Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
JENNIFER JORDAN (CUS_8372173) HEW4256968 2023-03-17.pdf

Overview

General Information

Sample Name:JENNIFER JORDAN (CUS_8372173) HEW4256968 2023-03-17.pdf
Analysis ID:831170
MD5:ed486681dcd03f31ecd5a5438b03af9d
SHA1:fdfa163c32f5eefb317c264be6b1fa9ae56b3177
SHA256:8e1b87a97e4f8cf3bc83160093d8fb6370c801e61387609a4e42b520495e0547
Infos:

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

No high impact signatures.

Classification

  • System is w10x64
  • AcroRd32.exe (PID: 5820 cmdline: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\user\Desktop\JENNIFER JORDAN (CUS_8372173) HEW4256968 2023-03-17.pdf MD5: B969CF0C7B2C443A99034881E8C8740A)
    • RdrCEF.exe (PID: 6080 cmdline: "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043 MD5: 9AEBA3BACD721484391D15478A4080C7)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Snort rule has matched

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeFile created: C:\Users\user\AppData\Local\Temp\acrord32_sbxJump to behavior
Source: classification engineClassification label: clean0.winPDF@9/52@0/1
Source: unknownProcess created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\user\Desktop\JENNIFER JORDAN (CUS_8372173) HEW4256968 2023-03-17.pdf
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeProcess created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeProcess created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeFile created: C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIconsJump to behavior
Source: JENNIFER JORDAN (CUS_8372173) HEW4256968 2023-03-17.pdfInitial sample: PDF keyword /JS count = 0
Source: JENNIFER JORDAN (CUS_8372173) HEW4256968 2023-03-17.pdfInitial sample: PDF keyword /JavaScript count = 0
Source: JENNIFER JORDAN (CUS_8372173) HEW4256968 2023-03-17.pdfInitial sample: PDF keyword /EmbeddedFile count = 0
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management InstrumentationPath Interception1
Process Injection
1
Masquerading
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network MediumData ObfuscationEavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothJunk DataExploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 831170 Sample: JENNIFER JORDAN (CUS_837217... Startdate: 21/03/2023 Architecture: WINDOWS Score: 0 5 AcroRd32.exe 15 39 2->5         started        process3 7 RdrCEF.exe 77 5->7         started        dnsIp4 10 192.168.2.1 unknown unknown 7->10

