ee65e9d7a7bc9d17e894e0b775fc0bbfb35e72c65c3d768e34bfe059d521cc16

Resubmissions

21-01-2024 14:52

240121-r8syqaeac7 10

21-01-2024 14:51

240121-r8k8waeac5 10

01-01-2024 13:55

240101-q776kscacp 10

Analysis

max time kernel
144s
max time network
161s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
21-01-2024 14:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
Size

11KB
MD5

f4d8bb082b0d03efd6990cc2f4336165
SHA1

48abb4773cdc2c70ea90aa4f38a8942f8bca60f3
SHA256

e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db
SHA512

2fca524f0aa0f3bf9605f8a7007dfe14f1383f976ce519299fc0991a073d78961ecf1c1d84671016f8814dd55dcf78a7c8d1ebe86cd7f59c53f1874e8a0d65da
SSDEEP

192:5QEguYoCj6K4KRUZJqBEjTedm53AebdKS5p:5GOKRUZ9aC7

Score

9^/10

ransomware spyware stealer

Malware Config

Signatures

Renames multiple (3222) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.1.7_1.7.25531.0_x64__8wekyb3d8bbwe\logo.png.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\LTR\contrast-black\LargeTile.scale-100.png.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\ca-es\ui-strings.js.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\css\main.css.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\generic-rhp-app\images\example_icons2x.png.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\images\themes\dark\core_icons.png.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Locales\lv.pak.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ca.pak.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files\Microsoft Office\root\Office16\LogoImages\FirstRunLogoSmall.contrast-black_scale-140.png.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\app\dev\nls\de-de\ui-strings.js.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\nls\cs-cz\ui-strings.js.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\nls\fi-fi\ui-strings.js.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\fullscreen-hover.svg.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\scan-2x.png.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\css\main-selector.css.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ro.pak.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\js\nls\da-dk\ui-strings.js.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_pt_135x40.svg.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\SecondaryTiles\TrafficHub\contrast-black\LargeTile.scale-100.png.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\delete.svg.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sample-files\js\nls\fi-fi\ui-strings.js.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Appstore\Download_on_the_App_Store_Badge_zh_tw_135x40.svg.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\js\nls\sv-se\ui-strings.js.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\el_get.svg.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\images\email\dummy\adobe-old-logo.jpg.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\Unlock.png.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_selectlist_checkmark_18.svg.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\js\nls\nl-nl\ui-strings.js.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\js\nls\root\ui-strings.js.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected]	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\plugin.js.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Locales\ru.pak.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fi.pak.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\jquery-ui-1.8.13.custom.css.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19071.19011.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\MoviesAnywhereLogoWithTextDark.scale-100.png.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\AddressBook2x.png.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\js\nls\en-ae\ui-strings.js.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\nls\eu-es\ui-strings.js.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\share.svg.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\tools\themes\dark\circle_2x.png.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\fi_get.svg.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_folder-focus_32.svg.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-recent-files\js\nls\uk-ua\ui-strings.js.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\js\nls\de-de\ui-strings.js.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected]	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\themes\dark\illustrations.png.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\generic-rhp-app\css\main-selector.css.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\upsell.png.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Locales\kok.pak.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\core_icons_fw.png.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected]	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\en-us\jscripts\wefgallery_strings.js.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\js\nls\fr-ma\ui-strings.js.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\example_icons2x.png.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\images\s_checkbox_unselected_18.svg.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files\Java\jre-1.8\lib\images\cursors\win32_MoveNoDrop32x32.gif.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_gloss-wave_35_f6a828_500x100.png.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files\WindowsApps\Microsoft.Xbox.TCUI_1.23.28002.0_x64__8wekyb3d8bbwe\Assets\AppIcon.png.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\hi_contrast\core_icons__retina_hiContrast_wob.png.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\PlayStore_icon.svg.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\nls\hr-hr\ui-strings.js.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\nls\root\ui-strings.js.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\images\themes\dark\s_listview_18.svg.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\forms_received.gif.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\mib.bin.doyuk2	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	888	e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe

