Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Tom Kean 126480286683.pdf

Overview

General Information

Sample Name:Tom Kean 126480286683.pdf
Analysis ID:651267
MD5:f2f7213592ac930a2b9f8a895a073391
SHA1:0d4e6787f45143709dcd1704f8725d8eceda3edb
SHA256:69552f19ead61ad5e7587aa1f56ed0e70140f2348e95c778b47da84b84ea4c79
Infos:

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

No high impact signatures.

Classification

Process Tree

  • System is w10x64
  • AcroRd32.exe (PID: 6084 cmdline: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\user\Desktop\Tom Kean 126480286683.pdf MD5: B969CF0C7B2C443A99034881E8C8740A)
    • RdrCEF.exe (PID: 2108 cmdline: "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043 MD5: 9AEBA3BACD721484391D15478A4080C7)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeFile created: C:\Users\user\AppData\Local\Temp\acrord32_sbx\A9R1kaj47h_oe132z_118.tmpJump to behavior
Source: classification engineClassification label: clean0.winPDF@8/54@0/1
Source: unknownProcess created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\user\Desktop\Tom Kean 126480286683.pdf
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeProcess created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeProcess created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeFile created: C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIconsJump to behavior
Source: Tom Kean 126480286683.pdfJoe Sandbox Cloud Basic: Detection: clean Score: 2Perma Link
Source: Tom Kean 126480286683.pdfInitial sample: PDF keyword /JS count = 0
Source: Tom Kean 126480286683.pdfInitial sample: PDF keyword /JavaScript count = 0
Source: Tom Kean 126480286683.pdfInitial sample: PDF keyword /EmbeddedFile count = 0
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network MediumData ObfuscationEavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothJunk DataExploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 651267 Sample: Tom Kean 126480286683.pdf Startdate: 23/06/2022 Architecture: WINDOWS Score: 0 5 AcroRd32.exe 15 42 2->5         started        process3 7 RdrCEF.exe 68 5->7         started        dnsIp4 10 192.168.2.1 unknown unknown 7->10

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

No contacted domains info

World Map of Contacted IPs

  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Public IPs

IPDomainCountryFlagASNASN NameMalicious

Private

IP
192.168.2.1

General Information

Joe Sandbox Version:35.0.0 Citrine
Analysis ID:651267
Start date and time: 23/06/202218:18:242022-06-23 18:18:24 +02:00
Joe Sandbox Product:CloudBasic
Overall analysis duration:0h 4m 30s
Hypervisor based Inspection enabled:false
Report type:full
Sample file name:Tom Kean 126480286683.pdf
Cookbook file name:defaultwindowspdfcookbook.jbs
Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:26
Number of new started drivers analysed:0
Number of existing processes analysed:0
Number of existing drivers analysed:0
Number of injected processes analysed:0
Technologies:
  • HCA enabled
  • EGA enabled
  • HDC enabled
  • AMSI enabled
Analysis Mode:default
Analysis stop reason:Timeout
Detection:CLEAN
Classification:clean0.winPDF@8/54@0/1
EGA Information:Failed
HDC Information:Failed
HCA Information:
  • Successful, ratio: 100%
  • Number of executed functions: 0
  • Number of non-executed functions: 0
Cookbook Comments:
  • Found application associated with file extension: .pdf
  • Adjust boot time
  • Enable AMSI
  • Found PDF document
  • Find and activate links
  • Close Viewer

Warnings

  • Exclude process from analysis (whitelisted): MpCmdRun.exe, BackgroundTransferHost.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, svchost.exe, wuapihost.exe
  • Excluded IPs from analysis (whitelisted): 23.211.4.250, 80.67.82.97, 80.67.82.80
  • Excluded domains from analysis (whitelisted): www.bing.com, fs.microsoft.com, e4578.dscb.akamaiedge.net, acroipm2.adobe.com.edgesuite.net, arc.msn.com, acroipm2.adobe.com, ris.api.iris.microsoft.com, ssl.adobe.com.edgekey.net, armmf.adobe.com, store-images.s-microsoft.com, login.live.com, a122.dscd.akamai.net, sls.update.microsoft.com, displaycatalog.mp.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net
  • Not all processes where analyzed, report is missing behavior information
  • Report size getting too big, too many NtSetInformationFile calls found.

Simulations

Behavior and APIs

TimeTypeDescription
18:19:31API Interceptor1x Sleep call for process: RdrCEF.exe modified