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
No contacted domains info
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs
IPDomainCountryFlagASNASN NameMalicious
IP
192.168.2.1
Joe Sandbox Version:37.0.0 Beryl
Analysis ID:831170
Start date and time:2023-03-21 07:50:43 +01:00
Joe Sandbox Product:CloudBasic
Overall analysis duration:0h 4m 29s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultwindowspdfcookbook.jbs
Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:12
Number of new started drivers analysed:0
Number of existing processes analysed:0
Number of existing drivers analysed:0
Number of injected processes analysed:0
Technologies:
  • HCA enabled
  • EGA enabled
  • HDC enabled
  • AMSI enabled
Analysis Mode:default
Analysis stop reason:Timeout
Sample file name:JENNIFER JORDAN (CUS_8372173) HEW4256968 2023-03-17.pdf
Detection:CLEAN
Classification:clean0.winPDF@9/52@0/1
EGA Information:Failed
HDC Information:Failed
HCA Information:
  • Successful, ratio: 100%
  • Number of executed functions: 0
  • Number of non-executed functions: 0
Cookbook Comments:
  • Found application associated with file extension: .pdf
  • Found PDF document
  • Close Viewer
  • Exclude process from analysis (whitelisted): MpCmdRun.exe, SgrmBroker.exe, conhost.exe, svchost.exe
  • Excluded IPs from analysis (whitelisted): 2.21.22.155, 2.21.22.179, 23.211.4.250
  • Excluded domains from analysis (whitelisted): ssl.adobe.com.edgekey.net, fs.microsoft.com, armmf.adobe.com, acroipm2.adobe.com.edgesuite.net, e4578.dscb.akamaiedge.net, a122.dscd.akamai.net, acroipm2.adobe.com
  • Not all processes where analyzed, report is missing behavior information
  • Report size getting too big, too many NtSetInformationFile calls found.
TimeTypeDescription
07:51:42API Interceptor1x Sleep call for process: RdrCEF.exe modified
No context
No context
No context
No context
No context
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):205
Entropy (8bit):5.602349045139082
Encrypted:false
SSDEEP:3:m+lvns8RzYOCGLvHkWBGKuKjXKLNjKLuVaz//kAk9kZkt2HtBiTFJrqzOJkvP5m1:men9YOFLvEWdM9QjVat2HPi7Z+P41
MD5:04E86440B3DCD5D8A6AD10102CA7A8ED
SHA1:E89D17E16DA4E75F6C17715A9C3EE4E447CA6AD5
SHA-256:81F6DD42793E6CA88798BD896A9768053C9879D51B1DC3B35681393A71056D3B
SHA-512:A2630F933C269F42FC6F2432A73E0291467A12980C3229D0D3F9AC930E16446D8A38969A103C9C8D50ADF50A06C6527F1832D98E1E6BB30BE001B1F4C9567547
Malicious:false
Reputation:low
Preview:0\r..m......M..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/plugin.js ....w.V/....."#.D...#q..A.A..Eo......(4g.............d.{v.^.G...d.W.:...P..k%..A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):174
Entropy (8bit):5.511545448818553
Encrypted:false
SSDEEP:3:m+lF9NX6v8RzYOCGLvHktWVCGS/8dZktH/W98fZe/O+/rkwGhkg4m1:mi9NqEYOFLvEkw0datfy8Be7Ywcr1
MD5:BDA89F5E2878C206D9D80CC0085C6EA5
SHA1:9C919DFCD809C4DD62D3260428E633B26A9BB2F4
SHA-256:DFA26898629DBF3285FBE8994C35EC8BAB9A4BEED1CC826E5D2C4C996511CFE4
SHA-512:5654DBB856ADA437524C4969C957835624F998387135639E3C167F61A84690E57EE292709C5FC5570C6B9E7BDF911DE4B35494AE69721C6F09FD1B06C11F876B
Malicious:false
Reputation:low
Preview:0\r..m............,....._keyhttps://rna-resource.acrobat.com/init.js ....w.V/....."#.D<.5#q..A.A..Eo......q.w..........1.x.'.vI..*|Z..o...+.4....0..A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):246
Entropy (8bit):5.540178315158652
Encrypted:false
SSDEEP:6:mMyEYOFLvEWdVFLBKFjVFLBKFlQhueKbatnflot/RlUoSjGY1:DyeRVFAFjVFAF6ntetZlUo6
MD5:FBC7A2E4634F961141C5EF4AB1A8A979
SHA1:BBDE115A57ECC4B167DD17400D2FA73A331F36F9
SHA-256:35D053B4049CE8EFE9B76179E2A306F689BA89298EA6A525FB53F65A4B0A1D26
SHA-512:E93D2F817C0DC6472C2EFEFA7CCA07371AD0841F9D936DE7B1860AFCB4926ABF2D0C4FEFEBC806EA9836C9E5FBCB136F7AAB81158A2C09AF4CB67DDDC065B3F9
Malicious:false
Reputation:low
Preview:0\r..m......v...n......._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/selector.js ....w.V/....."#.D,Dv#q..A.A..Eo.......7c)..........hvDO.N.t@.....n.*...... ....A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):232
Entropy (8bit):5.652013301706588
Encrypted:false
SSDEEP:6:mNtVYOFLvEWdFCi5Rsj+yEjttvuiWulHyA1:IbRkiDo+yAvvjWus
MD5:06AF9F0FADB7E671B4BC5C6F63F82EC0
SHA1:00F4888D31C05BD5900ABB45F919CBB297FB26AF
SHA-256:82A80D250A592E74D08B3DFEBC48486AD1F07429280975AE418F1653B344F140
SHA-512:F984EDD1E1AE644429ABE9E4F7E3357FED708593D12165CA0D1F06EAF4BA1D866841C61CF77479D7BF88E118A816F008458979E74FAE8044FC1A1CA21B0981CB
Malicious:false
Reputation:low
Preview:0\r..m......h.....'....._keyhttps://rna-resource.acrobat.com/static/js/plugins/aicuc/js/plugins/rhp/exportpdf-rna-tool-view.js ..Z.w.V/....."#.D.M."q..A.A..Eo.......(............8 P..a...R..Y....7.@..2Dm{..A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):210
Entropy (8bit):5.530595095913291
Encrypted:false
SSDEEP:6:m+yiXYOFLvEWd7VIGXVuuuuBGatjZUVyh9PT41:pyixRubuB956V41T
MD5:C0EC4340AC2DF121D9948EF3E0CAD909
SHA1:9E7564A7D2B448AD15A6D07B46E181435596D8C0
SHA-256:B6F7D4079E01F97217C9FC582E377DD75E73349554A42867225E27DAE1A6E8A4
SHA-512:863DA38F4258B32CC82C78E84B2CE27E3A5B73FB24968F98885129F1EB10E01716C051DB3679A6791F96B37AC02C30849883431BEE2410536386D7B93D85D700
Malicious:false
Reputation:low
Preview:0\r..m......R...kP]g...._keyhttps://rna-resource.acrobat.com/static/js/plugins/app-center/js/selector.js ..>.w.V/....."#.D.5.#q..A.A..Eo.......l{D........k.Q.....-_..y.....O...>..1....A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):216
Entropy (8bit):5.578856270438461
Encrypted:false
SSDEEP:6:mvYOFLvEWdhwjQ9F/6fdGatAT3ZIl6P41:0RhkKw9+7Z
MD5:404B6A69EF5B67251CCBFD2C57AA9469
SHA1:6A65A98A721A0880F833BAA5BD6202B17051997A
SHA-256:82F41D44A7C7BA49B2FDEA64A46F63B465E689AC56268C6EDD5C17BFCB3A0250
SHA-512:CA818D7EBF65F5F900B1D9C15941D0F0C8EE369DBF50FA96874A4CC0DEEE60F1EA97F9EFDEC8F6781E52937F23753FC1A247FED1133E670C2BDACE8B7FD3DA17
Malicious:false
Reputation:low
Preview:0\r..m......X.....V....._keyhttps://rna-resource.acrobat.com/static/js/plugins/sign-services-auth/js/plugin.js .z/.w.V/....."#.D.j#q..A.A..Eo......y..@.........].>....uUf..N...k......c..l.A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):209
Entropy (8bit):5.506544443108237
Encrypted:false
SSDEEP:3:m+lZd8RzYOCGLvHkWBGKuKjXKX7KoQRA/KVdKLuVTa/BmZktuFcyxMtv9EWm1:mJYOFLvEWdGQRQOdQ8aJmatyD6g1
MD5:9FC66B5EF05344D2C217F867AAD81DE6
SHA1:BDD78107E457612ED18335BE5BF0FF11F083877B
SHA-256:128199CB459D2A66CA4A699C592F93D5301F6C0206D589062B21D3A18B4D8C8A
SHA-512:D13A3BB09228A803FF465B87E877035F2CC3B99F52021A16B70EFF65722F1BCB8BEDEDE228F49B935F17ACBE9928E752F91CE29CCCA942AC4EA63BA601A33143
Malicious:false
Reputation:low
Preview:0\r..m......Q..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-computer/js/plugin.js ....w.V/....."#.DfK.#q..A.A..Eo....................c..y/L....|y.n..C/I.....X7-ne.A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):179
Entropy (8bit):5.5318144468106425
Encrypted:false
SSDEEP:3:m+lLp08RzYOCGLvHkfaMMuVgjmkQDAdZktSltVQMWqg4nRb7om5m1:mOYOFLvECMLgSkQDAdatWcuR/41
