000002.388286509.000000000D24E000.00000004.00000001.sdmp | String found in binary or memory: https://shbfinanceonline.com/shbfinanceonline/redirect.html? |
Source: AcroRd32.exe, 00000001.00000002.388286509.000000000D24E000.00000004.00000001.sdmp | String found in binary or memory: https://shbfinanceonline.com/shbfinanceonline/redirect.htmlM |
Source: AcroRd32.exe, 00000001.00000002.385693605.000000000CFE0000.00000004.00000001.sdmp | String found in binary or memory: https://shbfinanceonline.com:2s) |
Source: AcroRd32.exe, 00000001.00000002.388172684.000000000D201000.00000004.00000001.sdmp | String found in binary or memory: https://shbfinanceonline.comE |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://ssl.gstatic.com |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: https://www.digicert.com/CPS0 |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://www.google.com |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://www.googleapis.com |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://www.gstatic.com |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0 |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertEVCodeSigningCA-SHA2.crt0 |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt0 |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0 |
Source: AcroRd32.exe, 00000001.00000002.385693605.000000000CFE0000.00000004.00000001.sdmp | String found in binary or memory: http://cipa.jp/exif/1.0/ |
Source: AcroRd32.exe, 00000001.00000002.385693605.000000000CFE0000.00000004.00000001.sdmp | String found in binary or memory: http://cipa.jp/exif/1.0/(15) |
Source: AcroRd32.exe, 00000001.00000002.385693605.000000000CFE0000.00000004.00000001.sdmp | String found in binary or memory: http://cipa.jp/exif/1.0/.3/ |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl0 |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://crl3.digicert.com/EVCodeSigningSHA2-g1.crl07 |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02 |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0: |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0 |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://crl4.digicert.com/EVCodeSigningSHA2-g1.crl0K |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0 |
Source: AcroRd32.exe, 00000001.00000002.382550019.000000000B962000.00000004.00000001.sdmp | String found in binary or memory: http://fontfabrik.comYou |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/ |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://iptc.org/std/Iptc4xmpExt/2008-02-29/ |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://iptc.org/std/Iptc4xmpExt/2008-02-29/EG |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://ns.useplus.org/ldf/xmp/1.0/ |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://ns.useplus.org/ldf/xmp/1.0/00-C66 |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://ocsp.digicert.com0C |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://ocsp.digicert.com0H |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://ocsp.digicert.com0I |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://ocsp.digicert.com0O |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/extension/ |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/field# |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/field#CLSID |
Source: AcroRd32.exe, 00000001.00000002.385693605.000000000CFE0000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/id/ |
Source: AcroRd32.exe, 00000001.00000002.385693605.000000000CFE0000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/id/I |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/property# |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/property#a |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/schema# |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/type# |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/type#332-100 |
Source: AcroRd32.exe, 00000001.00000002.386718649.000000000D0D5000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfa/ns/type#j |
Source: AcroRd32.exe, 00000001.00000002.385693605.000000000CFE0000.00000004.00000001.sdmp | String found in binary or memory: http://www.aiim.org/pdfe/ns/id/ |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: http://www.digicert.com/ssl-cps-repository.htm0 |
Source: AcroRd32.exe, 00000001.00000002.382550019.000000000B962000.00000004.00000001.sdmp | String found in binary or memory: http://www.miost.com/pographyonts/default.aspx |
Source: AcroRd32.exe, 00000001.00000002.385693605.000000000CFE0000.00000004.00000001.sdmp | String found in binary or memory: http://www.npes.org/pdfx/ns/id/ |
Source: AcroRd32.exe, 00000001.00000002.385693605.000000000CFE0000.00000004.00000001.sdmp | String found in binary or memory: http://www.npes.org/pdfx/ns/id/e |
Source: AcroRd32.exe, 00000001.00000002.371360278.0000000008000000.00000002.00000001.sdmp | String found in binary or memory: http://www.osmf.org/default/1.0%http://www.osmf.org/mediatype/default |
Source: AcroRd32.exe, 00000001.00000002.371360278.0000000008000000.00000002.00000001.sdmp | String found in binary or memory: http://www.osmf.org/drm/default |
Source: AcroRd32.exe, 00000001.00000002.371360278.0000000008000000.00000002.00000001.sdmp | String found in binary or memory: http://www.osmf.org/elementId%http://www.osmf.org/temporal/embedded$http://www.osmf.org/temporal/dyn |
Source: AcroRd32.exe, 00000001.00000002.371360278.0000000008000000.00000002.00000001.sdmp | String found in binary or memory: http://www.osmf.org/layout/anchor |
Source: AcroRd32.exe, 00000001.00000002.371360278.0000000008000000.00000002.00000001.sdmp | String found in binary or memory: http://www.osmf.org/layout/padding%http://www.osmf.org/layout/attributes |
Source: AcroRd32.exe, 00000001.00000002.371360278.0000000008000000.00000002.00000001.sdmp | String found in binary or memory: http://www.osmf.org/region/target#http://www.osmf.org/layout/renderer#http://www.osmf.org/layout/abs |