C:\Users\Admin\AppData\Local\Temp\e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe
"C:\Users\Admin\AppData\Local\Temp\e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe"
1⤵
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious use of AdjustPrivilegeToken
PID:888

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\natives_blob.bin.doyuk2

Filesize
16B

MD5
5ab7a7f5fa25f0ad501bc2ac764759b6

SHA1
79971488f3d791f2c955f0563aca40d5d70e6055

SHA256
8510cb76bfbc230ea8a4a9b0f1269c133b7330d7d205f2b26ed143998a7a2aa3

SHA512
84afaadd21f69c3f1d96cead9b3789a9c110cee08fe1de3756f25644649c64256d23ef854647ed0c85b719bfc6be445b700e6854ad647d0998589e92ba793df8

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_remove_18.svg.doyuk2

Filesize
720B

MD5
8f1ed8562f58d8bc0303b1e504124125

SHA1
abe1a7888707d2e6437eedef66d24736983ab158

SHA256
20b518672837af5770182849e9e404983c67c503853d75f08265743f1e6d7827

SHA512
bfb437dfa6bb51d95387822fc583b02ac8554c26644b4828becb228febf578f45a3f03257a04c14ff5fecb0dd0695b3df2de06e9bfc1011193ca3c52a5e76453

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\images\example_icons.png.doyuk2

Filesize
688B

MD5
e8f347b73fa805745291452c9593ac2b

SHA1
fbd183375c7f4ef5aafed2f19cb6a3eb347555d6

SHA256
3ebdfaeb0805fc46accd50a9f5ee18ab1cddd3ff3c8b3bd3c9489f00ca1afe30

SHA512
0021a369d1c37797d68b146bc07113bde83bdb47cf815e5ac1695d014efc55474809c693dfa7c9f6854b6a80247e56a56fc4b0243f8b32807eeeffd63683e9d2

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\images\example_icons2x.png.doyuk2

Filesize
1KB

MD5
f961d8604a562163959b01b15695571c

SHA1
d98541fcf74e290512a5f84f58a47d9b793151a4

SHA256
3bc15d9c827bd0e6e3957efe94f48ac151df27a981d983d6f2b967eaf8b94151

SHA512
3c9a7a64ce15b0e061e19626dfa44109d0bbfb24aca2b6e86f8f05ca4ae0dc0f14acd804eff440d1fdbe931a27f76c2f267bc4c05f8673156b37686bf36e8a38

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon.png.doyuk2

Filesize
448B

MD5
9e92174628785732e19b9f48e9c0945f

SHA1
dcb322b38d76eddf43282654e91f8220fd17001c

SHA256
7d6fb7bcc1156877e5ea368372d10283be9076caaf4e91bc1ce7ec295de6f0c7

SHA512
e382a1ff3ebf6e942beeecb5133dbec6593adc6aaac7510f756f569ef1c91bf140c96b200d43cb67b708fa05ac3d256dd37a95d83b4619c98ff9e28cb6d4ea83

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_2x.png.doyuk2

Filesize
624B

MD5
16ff806894c5a12af695a49f7ae391a9

SHA1
a422edd0ac26749d5a085a667530d6762baaffb2

SHA256
cb8deff7cbf7f1d9f3d2162a21a43075406f1e727a0f40344d20c0caaff24bbe

SHA512
65e1d8f60e7804e43dc79516dc3f81c316721827a0e92831b30a3829e97e1489956fa81549098840a7e72700c76b6bf52236d4edafbe38018af584d680001244

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover.png.doyuk2

Filesize
400B

MD5
9431f2d4690a4fafb80be2f9442c5238

SHA1
1dfdec1428652b2fff1ae6bf9c8e09af200826cf

SHA256
9c3043b2498d7d029945780c511882ccfaf3d1904d832981eaf10b49c3449e8a

SHA512
1fb34c3e8522d3201e7e18fae53078ddbc56a8b306d5b8608e2ef55d40476300ef6881ef34c8c45a7d6d20965608911e039dd91377d2f975374b9dee638374b1