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASNs

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\05349744be1ad4ad_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):205
Entropy (8bit):5.627582547184986
Encrypted:false
SSDEEP:3:m+lvns8RzYOCGLvHkWBGKuKjXKLNjKLuV3kmUktrlll/iTFJrqzOJkvP5m1:men9YOFLvEWdM9QwBtxlBi7Z+P41
MD5:0B8B504EDE15255F5E2C65AC4C25700A
SHA1:A91EA173042EA185CA14AE3A93A5AA390547A915
SHA-256:01D0FBA36EB69F13E58EAB7FFC4E5276978D180775C6B9FD6F56887E56C0EA1F
SHA-512:4F9E20E3F7D928EA06E4A13E863F50150DAFC1A0339394BEF4EE264E93268E78188495F31A2097C15AA414B28CA098605BF84BAF89CB7AD047C5B617E1D0B509
Malicious:false
Reputation:low
Preview:0\r..m......M..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/plugin.js ...*..@/....."#.Di...$..A.A..Eo......#?.}............d.{v.^.G...d.W.:...P..k%..A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0786087c3c360803_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):174
Entropy (8bit):5.524719491336794
Encrypted:false
SSDEEP:3:m+lF9NX6v8RzYOCGLvHktWVW6Tlq7SRUktKflE98fZe/O+/rkwGhkg4m1:mi9NqEYOFLvEkjTlltx8Be7Ywcr1
MD5:5AACFA468D470546059269D1C2CEC2BF
SHA1:854F8DEFBDF8663278AE7A1DB1C42AE13DF95F61
SHA-256:B9868082266624788EB612B52A54EB5892D7D130F600A9101855CBE1A94B37AC
SHA-512:59E7BB432FB5B5EF3E52ED2A0997598B6B6CDD9E916CA177F61C9F9F47555A18C284062458DED6206C8E0F16734A304200B6EA1D3564784D0907AFD93DA670A7
Malicious:false
Reputation:low
Preview:0\r..m............,....._keyhttps://rna-resource.acrobat.com/init.js .s[...@/....."#.D..A.$..A.A..Eo.......Q...........1.x.'.vI..*|Z..o...+.4....0..A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0998db3a32ab3f41_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):246
Entropy (8bit):5.556891623820401
Encrypted:false
SSDEEP:6:mMyEYOFLvEWdVFLBKFjVFLBKFlQhu5Qtmmt/RlUoSjGY1:DyeRVFAFjVFAFaZtZlUo6
MD5:4F5602F77A087088049116AF229D4AB2
SHA1:77B45DAF8009B37B4B01FF04F92E83202843E475
SHA-256:6BA29BA05840C3E51205BA9187FCC12BFE54078EEAE6B081B7B6E082EC26ABB1
SHA-512:A1711D2BBB9807F124E798F0E30CEC026DE786B5423EBB19DB01B9126B2831D2A887F864E5A9D0B7E18D488D3ED3930CCDB4A88E96C11EC5CFD18C99EDB85FA7
Malicious:false
Reputation:low
Preview:0\r..m......v...n......._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/selector.js .Ky(..@/....."#.D5y..$..A.A..Eo.......xL...........hvDO.N.t@.....n.*...... ....A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0ace9ee3d914a5c0_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):232
Entropy (8bit):5.631637152523488
Encrypted:false
SSDEEP:6:mNtVYOFLvEWdFCi5RsrU9PQatCzuiWulHyA1:IbRkiDKUVQaszjWus
MD5:F3CC391DEAB576783B93D41C01EE8DD8
SHA1:C195CE32376AB323EFC101E6AE5C3241E0D9858E
SHA-256:4295F0D3250D45FAD9CB8C05CB63A6E217C4D37FA6A0124B2D436CD1C4A52626
SHA-512:131E1376D329D09248CC7F6CAE8C7F5E6156F57A752A1F990A31C8101937E529B6473A0C72B8F794ABCCD4B8E3AD332DFBFD10934B0055CA07110941D19CE38E
Malicious:false
Reputation:low
Preview:0\r..m......h.....'....._keyhttps://rna-resource.acrobat.com/static/js/plugins/aicuc/js/plugins/rhp/exportpdf-rna-tool-view.js ..7...@/....."#.DS].$..A.A..Eo......S0j...........8 P..a...R..Y....7.@..2Dm{..A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0f25049d69125b1e_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):210
Entropy (8bit):5.57241656445542
Encrypted:false
SSDEEP:6:m+yiXYOFLvEWd7VIGXVuYM3DQtw/OVyh9PT41:pyixRue4DQGOV41T
MD5:B3AD78E606412F1A56CEC192B0D69858
SHA1:0749FC09E613B7C0CFE0053EB15AB77415A600A3
SHA-256:E230D2A4417A200418C02F04AA357DFD7C47A7B72FDE4B3741A12938B621BFF2
SHA-512:F49F999DC31F0E02BFA0CCCAB3072F1A5DA7B49A60ED777352F5518A05564236F93AB6E09FA3625A0E38B94FDC8439020141CF9FF356FDC4EC7A0C702BE800B6
Malicious:false
Reputation:low
Preview:0\r..m......R...kP]g...._keyhttps://rna-resource.acrobat.com/static/js/plugins/app-center/js/selector.js .n+)..@/....."#.D6.$..A.A..Eo.......u.z........k.Q.....-_..y.....O...>..1....A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\230e5fe3e6f82b2c_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):216
Entropy (8bit):5.605968173442424
Encrypted:false
SSDEEP:3:m+lifll08RzYOCGLvHkWBGKuKjXKoyNjXKLuVNKltEI90WktWfGf5lYo2sZI8xe9:mvYOFLvEWdhwjQy1LjtP3ZIl6P41
MD5:A3695B53F30A5655129F93ADEB0C9A7D
SHA1:CCD144E8347C9DFDDBFDB8EB4D61D91C4E74E9CA
SHA-256:CB53D6EA63326EE489AF8DA47D2C82EC7A954682065251F78F4097CB81FD08CA
SHA-512:772F15BC8F5D68586CC325F931D4F9B6F74A653DA283F36D88BDEA8D87583B39DF8FAFD306E53FEF46D4CBD349958EDE5A11335A19E5F7921AA4E29080AFE30C
Malicious:false
Reputation:low
Preview:0\r..m......X.....V....._keyhttps://rna-resource.acrobat.com/static/js/plugins/sign-services-auth/js/plugin.js ..G%..@/....."#.D^.y.$..A.A..Eo......+.c.........].>....uUf..N...k......c..l.A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2798067b152b83c7_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):209
Entropy (8bit):5.506977136681856
Encrypted:false
SSDEEP:3:m+lZd8RzYOCGLvHkWBGKuKjXKX7KoQRA/KVdKLuVuqTfk9WktUlcyxMtv9EWm1:mJYOFLvEWdGQRQOdQ5y0jtUlD6g1
MD5:AA0F66D6194CB49F61A8EC0C39DA70BD
SHA1:507B0B485C1F02B6CFBC4C71F12C1346AAF04BDA
SHA-256:1076F1D797C0E07FAAF2A1B5F26E6CEB1150A32C327B05FE304E8CC11AF2CB07
SHA-512:41616AA94CBEC0CB15D3A5E65153300AD2775F7630F3238E4B4D5A8695EFF70AF8F57A6F08DB7640B743807DBE3EB602FE237F2D6C9577529EAB71CEE325FC08
Malicious:false
Reputation:low
Preview:0\r..m......Q..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-computer/js/plugin.js ..@*..@/....."#.D...$..A.A..Eo........I%..........c..y/L....|y.n..C/I.....X7-ne.A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2a426f11fd8ebe18_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):179
Entropy (8bit):5.538924689210195
Encrypted:false
SSDEEP:3:m+lLp08RzYOCGLvHkfaMMuVMNlq9BUktC3VQMWqg4nRb7om5m1:mOYOFLvECMLeK9tC+uR/41
MD5:4A26AE3CD056DA926ACB346D47F700AA
SHA1:D0125682A0D3E783BBB7759F739CB876C87A7A66
SHA-256:B3743475887E503C15957784BD8597563FDC241CE685CF1C129D7E626B41CD46
SHA-512:1A0FFC97664C15109CEA130F021FEFE47593498C38BD75E381C6D3EB5CF0073E9CE4B124C4BC4584F91617DF685FE04BFA7D491A46B9A47BC65E47DCD60D5E80
Malicious:false
Reputation:low
Preview:0\r..m......3....<lb...._keyhttps://rna-resource.acrobat.com/base_uris.js ..q...@/....."#.D%.B.$..A.A..Eo......=..X.........y...L<?W.Xi..A\Q3...J.}...d..~G.A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\3a4ae3940784292a_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):214
Entropy (8bit):5.513749459842036
Encrypted:false
SSDEEP:6:m4fPYOFLvEWdtujgAjPtEhby0zBUKSAA1:pR2g2Shb
MD5:CDD8AB9ABB744C50D827E3A125E8661F
SHA1:BF2FDB116681B1FC0DCC10ED0106122767A03B98
SHA-256:EE3E5F2A77550AF2F276A4E9C49495FA6428C83BDD7C9511D748AAD848096D1B
SHA-512:AA8A9D7A4EF8A2CCB80DFA2C65BA31E5CDD01F985CC91946627042F8BE3B6BEFAE3A3112AFAFD6711A842950AC5A97D364881E5BFDA4B50C57C9C54BCAE8DEDA
Malicious:false
Reputation:low
Preview:0\r..m......V..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/search-summary/js/selector.js ...*..@/....."#.D....$..A.A..Eo......."{.........Q..E.=....=h`t..t..3%A.F$..w..A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\4a0e94571d979b3c_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):177
Entropy (8bit):5.495753128469254
Encrypted:false
SSDEEP:3:m+l64HXlA8RzYOCGLvHkjXMLOWFvegltX18IBktK3llkd1dn76KohyP5m1:md4HXXYOFLvEjMSWFvegD8Pt+/kjUdyA
MD5:294E40F4C9EB9F3F8237BBC508528B44
SHA1:D4480D0E558735AEA193669DE2DE0AECF9CBE926
SHA-256:CE973FF33C730DA6E983FF42314A0D35EB9A57E17E2973971E12988C021897E8
SHA-512:E1F51AB9053C257792BC7F86596D395A625A8CE436303E8250233657811F54F2FBC7166A58F2BFEFBD87B0E734A69D3882F7CDD8624BA832A281D8F8EFB5792B
Malicious:false
Reputation:low
Preview:0\r..m......1......5...._keyhttps://rna-resource.acrobat.com/plugins.js .t]...@/....."#.D..B.$..A.A..Eo......>K...........PU ....t^.....a.k..u.7.M.BW6#}..A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\560e9c8bff5008d8_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):187
Entropy (8bit):5.519861362025497
Encrypted:false
SSDEEP:3:m+lpSUlIv8RzYOCGLvHkWBGKuK2fKVLAo/aXXktuzUPqf9tsDMaPV44m1:mkl9YOFLvEWsfOLA5X0t9PqVyM+VY1
MD5:F4B994A7BAF097170983EEE44E7174E6
SHA1:33C6F59C27277267565355432BBAF8B23396A813
SHA-256:5E01962D8D5847E3D18CA796A4860767B02C469213AC2D4AA935C8AF7B299F3C
SHA-512:D1D5ACECCD4CC1B30C613E3DC70C5C8A8AE108409DD60FF1C940862786963738CD706FDD0262351D2BB7F1E6E863F7ED76396BA9DFCC7C06FB1D6E7DFA2D81F6
Malicious:false
Reputation:low
Preview:0\r..m......;...I......._keyhttps://rna-resource.acrobat.com/static/js/desktop.js ..."..@/....."#.D..i.$..A.A..Eo........|...........q.O...j....._y..L^z...?..@N..A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\56c4cd218555ae2b_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):244
Entropy (8bit):5.5908142595833
Encrypted:false
SSDEEP:6:mt9YOFLvEWdVFLBKFjVFLBKFlyniNtotwSeKaT9pr1:URVFAFjVFAFyuytwSeKaTL
MD5:FBF538124AA651FB5E4CF8522149ACB1
SHA1:9817C0403D50E777E9049FD40348B6FA003BC473
SHA-256:E2CA3C357021553FB558A29A47CB1C0A3FF55D5B183D79D018FE18BD30555B94
SHA-512:660F96EFFA06D74297F687F78A8BC88473CE479D8A7A6A244B25C3A1590F71CCF8430AC93A0491F91DCD688645E73F96D5096BB6960FDAA2EBBDC202778D2B1C
Malicious:false
Reputation:low
Preview:0\r..m......t...R.1<...._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/plugin.js ...)..@/....."#.DB..$..A.A..Eo....... f...............H...{...2../.k`..r4.C. .A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6fb6d030c4ebbc21_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):211
Entropy (8bit):5.483305635627519
Encrypted:false
SSDEEP:3:m+lx4F08RzYOCGLvHkWBGKuKjXKGBIEGdevA/KPWFvWs+tQDLkt+zyrpYFm1:ms2VYOFLvEWdvBIEGdeXuB+CDQt+G11
MD5:222E017E0DF23D2E0F7C4262A5BA4CD8
SHA1:F77E08E8FCA5C73E12F806831989377BF349EDA1
SHA-256:E03CC8283CCA852FB5528C1BC10312C9788C6A9CA80AA04CD1766EAFDEA3CBA9