MD5:E4022A80D092250C83C580B8D0DE1518
SHA1:6FC461653D76B11B55D4BD2AEB4BE837E6486713
SHA-256:CB3DB8167F405B73FD86459EAE0C8D06CB50EA0C560F42B8FE3F8EAD757AA92D
SHA-512:1756381CDA236D6190C43941A74FD6096118A53FC08B4C51B57B51B17440B76AE382FA7A409E7EDECE39723AF5951FAF35B0003688F3176948336F15C7CF425E
Malicious:false
Reputation:low
Preview:0\r..m......3....<lb...._keyhttps://rna-resource.acrobat.com/base_uris.js .W..w.V/....."#.D..5#q..A.A..Eo.......?.B.........y...L<?W.Xi..A\Q3...J.}...d..~G.A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):212
Entropy (8bit):5.614965263809052
Encrypted:false
SSDEEP:6:mGpYOFLvEWdzAAu9pkiW8KQtj9/lUGm0bbsIDMGH41:XfRMhk18KQNsVKsIZ
MD5:B84DEE15CB78E8DABA4E4201462ECEDB
SHA1:21476AA411B43E3D741D6D979939C7935CFBE0D8
SHA-256:262CD4EE5C236939F5EAE7C4C7AB01C1F60A30540CDAB53B55EFCD4995A8E42B
SHA-512:005F0BD326449A29544B267F74807D09D10EAB6435CE2360E73B20C4F76626C945AF0332875BDDBD2DDF0305EDE3A1A2747FB83A107672460386C399EB62B9A9
Malicious:false
Reputation:low
Preview:0\r..m......T....,.^...._keyhttps://rna-resource.acrobat.com/static/js/plugins/walk-through/js/selector.js ...bw.V/....."#.D...!q..A.A..Eo.......Y...........`.....^....L>..Xa./......C.y.A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):214
Entropy (8bit):5.472173390116151
Encrypted:false
SSDEEP:3:m+lS8FlC8RzYOCGLvHkWBGKuKjXKSO7p/KPWFva2ZIUjUZkt2x9ljYuuUy0tlBU1:m4fPYOFLvEWdtuEat27Hby0zBUKSAA1
MD5:1C3894DEC0A45AA95D65A90DF06A18DB
SHA1:167D06A042918F4251196E3E80726E692C3A3B58
SHA-256:DF881F0C65F21A0FC72F5222BFEDE2A674F2139E35925792BAD6A92D90B8F30A
SHA-512:FB057F381DBCEF6E2E6D969D3F54D0EC41F2DAFA2A2B4F787DE92CB86212638BCFDC8013BF10EF0D43480258BE34E6A0DDA892D91B71DA06619AE89D03FCCD7A
Malicious:false
Reputation:low
Preview:0\r..m......V..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/search-summary/js/selector.js ....w.V/....."#.Ds.#q..A.A..Eo.......S.T........Q..E.=....=h`t..t..3%A.F$..w..A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):177
Entropy (8bit):5.473363599683418
Encrypted:false
SSDEEP:3:m+l64HXlA8RzYOCGLvHkjXMLOWFvpFkXpDQZktIMd1dn76KohyP5m1:md4HXXYOFLvEjMSWFvSDQatRjUdyP41
MD5:E6C2BE5F4E4D26430A0AA3333D56AE04
SHA1:C927E889657666167C4D7A2AB4CE604BBFA93567
SHA-256:D6780A6DEED816B252D937B754F1B7CAE279BC3F6C55224B22DE87A89C2E80D3
SHA-512:122F8C71CE29D94E3265996DC513556AFB0FBA2A894F10C4CC95D907DA9510770628DC9D0215D7DF87BBD58A32D77FA6438D79742D097B54F34E8AA613D7692B
Malicious:false
Preview:0\r..m......1......5...._keyhttps://rna-resource.acrobat.com/plugins.js ....w.V/....."#.D9.5#q..A.A..Eo...................PU ....t^.....a.k..u.7.M.BW6#}..A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):187
Entropy (8bit):5.504223833448367
Encrypted:false
SSDEEP:3:m+lpSUlIv8RzYOCGLvHkWBGKuK2fKVLTIzltB/j8k9kZktYRvlljUPqf9tsDMaPe:mkl9YOFLvEWsfOLTIzZj8dat8vQPqVyq
MD5:13B4FE1CDCA5E6CB7DCA6C20DA1731A0
SHA1:B4ADD2F8B6BBAB331ED7764648C560BC2A80CEB8
SHA-256:4775D383F6BF53D3EC967EA54B006564C0635744FDE1776F99DD04A74E28E205
SHA-512:955884EC2DEB5CF501DF94C1480314968BB5299F2D268B8BCBF8DBBBCD954456551CCCE9B7193E4F104B4588B6DBD6CD694726D986BBABA68D7B19F82F4D674C
Malicious:false
Preview:0\r..m......;...I......._keyhttps://rna-resource.acrobat.com/static/js/desktop.js ..=.w.V/....."#.D./]#q..A.A..Eo......vq4...........q.O...j....._y..L^z...?..@N..A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):244
Entropy (8bit):5.576316735419322
Encrypted:false
SSDEEP:6:mt9YOFLvEWdVFLBKFjVFLBKFlyhPWPatj96twSeKaT9pr1:URVFAFjVFAFOuCP6twSeKaTL
MD5:E527895DE1430F73401F3EC9A343C3CE
SHA1:EF468041EEFE90A25FC6423BE379ABDA0DF00E99
SHA-256:AF48585EC04A8F99E2F65A9226AF2C3C568994E2643873A68993A86A841F80FB
SHA-512:38A2BD4DE7F92E6EA35E9948F792D3F13CA27AC4E5A0690CBF1CC705E94852F09CF3CE159DCC28FBC4D0B49055AE3C359EC0012063A3813B6B8D690692603678
Malicious:false
Preview:0\r..m......t...R.1<...._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/plugin.js ...w.V/....."#.D%..#q..A.A..Eo......Jw................H...{...2../.k`..r4.C. .A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):210
Entropy (8bit):5.541943104968083
Encrypted:false
SSDEEP:6:mq9YOFLvEWdzAHdQpWPtf6t5GFCaa+41:NRMHdgqF6t5Gda+
MD5:C2F0D14C7119D7DEE5508F652D61391B
SHA1:88B393C8E71114041855C8E1D5D2E8245F3A5EC5
SHA-256:83A383304AA357FF45416F6C90B44CF42EEA4D055F8A50C2C7E585BBA2EAB8E1
SHA-512:659961072AF38B4B3B9F070F9230B0C98E82711522014227220ECDC73029966CBF7B175F57EC2C568625659560331339DB87B8FD9631A19966E31E439299249E
Malicious:false
Preview:0\r..m......R....L......_keyhttps://rna-resource.acrobat.com/static/js/plugins/walk-through/js/plugin.js .p.cw.V/....."#.D...!q..A.A..Eo.....................G.3D.....Q.g0...._.Q.........A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):211
Entropy (8bit):5.518292785592135
Encrypted:false
SSDEEP:3:m+lx4F08RzYOCGLvHkWBGKuKjXKGBIEGdevA/KPWFvWv0Kll/jvQZktpO9/7yrpp:ms2VYOFLvEWdvBIEGdeXuMz/kat111
MD5:D3B593AD15C564CFA3D1D7BA99A5859E
SHA1:FB24B2207086FBBEB568D1DF4224F90028208377
SHA-256:E9C50C0AC203D1C8167F97754721B505080C986BE3E26ED4911962853105FBDC
SHA-512:C71C5F85B2D039C58F9C4D66B3AED712454EB2BDAA214D98C7D8D075BFC6018C47215D9A57FC38734C896DF6E15933A19735A73380908F75B6968A232E82C132
Malicious:false
Preview:0\r..m......S...]......._keyhttps://rna-resource.acrobat.com/static/js/plugins/add-account/js/selector.js .3..w.V/....."#.D..z#q..A.A..Eo......81...........A.o]@r..Q.....<w.....].n\....A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):202
Entropy (8bit):5.598219539031188
Encrypted:false
SSDEEP:6:maVYOFLvEWdwAPCQTK0hjsatrf1xm7OhKlvA1:RbR16v0h3BdxmJ
MD5:8751DCD5166F1D5F953904776BE63474
SHA1:89708C7E98D801CA4BA54C1E0937940F7E6BBCCC
SHA-256:662D72754378C2CCA3FCE57F93BA0D5E70D87DD8B32A5F91C321066B81345D75
SHA-512:AD906182CBC3770E40F8477AD025A1191569B4FBE05F8BBD82885A871E22D460311AD06B118B1371855B9CEF4FFDA12BB34901485CA9B14746FD589EC2BEA04C
Malicious:false
Preview:0\r..m......J......{...._keyhttps://rna-resource.acrobat.com/static/js/plugins/home/js/plugin.js .P..w.V/....."#.D.Vj#q..A.A..Eo......!.............4T].....Tw.....(..b...EO....9.A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):211
Entropy (8bit):5.55252039180793
Encrypted:false
SSDEEP:6:ms2gEYOFLvEWdGQRQVutzW0atDlndFt1:B2geRHRQ4aX
MD5:CDA3A4E43AD9E305896B1ECE1B236B96
SHA1:25F831F192158FCC9D863C28CB395F6829B5B7F9
SHA-256:2DE2196366039DB5041DABDAD52FBA1D80DEED8FC0E94792E70B43FA190C5064
SHA-512:C670719A8B319FF6E59435CECD85E1FF1B7A2A80754A85B38CEA0588BF743A3CF1E89A834111ED56F405E55C0A101B6B7E22ABCB6FC47169C3FA59703A0BCE39
Malicious:false
Preview:0\r..m......S...W.%z...._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-computer/js/selector.js ....w.V/....."#.D.{z#q..A.A..Eo.................@..{o]...9o|..qY....T....{..u.b..A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):206
Entropy (8bit):5.556081352146343
Encrypted:false
SSDEEP:3:m+lerlyv8RzYOCGLvHkWBGKuKjXKX+IAHKLuVASk//jsZktHwgEnNWQ1SUm1:mzyEYOFLvEWdrIOQtr7satvEt1S/1
MD5:CA2219944AB060A04954B8334FD92476
SHA1:CC46100BDC673295E31F10A8DDDAE3F878430C72
SHA-256:7DE8AD5188D8A081EE17423359E5F951A1EFD4511CD4D031C5AD246606C4CB28