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover_2x.png.doyuk2

Filesize
560B

MD5
08243c0cd95ce9d3cf9dddab53f4430b

SHA1
5ef6bf177fe3f95bd9cccc0e51628987c3a4fa0f

SHA256
7c3015c21df146a0d76955e3b9973f6e9078c8d26fa8d7978116b42cfbd3e437

SHA512
d326dcdb6247f79ffea903551b8a6c8df57d6ac4f53381838fecd9c781245bded750f00ecd29a3639a0094c8ef354efd18df7d5b4821984273a6fbfa2ba280c3

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon.png.doyuk2

Filesize
400B

MD5
7b7aabe39e7db57286aa4e119e04e471

SHA1
6516f98b6a47886998bee2a6ab822f29dffd050c

SHA256
f13663d759e40cca4fb403310077aaf82b3d43266e90b88b1672c3c3159df66c

SHA512
bdb575081082a2fdddb70d7c5ba5f1c1636e8f93a7afb7b79d1c192fb778fbb14b4a806fa9a0abed47ec86896f966c0eeaee69d31d9a8b66844c28a4c174e8ca

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png.doyuk2

Filesize
560B

MD5
66f16983b98dee67d637047b8beb804f

SHA1
8489734ddba90785b406476b779705588bb9d395

SHA256
f8795930ca225982038b38ad25f4b2154137a486e504a03b2c144d06fa6567a9

SHA512
33d2bd4fd1051d93b1a7b28f9f5653babb05e74fbec5e450cc5faf5eee3064376a0d0badc64aef320271d0817b83cd61a41dd9e09d23fbe218677de1ce6b2d9e

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png.doyuk2

Filesize
400B

MD5
2335db94ba007c1e45a155a116df38bb

SHA1
9b7fc766a3c5e0cd8f61b38965ae5667aad77194

SHA256
9a477c0f56e6d41f5a9f0fe172fda24a873ea135cfa357efd73507df02fd1970

SHA512
f2b6ae1fcdaa0231eda2c5c972ce890d34bf8a62b22cf4559bd2304fbe66a2f0e6cb763749d5b7077772f29c323ec74691fc7e974b01ab9ee11e7fa9f79cf4d2

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_hover_2x.png.doyuk2

Filesize
560B

MD5
0d068acf89877810004654cf1da546f6

SHA1
d3af98bf53b9c552b23b428244fed2584c1e3b4d

SHA256
6bcac45f0508e885ce92c43d3323554b12362103b6b8e97c2a6a65c97a7e49d8

SHA512
3b57bca49e550e8c75a470ecd36606bfc7a2b3dc0d8079a91152d5adcd4453b7a95536626c40022a321df89a15f3281bf263e660fb4b462efa793aa056077f0d

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons.png.doyuk2

Filesize
7KB

MD5
73bbaade9672be0fee0e6d9ae6c519fd

SHA1
1d9c11bc72d98b44e3e58a0deaae716d9f39541a

SHA256
cc42b2c57eeb7df80f562a78b6485e37f3d11d302f76b9caa8b95c3cd933eded

SHA512
57fabb4c79e18a085f7a853deb1806b00119f47cabede220b74e4a3fe084946df438df7c44f202e51bb0e293e7cb5f5565e8921bf021982ac9c4af2111e40c43

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons_ie8.gif.doyuk2

Filesize
7KB

MD5
20129228802637f5a7d12a158b43e9fb

SHA1
1eb954cd293c2cd16dc5c3dc378f4e75802b9767

SHA256
6232b7a662f4cf7cb3f6885c189c3a618e3ab961aa77252cf0c9498168faefa6

SHA512
6a7407271195cf78f438a0d3228b6876348f574c3c5793db1f7a76523b8682cd53aa4deeba759fe211e88186dd34941a4a89a19db5b0614a2a9ce328f080cb56

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons_retina.png.doyuk2

Filesize
15KB

MD5
7bf220e09763cac0aa194a0ec52e4937

SHA1
b923e925ccb131d88c6b7f4ee6a58d8a4625e1ce

SHA256
86d2e69ce052e7015ef1952f96621bc17d993a96a070f040f3ee5cc4436704fe

SHA512
062847bbe1a4c91d0d451c5bd5b72af7f487c10956a5157c3e2d7737233c198a5256bb58ce14b4fadf781183def194bc6810c619273b139e3d38d17bcf0199cd