Source: AcroRd32.exe, 00000001.00000002.371360278.0000000008000000.00000002.00000001.sdmp | String found in binary or memory: http://www.osmf.org/subclip/1.0 |
Source: AcroRd32.exe, 00000001.00000002.385328984.000000000BC5D000.00000004.00000001.sdmp | String found in binary or memory: http://www.quicktime.com.Acrobat |
Source: AcroRd32.exe, 00000001.00000002.388286509.000000000D24E000.00000004.00000001.sdmp | String found in binary or memory: https://.OKCancelEdit |
Source: AcroRd32.exe, 00000001.00000002.382878528.000000000BAD7000.00000004.00000001.sdmp | String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/ |
Source: AcroRd32.exe, 00000001.00000002.382409726.000000000B938000.00000004.00000001.sdmp | String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/ |
Source: AcroRd32.exe, 00000001.00000002.382409726.000000000B938000.00000004.00000001.sdmp | String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/f |
Source: AcroRd32.exe, 00000001.00000002.382409726.000000000B938000.00000004.00000001.sdmp | String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/l |
Source: AcroRd32.exe, 00000001.00000002.382878528.000000000BAD7000.00000004.00000001.sdmp | String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Ze |
Source: AcroRd32.exe, 00000001.00000002.382878528.000000000BAD7000.00000004.00000001.sdmp | String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/es |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://accounts.google.com |
Source: AcroRd32.exe, 00000001.00000002.388286509.000000000D24E000.00000004.00000001.sdmp | String found in binary or memory: https://api.echosign.com |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://apis.google.com |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://clients2.google.com |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://clients2.googleusercontent.com |
Source: ba6be382-ac6f-4a96-b167-1d78d8d5f8c2.tmp.23.dr, c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://dns.google |
Source: 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://fonts.googleapis.com |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://fonts.gstatic.com |
Source: AcroRd32.exe, 00000001.00000002.374028036.00000000097E0000.00000004.00000001.sdmp | String found in binary or memory: https://ims-na1.adobelogin.com |
Source: AcroRd32.exe, 00000001.00000002.374028036.00000000097E0000.00000004.00000001.sdmp | String found in binary or memory: https://ims-na1.adobelogin.comU |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://ogs.google.com |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://play.google.com |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr | String found in binary or memory: https://r4---sn-4g5e6nlk.gvt1.com |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr | String found in binary or memory: https://redirector.gvt1.com |
Source: Current Session.21.dr | String found in binary or memory: https://shbfinanceonline.com/shbfinanceonline/redirect.html |
Source: Minerva Bunkering (covid-19 stimulus funds).pdf | String found in binary or memory: https://shbfinanceonline.com/shbfinanceonline/redirect.html) |
Source: AcroRd32.exe, 00000001.00000002.388286509.000000000D24E000.00000004.00000001.sdmp | String found in binary or memory: https://shbfinanceonline.com/shbfinanceonline/redirect.html= |
Source: AcroRd32.exe, 00000001.00000002.388286509.000000000D24E000.00000004.00000001.sdmp | String found in binary or memory: https://shbfinanceonline.com/shbfinanceonline/redirect.html? |
Source: AcroRd32.exe, 00000001.00000002.388286509.000000000D24E000.00000004.00000001.sdmp | String found in binary or memory: https://shbfinanceonline.com/shbfinanceonline/redirect.htmlM |
Source: AcroRd32.exe, 00000001.00000002.385693605.000000000CFE0000.00000004.00000001.sdmp | String found in binary or memory: https://shbfinanceonline.com:2s) |
Source: AcroRd32.exe, 00000001.00000002.388172684.000000000D201000.00000004.00000001.sdmp | String found in binary or memory: https://shbfinanceonline.comE |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://ssl.gstatic.com |
Source: AcroRd32.exe, 00000001.00000002.373689335.0000000008EBD000.00000002.00000001.sdmp | String found in binary or memory: https://www.digicert.com/CPS0 |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://www.google.com |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://www.googleapis.com |
Source: c15ae90d-79de-439a-bd2d-a7041380172c.tmp.23.dr, 81dbe153-204c-48f1-b25a-aae4010a7967.tmp.23.dr | String found in binary or memory: https://www.gstatic.com |
Source: unknown | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' 'C:\Users\user\Desktop\Minerva Bunkering (covid-19 stimulus funds).pdf' |
Source: unknown | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\Desktop\Minerva Bunkering (covid-19 stimulus funds).pdf' |
Source: unknown | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043 |
Source: unknown | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=15373597887766909572 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15373597887766909572 --renderer-client-id=2 --mojo-platform-channel-handle=1744 --allow-no-sandbox-job /prefetch:1 |
Source: unknown | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=14791092664178826494 --mojo-platform-channel-handle=1756 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2 |
Source: unknown | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=8492071965490764970 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8492071965490764970 --renderer-client-id=4 --mojo-platform-channel-handle=1856 --allow-no-sandbox-job /prefetch:1 |
Source: unknown | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=14373895592216979608 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14373895592216979608 --renderer-client-id=5 --mojo-platform-channel-handle=1868 --allow-no-sandbox-job /prefetch:1 |