SHA-512:9B2F9422A4C418EB54ED1ECFD7F33D61E4C23560507475DCFAA8CB44644AEB17597A0623A863DD2D7CB8FDA2998E6DE1A2E4AE36BDAA67F34F26392672D81F9D
Malicious:false
Preview:0\r..m......N..../......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/plugin.js ....w.V/....."#.DY.c#q..A.A..Eo..................t\a......x5.'OuE.C..@......x..A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):218
Entropy (8bit):5.51715224946374
Encrypted:false
SSDEEP:6:mnYOFLvEWdhwyu3ZdGNatJUllSlwrqwK+41:wRhAZdGAT8oqGwK+
MD5:0F96EDC79BF45D7DF779F58B913B6F7E
SHA1:FF7851BE82191BE6B558E38280E175E4B9E78747
SHA-256:62F284F50D272839957941AB3D68FDC6CF2470E9C45E48AB10D6AE29721892F2
SHA-512:09AFC70DC9EAA26735D1FA2C7D7A5D671EAA70A9856984AD626CDC6944D157BFCA98F4D3955E101C27AC89406A834AAD123238B7425792AD426345D5258ABA6C
Malicious:false
Preview:0\r..m......Z.........._keyhttps://rna-resource.acrobat.com/static/js/plugins/sign-services-auth/js/selector.js .8..w.V/....."#.D.(j#q..A.A..Eo.......I................7...o..a=.98I......(3.$G.A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):230
Entropy (8bit):5.527711524803262
Encrypted:false
SSDEEP:6:mYXYOFLvEWdrROk/RJbuPwsatX4fO441:/RrROk/bLWfL
MD5:288FCA0A6EB75874DE8E7527BFE596EE
SHA1:F70EA8EF405D41A3B1351F9F5B8132130A4A9B45
SHA-256:BD2A9F056DA94F4A2D6D7D75113BDD3CDE368D38E2707B5B2BCF840FFF8F4D33
SHA-512:2456D9338B1999CCF9D2947A33AEDF73379E938A2D7CC84B7A9C0DB85389C6DECDCB050DF3A31CB350E43C0786F298FB55C0D76C32F53F540D836FD608E36359
Malicious:false
Preview:0\r..m......f...F......._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/selector.js ..p.w.V/....."#.DT.c#q..A.A..Eo.......K............~..rw.+[....!.)?..f.U..(=.=.A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):186
Entropy (8bit):5.54159320014775
Encrypted:false
SSDEEP:3:m+lhD4ll08RzYOCGLvHkWBGKuKdTSVaRqTSkZktzlfzoIN1OFPL4m1:mmDEYOFLvEWXIaRIatzRzV1QPLr1
MD5:B1839FC6E8D2F1A53C0FA5B3D902DF25
SHA1:B05B140B656F7EB4935C07D757425B554D416E21
SHA-256:B54F019B3038B476681B3E988E1C9E8021D1B2EA3918118352C21417677E0EF8
SHA-512:C9096D196E4D660001A3C9F3950AA80BF00F6458C25974C5D782F3ED13A09C2CE69FBEAC05332BE083BF8EEAF973C7DE302EE1D2CB3A5C242103B6D833ECDCA4
Malicious:false
Preview:0\r..m......:....f......_keyhttps://rna-resource.acrobat.com/static/js/config.js ..5.w.V/....."#.D.(]#q..A.A..Eo...................~]...%s..<...n.f..<.....1#..U..A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):207
Entropy (8bit):5.577860609082197
Encrypted:false
SSDEEP:3:m+l+nq1A8RzYOCGLvHkWBGKuKjXKLNfKPWFvtal/nYG0GZktsoFllU8D6EsEJeUy:m52YOFLvEWdMAuGvYsat9/UEvsEJ41
MD5:285EAEFDC45C05FD44BB3FE11DF0350A
SHA1:34804F8462FF265091326448E1439A3BC1FE0A05
SHA-256:2F205180B926A6FC267D65FD8F6357120F7CEBE83E50865BFBB3A0D98B057A6B
SHA-512:C15586F6B4C7744F676F8A8B60A4F194C3F7DD8A4632B5D5C09C7FE39A16CE536A02F2C9355EF8BB2B5E0136F8DC4798552F225A5B68B0534ECFDABC5B1327FE
Malicious:false
Preview:0\r..m......O...a.Y....._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/selector.js ..:.w.V/....."#.D.Q}#q..A.A..Eo........z%..........z._a...'.v.......4p3..1.']...A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):210
Entropy (8bit):5.548106124500748
Encrypted:false
SSDEEP:3:m+lf1UldA8RzYOCGLvHkWBGKuKjXK9QXAdWKfKPWFvYZPzKll/BDQZkt0F/lGFog:mYilPYOFLvEWd8CAdAuKPW6atkyong1
MD5:BB4203DE550F74F4BB0C75DE35B6CD8C
SHA1:8E6219074F8C1BF3FCC0C0EF484F62E405D31ED4
SHA-256:AB6B9FA6E7537005347DF1BE369383F1AC0C518415314087FD267B25F259D263
SHA-512:A0D08AA928831A507441137F6F5338A12C3D58C055F712179460C8417F582B3CF2CD4FF998D79902078F938FB29E6E31B141600DF961D4F0EA7062FB1D99B998
Malicious:false
Preview:0\r..m......R....|....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/selector.js .=<.w.V/....."#.D.x}#q..A.A..Eo.........*........c}.H7M=M..-.....Ix..R.l...}Rl.$q.A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):223
Entropy (8bit):5.539656231225337
Encrypted:false
SSDEEP:6:mY8nYOFLvEWdrROk/IuHWmsatQfdN16wG1:F8hRrROk/pTSf3
MD5:6998EB50C59BCAA283F117413F587204
SHA1:743A1E92D95E547C2D4CE0B6E8CE37002461CFD4
SHA-256:136CFBACC84ED5C07DD922A69F9BE2AD98832FE7764C64567543DD1BBC08056B
SHA-512:6AA640FF7A7D04FA0263E3FBDC7B5FA3AF0DE3EF924398A2A6C80859E876A41D7EB89095DD3B8FFC8FEF35FE59A9FF18DFB2B21D76B7C0B8C9F6A459226ED82F
Malicious:false
Preview:0\r..m......_...h......_keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/selector.js ..d.w.V/....."#.Dx.c#q..A.A..Eo....................%.k.SZ..~W.....:)'B..ad......A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):213
Entropy (8bit):5.640574892044483
Encrypted:false
SSDEEP:3:m+lstxt08RzYOCGLvHkWBGKuKjXKX+IAuAJVKjXKLuVt0+l/BnkZktqWPmJelc0A:mLrnYOFLvEWdrIoJUQt+lCatheJIi1
MD5:407E894D12E36BD61E288C56E6728086
SHA1:2AF9C7FBC2975E15FCEEC74C56200B6198253FF0
SHA-256:958D7EAF9CB17DEA0095E0503BD74815F4B1EACBBA8574F9C1EF129F668F1D1B
SHA-512:ABE57A5FCF5E1D6FD4090824ADDCDABC6B709DD7696AEDAE0EDBCDD2F78DC9E71A9BC386373BC220F168FFA684A09B201772C44AC50A618FCEFE35256EB453EA
Malicious:false
Preview:0\r..m......U..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files-select/js/plugin.js ...w.V/....."#.D.,d#q..A.A..Eo.........z.........;"./N_.,.:C..2....9L.H...3:...A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):208
Entropy (8bit):5.542184185804109
Encrypted:false
SSDEEP:6:mOEYOFLvEWdrIhuzlpzatbVfnzgm2d/1:0RtWjfnR
MD5:3E3BE69D7D5B6CE42BD20192695D9962
SHA1:C6C85959755CB0D16908E8462D384E37122E4FBC
SHA-256:A70F9A3C9FBE110620B2F574BF8A1256EAF9494EA9F7D58AF4937438317D1248
SHA-512:0AC981B7C57D717BEE75187F5E275FE05DCDE6E07029765365A6D2FAA9A7F5E6ED9AF1B5C8AAD419DE1EE9936C17E816E97B9B5C283B51BBB882CF501F83A90C
Malicious:false
Preview:0\r..m......P....r......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/selector.js ..K.w.V/....."#.DkHc#q..A.A..Eo........O.........Z.Z}Q..4.o....0+..[|..n:*..U.W.A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):188
Entropy (8bit):5.556997342961611
Encrypted:false
SSDEEP:3:m+l8UElLA8RzYOCGLvHkWBGKuKPK7CvKkXW9kZkteP9l/eBiaQ562HvpMm1:mAElVYOFLvEW1Kmfatotrx56uvp1
MD5:78F7BBDBC64CA869A327C92BE355ED2E
SHA1:7525E91DE4AF5C4DBD136B3291353A6862EB2437
SHA-256:5B57938A28D917C81FB49FF71662FEC2FD408FAFC31E4F8ED68AD24BB689F763
SHA-512:C8F6E000ABD1F0A40171B7094B3C5FABD059CF7D6AC9F5AC906F66360985AB30C07A26B760B0ECE1821E0F4A961E108026FEEA4DF8092D76EA26F21E7B54B4B7
Malicious:false
Preview:0\r..m......<...)6......_keyhttps://rna-resource.acrobat.com/static/js/rna-main.js ..=.w.V/....."#.D..G#q..A.A..Eo.......5.........z?...SwC...^..y.....V..7R-O.....A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):214
Entropy (8bit):5.588212396448248
Encrypted:false
SSDEEP:6:mWYOFLvEWdBJvvuVxWyzGatjTUDLYtmOZn1:xRBJF89ZYDcFZ
MD5:4E1B5FC72572FF826F4C2951E43648B9
SHA1:AE225092C430A8B23E48F272B11B454331EC0FDB
SHA-256:1E21ECDF319899D85FD0BAF72D969744D706DF54A1DC4444B9432C9D805C7283
SHA-512:D6814BD2FBF59930E196D2146975DC575BC56CAB7284BB243311D86155E0BCA2C94F9E7876F53DAA791ABD734C5E9E8F669B571D52ABBA01F83C4DF629C0D7CA
Malicious:false