SHA-512:844B87EA3524203E0C12CF5B7CBCEA525B574621C5DC05F7E5BB95B3A76C74692D83ADA8ECD68DF0B5F07F00A09812431FE8B0B41F5CC05B599E0B8DE61CA907
Malicious:false
Reputation:low
Preview:0\r..m......S...]......._keyhttps://rna-resource.acrobat.com/static/js/plugins/add-account/js/selector.js .3.(..@/....."#.DlC..$..A.A..Eo......e.i.........A.o]@r..Q.....<w.....].n\....A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\7120c35b509b0fae_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):202
Entropy (8bit):5.627564862900365
Encrypted:false
SSDEEP:6:maVYOFLvEWdwAPCQ7K9t79xm7OhKlvA1:RbR16B9DxmJ
MD5:386377742CEE6698C02597D0D8352B39
SHA1:EBC7D62BE1380C69C3879404F85FA1A04A386071
SHA-256:CC04682E6E9DF3E5160C582079CF13DE2AD6142FE8C4084E39A03A0472CA6A1E
SHA-512:8D20DC9821AD0E6A0766C6A399A47015E97A5E9E26F149B0B9462106A2ABB7EEA334DDD8CD30FF45ECB4B898EE050050B31B4D77E0ECA67CA0163611AA043943
Malicious:false
Preview:0\r..m......J......{...._keyhttps://rna-resource.acrobat.com/static/js/plugins/home/js/plugin.js ..D%..@/....."#.DVex.$..A.A..Eo......+.."..........4T].....Tw.....(..b...EO....9.A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\71febec55d5c75cd_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):211
Entropy (8bit):5.575186308366446
Encrypted:false
SSDEEP:6:ms2gEYOFLvEWdGQRQVurq+YiQtqfddFt1:B2geRHRQWqiQ4
MD5:22642958B514D8C6DC0AC31356E45A5D
SHA1:34E287A95BB0204379F8DCF1F5A6B29C065819B7
SHA-256:39A71D3E2E2F2DAF05CC6801D76FABC3B60634B2F84F49A0B713F9E09C23E5D1
SHA-512:3C3D9AF62906731543F82F3456C0EEDD0507A15A05EC93BE920F23B637066430B49725E1D978712138D9D5D5F47E42595254E5112AFD3FDC93C64F27CDC4EDD2
Malicious:false
Preview:0\r..m......S...W.%z...._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-computer/js/selector.js .$.(..@/....."#.D....$..A.A..Eo......i...........@..{o]...9o|..qY....T....{..u.b..A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\86b8040b7132b608_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):206
Entropy (8bit):5.5681785091288365
Encrypted:false
SSDEEP:3:m+lerlyv8RzYOCGLvHkWBGKuKjXKX+IAHKLuVlE/9qD0WktQitll4EnNWQ1SUm1:mzyEYOFLvEWdrIOQKsjtjluEt1S/1
MD5:FB0BE2ABE2C3DE2B8FD6E73F14CAA280
SHA1:AC82DB1D81C31751AAE206D7EB063F455CE939F7
SHA-256:C640C51EFF54FCB72CDF47F7C5D9420D322CB775FEAF74D758987969649AA353
SHA-512:8AD721DDDA45885464511337F51D5C7685F8CC95105E2249C9B9A715B7A2E4B64AEF8B4AC25573CD5F75C081FA9DF2636214C25143A45D14C7AA04FF90DB6793
Malicious:false
Preview:0\r..m......N..../......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/plugin.js .8G#..@/....."#.D.bo.$..A.A..Eo......_.3..........t\a......x5.'OuE.C..@......x..A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c159cc5880890bc_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):218
Entropy (8bit):5.544963313983019
Encrypted:false
SSDEEP:6:mnYOFLvEWdhwyuqB5p+9tdKlwrqwK+41:wRhDs9LKqGwK+
MD5:66FB73229C00D5B92AC0B420AC8CA53F
SHA1:F1FFA0C52CAC0678A5104096AE0FF38AA8730222
SHA-256:25906A501C95FE0E7664C3E3509EAFB335CCE9ACC579B61E5B491808E5EABBDD
SHA-512:9110D644AD26AEB0F0B708CBACF0256EF6A868BEE4F6FEED24BA8F85481A14E61657DA6989F8D8CBA21E216C5BAA5EEF02BC65759299C9F5BD6F333D24637532
Malicious:false
Preview:0\r..m......Z.........._keyhttps://rna-resource.acrobat.com/static/js/plugins/sign-services-auth/js/selector.js ...$..@/....."#.D{-x.$..A.A..Eo........"................7...o..a=.98I......(3.$G.A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c84d92a9dbce3e0_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):230
Entropy (8bit):5.532200755727761
Encrypted:false
SSDEEP:6:mYXYOFLvEWdrROk/RJbuxROT+qjtyilYfO441:/RrROk/sS+SZ2fL
MD5:FBD864D279FC35AA815F846BAB6F8A31
SHA1:4CD18BD81A3F03A1AC33ADBA1D01FAD0CF880213
SHA-256:8065661177519F81E696D797AB022A32055673BECDF19EF3C2258A6C17A9BC57
SHA-512:37021E9A91681A5F9791F81584F5B90324250BF64269558C595C5035744AF7B3BF4A209FF9BDE0BA0148075E7B583107B12599AB52B11024E2FF1B2075F30A03
Malicious:false
Preview:0\r..m......f...F......._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/selector.js .>.#..@/....."#.D#No.$..A.A..Eo......8.o...........~..rw.+[....!.)?..f.U..(=.=.A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8e417e79df3bf0e9_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):186
Entropy (8bit):5.563783987039112
Encrypted:false
SSDEEP:3:m+lhD4ll08RzYOCGLvHkWBGKuKdTSVrall/GJCkUktGNpzoIN1OFPL4m1:mmDEYOFLvEWXIq+tKpzV1QPLr1
MD5:1980C7A800D04F48B8CE36F5257983DC
SHA1:7D676457870ED40001146B537CE424CE4EBD8D9F
SHA-256:6ACA8E2031B4FE5C64BEA66714533CB41CF178E6842F4F8121ABC6B09D0BC271
SHA-512:8C71F50038F2258C72B253BDB04E5D209FF45F66D92FB8B3B6FDA52BBE3EDBF526BF60326583068B33A5F9A00D33F012962C5ED1C58342FBE98C94F1AFECF5F5
Malicious:false
Preview:0\r..m......:....f......_keyhttps://rna-resource.acrobat.com/static/js/config.js ..."..@/....."#.D2.i.$..A.A..Eo........c...........~]...%s..<...n.f..<.....1#..U..A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\91cec06bb2836fa5_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):207
Entropy (8bit):5.622656422558137
Encrypted:false
SSDEEP:3:m+l+nq1A8RzYOCGLvHkWBGKuKjXKLNfKPWFvdewtbHktCXU8D6EsEJeUm1:m52YOFLvEWdMAuWtCXUEvsEJ41
MD5:86BB1F361AA2B18A6B4EBDD681EF8634
SHA1:6E9FC992C816BCF450D466A1640470B344953783
SHA-256:4415D2D9CBBC4E252D143C7132EC4ACDAC42EA84AB606F14DDB869B7C57F43CA
SHA-512:17033B682231EFB3F2CBC727D5EC8183F1C03B4378BACDE29EDD333AC2197424144F2A4B677A191C96DB0BE1A68A20DEA9157EAB097B5DFE0431A4325B666E9C
Malicious:false
Preview:0\r..m......O...a.Y....._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/selector.js .\&)..@/....."#.D..$..A.A..Eo.......(.;..........z._a...'.v.......4p3..1.']...A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\927a1596c37ebe5e_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):210
Entropy (8bit):5.555427057338893
Encrypted:false
SSDEEP:3:m+lf1UldA8RzYOCGLvHkWBGKuKjXK9QXAdWKfKPWFvMQltOLkto9tOFoDb7T2/My:mYilPYOFLvEWd8CAdAuS5Qto9qong1
MD5:6C604E2D2356B0C06B56B91E583890C7
SHA1:9E755D2E930ED00B812DCFE457F99E905CAD9512
SHA-256:1303C702893D610E4893F21DF182F384146DEF43C8896E1E2606D7178F16CDAD
SHA-512:7CA9497676479F1015E4E8328488D414F7A7F121FEA4D428F892CD48908C79CE611CD4205B6DEA85931BD6ADD5E0788B051EBB4A0EC71DFC93C2519884D5B055
Malicious:false
Preview:0\r..m......R....|....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/selector.js .A))..@/....."#.DP..$..A.A..Eo......X...........c}.H7M=M..-.....Ix..R.l...}Rl.$q.A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\92c56fa2a6c4d5ba_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):223
Entropy (8bit):5.532541644283036
Encrypted:false
SSDEEP:6:mY8nYOFLvEWdrROk/IuKTeahjtAN16wG1:F8hRrROk/uJo
MD5:55069B82F41E577DD0247D94611B41C2
SHA1:5B2A879ECA2C7F7E0ACF09EF02A2C79E02807E12
SHA-256:E161C6D34836625A386EB37A073E6AFA7D6B6DC1221740F2413B825C5398928B
SHA-512:5A89E36A5A56F569DC4ED9C4A029C99EDC1F48532D0F0A91062E52B55CFA26558F98887DD5D06EC71A4CEDC443D944D3A964BF15D9207C8A53B43B0B0876F9F8
Malicious:false
Preview:0\r..m......_...h......_keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/selector.js ...#..@/....."#.D.?o.$..A.A..Eo.......m...........%.k.SZ..~W.....:)'B..ad......A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\946896ee27df7947_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):213
Entropy (8bit):5.597760734867185
Encrypted:false
SSDEEP:3:m+lstxt08RzYOCGLvHkWBGKuKjXKX+IAuAJVKjXKLuVDQ/kuBBUktj/oPmJelc0A:mLrnYOFLvEWdrIoJUQOvStj/oeJIi1
MD5:4BBE0CFB1C6C40F1BA35FBCBFA9F1599
SHA1:C75C6F6957492D28AF8148883C757BD717EDC898
SHA-256:66BFD307C3E300F06EE3623C021480899D7C32125D2CA9D7E02A11836D57CA49
SHA-512:663F82F0960B3F486F97BAC45D80B636872A4AC2841A84677AC4D0B094C88ECA2F56BE40ED8B68BBDBDF35D4CB2BC2A3045E08D91B02A148196CEA2E5B672CF1
Malicious:false
Preview:0\r..m......U..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files-select/js/plugin.js ..I#..@/....."#.D..q.$..A.A..Eo......a..y.........;"./N_.,.:C..2....9L.H...3:...A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\983b7a3da8f39a46_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):208
Entropy (8bit):5.549264578109013
Encrypted:false
SSDEEP:3:m+lQ/pqv8RzYOCGLvHkWBGKuKjXKX+IALKPWFvYxp+l/EH6ktdXx6mgmOZLhT7Uy:mOEYOFLvEWdrIhuep+Svttxzgm2d/1
MD5:CE051FFEBF8325E6B5DBA7CEB9C6DFCF
SHA1:F6B7BE61B547486B7DB0A541E9C6B6D9817CE4D1
SHA-256:4D9C97E002E629D4E53397343453DF648C47DC17BACB1E135546DC66E2860CD1
SHA-512:7E96ABF296F05CD18F94135DFD00B1D69A6E68621F5985EA4BE3B8A06B932CCEA58107C6B5EEA5BFF3C9FBA1993BD070C8A0390F8F5871C5DE2302549E4FE649
Malicious:false
Preview:0\r..m......P....r......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/selector.js .=."..@/....."#.D..n.$..A.A..Eo........q.........Z.Z}Q..4.o....0+..[|..n:*..U.W.A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\aba6710fde0876af_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):188
Entropy (8bit):5.570390140234784
Encrypted:false
SSDEEP:3:m+l8UElLA8RzYOCGLvHkWBGKuKPK7CvE/aL7UktD9ll/EBiaQ562HvpMm1:mAElVYOFLvEW1KX/wtD9llpx56uvp1
MD5:99A60B0B3CED2F876632D7E46121C955
SHA1:7CE02FD99E5BD591FA2F9336B6DEF5EA318FBF71
SHA-256:FF7022B191D3ADA1A1C06B8B7033A552094B5B378732736B4D93ABBAF24F1F19
SHA-512:39BF149B6B1086452809BC369D02DA6000F9A4A777B7F0487CD0E2FC9F40CDB41F36FC882ACB7E4A056AAA0FA82095B72C8672B6889C7B9FD8DC7C1B4BCEE9AE
Malicious:false
Preview:0\r..m......<...)6......_keyhttps://rna-resource.acrobat.com/static/js/rna-main.js .C....@/....."#.D..T.$..A.A..Eo......._..........z?...SwC...^..y.....V..7R-O.....A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\b6d5deb4812ac6e9_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):214
Entropy (8bit):5.637935755998578
Encrypted:false
SSDEEP:6:mWYOFLvEWdBJvvuvKX9tobUDLYtmOZn1:xRBJsKtWwDcFZ
MD5:3A68CB779D8E0916B9FD76E277A1EF12
SHA1:AFC983EE8C853B69BE5CD8845369D79EAB6CCD7C