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\new_icons.png.doyuk2

Filesize
8KB

MD5
71fb33072259f1a2dbb9f5d3961c8a78

SHA1
b41057874fec628f01cd10e0af12f1346a310594

SHA256
67756798b44d8dce97f2fc8166e2dbf59e7f6c7465434384cf978850df9b80a0

SHA512
695cf2ad652410a113d899472bce3280da0b50092082cb5d93d028107ccd1f8a50a904d103469a8034603ef5c64e0e314d4d48ab65696720c065ee22c2516565

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\new_icons_retina.png.doyuk2

Filesize
17KB

MD5
87cd2e73ef1b18826a6dce7b29734694

SHA1
ed31690b561f5b245c0f804169fe8f36b98b2c99

SHA256
f45f7bc8dfcd35ebb505c45ad6fbaad38c3bad33129fda53a3301552d2442d5b

SHA512
25013232bcd8c4ad973fcd8496a181bb6a4a8837126c2b7c4e2164451ee0faf6f8889af46fdddb655b7b47758859194571a0440db3b1f69625c6e689aa55d8a7

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\bg_pattern_RHP.png.doyuk2

Filesize
192B

MD5
d79c7e261570a8c2d32f3bbe4fdf5c68

SHA1
bcf3f776503e2ddef09c722dc4d9ca0cfcf816bc

SHA256
bb296aa2733c28875542d749eca974c0ef35461ca7364180bcd45ef427d1b0a5

SHA512
5feef9b5145d30c115552e3cdf6ead75ee753823a3e34d5a74b31ac21cd43f12a7cab398a1e04bfa7d423817d07f8cf05c108defd5777722fb947d9b3caffe9a

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\bg_patterns_header.png.doyuk2

Filesize
704B

MD5
c77c8ff6312cb921f8c31acccfce030b

SHA1
9e6dfa8202a82e1f13ab6bcd0ecfba04a9cb570a

SHA256
62d26f1bcdfe52f4c23f268f917bc4948372fa6f59125228f72471f305fd9083

SHA512
88ea5b2734b7a32695db5cbc93a9a0408118bf6d8b630e8c6879e4b7481d923ba85a369526e3893134c8ce40dae3e260e60f51ecc7446d2cbd8ebe2d570e3c5a

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\illustrations.png.doyuk2

Filesize
8KB

MD5
9e8a4cdd31cd92a1307ea59ede4d30a1

SHA1
c16616ff4cfa81fe5f019bce5d3049e98b2f6dd3

SHA256
d82a151bcd24471d93406217ecf4a6050b8a9c38a7fe57c2f01c87209775e023

SHA512
7b251e4b2d82b865827836bcf03735ee2b9b9677457876dc787fee82c8efd03be5f7ce0afd83b5454e21dacb08214230534c3e02f789ee804f421d4d709d5d65

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\illustrations_retina.png.doyuk2

Filesize
19KB

MD5
79b5542a8a7a1aeb85c1ef54f5b76a00

SHA1
d3f8352185a6c4773839de9fe213011cd39e6433

SHA256
b15032291df2494fe65094f178a52accd09e9888a43f5b328f32c310ea9bb68e

SHA512
4ff7ed43aacf968ad2a21b40ba2cf8996932b5e94e32fe14b9db8f6fd0c32fd9eab48f62563cf5236861fca602756e06cf055fd49784821eac2e7fd91846dd34

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\js\nls\en-gb\ui-strings.js.doyuk2

Filesize
832B

MD5
a13d11323f2719ac2a5e972c37d01461

SHA1
82aa4814baf007f6fc914df66fa01a16b448f8ae

SHA256
9f44d70a58aed6064de61f0526f721f24036f528381d4c7b8fa4d8d40814f78f

SHA512
355edb532debe6c0414e0a1918f926726ae5a386bf6ca6b979ac8d80227d0d87e1ff4fd93e107d437e51a406eba47a811d567fab6edc571d72fd0688eac05797