Preview:0\r..m......V.....h....._keyhttps://rna-resource.acrobat.com/static/js/plugins/activity-badge/js/selector.js ....w.V/....."#.D..z#q..A.A..Eo.......1.............t.q..W.EZ....1...[.zC.7mD..A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):211
Entropy (8bit):5.534257704195619
Encrypted:false
SSDEEP:3:m+lxCq//6v8RzYOCGLvHkWBGKuKCH6U4LJzWHK7WFvsG0qeTYBGZktottpSKGoS6:msRPYOFLvEWIa7zp77G0r9at28VPu1
MD5:90056E888C5441EF96FA927A83BA9BBC
SHA1:2B329C0276B906C712BF81E8F388131184419800
SHA-256:B2F0F2CE0AB540F8CDAAE8E7B3AED4B8E624FC2B4AB93E323A685FFEFE8F9534
SHA-512:851B33DFB370E6872C327A66221E03217AE7A65CC6EFC4BD8726766761CB94D914E5C500E02687910185F92C1779B03CEE732F1FF4320796BD27C319316309BF
Malicious:false
Preview:0\r..m......S...{.j....._keyhttps://rna-resource.acrobat.com/static/js/libs/require/2.1.15/require.min.js .b..w.V/....."#.D..5#q..A.A..Eo...... e2............L...Im.@.........E.nW...IP..A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):208
Entropy (8bit):5.523489792156498
Encrypted:false
SSDEEP:6:mKPYOFLvEWdENU9Q/V0+l3sat+l0wiM3Y1:bJRT9ArLg3r
MD5:8064AE9BA56C6B6AAE02B06DCCAD5D42
SHA1:C434FAA4B9397DE0F3EE11F90828912F64EB5406
SHA-256:5A68154CD04744DB7D07E3FB255CCBFBB96CBBAA4EDCC33E2660AB89FA2528A6
SHA-512:7642B98D5B6DC80B5CDB87471A16A6632052140A781BAEF2E561C20BBEC0808DACB6ADE2E4E710A4587DA1CE80D73F911B0B31EC8BB10B4223B2D70D845200D9
Malicious:false
Preview:0\r..m......P...Yft....._keyhttps://rna-resource.acrobat.com/static/js/plugins/uss-search/js/plugin.js ....w.V/....."#.Dq;o#q..A.A..Eo.........K...........M....m+lS..e.....<7.U.P8*.0K.A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):208
Entropy (8bit):5.600892991532024
Encrypted:false
SSDEEP:6:mQt6EYOFLvEWdccAHQAStatEujBRCh/41:XRc9pNyuDi/
MD5:9152AC2DBA05D2C3EBCA90EC5D4B4188
SHA1:7BC1C6E808E7D413E34EF9D3EC4AE2FF1EF59526
SHA-256:5E090C9D668E77E2765A9EF0731AF7641F3AECB5DC36DD9FBDA68C73EEB3B0B5
SHA-512:3A3C7F63F36E390A06E3F2DB0AB20A31611709436E7528CADBD38B35A978C73900C956EFA454D17C809F94F9CA41204AEF24A71C48560B3D91413567538FE5AC
Malicious:false
Preview:0\r..m......P...W3......_keyhttps://rna-resource.acrobat.com/static/js/plugins/scan-files/js/plugin.js ...w.V/....."#.D..#q..A.A..Eo.......a..........PJm...0x.x..RD...BB!@5..<..]....A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):231
Entropy (8bit):5.578806201952955
Encrypted:false
SSDEEP:6:mqs6XYOFLvEWdFCi5mhuTvslek9tIvkULlF4r1:bs6xRkixvsQQGv7LlF4
MD5:8210857762156C637E28444E0D363499
SHA1:A1E69A249B402A77874893BFD5DB1C2E35071BA3
SHA-256:5D60C65C393E92DA5786582CC4FEEBE5262F4480FA5720B713B59918EDB260F6
SHA-512:7F0B7602A83734A3D9304DDE7939CF157B4A1D372B62452DBBF8CCEC4F2479304A33AAB2360ED236FDF5A12A581CFA0FDCA7A5FF9B2E518AACE3EA47A5A59D0D
Malicious:false
Preview:0\r..m......g...~.I?...._keyhttps://rna-resource.acrobat.com/static/js/plugins/aicuc/js/plugins/rhp/exportpdf-rna-selector.js ..=.w.V/....."#.D&."q..A.A..Eo.......k.@.........P...#4..l....5...5..).w.. .h.~..A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):215
Entropy (8bit):5.500478472303931
Encrypted:false
SSDEEP:3:m+lPHYs8RzYOCGLvHkWBGKuKjXKXqjuSKPWFvQWmltFGXdZktCqtXECcu1isLK5y:mhYOFLvEWd/aFuCWSOXdatPNEN941
MD5:B96CADE034C02C3DB68DD076E1013A32
SHA1:B01166481CFEFD91595CB0B7CE47DE11F6369916
SHA-256:F6AA496D0149F41E1EC9B4D671074061D18C8AA2899556009DEBF41C0BCDEE26
SHA-512:98D764C1F992689E10769C2C8C1A68D9C8973FBE8AE4C936F6328ED5EBB5C781CC7B08FC5F2FF7CA4ACFB9CA2A12BCAA8732B48C94EB539892E1ED1BAC6E993B
Malicious:false
Preview:0\r..m......W....w.m...._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-recent-files/js/selector.js .]..w.V/....."#.Dv..#q..A.A..Eo.....................a.f.m.i.o.p..3U5.....^...I.A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:modified
Size (bytes):208
Entropy (8bit):5.515728104418534
Encrypted:false
SSDEEP:6:mR9YOFLvEWd7VIGXOdQzidatWjBMqVd3G4K41:2DRuRcdWB9Vd2
MD5:7E1EB0D95B93726E47D08E74565780F0
SHA1:95F820DCC9D2604F1D3D6E1B1DE3379119BE5960
SHA-256:515A4321367F2453F5E094C82E3FDAF1E4218090F07859FE95211D62D3CCF6FC
SHA-512:724B3171FC6EC4E6D6BCF4AB5015D9A1A4518C64642A80AAFD426A999FDAD205FC63D1940E2B9F98061512E66D8D1E8C8F5A388ABBF4A20477188E651AE8D130
Malicious:false
Preview:0\r..m......P...y.p....._keyhttps://rna-resource.acrobat.com/static/js/plugins/app-center/js/plugin.js ..X.w.V/....."#.D..#q..A.A..Eo......-N............y.$..$.v5j...T...z.]..._S....A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):208
Entropy (8bit):5.5370133930810495
Encrypted:false
SSDEEP:6:mkqYOFLvEWd8CAd9Ql5datfP1uA424r1:+RQWG9kr
MD5:1A1F940B17CFE71B1DE314B8E7178366
SHA1:AAC175241E7677C6C1467FD33ADB71F6F6D21B80
SHA-256:41C65D68795BC7606FFE001836891F707BA2E15B211F7E3DC726B08C331F5C9D
SHA-512:D16073B5D78ADB90D6AC4DFE689BDCBFE730A7BC7C00144B211ECB23BD5E978E30E4D23A278962B478F967AA2AE421C7E99D130DE4822D8E9E79F82D4E3C8B54
Malicious:false
Preview:0\r..m......P...gT....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/plugin.js ..K.w.V/....."#.Dt_.#q..A.A..Eo.................#..@..k(v.8g..5.~_....]Pj.*..6.A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):210
Entropy (8bit):5.517130539818007
Encrypted:false
SSDEEP:6:moXXYOFLvEWdENUAuHzv0Gat9f8yC8n1:xhRT+z87
MD5:547514989B730BC06FE9FAA3BFAE9F2D
SHA1:23F365FA6D9F8AE91274076AB2CA78DB900D1C9C
SHA-256:7C1F940D5F827FC94E77AC6FD28F14742D936426C97E2637235B0D80425CACAE
SHA-512:D69D3900062EB06D2AAD1B85383A54A0B843A62CFF8792E2D58BCFE7F1E3005788D13D7F1DBD53703368AEF4C1F5C5997896092AACEC0564C128BEA238721862
Malicious:false
Preview:0\r..m......R..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/uss-search/js/selector.js .Z..w.V/....."#.D..j#q..A.A..Eo..................8.../...;.\\o....1..........+..A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):221
Entropy (8bit):5.582186040841622
Encrypted:false
SSDEEP:3:m+lFNrs8RzYOCGLvHkWBGKuKjXKeRKVIJ/2kKLuVFJl/WUAkGZktyXXsYWmYk5m1:mQZYOFLvEWdrROk/VQ0lkatEsLmB41
MD5:45AAB85F27AF496D4BBF31F9F7F72EC8
SHA1:FC83BA5CA841ABD39A198DEDFFD2DE7AAC20B2BE
SHA-256:88119121FC3482A21B6F2AF12EB18317D84B6DE640590FE958CC314F43AD4FBB
SHA-512:CB7323CB31E9E974FFCDF18D592B414C5477A8D049C835B1DD0E4048B8A5863F10E2E048B5322C469E70C3D9B6FBDD73A0072578EAD5A96608501562DE977BD4
Malicious:false
Preview:0\r..m......]......,...._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/plugin.js .]..w.V/....."#.D0.e#q..A.A..Eo......\........... ./.ev......N~..6.b.....$.j;:C...A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):210
Entropy (8bit):5.554909295585887
Encrypted:false
SSDEEP:6:mZ/lXYOFLvEWdccAWuh+satO//Jdm9741:qxRcqLw/Jdu7
MD5:645703DAEC1B37D082E10E90B257386C
SHA1:34CBD2876E87CCA6ABE6E391F3AC4FE6DE0DBC2E
SHA-256:7D15EC649F8F56D6B69E25CFFEA51FDCD85C1A4C2D772F78642E618814D5A1D9
SHA-512:9BF279FE2BD12B1D91BC89AAB064836CC53F9F3626C9CB28C4A110E26DC8B8F4A09AD1EFF2CF260D46126C641644EE628CE3E16E685FF18FA18D8D531388C88F
Malicious:false
Preview:0\r..m......R...F......._keyhttps://rna-resource.acrobat.com/static/js/plugins/scan-files/js/selector.js ....w.V/....."#.Dn.v#q..A.A..Eo.......n.............U...I.>P...X...x..0U.~;m.x.k.A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):204