SHA-256:DAAFC88AB87448CA22F715C43181C6705099A8D2A43980BB2B2E5DA76EB16C30
SHA-512:8B4E9BEA784E1272BA8CDC947BA85D2A3CC124068AA15D6D00C74B5D7F40AC7233E3FE7023CFCDE56751D1C0C6785D271F6D2185015D90534AA682DB7EA2B62C
Malicious:false
Preview:0\r..m......V.....h....._keyhttps://rna-resource.acrobat.com/static/js/plugins/activity-badge/js/selector.js ...(..@/....."#.D?..$..A.A..Eo......9.e.............t.q..W.EZ....1...[.zC.7mD..A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bba29d2e6197e2f4_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):211
Entropy (8bit):5.51752476154606
Encrypted:false
SSDEEP:3:m+lxCq//6v8RzYOCGLvHkWBGKuKCH6U4LJzWHK7WFv24Ukt8TpSKGoSSl0JGe2/1:msRPYOFLvEWIa7zp7A9tu8VPu1
MD5:1BEB80BB67A49A27747B9AB8425FEB97
SHA1:912164A4FC8F1616EB21903F1D7785788AC63D4A
SHA-256:7C7960C424C030FF96DB58F3156E56A1D6B09BDE526E833C23ABA9EC85E5F605
SHA-512:2AEE6AAA01FAF8AB6421E45C3D1A7FA0BC6BF95F7DE6771BDDDB8F957AF1050078F3C3213CC8E25AE9DD811DFF34FE4F2CAE18C26C922D21DFBFE0A7828B5885
Malicious:false
Preview:0\r..m......S...{.j....._keyhttps://rna-resource.acrobat.com/static/js/libs/require/2.1.15/require.min.js .3s...@/....."#.DitB.$..A.A..Eo......U.@............L...Im.@.........E.nW...IP..A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bf0ac66ae1eb4a7f_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):208
Entropy (8bit):5.609680923990986
Encrypted:false
SSDEEP:3:m+lQi9lC8RzYOCGLvHkWBGKuKjXKVRNUpXKLuVWCAXkt8S/ln6F4XVAZ+8cV3vRy:mKPYOFLvEWdENU9QGLtd/0wiM3Y1
MD5:B48F954522B92232A550E1D3F3AC840F
SHA1:FD3AD5F5BB351901F850E7056C7AF7ACC4F0CE1B
SHA-256:01921ADEC78ADC772AB06A947E8D0C1BF77DD0A7887FD4B311DF5F62CEFD8070
SHA-512:B4D247BF94321302C4198D78B1169B43886A83052DCB8006EA189D778F816D380C6D8F5EA6F7FFE2E58D725AE74AD8CD084070FF7D8503A8DD323368EA5669F3
Malicious:false
Preview:0\r..m......P...Yft....._keyhttps://rna-resource.acrobat.com/static/js/plugins/uss-search/js/plugin.js ..F%..@/....."#.D..~.$..A.A..Eo......by;............M....m+lS..e.....<7.U.P8*.0K.A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\cf3e34002cde7e9c_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):208
Entropy (8bit):5.6197764310588205
Encrypted:false
SSDEEP:3:m+lQWt6v8RzYOCGLvHkWBGKuKjXKjcAW6KLuVGq2+9LktKLg/B4MY3jBMQ7GRzXA:mQt6EYOFLvEWdccAHQZtQgwjBRCh/41
MD5:5AA5EDC303BBAD79DB616BEA62652703
SHA1:8F2023B12C21252CB63C515931362D2147FF49EE
SHA-256:966237CD4E28647053D6FF18794F4090091C942FCC09C4F0D6182C5DD192A503
SHA-512:D71DF6C4CAFEC3521B3ED3A0A2A74AB3429025F3403E72EFF79E4A8CF016E0512F6337D4E015E4A86469736581E48F28C5CDC7BDDACAF8F5961A6F76BD848001
Malicious:false
Preview:0\r..m......P...W3......_keyhttps://rna-resource.acrobat.com/static/js/plugins/scan-files/js/plugin.js .M.)..@/....."#.D....$..A.A..Eo......zG..........PJm...0x.x..RD...BB!@5..<..]....A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d449e58cb15daaf1_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):231
Entropy (8bit):5.564877666861381
Encrypted:false
SSDEEP:6:mqs6XYOFLvEWdFCi5mhuhJdatvPkULlF4r1:bs6xRki3za17LlF4
MD5:D88530117E24C0819FE50ACB52F399D4
SHA1:A1354F4AD28513CE591F59B4D18CCEECC337759A
SHA-256:48811FF8EECD9D5E096B1C306A22E6252799D931BCB6BCFB30CDC2B935E74BC5
SHA-512:6A8382B8EF83894ED839E8A1BCA415E6CF621F05F2EB9393C4CF72110291D4D90F2FF24FE571000E49A2424FE4FB5AC9EF7F1A03CDA388320ED636BCD92D7299
Malicious:false
Preview:0\r..m......g...~.I?...._keyhttps://rna-resource.acrobat.com/static/js/plugins/aicuc/js/plugins/rhp/exportpdf-rna-selector.js .5....@/....."#.DP..$..A.A..Eo......_............P...#4..l....5...5..).w.. .h.~..A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d88192ac53852604_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):215
Entropy (8bit):5.525166493527371
Encrypted:false
SSDEEP:3:m+lPHYs8RzYOCGLvHkWBGKuKjXKXqjuSKPWFvv5kXhZ86ktSECcu1isLK5m1:mhYOFLvEWd/aFuV6z0tSEN941
MD5:1013EBDC37CECE321385E8163DDF56FC
SHA1:524E8084469E85CC8D095FFC21ADD624E45F073C
SHA-256:8588EEA8104FC98D6B7C9B45CBD401D290582B73D25C72D262C1228A20E48632
SHA-512:E4A33A56352BB7BC891F7B7545A5A915AF3F55D10B7E0D30F740CAD9A449888E703D1F645F05735A8EFC718291D5AFA0DD097386F2365CF7A3231BF3981B915B
Malicious:false
Preview:0\r..m......W....w.m...._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-recent-files/js/selector.js ...*..@/....."#.D.!..$..A.A..Eo........T............a.f.m.i.o.p..3U5.....^...I.A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\de789e80edd740d6_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):208
Entropy (8bit):5.514354529993564
Encrypted:false
SSDEEP:6:mR9YOFLvEWd7VIGXOdQ7ItYBMqVd3G4K41:2DRuRlGB9Vd2
MD5:BC84B5BD32FC01D64441CA971E6BEF8A
SHA1:A388AC2F8BD53D197A19D59899B22AEFEE7D7775
SHA-256:90A335D23C8D9ED6C3D41321EB06AC42BA3A5D40CA1932CCFE1CAD3BEC935145
SHA-512:71A399622B315FD653D79DC9DC908B49086BA9C320A1864FB811C07513321DB13A96912015DF097BC480DCD68F18CCCD65101641D1FE12E516278D140E577737
Malicious:false
Preview:0\r..m......P...y.p....._keyhttps://rna-resource.acrobat.com/static/js/plugins/app-center/js/plugin.js ...*..@/....."#.D...$..A.A..Eo.......qs...........y.$..$.v5j...T...z.]..._S....A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f0cf6dfa8a1afa3d_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):208
Entropy (8bit):5.565589200064594
Encrypted:false
SSDEEP:3:m+lQyu6OA8RzYOCGLvHkWBGKuKjXK9QXAdWKjKLuV2/qDLkt8g/XW4ThzJuA4biI:mkqYOFLvEWd8CAd9Qd/qQtBduA424r1
MD5:8256829F60D0886D5FFB75788EFD3292
SHA1:14ABFD7A1A74E95B8B78686286C0BAFE1B49ACEE
SHA-256:2FE29EC443E677EA98E3ADD65B601D775FF4C70ED1A750935539678DF2EC9908
SHA-512:4706D47AB9CA0ADC7EAAB61D4F2B398E9A12CF94C758068870C25F79C4AB8A075F490E268DA92EF3E8EF78A358BD2CE1FE280C26573376A49D85F3F2D1C9E863
Malicious:false
Preview:0\r..m......P...gT....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/plugin.js ...*..@/....."#.D.5..$..A.A..Eo.......)..........#..@..k(v.8g..5.~_....]Pj.*..6.A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f4a0d4ca2f3b95da_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):210
Entropy (8bit):5.556687354988847
Encrypted:false
SSDEEP:3:m+lS5Etla8RzYOCGLvHkWBGKuKjXKVRNUp/KPWFvWXPIBktjrl/7Ag2iHio/Mm1:moXXYOFLvEWdENUAuQIStjr+yC8n1
MD5:2FE3A05336E145014AEC363340F046E6
SHA1:DA77ABCED6F639EC91DBFCE777038F49A0EC8971
SHA-256:8B993ABE25B264A1FB2D575E859AFB6AAE7A12661A7326CE114095A9DB06B3CB
SHA-512:F4701009E3FE58FF41133A276397ED962D982ED015550CF577A751D2C8883C95B00878E6ECB9132C3442D5F6BFC41BFE501F41A43C09EBFCB606B2EE4503D933
Malicious:false
Preview:0\r..m......R..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/uss-search/js/selector.js .s.$..@/....."#.D).w.$..A.A..Eo.......{..........8.../...;.\\o....1..........+..A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f941376b2efdd6e6_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):221
Entropy (8bit):5.54205492744544
Encrypted:false
SSDEEP:3:m+lFNrs8RzYOCGLvHkWBGKuKjXKeRKVIJ/2kKLuVyTQ//VALkt5lt1sYWmYk5m1:mQZYOFLvEWdrROk/VQJklPtbsLmB41
MD5:503F1A9123DB766078000F209FE6D11D
SHA1:E59813FE73E2F469958575F7DAAC04F9904D6FB5
SHA-256:64A61DA03FABA8F6D13A266FDEB9788928F18FEBC65E37718E1618E4AEAFB5B4
SHA-512:A9D5E5C68EA46F44282EED7551E69F14A8DA95154D9A71638A32B456DB873B20D9D6526F5B8611E76316E8249109A0FB9A137942BA8B2DBE548098D39DE209D7
Malicious:false
Preview:0\r..m......]......,...._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/plugin.js .:N#..@/....."#.Dt$r.$..A.A..Eo......[.+......... ./.ev......N~..6.b.....$.j;:C...A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f971b7eda7fa05c3_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):210
Entropy (8bit):5.581753397329317
Encrypted:false
SSDEEP:6:mZ/lXYOFLvEWdccAWu/wu8PtHBdm9741:qxRc58PXdu7
MD5:0A69B1BD55BC98A78FDEF61BF194F25F
SHA1:40B70B62AB86D7E3342355A78B1AE2B5AD321A12
SHA-256:E6356A138E2F28172B9D9F2DF3B397D127F153910C318E4C3EE85594FC991371
SHA-512:21B6E383E74E2F3558B278FB0F0F995DEFA934E3FDD667F9CCAB0E7401C65F3C28E84CF32790F1EE4780373BBBFD1370553DE72C62C42600A398507B35E3AC02
Malicious:false
Preview:0\r..m......R...F......._keyhttps://rna-resource.acrobat.com/static/js/plugins/scan-files/js/selector.js .y.(..@/....."#.Dj...$..A.A..Eo.....................U...I.>P...X...x..0U.~;m.x.k.A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fd17b2d8331c91e8_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):204
Entropy (8bit):5.548719465659714
Encrypted:false
SSDEEP:3:m+lUg18RzYOCGLvHkWBGKuKjXKrAUWiKPWFvbQkXF+9kUktMGB6shoq+Nem1:mMOYOFLvEWdwAPVuxb+StMGB6Jn1
MD5:9C53C1A30BF37A9954E357F382F091C3
SHA1:EE463E8185D5720647DC6A0977077B7C1B4D9036
SHA-256:FC9F874E2931EC5095FE4EF4AA4C32095416E1C6D8FA9A23E4B0C84D0F1B1B04
SHA-512:4A10D4932BCC5D9D90DE85569882464AFB96119AF09CF5FCB48E075434CB049FA00368A590DE6ACEF9B55F7D669FBFE337629A9C522B727E2288B2C70783786B
Malicious:false
Preview:0\r..m......L....Ey....._keyhttps://rna-resource.acrobat.com/static/js/plugins/home/js/selector.js .>.$..@/....."#.D1.w.$..A.A..Eo......\.\..............k....F..D..O.n;[.1m.....=..A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fdd733564de6fbcb_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):212
Entropy (8bit):5.605597178047743
Encrypted:false
SSDEEP:6:m3PXYOFLvEWdBJvYQjp+OStXFhcsBXIh1:mxRBJQw5SNVB
MD5:B43FC72FC424DF1026AE96C8274771F1
SHA1:18504AA05B6FC7AE1A6F9A8F18D1859D1874BDE9
SHA-256:6D2BF68D3A97DB7895306946892702A7FCE2BF9EBE72D4798B597D8CD3B96A1B
SHA-512:A3F3B6846B1D89AEE36993D248CB4D1B637698AEFC8F0A4AD65C92FBF135762C1BA8F187846699394763D74DB40B24861CB5DF81A21C683E564591F361B84A93
Malicious:false
Preview:0\r..m......T......z...._keyhttps://rna-resource.acrobat.com/static/js/plugins/activity-badge/js/plugin.js .WD*..@/....."#.DuX..$..A.A..Eo.......nhc...........k..`..N3.... ..d..$[.....{.A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\febb41df4ea2b63a_0

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):228
Entropy (8bit):5.5536925645512705
Encrypted:false
SSDEEP:3:m+l4kC8RzYOCGLvHkWBGKuKjXKeRKVIJ/2NAJVKjXKLuVcl/nXktZUBlc3ORajei:msPYOFLvEWdrROk/RJUQZ0tZcc3Me/1
MD5:241C6963E6D3BF813402905A63747B7A
SHA1:AAEB67574EAC09E041E0F1D56EAC45B21D8DB356
SHA-256:F538D0DC85C99F67417AE7A8D9B6B7B5CE8543E7F2C60795E9631DD263FB041C
SHA-512:37195048BC2CA79048E0A3A338BED6ED50945FD7BDA0582679C4B356B73459E4108AC1A4D2A5E6619B99DAD53B2EBCE0FB1562BF9FF078F7A5E1CE0F2922412B
Malicious:false
Preview:0\r..m......d...<.s....._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/plugin.js ..O#..@/....."#.D}xr.$..A.A..Eo......B................9Q].8O.z....=..:.N.{....N{.A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\temp-index

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:Maple help database
Category:modified
Size (bytes):1032
Entropy (8bit):5.0772971560923015
Encrypted:false
SSDEEP:12:+6UTuzG8LFh2z4Mz4ITX7PLUpRSG9DjU5H5tPmvAfvmfzxGlO:Fx4z4McIj7bG9cko2IlO
MD5:45240171EB6BA942DB7514DF60E806F0
SHA1:53CE5D332C237794695BAAAF6E4306F5E725169A
SHA-256:5DCF92B6BA57D52AA2E09D0C7209EA21494E76FEBD4887E044C9F45701EC1920
SHA-512:D2107CDDD1AF6F8841CD2FD5FDD2A73E255A55A2D4FB4DF47987A83DE29AEB662E8BD1AF743F71A36B40D6F7070AFBF3B71D7C02820F92E99D366A8F4A6E80E9
Malicious:false
Preview:.....v+.oy retne....)........T............3...@....@/..........v...q..@....@/..........C..M.....k...............#...(...k.............]...I.....@/.....................@/...........6<|...@....@/.........<...W..J@....@/..............oB*@....@/...........a....@....@/...........;.y~A.@....@/...........P....V@....@/.........F..=z;.@....@/.............o.@....@/...........*..@....@/...........2q....@....@/.........Gy.'.h.@....@/.............k7A.@....@/.........:..N.A..@....@/..........;/...@....@/................@....@/............P[. q@....@/.........,+..._.#@....@/..........J..j...@....@/.........A?.2:....'..@/..............q...'..@/..........u\]..q..'..@/.........!...0.o..'..@/...........*......'..@/..........o..k....'..@/.........^.~..z...'..@/..........[.i..%...'..@/..........+.{..'..'..@/..........@..x..'..@/.........*)....J:..'..@/..........&.S.....'..@/............MV3....'..@/.............D.4...'..@/.........+.U.!..V..'..@/..........~.,.4>..'..@/.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index (copy)