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\ui-strings.js.doyuk2

Filesize
1KB

MD5
516494129a7b6f04e5418dfaf472b355

SHA1
2b30570e9afcc3bb7fabec74f8441b254f89ec24

SHA256
3afb00843ca5485e9c10250396b7966a3c752fe40a8411ebc9171af6fc1fd3e9

SHA512
c9552ed6959465c5293c6282ebc4687a760d06699fa298df5592fe34918d2ba7eacf2dab823635ea5258a5d2c1a4e5cc3b9b4585698000506a5bd8923fec2836

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\ui-strings.js.doyuk2

Filesize
1KB

MD5
29afcb5ea9f3cd22cd63872b9151e0cc

SHA1
b5fa6b94454e5df47c265faedc4477384061c043

SHA256
7661cde2786a33b248f404af2cf9bbca03cda54ed28da8a1f7da5cde5adc6c63

SHA512
d0baff6ce23441a7571122c0175b83672313987c1fadebedf65839d64ada5e2b43d71b128228d90ea45968b1d1aa44f017cc10b231a098541c259c09051ed349

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\task-handler\css\main.css.doyuk2

Filesize
816B

MD5
d17d2ebcbb6a97e1f5916bbe4399fc02

SHA1
fa7834fbd82bc5c3e7db993956374acecccd0608

SHA256
38a5f6c38e08e3ad5ffa1b73e0ec6651dc19ee78143a53818bff393d85e0c563

SHA512
7083ca21f7bf318f197a7e7360e08a2529274cae00e0d28ed590da79b6b0f8051735745b385a56c84795f81306eb26c0c4f79297414007039395b8f9cc2ed743

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\bun.png.doyuk2

Filesize
2KB

MD5
003b5f6ebdf91ff8a926e88129aa1384

SHA1
f2f56a7e900ab16a2179871ee78777a31221a041

SHA256
72f853f005df680706644eebd579f47523d5c84b09535c6b517f7cc59f9187d0

SHA512
f7d2e4ee93e1008e10feed55a81800c6c36543f193257837abe3e6016b52d78023a47a50f641b85dbbc77ef8b63b904a66f6a463dbe042c1378cc833b09e52c3

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview.png.doyuk2

Filesize
2KB

MD5
0fb1bd940874d03e2abb499d7e26bfda

SHA1
a344d04824c9e6bcfeb4dd0081ead65ae111790c

SHA256
14b9b90dff426cb83ec2f65d98b6d99f211f0751b085611e8c9e675f2259e1c1

SHA512
8b82def5770c4adf650d44b8c8d1786132776d78f7abdf7ca62980d0cd11d5b6b4b71b1225545aefa80723e78806f1358b6b6571a278fed0a40f075c1b732b23

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview2x.png.doyuk2

Filesize
4KB

MD5
19a1c3baca5585e1898a2939ba89aa23

SHA1
4eef104dde5846642fa4d13dcbd77e775f7e97f6

SHA256
e42623e6fe8ca6e775333521fc660518c6eee50fd7ceef97be152a5b8ecd630e

SHA512
e9a2aa581521271e62f17734c4b58e1dc9177e6bc7dbdc6c8bcbbcb221eb375a130e1a34007f263c82338d452639b113fcf4e1635db843d0ccd0cceb311ef333

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small.png.doyuk2

Filesize
304B

MD5
2687891fbb3861250b63fb26d4f675cb

SHA1
745c074c2f3b235d4ca071c1ebe4416ae17bd822

SHA256
3b74ec6edf05e3ead4f8b2f3b412e422d7a86eb637391ef6de338da7f830359d

SHA512
3912f44675288ab0da621fe6b4d435f291e9399a069a10aca83c54c8e4947ddfd79b31c29e20d6680ce3776126d77ffbec653724b8106331961ae37c3b8f0214