Entropy (8bit):5.542480576495399
Encrypted:false
SSDEEP:3:m+lUg18RzYOCGLvHkWBGKuKjXKrAUWiKPWFvOVKlt3O0kZkt89/sB6shoq+Nem1:mMOYOFLvEWdwAPVuSdatZB6Jn1
MD5:FB40DC223373A170E8650D709F8AB7C6
SHA1:154AE7544B80E73651F45D973952B620459CB6C2
SHA-256:5EA894B970F49F1F93BC96131B99F3C4A4609B953280432B82C96A5CF800906C
SHA-512:564C60C68B6AB7478365C1EC8F5B214EC90E572E91C25B43158BCC2DCBA302FB229CBE4117E66AFEA5A3E3C36EECE6C558D4CEBDD349434E563C25CB3AEB3D19
Malicious:false
Preview:0\r..m......L....Ey....._keyhttps://rna-resource.acrobat.com/static/js/plugins/home/js/selector.js ....w.V/....."#.D..i#q..A.A..Eo......gi._.............k....F..D..O.n;[.1m.....=..A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):212
Entropy (8bit):5.647028401292638
Encrypted:false
SSDEEP:6:m3PXYOFLvEWdBJvYQtWz/SGat3hcsBXIh1:mxRBJQe+/S9pB
MD5:3C0E1F3A93FCD03B5B2572E61F1A41C2
SHA1:E8C4ADBFB879F085739168175C3D12DD470024C2
SHA-256:D2E8B96052739CA96C82C75C851B06238E90CB3D36AD8A8C9754FF77CDA4411C
SHA-512:9409FFF79ACEE2B711DC0209CA707BB0658249B79DB06A00B0B28A2F49A43387338AEC5088EF438DB308FB2F5E4B36A887ECF911DCF04B240686CCD0C7273320
Malicious:false
Preview:0\r..m......T......z...._keyhttps://rna-resource.acrobat.com/static/js/plugins/activity-badge/js/plugin.js ....w.V/....."#.D;..#q..A.A..Eo......$..............k..`..N3.... ..d..$[.....{.A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):228
Entropy (8bit):5.543384209777949
Encrypted:false
SSDEEP:6:msPYOFLvEWdrROk/RJUQ0rbQat2Sc3Me/1:3RrROk/sZfr
MD5:DE942E47150629545B2F1B33B788A849
SHA1:3A347B9305E3AF29B2DB5597639E37F062F1AAE8
SHA-256:B6416DCDDB14ACBA49ACF82D02B206518E29A8F20E5016C53B96BCD16DCEA066
SHA-512:503DEF2B4C3F39D51E6955231BAA65E54A381B805158F2E3F3DDDF5FBBECD659D12DBAF63547DBF5848710EC95DB61CDD6A0E84666C838EC3DF9BCF7D00DFF35
Malicious:false
Preview:0\r..m......d...<.s....._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/plugin.js .(..w.V/....."#.D..e#q..A.A..Eo.......G./.............9Q].8O.z....=..:.N.{....N{.A..Eo..................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):984
Entropy (8bit):5.040251725706932
Encrypted:false
SSDEEP:12:MeVl/9l/gLnl/2+/l/KLvyl/CAl/q5tbyl/iil/iHl/OHl/Wyl/jl/lsl/lA2l/I:Mfg1zZFufGMisp6r6C9QPr
MD5:9B90244F9985CBA4985897217DD7C7AB
SHA1:9BC5919E96D2A3CE20322AADC162056A6B6FE7EC
SHA-256:E44D4707C1D938DE3374B96940F3B6AB183AEEDDFC92C1B25617C57337E95941
SHA-512:15C4CB9E0569A8B9A35F369364B2C4312DF76EF721A8DA8C3CEEB4A289D5DE061D0D14EF2C0D35A1DD3FD12014BA67243DB65124376144BE2D2943FFAB742F36
Malicious:false
Preview:....h...oy retne....'........'............;.y~A..z.B_./...........*...z.B_./..............oB*.8.B_./............#...(...A_./.............k7A..z.B_./.............D.4..z.B_./..........[.i..%..z.B_./.........<...W..J.8.B_./.........,+..._.#.z.B_./..........J..j....z.B_./...........6<|....8.B_./.........A?.2:...z.B_./..........+.{..'.z.B_./.........*)....J:.z.B_./...........2q.....z.B_./...........P....V.z.B_./.........+.U.!..V.z.B_./............P[. q.z.B_./.........!...0.o.z.B_./..........u\]..q.z.B_./.................z.B_./...........*.....z.B_./..........o..k...z.B_./.........^.~..z..z.B_./.............o..z.B_./.........Gy.'.h..z.B_./.........F..=z;..z.B_./...........3....z.B_./..........v...q...8.B_./..........C..M.....A_./...........a.....8.B_./..........~.,.4>..z.B_./..........&.S.....z.B_./..........@..x..z.B_./.........=....m...z.B_./..........;/....z.B_./..............q..z.B_./............MV3...z.B_./.........:..N.A...z.B_./............B_./.
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):984
Entropy (8bit):5.040251725706932
Encrypted:false
SSDEEP:12:MeVl/9l/gLnl/2+/l/KLvyl/CAl/q5tbyl/iil/iHl/OHl/Wyl/jl/lsl/lA2l/I:Mfg1zZFufGMisp6r6C9QPr
MD5:9B90244F9985CBA4985897217DD7C7AB
SHA1:9BC5919E96D2A3CE20322AADC162056A6B6FE7EC
SHA-256:E44D4707C1D938DE3374B96940F3B6AB183AEEDDFC92C1B25617C57337E95941
SHA-512:15C4CB9E0569A8B9A35F369364B2C4312DF76EF721A8DA8C3CEEB4A289D5DE061D0D14EF2C0D35A1DD3FD12014BA67243DB65124376144BE2D2943FFAB742F36
Malicious:false
Preview:....h...oy retne....'........'............;.y~A..z.B_./...........*...z.B_./..............oB*.8.B_./............#...(...A_./.............k7A..z.B_./.............D.4..z.B_./..........[.i..%..z.B_./.........<...W..J.8.B_./.........,+..._.#.z.B_./..........J..j....z.B_./...........6<|....8.B_./.........A?.2:...z.B_./..........+.{..'.z.B_./.........*)....J:.z.B_./...........2q.....z.B_./...........P....V.z.B_./.........+.U.!..V.z.B_./............P[. q.z.B_./.........!...0.o.z.B_./..........u\]..q.z.B_./.................z.B_./...........*.....z.B_./..........o..k...z.B_./.........^.~..z..z.B_./.............o..z.B_./.........Gy.'.h..z.B_./.........F..=z;..z.B_./...........3....z.B_./..........v...q...8.B_./..........C..M.....A_./...........a.....8.B_./..........~.,.4>..z.B_./..........&.S.....z.B_./..........@..x..z.B_./.........=....m...z.B_./..........;/....z.B_./..............q..z.B_./............MV3...z.B_./.........:..N.A...z.B_./............B_./.
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:ASCII text
Category:dropped
Size (bytes):292
Entropy (8bit):5.243849638623432
Encrypted:false
SSDEEP:6:kUhC16x4q2PWXp+N2nKuAl9OmbnIFUtdhC1RnJZmwvhC1yDkwOWXp+N2nKuAl9Oe:k916x4vaHAahFUtS1RnJ/41yD5fHAaSJ
MD5:B25CA13ECBBACBEA44E7743675778572
SHA1:2CB689497B849D25FAFA72D6E948B5C5941DDFCF
SHA-256:17D81E1AF752A2E8B399A9148A98E1943293AC0D8FAE810EE25ABEFE16E157F4
SHA-512:E6E583CC122471179D906EB181E30723DD9DD8B67EFCFB00349F9A873FC366414586C1AE430852AE4B3C71B2517A0BB35133BD1D611EBF1E134380A21A123FC5
Malicious:false
Preview:2023/03/21-07:51:46.046 14f4 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2023/03/21-07:51:46.054 14f4 Recovering log #3.2023/03/21-07:51:46.055 14f4 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:ASCII text
Category:dropped
Size (bytes):292
Entropy (8bit):5.243849638623432
Encrypted:false
SSDEEP:6:kUhC16x4q2PWXp+N2nKuAl9OmbnIFUtdhC1RnJZmwvhC1yDkwOWXp+N2nKuAl9Oe:k916x4vaHAahFUtS1RnJ/41yD5fHAaSJ
MD5:B25CA13ECBBACBEA44E7743675778572
SHA1:2CB689497B849D25FAFA72D6E948B5C5941DDFCF
SHA-256:17D81E1AF752A2E8B399A9148A98E1943293AC0D8FAE810EE25ABEFE16E157F4
SHA-512:E6E583CC122471179D906EB181E30723DD9DD8B67EFCFB00349F9A873FC366414586C1AE430852AE4B3C71B2517A0BB35133BD1D611EBF1E134380A21A123FC5
Malicious:false
Preview:2023/03/21-07:51:46.046 14f4 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2023/03/21-07:51:46.054 14f4 Recovering log #3.2023/03/21-07:51:46.055 14f4 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:ASCII text
Category:dropped
Size (bytes):292
Entropy (8bit):5.243849638623432
Encrypted:false
SSDEEP:6:kUhC16x4q2PWXp+N2nKuAl9OmbnIFUtdhC1RnJZmwvhC1yDkwOWXp+N2nKuAl9Oe:k916x4vaHAahFUtS1RnJ/41yD5fHAaSJ
MD5:B25CA13ECBBACBEA44E7743675778572
SHA1:2CB689497B849D25FAFA72D6E948B5C5941DDFCF
SHA-256:17D81E1AF752A2E8B399A9148A98E1943293AC0D8FAE810EE25ABEFE16E157F4
SHA-512:E6E583CC122471179D906EB181E30723DD9DD8B67EFCFB00349F9A873FC366414586C1AE430852AE4B3C71B2517A0BB35133BD1D611EBF1E134380A21A123FC5