Source: unknown | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=9425941586031478083 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9425941586031478083 --renderer-client-id=6 --mojo-platform-channel-handle=1860 --allow-no-sandbox-job /prefetch:1 |
Source: unknown | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' -- 'https://shbfinanceonline.com/shbfinanceonline/redirect.html' |
Source: unknown | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1532,4823254970071819640,4137079253599972124,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1724 /prefetch:8 |
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\Desktop\Minerva Bunkering (covid-19 stimulus funds).pdf' |
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043 |
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' -- 'https://shbfinanceonline.com/shbfinanceonline/redirect.html' |
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=15373597887766909572 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15373597887766909572 --renderer-client-id=2 --mojo-platform-channel-handle=1744 --allow-no-sandbox-job /prefetch:1 |
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=14791092664178826494 --mojo-platform-channel-handle=1756 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2 |
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=8492071965490764970 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8492071965490764970 --renderer-client-id=4 --mojo-platform-channel-handle=1856 --allow-no-sandbox-job /prefetch:1 |
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=14373895592216979608 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14373895592216979608 --renderer-client-id=5 --mojo-platform-channel-handle=1868 --allow-no-sandbox-job /prefetch:1 |
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=9425941586031478083 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9425941586031478083 --renderer-client-id=6 --mojo-platform-channel-handle=1860 --allow-no-sandbox-job /prefetch:1 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1532,4823254970071819640,4137079253599972124,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1724 /prefetch:8 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: unknown | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' 'C:\Users\user\Desktop\Minerva Bunkering (covid-19 stimulus funds).pdf' |
Source: unknown | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\Desktop\Minerva Bunkering (covid-19 stimulus funds).pdf' |
Source: unknown | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043 |
Source: unknown | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=15373597887766909572 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15373597887766909572 --renderer-client-id=2 --mojo-platform-channel-handle=1744 --allow-no-sandbox-job /prefetch:1 |
Source: unknown | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=14791092664178826494 --mojo-platform-channel-handle=1756 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2 |
Source: unknown | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=8492071965490764970 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8492071965490764970 --renderer-client-id=4 --mojo-platform-channel-handle=1856 --allow-no-sandbox-job /prefetch:1 |
Source: unknown | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=14373895592216979608 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14373895592216979608 --renderer-client-id=5 --mojo-platform-channel-handle=1868 --allow-no-sandbox-job /prefetch:1 |
Source: unknown | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=9425941586031478083 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9425941586031478083 --renderer-client-id=6 --mojo-platform-channel-handle=1860 --allow-no-sandbox-job /prefetch:1 |
Source: unknown | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' -- 'https://shbfinanceonline.com/shbfinanceonline/redirect.html' |
Source: unknown | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1532,4823254970071819640,4137079253599972124,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1724 /prefetch:8 |
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\Desktop\Minerva Bunkering (covid-19 stimulus funds).pdf' |
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043 |
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' -- 'https://shbfinanceonline.com/shbfinanceonline/redirect.html' |
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=15373597887766909572 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15373597887766909572 --renderer-client-id=2 --mojo-platform-channel-handle=1744 --allow-no-sandbox-job /prefetch:1 |
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=14791092664178826494 --mojo-platform-channel-handle=1756 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2 |
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=8492071965490764970 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8492071965490764970 --renderer-client-id=4 --mojo-platform-channel-handle=1856 --allow-no-sandbox-job /prefetch:1 |
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=14373895592216979608 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14373895592216979608 --renderer-client-id=5 --mojo-platform-channel-handle=1868 --allow-no-sandbox-job /prefetch:1 |
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1736,10687347341214644166,14685399907552453397,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=9425941586031478083 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9425941586031478083 --renderer-client-id=6 --mojo-platform-channel-handle=1860 --allow-no-sandbox-job /prefetch:1 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1532,4823254970071819640,4137079253599972124,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1724 /prefetch:8 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |