Overview
overview
7Static
static
4var www ht...r.html
windows10-2004-x64
1var www ht...a.html
windows10-2004-x64
1var www ht...x.html
windows10-2004-x64
1var www ht...g.html
windows10-2004-x64
1var www ht...3.html
windows10-2004-x64
1var www ht...e3.xml
windows10-2004-x64
3var www ht...ase.js
windows10-2004-x64
1var www ht...b5a.js
windows10-2004-x64
1var www ht...b5a.js
windows10-2004-x64
1var www ht...b5a.js
windows10-2004-x64
1var www ht...b5a.js
windows10-2004-x64
1var www ht...b5a.js
windows10-2004-x64
1var www ht...b5a.js
windows10-2004-x64
1var www ht...b5a.js
windows10-2004-x64
1var www ht...b5a.js
windows10-2004-x64
1var www ht...b5a.js
windows10-2004-x64
1var www ht...-1.pdf
windows10-2004-x64
1var www ht...ed.pdf
windows10-2004-x64
1var www ht...ka.pdf
windows10-2004-x64
1var www ht...CH.exe
windows10-2004-x64
7var www ht...is.exe
windows10-2004-x64
1var www ht...des.js
windows10-2004-x64
1var www ht...css.js
windows10-2004-x64
1var www ht...js/.js
windows10-2004-x64
1var www ht...30a.js
windows10-2004-x64
1var www ht...a5f.js
windows10-2004-x64
1var www ht...b5a.js
windows10-2004-x64
1var www ht...son.js
windows10-2004-x64
1var www ht...x.html
windows10-2004-x64
1var www ht...bed.js
windows10-2004-x64
1var www ht...c.html
windows10-2004-x64
1var www ht...0.html
windows10-2004-x64
1Analysis
-
max time kernel
141s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20230703-en -
resource tags
arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system -
submitted
19-07-2023 21:09
Behavioral task
behavioral1
Sample
var www html kemhan/wp-content/themes/menhan/css/AjaxLoader.html
Resource
win10v2004-20230703-en
Behavioral task
behavioral2
Sample
var www html kemhan/wp-content/themes/menhan/css/fotorama.html
Resource
win10v2004-20230703-en
Behavioral task
behavioral3
Sample
var www html kemhan/wp-content/themes/menhan/css/[email protected]
Resource
win10v2004-20230703-en
Behavioral task
behavioral4
Sample
var www html kemhan/wp-content/themes/menhan/css/grabbing.html
Resource
win10v2004-20230703-en
Behavioral task
behavioral5
Sample
var www html kemhan/wp-content/themes/menhan/fonts/fontawesome-webfont93e3.html
Resource
win10v2004-20230703-en
Behavioral task
behavioral6
Sample
var www html kemhan/wp-content/themes/menhan/fonts/fontawesome-webfont93e3.xml
Resource
win10v2004-20230703-en
Behavioral task
behavioral7
Sample
var www html kemhan/wp-content/themes/menhan/gallery/jquery.aw-showcase.js
Resource
win10v2004-20230703-en
Behavioral task
behavioral8
Sample
var www html kemhan/wp-content/themes/menhan/js/accordion6b5a.js
Resource
win10v2004-20230703-en
Behavioral task
behavioral9
Sample
var www html kemhan/wp-content/themes/menhan/js/fotorama6b5a.js
Resource
win10v2004-20230703-en
Behavioral task
behavioral10
Sample
var www html kemhan/wp-content/themes/menhan/js/jquery.bxslider6b5a.js
Resource
win10v2004-20230703-en
Behavioral task
behavioral11
Sample
var www html kemhan/wp-content/themes/menhan/js/jquery.min6b5a.js
Resource
win10v2004-20230703-en
Behavioral task
behavioral12
Sample
var www html kemhan/wp-content/themes/menhan/js/main6b5a.js
Resource
win10v2004-20230703-en
Behavioral task
behavioral13
Sample
var www html kemhan/wp-content/themes/menhan/js/modal/js/basic6b5a.js
Resource
win10v2004-20230703-en
Behavioral task
behavioral14
Sample
var www html kemhan/wp-content/themes/menhan/js/modal/js/jquery.simplemodal6b5a.js
Resource
win10v2004-20230703-en
Behavioral task
behavioral15
Sample
var www html kemhan/wp-content/themes/menhan/js/owl.carousel6b5a.js
Resource
win10v2004-20230703-en
Behavioral task
behavioral16
Sample
var www html kemhan/wp-content/themes/menhan/js/zozo.tabs.min6b5a.js
Resource
win10v2004-20230703-en
Behavioral task
behavioral17
Sample
var www html kemhan/wp-content/uploads/2022/07/WIRA-MASTER-edisi-iI-INDKompelite-1.pdf
Resource
win10v2004-20230703-en
Behavioral task
behavioral18
Sample
var www html kemhan/wp-content/uploads/How-to-Response-Against-Web-Security-Incident-signed.pdf
Resource
win10v2004-20230703-en
Behavioral task
behavioral19
Sample
var www html kemhan/wp-content/uploads/Komponen_Dasar_Elektronika.pdf
Resource
win10v2004-20230703-en
Behavioral task
behavioral20
Sample
var www html kemhan/wp-content/uploads/PDFReader_CRACK_FULL_PATCH.exe
Resource
win10v2004-20230703-en
Behavioral task
behavioral21
Sample
var www html kemhan/wp-content/uploads/slowloris.exe
Resource
win10v2004-20230703-en
Behavioral task
behavioral22
Sample
var www html kemhan/wp-includes/.wp-includes.js
Resource
win10v2004-20230703-en
Behavioral task
behavioral23
Sample
var www html kemhan/wp-includes/css/.css.js
Resource
win10v2004-20230703-en
Behavioral task
behavioral24
Sample
var www html kemhan/wp-includes/js/.js
Resource
win10v2004-20230703-en
Behavioral task
behavioral25
Sample
var www html kemhan/wp-includes/js/jquery/jquery-migrate.min330a.js
Resource
win10v2004-20230703-en
Behavioral task
behavioral26
Sample
var www html kemhan/wp-includes/js/jquery/jquery4a5f.js
Resource
win10v2004-20230703-en
Behavioral task
behavioral27
Sample
var www html kemhan/wp-includes/js/wp-embed.min6b5a.js
Resource
win10v2004-20230703-en
Behavioral task
behavioral28
Sample
var www html kemhan/wp-json/.wp-json.js
Resource
win10v2004-20230703-en
Behavioral task
behavioral29
Sample
var www html kemhan/wp-json/index.html
Resource
win10v2004-20230703-en
Behavioral task
behavioral30
Sample
var www html kemhan/wp-json/oembed/.oembed.js
Resource
win10v2004-20230703-en
Behavioral task
behavioral31
Sample
var www html kemhan/xmlrpc.html
Resource
win10v2004-20230703-en
Behavioral task
behavioral32
Sample
var www html kemhan/xmlrpc0db0.html
Resource
win10v2004-20230703-en
General
-
Target
var www html kemhan/wp-content/uploads/Komponen_Dasar_Elektronika.pdf
-
Size
848KB
-
MD5
fb406da71c9b33210c67dd81e09b7cd6
-
SHA1
166fedde7e90497299037405131448b5f1827326
-
SHA256
36bd45527bdb2c2874012235caa3cd4be2f0e5976fa8f60b4ae2b0fc8b7d3f4b
-
SHA512
5e339baadb933cb0c66978f5895f33cb3ed297742605d12b471834b66930c72cb9e7408262381e9ff399cf1f395f32f322d1f66020138b407a872d8005491125
-
SSDEEP
24576:BecH800zHkhlU9054gHCQneTvtRWTJp2Xj1:BZHF0jkheE4P4e7DWdgz1
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 AcroRd32.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz AcroRd32.exe -
description ioc Process Key created \REGISTRY\USER\S-1-5-21-3195054982-4292022746-1467505928-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION AcroRd32.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 4572 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 5 IoCs
pid Process 4572 AcroRd32.exe 4572 AcroRd32.exe 4572 AcroRd32.exe 4572 AcroRd32.exe 4572 AcroRd32.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 4572 wrote to memory of 764 4572 AcroRd32.exe 89 PID 4572 wrote to memory of 764 4572 AcroRd32.exe 89 PID 4572 wrote to memory of 764 4572 AcroRd32.exe 89 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4280 764 RdrCEF.exe 91 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92 PID 764 wrote to memory of 4612 764 RdrCEF.exe 92
Processes
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\var www html kemhan\wp-content\uploads\Komponen_Dasar_Elektronika.pdf"1⤵
- Checks processor information in registry
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4572 -
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=165140432⤵
- Suspicious use of WriteProcessMemory
PID:764 -
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=46D8FC334CFA80D1096DC3700D506BED --mojo-platform-channel-handle=1732 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:4280
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=3CD1269D5F530BFD454570B272D90D84 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=3CD1269D5F530BFD454570B272D90D84 --renderer-client-id=2 --mojo-platform-channel-handle=1752 --allow-no-sandbox-job /prefetch:13⤵PID:4612
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=7E55613A043BF311855540D51C74C595 --mojo-platform-channel-handle=2312 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:2552
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=A1DE84ADE0C9A1330BE775E839962CA4 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=A1DE84ADE0C9A1330BE775E839962CA4 --renderer-client-id=5 --mojo-platform-channel-handle=2340 --allow-no-sandbox-job /prefetch:13⤵PID:1456
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=B2DB376C2D76EBCCF98761716E80DCBB --mojo-platform-channel-handle=2560 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:4972
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=50E02862DFB67BD86BDAB4B2C766B2E7 --mojo-platform-channel-handle=2664 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:2096
-
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
64KB
MD5e7747ad9f4929821f11c5edaf00c6938
SHA18544a84e2d10ce6510069fa7740122dd3be4dc1f
SHA256fb578e5997c21c2a3c12226fb482f54938b364582cbd7b5f31222b2c4e319941
SHA5121dd3c2fcb96dc5d6e9029dbe22369dfba59f69a925952910e06d46ce52452547c2046e9045a4144ba06461a4cbf505b2759f4ec12f5e46be993313259834c967
-
Filesize
64KB
MD5fd9c0a902a22023900c00775a0073857
SHA14406a4ce59a247610618982f916018828f0c1099
SHA2562a81998eacef03552e14195a730f0c7e17b0fb48f9192d6eb07fc1a3c7c2fa46
SHA5124fed7dc402242d977408b2dcef50f799b27c5bfce86ac9e3499bffd3dd4c056335b739811c0ac81ab4449483f6f95c3cb5240c257ee6382f107f3490e4e1cad9