Malicious:false
Preview:2023/03/21-07:51:46.046 14f4 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2023/03/21-07:51:46.054 14f4 Recovering log #3.2023/03/21-07:51:46.055 14f4 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:data
Category:dropped
Size (bytes):131072
Entropy (8bit):0.010978819626460943
Encrypted:false
SSDEEP:3:ImtVdXb+j4x9pPlXlpyPll//zVrzlltD0lGQZ7XEZhGIelHdP4/X:IiVtg4x9pdM//hFwl570ZhdelG/
MD5:E36F8F81D3C03F6AAF7D768706B7673F
SHA1:EECE93F9E417717892E50F6A159516DD76C255B0
SHA-256:C6E687FF9677244574F37AD2877726DF64E5BAADDA2ABE8C4759BDE8344E44F2
SHA-512:0582ADCFA1A09095D4482C9A61475C8B77FF444BF2655DE4F6583BBB2699A054BBB2292DE2741FEEB27AFE0835B0B48F476418EE1A666DE20CA146D1EB4390A4
Malicious:false
Preview:VLnk.....?.......Tq.>..j................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:PC bitmap, Windows 3.x format, 117 x -152 x 32, cbSize 71190, bits offset 54
Category:dropped
Size (bytes):71190
Entropy (8bit):1.8489686733220543
Encrypted:false
SSDEEP:384:AN0KSW3RP4oEJSQssU5lrZYoa8LX7m0xzNVC:nTWhSJSQssU5lrSt
MD5:613D903A01992AFDE08B9FBABEF43EE6
SHA1:6BE5EE7A15C15ED6F197EC9C2F5AF4CC2D88EC83
SHA-256:8D70F6E2919023A903D8C3CF311A0C8D524DC62502677C80911212EE0792DA4C
SHA-512:F3CB8272E05E24D817C2915A93A10B92239351872AB31651BC161A87F22809A509A58BD43976DCC4EB575445C7277B261AB8036F556CF9917921EA9CE7C5AD77
Malicious:false
Preview:BM........6...(...u...h..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:SQLite 3.x database, last written using SQLite version 3024000, file counter 12, database pages 15, cookie 0x5, schema 4, UTF-8, version-valid-for 12
Category:dropped
Size (bytes):61440
Entropy (8bit):3.564798683566321
Encrypted:false
SSDEEP:384:3eI9dThDtELJ8fwRRwZsLRGlKhsvXh+vSc:bkYZsLQhUSc
MD5:0BA4FEDCEFC40F3FB799FBC1F2377E24
SHA1:727C495AD4C892AF3D212F081C84F62DA3D94828
SHA-256:A6C420CC9AB5F49B17C4DB52AC0539EB1F6EF3CBF6869321F5C87D94217EDC68
SHA-512:DD238A083185907B253C37FB1D82093DD3D6304F52711E92245825A00770360828ECCA7CAEE5A131A8EBBD7D54BE009B87ACF75EB03967F76493C32C079B85EE
Malicious:false
Preview:SQLite format 3......@ ..........................................................................$.......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:SQLite Rollback Journal
Category:dropped
Size (bytes):8720
Entropy (8bit):3.284805616009467
Encrypted:false
SSDEEP:48:7MTom1Ckiomviom2om1Nom1Aiom1RROiom1oom1pom1gZiomVsiomgDqQlmFTIFr:7dkMOhoCsDN49IVXEBodRBkA
MD5:D6042AEFB27773536DFFFDA0BC7BD959
SHA1:030C92322E67D2E71A100A03CD37DFBFA0AB54C2
SHA-256:48B446FA4BCDBF38B6C46D3F312436F31F781EFD3373ECC9280446973AECB1FE
SHA-512:7B87C94CBC8BCA1E0082D2C6419C26209207BF230F166BA15F6365F49CFC4285AE57AF00AF996AF419ED6F7083013167D47C165B5F5F5CBDEED3BF1A9609CC23
Malicious:false
Preview:.... .c.......b...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s........L.s.y................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:PostScript document text
Category:dropped
Size (bytes):157443
Entropy (8bit):5.172039478677
Encrypted:false
SSDEEP:1536:amNTjRlaRlQShhp2VpMKRhWa11quVJzlzofqG9Z0ADWp1ttawvayKLWbVG3+2:RNj3aRlQShhp2VpMKRhWa11quVJX2
MD5:A2C6972A1A9506ACE991068D7AD37098
SHA1:BF4D2684587CF034BCFC6F74CED551F9E5316440
SHA-256:0FB687D20C49DDBADD42ABB489C3B492B5A1893352E2F4B6AA1247EFE7363F65
SHA-512:4D03884CA5D1652A79E6D55D8F92F4D138C47D462E05C3E6A685DA6742E98841D9C63720727203B913A179892C413BFB33C05416E1675E0CF80DA98BE90BA5E4
Malicious:false
Preview:%!Adobe-FontList 1.16.%Locale:0x409..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Marlett.FamilyName:Marlett.StyleName:Regular.MenuName:Marlett.StyleBits:0.WeightClass:500.WidthClass:5.AngleClass:0.FullName:Marlett.WritingScript:Roman.WinName:Marlett.FileLength:27724.NameArray:0,Win,1,Marlett.NameArray:0,Mac,4,Marlett.NameArray:0,Win,1,Marlett.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:ArialMT.FamilyName:Arial.StyleName:Regular.MenuName:Arial.StyleBits:0.WeightClass:400.WidthClass:5.AngleClass:0.FullName:Arial.WritingScript:Roman.WinName:Arial.FileLength:1036584.NameArray:0,Win,1,Arial.NameArray:0,Mac,4,Arial.NameArray:0,Win,1,Arial.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Arial-BoldMT.FamilyName:Arial.StyleName:Bold.MenuName:Arial.StyleBits:2.WeightClass:700.WidthClass:5.AngleClass:0.FullName:Arial Bold.WritingScript:Roman.WinName:Arial Bold.FileLength:980756.NameArray:0,Win,1,Arial.NameArray:0,Mac,4,Arial Bold.NameAr
Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:PostScript document text
Category:dropped
Size (bytes):157443
Entropy (8bit):5.172039478677
Encrypted:false
SSDEEP:1536:amNTjRlaRlQShhp2VpMKRhWa11quVJzlzofqG9Z0ADWp1ttawvayKLWbVG3+2:RNj3aRlQShhp2VpMKRhWa11quVJX2
MD5:A2C6972A1A9506ACE991068D7AD37098
SHA1:BF4D2684587CF034BCFC6F74CED551F9E5316440
SHA-256:0FB687D20C49DDBADD42ABB489C3B492B5A1893352E2F4B6AA1247EFE7363F65
SHA-512:4D03884CA5D1652A79E6D55D8F92F4D138C47D462E05C3E6A685DA6742E98841D9C63720727203B913A179892C413BFB33C05416E1675E0CF80DA98BE90BA5E4
Malicious:false
Preview:%!Adobe-FontList 1.16.%Locale:0x409..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Marlett.FamilyName:Marlett.StyleName:Regular.MenuName:Marlett.StyleBits:0.WeightClass:500.WidthClass:5.AngleClass:0.FullName:Marlett.WritingScript:Roman.WinName:Marlett.FileLength:27724.NameArray:0,Win,1,Marlett.NameArray:0,Mac,4,Marlett.NameArray:0,Win,1,Marlett.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:ArialMT.FamilyName:Arial.StyleName:Regular.MenuName:Arial.StyleBits:0.WeightClass:400.WidthClass:5.AngleClass:0.FullName:Arial.WritingScript:Roman.WinName:Arial.FileLength:1036584.NameArray:0,Win,1,Arial.NameArray:0,Mac,4,Arial.NameArray:0,Win,1,Arial.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Arial-BoldMT.FamilyName:Arial.StyleName:Bold.MenuName:Arial.StyleBits:2.WeightClass:700.WidthClass:5.AngleClass:0.FullName:Arial Bold.WritingScript:Roman.WinName:Arial Bold.FileLength:980756.NameArray:0,Win,1,Arial.NameArray:0,Mac,4,Arial Bold.NameAr
File type:PDF document, version 1.4, 1 pages (zip deflate encoded)
Entropy (8bit):7.910573518060675
TrID:
  • Adobe Portable Document Format (5005/1) 100.00%
File name:JENNIFER JORDAN (CUS_8372173) HEW4256968 2023-03-17.pdf
File size:155218
MD5:ed486681dcd03f31ecd5a5438b03af9d
SHA1:fdfa163c32f5eefb317c264be6b1fa9ae56b3177
SHA256:8e1b87a97e4f8cf3bc83160093d8fb6370c801e61387609a4e42b520495e0547
SHA512:748eb660247dd2660e9fc0bbf2b4d3a55d44bb32b632c9b49a10950df4152ed9e4fa1745edf0bf14675125110e64480a1c97febdf445106c9016480362258214
SSDEEP:3072:pU6Ur0/dLlJXFk/KV4Bofu8NQ3q3T70tuDElUj04/pSNZYCZ:p3I0/dLlJXuSVGo9j0tuDElUj0zp
TLSH:FFE3AD518870BB46ED914C3853A56FAF010D392F1BEA0609BC5DDB8B7343D9B35AF982
File Content Preview:%PDF-1.4.%.....2 0 obj.<</Filter/FlateDecode/Length 2653>>stream.x..[ks.H.....[..&UN[...O.1.0.c.c2.J....a..#..L......At#..O..p.>......|o].[\.+...[.q.S.{.z..I7......(...$*..J....../...K]..t.......t....(\..)..!..p_.H...C.... ....@....1%..r..G...W6L...o]...8
Icon Hash:74ecccdcd4ccccf0