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:Maple help database
Category:dropped
Size (bytes):1032
Entropy (8bit):5.0772971560923015
Encrypted:false
SSDEEP:12:+6UTuzG8LFh2z4Mz4ITX7PLUpRSG9DjU5H5tPmvAfvmfzxGlO:Fx4z4McIj7bG9cko2IlO
MD5:45240171EB6BA942DB7514DF60E806F0
SHA1:53CE5D332C237794695BAAAF6E4306F5E725169A
SHA-256:5DCF92B6BA57D52AA2E09D0C7209EA21494E76FEBD4887E044C9F45701EC1920
SHA-512:D2107CDDD1AF6F8841CD2FD5FDD2A73E255A55A2D4FB4DF47987A83DE29AEB662E8BD1AF743F71A36B40D6F7070AFBF3B71D7C02820F92E99D366A8F4A6E80E9
Malicious:false
Preview:.....v+.oy retne....)........T............3...@....@/..........v...q..@....@/..........C..M.....k...............#...(...k.............]...I.....@/.....................@/...........6<|...@....@/.........<...W..J@....@/..............oB*@....@/...........a....@....@/...........;.y~A.@....@/...........P....V@....@/.........F..=z;.@....@/.............o.@....@/...........*..@....@/...........2q....@....@/.........Gy.'.h.@....@/.............k7A.@....@/.........:..N.A..@....@/..........;/...@....@/................@....@/............P[. q@....@/.........,+..._.#@....@/..........J..j...@....@/.........A?.2:....'..@/..............q...'..@/..........u\]..q..'..@/.........!...0.o..'..@/...........*......'..@/..........o..k....'..@/.........^.~..z...'..@/..........[.i..%...'..@/..........+.{..'..'..@/..........@..x..'..@/.........*)....J:..'..@/..........&.S.....'..@/............MV3....'..@/.............D.4...'..@/.........+.U.!..V..'..@/..........~.,.4>..'..@/.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:ASCII text
Category:dropped
Size (bytes):292
Entropy (8bit):5.217573771493849
Encrypted:false
SSDEEP:6:l8fUcvBQ+q2Pwkn2nKuAl9OmbnIFUtqVA8fUcvggZmwYVA8fUcvgQVkwOwkn2nKZ:+Q+vYfHAahFUtZg/3QV5JfHAaSJ
MD5:037173BC312F6679C579D5756542549B
SHA1:8BB56F9DBD209F782EB3CFD739A8C869BEEAC0F3
SHA-256:9C6CF3D199CED27132C625BE279E0BFC2C93DB02456C24BB0F7FF9E0583060B4
SHA-512:7D41CA727C1CF604989A335BBDB72450463C87B5928000716B4FF4E9E4384AFFBC3DED581E93BDB92CA87226703BFCB93B74BD684E47B8579304E26137D6BE54
Malicious:false
Preview:2022/06/23-18:19:35.662 192c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2022/06/23-18:19:35.663 192c Recovering log #3.2022/06/23-18:19:35.663 192c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:ASCII text
Category:dropped
Size (bytes):292
Entropy (8bit):5.217573771493849
Encrypted:false
SSDEEP:6:l8fUcvBQ+q2Pwkn2nKuAl9OmbnIFUtqVA8fUcvggZmwYVA8fUcvgQVkwOwkn2nKZ:+Q+vYfHAahFUtZg/3QV5JfHAaSJ
MD5:037173BC312F6679C579D5756542549B
SHA1:8BB56F9DBD209F782EB3CFD739A8C869BEEAC0F3
SHA-256:9C6CF3D199CED27132C625BE279E0BFC2C93DB02456C24BB0F7FF9E0583060B4
SHA-512:7D41CA727C1CF604989A335BBDB72450463C87B5928000716B4FF4E9E4384AFFBC3DED581E93BDB92CA87226703BFCB93B74BD684E47B8579304E26137D6BE54
Malicious:false
Preview:2022/06/23-18:19:35.662 192c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2022/06/23-18:19:35.663 192c Recovering log #3.2022/06/23-18:19:35.663 192c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):131072
Entropy (8bit):0.008907738108328683
Encrypted:false
SSDEEP:3:ImtV/CuttMTLS/Jf0lt+urQTlD7vt/lcvmllP62/X:IiV1kTLLlousTxvv6m
MD5:0A339004BCB425813505AE2871E61E20
SHA1:9BDA040B5589E1B919A259DB212F4CE8E32AAA8F
SHA-256:46828E139BE167C9E36B556EB137571DE93A29930C366CE0666B1385BC106517
SHA-512:DA3CE56FFA0538D022A80F7F6DAE1E89586E27FC484E82CCCAADC9EE163BEBBEDA2CAB446D507C622BAE868086E382F5436E328418BB877FBBF0A2192CB61DF8
Malicious:false
Preview:VLnk.....?......).0k.....................................................................................................................................................................................................................................................U....n.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-220623161933Z-209.bmp