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small2x.png.doyuk2

Filesize
400B

MD5
0a2f786f6fff7413ff39a1646ad44a5b

SHA1
b489ed58a63306d66cdd98c7777b3c8f4dee882a

SHA256
1eab24b185cc7400b256c4582c68a57f4a1cd5a84c74c394d89e359c2ee4202c

SHA512
558d67540c573b8613c29769e60447da5723a56f6196bfd6fd976b6742030e36b6e9d8c6df6ecdb151be836b43743e0058bb69a1ca63144d4c995c7b48a701d9

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\nub.png.doyuk2

Filesize
1008B

MD5
b0195db9ee0d14b7b37b2aefd8198bbd

SHA1
249a0c3ef76fb7d10128e76381b3437c385acfeb

SHA256
6c83574ae304c45ab536bf0467694ed8336777754f8ac524b2aca2f37fa5de8c

SHA512
9f87d9c2f38664da1f4211f8bf99e7f41e2ee48f3b2a84a281aeb3c536605b332ba38aee6718322ac23394e6dca8f09c52829fa7a5b7b9b62b7f4539dfc6f489

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons.png.doyuk2

Filesize
1KB

MD5
3e41c79bfda6af8c513d0049f55a401a

SHA1
6148bc2441699ba429378f9ddf0205993a040e75

SHA256
4f5d5c91034bd71d9dd895a5431912f369c8139ebc7100fcb028d498d3cec542

SHA512
1b23e4e28a35323b7481cb63b4f3b353262b23e9ad67a8a4936b751f0c57d89c04771008d3643128812e1864f2e00093912070cb1aa5c8d1604e1cb4a20c53b8

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons2x.png.doyuk2

Filesize
2KB

MD5
0f8f7b23e9ec84c870395d5328f272de

SHA1
dba421ddc90217729a758494b307a501b00b0609

SHA256
173bcf737da711a8cbe35caa224d67a94acf8f1b59e522556e469818bc7510d1

SHA512
29e5e78b2fe7f8a88ab010f8cb93a782770835ebfcfce91d55229beee7323bfac97e9bf1987a9e608b8b1ab6379e9029c30b77479b93693bfcf50779029a01ae

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\viewer\nls\nl-nl\ui-strings.js.doyuk2

Filesize
848B

MD5
3ff9df81c2e060f873aad784886b2c9e

SHA1
2b8e22f7b460663ac72dd26a74a58e849077e09f

SHA256
fbe827e7c24245a1fd8208d4bb110a0ce9e779ed01a2be0faf40a4469c7be0e1

SHA512
067d518b68f492293ec6c0e980d757ba42973f163521f2d6b988e21594ec8b585edc8e7227480051501ee16029e05e454073034967f87efa83aee1edef2651ef

Download Submit
C:\Program Files\Java\jre-1.8\lib\images\cursors\invalid32x32.gif.doyuk2

Filesize
160B

MD5
c5a8f0ac248005b6b0ad0be6e10c4dad

SHA1
1540b272f7843b6e82142f0dfcd48e1c175dc461

SHA256
4baea01770139cd6c9911d0cc803e510af0ca3ec2bfc07293986cd39663500f9

SHA512
6ed9c1f4a8b35e48c0d6571bf3b7aa7673adfb081a0d3e26fad2e6ca0f1d7533757c8ba9289a5c74315e3e63fec4dab93605d383ecf94c86eb12b7fd82f361a6

Download Submit
memory/888-7770-0x000000001B450000-0x000000001B460000-memory.dmp

Filesize
64KB

Download
memory/888-3710-0x00007FFCCAEA0000-0x00007FFCCB961000-memory.dmp

Filesize
10.8MB

Download
memory/888-299-0x000000001B450000-0x000000001B460000-memory.dmp

Filesize
64KB

Download
memory/888-199-0x00007FFCCAEA0000-0x00007FFCCB961000-memory.dmp

Filesize
10.8MB

Download
memory/888-0-0x00000000008D0000-0x00000000008DA000-memory.dmp

Filesize
40KB

Download
memory/888-19738-0x00007FFCCAEA0000-0x00007FFCCB961000-memory.dmp

Filesize
10.8MB

Download