General

Header:%PDF-1.4
Total Entropy:7.910574
Total Bytes:155218
Stream Entropy:7.912780
Stream Bytes:151949
Entropy outside Streams:5.712969
Bytes outside Streams:3269
Number of EOF found:1
Bytes after EOF:
NameCount
obj17
endobj17
stream8
endstream8
xref1
trailer1
startxref1
/Page1
/Encrypt0
/ObjStm0
/URI0
/JS0
/JavaScript0
/AA0
/OpenAction0
/AcroForm0
/JBIG2Decode0
/RichMedia0
/Launch0
/EmbeddedFile0

Image Streams

IDDHASHMD5Preview
96864ce5d673e6d2acaf841feb608b7479cdb7ca153480105
140000000000000000c8596c423c17e425c4cd4207def7f775
13000e17236b33160d78d4e95831d7e8eff1e9c139a8ec2355
Report size exceeds maximum size, go to the download page of this report and download PCAP to see all network behavior.

Click to jump to process

Click to jump to process

Click to dive into process behavior distribution

Click to jump to process

Target ID:0
Start time:07:51:36
Start date:21/03/2023
Path:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Wow64 process (32bit):true
Commandline:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\user\Desktop\JENNIFER JORDAN (CUS_8372173) HEW4256968 2023-03-17.pdf
Imagebase:0xc0000
File size:2571312 bytes
MD5 hash:B969CF0C7B2C443A99034881E8C8740A
Has elevated privileges:true
Has administrator privileges:true
Programmed in:C, C++ or other language
Reputation:high

Target ID:1
Start time:07:51:41
Start date:21/03/2023
Path:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit):true
Commandline:"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
Imagebase:0x12f0000
File size:9475120 bytes
MD5 hash:9AEBA3BACD721484391D15478A4080C7
Has elevated privileges:true
Has administrator privileges:true
Programmed in:C, C++ or other language
Reputation:high

No disassembly