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:PC bitmap, Windows 3.x format, 117 x -152 x 32
Category:dropped
Size (bytes):71190
Entropy (8bit):1.5931296604269263
Encrypted:false
SSDEEP:48:QeVx5z6+5fhxGd+vy8wo31+ocYQosGQGaNBBciqqacSAlP27eqqqq1xa+0LZQrvL:VgekQvDwo31+BPTyarapcX6G1
MD5:BE4C8F84F903E3FDC7ECEB717568AB4E
SHA1:26ED0BD6AC9FFE4C68E639DD8D1CE2D9EFB92D48
SHA-256:0510CB1526D8AB619F008B8CC6BC46C7F5BA4B48B417A5002CAF4709B2130BAC
SHA-512:10A8B86B8D37C48A881F7FBFF4CF1C77039475614E77FD352F28CA11FD4D124221A9CF266B8AAB08F822F3C6446E3B403D336A92327E3D4C5F5723046CAEDDF5
Malicious:false
Preview:BM........6...(...u...h..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:SQLite 3.x database, last written using SQLite version 3024000
Category:dropped
Size (bytes):61440
Entropy (8bit):3.568285882852503
Encrypted:false
SSDEEP:384:XeT9dThDtELJ8fwRRwZsLRGlKhsvXh+vSc:kkYZsLQhUSc
MD5:3864447559B107E70C6D053A05C27936
SHA1:F6227255148F835215204E42EBBC3389671E9793
SHA-256:DE2BDC520385092A667F727FC43123D6AEB2FD45F4F3CE726A60D6BA31583178
SHA-512:856CD78C2A88B4DA2DAD8D86C01CE9729D367AE3148B27CA95AE33EEA7E10776190CD8CFA493EDF34A9C0784FE5105CDD3A229BF104B3B44225C54A6F8F446C5
Malicious:false
Preview:SQLite format 3......@ ..........................................................................$.......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:SQLite Rollback Journal
Category:dropped
Size (bytes):8720
Entropy (8bit):3.3178633479189235
Encrypted:false
SSDEEP:48:7M42iomVQYom1C/iom8Vom1Nom1Aiom1RROiom1Com1pom1RKiomVKiomsJWqQl+:7+Cg/OhcCKGN49IVXEBodRBkP
MD5:4793A98DCFAD4AF29D140501CB178E45
SHA1:B6B8AC8EA505AF3B2EB4BAF27782F0AF03B9B8A4
SHA-256:3882C9D69D7CA6ADE09D0BDE01780B243243699446DD0359F46A49F788CB95EF
SHA-512:274082AB8DAE10A55297BAA3F0B5EEA2C431A7C50647BE0AC8FF69B269B626506A71CE42EBDF24E25605B40D97E2D05075ACDB9BA2ECA0BE9B2AB70EBD2EB408
Malicious:false
Preview:.... .c.....l.."..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................W....<.W.L...y.......~........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeCMapFnt19.lst (copy)

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:PostScript document text
Category:dropped
Size (bytes):536
Entropy (8bit):5.17576513886526
Encrypted:false
SSDEEP:12:T4RFQ8idRuMgxg6dxs3yBFTtDcSTAzidRuOPgxg601s3yBFDHpcSa:kNid8HxPs3yTTtPmid8OPgx4s3yTDHBa
MD5:4D5E3CD969F14362210F0473720C5528
SHA1:AFD90E9888759B809F78E87D5550B601A288A0A3
SHA-256:79D95D01FDE7FC7C890CD62734A7F203B12A5D44A56D6009D0E43E40D99682AE
SHA-512:B10C157945432CC8944E63A28CA3420CAD0C6B87BABC77BB5437DA5E3DF0CDEB657D410F28FA61D314E86269B8D1AC5972B0792D3E78787DFCE496EEE979DF64
Malicious:false
Preview:%!Adobe-FontList 1.16.%Locale:0x409..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1426577652.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1426577652.%EndFont..

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt16.lst.1340

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:PostScript document text
Category:dropped
Size (bytes):536
Entropy (8bit):5.17576513886526
Encrypted:false
SSDEEP:12:T4RFQ8idRuMgxg6dxs3yBFTtDcSTAzidRuOPgxg601s3yBFDHpcSa:kNid8HxPs3yTTtPmid8OPgx4s3yTDHBa
MD5:4D5E3CD969F14362210F0473720C5528
SHA1:AFD90E9888759B809F78E87D5550B601A288A0A3
SHA-256:79D95D01FDE7FC7C890CD62734A7F203B12A5D44A56D6009D0E43E40D99682AE
SHA-512:B10C157945432CC8944E63A28CA3420CAD0C6B87BABC77BB5437DA5E3DF0CDEB657D410F28FA61D314E86269B8D1AC5972B0792D3E78787DFCE496EEE979DF64
Malicious:false
Preview:%!Adobe-FontList 1.16.%Locale:0x409..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1426577652.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1426577652.%EndFont..

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt19.lst (copy)

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:PostScript document text
Category:dropped
Size (bytes):536
Entropy (8bit):5.17576513886526
Encrypted:false
SSDEEP:12:T4RFQ8idRuMgxg6dxs3yBFTtDcSTAzidRuOPgxg601s3yBFDHpcSa:kNid8HxPs3yTTtPmid8OPgx4s3yTDHBa
MD5:4D5E3CD969F14362210F0473720C5528
SHA1:AFD90E9888759B809F78E87D5550B601A288A0A3
SHA-256:79D95D01FDE7FC7C890CD62734A7F203B12A5D44A56D6009D0E43E40D99682AE
SHA-512:B10C157945432CC8944E63A28CA3420CAD0C6B87BABC77BB5437DA5E3DF0CDEB657D410F28FA61D314E86269B8D1AC5972B0792D3E78787DFCE496EEE979DF64
Malicious:false
Preview:%!Adobe-FontList 1.16.%Locale:0x409..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1426577652.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1426577652.%EndFont..

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AcroFnt19.lst (copy)

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:PostScript document text
Category:dropped
Size (bytes):9566
Entropy (8bit):5.226610011802065
Encrypted:false
SSDEEP:192:eTA2j6Q6T766x626Oz6r606+6bfs6JtRZ65tsu6rtG16lMXY5B5Cfk:es4p0vTLcdfIfsmtRZEtsuatG1gMIzV
MD5:63B24EA3A13EAC476D6309BB202EF459
SHA1:89502C393549C20C933E4553F51F74F3DBE085EF
SHA-256:2B4BE0BED267BBD4E4FFFC912A6C7ED6A8D4735DCF9B69FF90F37CDDEF4110EA
SHA-512:2CB315DD00867DEE3A2CBC4017B59C53B41E817216FE0111A60947E1F0D81FF6767D8F7B5C406AAF9E6516BE716A086642AFFABBEFBE4C5B260437C89E3535EC
Malicious:false
Preview:%!Adobe-FontList 1.16.%Locale:0x409..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1426577652.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1426577652.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:Type1.FontName:AdobePiStd.FamilyName:Adobe Pi Std.StyleName:Regular.FullName:Adobe Pi Std.MenuName:Adobe Pi Std.StyleBits:0.WritingScript:Roman.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\AdobePiStd.otf.DataFormat:sfntData.UsesStandardEncoding:yes.isCFF:yes.FileLength:92588.FileModTime:1426577650.WeightClass:400.WidthClass:5.AngleClass:0.DesignSize:240.NameArray:0,Mac,4,Adobe Pi Std.

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AdobeFnt16.lst.1340

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:PostScript document text
Category:dropped
Size (bytes):9566
Entropy (8bit):5.226610011802065
Encrypted:false
SSDEEP:192:eTA2j6Q6T766x626Oz6r606+6bfs6JtRZ65tsu6rtG16lMXY5B5Cfk:es4p0vTLcdfIfsmtRZEtsuatG1gMIzV
MD5:63B24EA3A13EAC476D6309BB202EF459
SHA1:89502C393549C20C933E4553F51F74F3DBE085EF
SHA-256:2B4BE0BED267BBD4E4FFFC912A6C7ED6A8D4735DCF9B69FF90F37CDDEF4110EA
SHA-512:2CB315DD00867DEE3A2CBC4017B59C53B41E817216FE0111A60947E1F0D81FF6767D8F7B5C406AAF9E6516BE716A086642AFFABBEFBE4C5B260437C89E3535EC
Malicious:false
Preview:%!Adobe-FontList 1.16.%Locale:0x409..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1426577652.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1426577652.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:Type1.FontName:AdobePiStd.FamilyName:Adobe Pi Std.StyleName:Regular.FullName:Adobe Pi Std.MenuName:Adobe Pi Std.StyleBits:0.WritingScript:Roman.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\AdobePiStd.otf.DataFormat:sfntData.UsesStandardEncoding:yes.isCFF:yes.FileLength:92588.FileModTime:1426577650.WeightClass:400.WidthClass:5.AngleClass:0.DesignSize:240.NameArray:0,Mac,4,Adobe Pi Std.

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache.bin

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:data
Category:dropped
Size (bytes):63598
Entropy (8bit):5.4331110334817385
Encrypted:false
SSDEEP:768:PCbGNFYGpiyVFiC0ZnS71wriGDUxnGpZJYESPpX2MOZYyu:J0GpiyVFihnwGDUpGpZXS92PZK
MD5:302844C113697A8C74C4FBF7B27C9BBD
SHA1:2564FF3720166FAC30DCE009677DC911F5AF8E95
SHA-256:DEC3420D2FC301DE4CC42CAB9400AE5E985B558057DF5965056A56E358662480
SHA-512:FD649906251EEF9F4E9E8DCF0CFC62EC3B96C67D96FB8D936369758A847AED72EAE2C0F396A87653F63EC7AD646C02C52AC844CFC2CFF0ED080A3ED56009906C
Malicious:false
Preview:4.382.88.FID.2:o:........:F:AgencyFB-Reg.P:Agency FB.L:$.........................."F:Agency FB.#.94.FID.2:o:........:F:AgencyFB-Bold.P:Agency FB Bold.L:%.........................."F:Agency FB.#.82.FID.2:o:........:F:Algerian.P:Algerian.L:$..........................RF:Algerian.#.93.FID.2:o:........:F:ArialNarrow.P:Arial Narrow.L:$.........................."F:Arial Narrow.#.107.FID.2:o:........:F:ArialNarrow-Italic.P:Arial Narrow Italic.L:$.........................."F:Arial Narrow.#.103.FID.2:o:........:F:ArialNarrow-Bold.P:Arial Narrow Bold.L:%.........................."F:Arial Narrow.#.116.FID.2:o:........:F:ArialNarrow-BoldItalic.P:Arial Narrow Bold Italic.L:%.........................."F:Arial Narrow.#.75.FID.2:o:........:F:ArialMT.P:Arial.L:$.........................."F:Arial.#.89.FID.2:o:........:F:Arial-ItalicMT.P:Arial Italic.L:$.........................."F:Arial.#.85.FID.2:o:........:F:Arial-BoldMT.P:Arial Bold.L:$.........................."F:Arial.#.98.FID.2:o:........:F:Arial-B

C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Security\ES_session_store

Download File
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:data
Category:dropped
Size (bytes):10240
Entropy (8bit):0.6759519140009473
Encrypted:false
SSDEEP:12:wwiNiRAxdmNmPlE7EprJQwIdpI5NZMJgF4NJ2RZwfg:IiRAx4NSPprSwgpXuFeJ2W
MD5:29DB0E735966B4175186D8B1E31433F2
SHA1:5315462C8A8CE1E704E6AA78DAC8FE04C99119E4
SHA-256:4CD385E3B8F22E156832D84DD6AB1A5AB5B55968774B70DC46DCD12F33586C0F
SHA-512:1341BDBA0B522C3AD234FCC09BD75803452A444EDD539AA56B516910CC66CC382190E11F920709EFEE5E1A62C5EE942E4D4A6A59CF884AB7822636EB20D9B36B
Malicious:false
Preview: ...S.v...:@..hC-.H.QE..|....l.s...... ........k.Hk..x....n^|}.]..r..9.._#Z. ...>.....p.J.j_..Tj.....i.Q.....Os..3|B*...lp..?....h=...6K.s4*...^..qZ.......;$].Z?.S......U ...lq....J...].P%.. .....5. <Z|...$D.._.Q.|)..9......:.$..]....|-.....$....5.4...;..B3h.f3...s..g..".o.2..>.$...,..b.gP.Q.EC..)..#1.~....H.[..t#.2......X...Uc.....2..k..8$....w?..b+ZsF.0...!.k..'T.U.......epaCp\fw.f+.......U.h3..s..+1.M`-..`.....Y.d.{....C.....I*.....lM..=B.]QV..F...)'....^.2........._CR...Y.....m.C..|......q.?.u.{....X.J..J................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Static File Info

General

File type:PDF document, version 1.7
Entropy (8bit):7.886029657411002
TrID:
  • Adobe Portable Document Format (5005/1) 100.00%
File name:Tom Kean 126480286683.pdf
File size:21028
MD5:f2f7213592ac930a2b9f8a895a073391
SHA1:0d4e6787f45143709dcd1704f8725d8eceda3edb
SHA256:69552f19ead61ad5e7587aa1f56ed0e70140f2348e95c778b47da84b84ea4c79
SHA512:0bf292a2f22b2c7d2ee9970300854e1c0e827ca6787e2b5a96535e43aedd3bd1e1ebd1e71d5e43b08ac71e79ffb442083be2ed46a791a1b46fa186746ddb90df
SSDEEP:384:DieLRyhtOvxW1nwJSrW5RwLMV2hnvXVEkafbuf2ACBMXLq:DieLRIOJW1ISSn7V2l5obuuAEMXLq
TLSH:D592BF6186AC45ECF546CA319E7A7B9C20DC306712DD76F2517CCB809644BE9FB80EB2
File Content Preview:%PDF-1.7.1 0 obj.<< /Type /Catalog./Outlines 2 0 R./Pages 3 0 R >>.endobj.2 0 obj.<< /Type /Outlines /Count 0 >>.endobj.3 0 obj.<< /Type /Pages./Kids [6 0 R.]./Count 1./Resources <<./ProcSet 4 0 R./Font << ./F1 8 0 R./F2 9 0 R.>>./XObject << ./I1 11 0 R./

File Icon

Icon Hash:74ecccdcd4ccccf0

Static PDF Info

General

Header:%PDF-1.7
Total Entropy:7.886030
Total Bytes:21028
Stream Entropy:7.964122
Stream Bytes:18380
Entropy outside Streams:5.080675
Bytes outside Streams:2648
Number of EOF found:1
Bytes after EOF:

Keywords Statistics

NameCount
obj19
endobj19
stream5
endstream5
xref1
trailer1
startxref1
/Page1
/Encrypt0
/ObjStm0
/URI0
/JS0
/JavaScript0
/AA0
/OpenAction0
/AcroForm0
/JBIG2Decode0
/RichMedia0
/Launch0
/EmbeddedFile0

Image Streams

IDDHASHMD5Preview
11000091804801000040360dc4a91b67db0dd69617b6d2c413
1290902d2482a70602504f0c3bc94e431951713404d5dd5793
180000000000000000354c540432bb4cd0c9f58a81994b6ecc
190034932e2a2d6500c486bd6a012c6b69f7ee41220d4c12fe

Network Behavior

No network behavior found

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

High Level Behavior Distribution

Click to dive into process behavior distribution

Behavior

Click to jump to process

System Behavior

General

Target ID:0
Start time:18:19:23
Start date:23/06/2022
Path:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Wow64 process (32bit):true
Commandline:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\user\Desktop\Tom Kean 126480286683.pdf
Imagebase:0xe70000
File size:2571312 bytes
MD5 hash:B969CF0C7B2C443A99034881E8C8740A
Has elevated privileges:true
Has administrator privileges:true
Programmed in:C, C++ or other language
Reputation:moderate

General

Target ID:3
Start time:18:19:31
Start date:23/06/2022
Path:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit):true
Commandline:"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
Imagebase:0xf10000
File size:9475120 bytes
MD5 hash:9AEBA3BACD721484391D15478A4080C7
Has elevated privileges:true
Has administrator privileges:true
Programmed in:C, C++ or other language
Reputation:moderate

Disassembly

No disassembly