Analysis
-
max time kernel
158s -
max time network
166s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
06-02-2024 21:46
Behavioral task
behavioral1
Sample
958b4ea7e160137f31e8624ba133547b.pdf
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
958b4ea7e160137f31e8624ba133547b.pdf
Resource
win10v2004-20231215-en
General
-
Target
958b4ea7e160137f31e8624ba133547b.pdf
-
Size
7KB
-
MD5
958b4ea7e160137f31e8624ba133547b
-
SHA1
47ebbd48d84449b22b7bfbc7dcf2a56c1a201dfd
-
SHA256
e2f53ef3b8439c2fada5164b998a60813154770433a18d9e60ef306a4db80378
-
SHA512
338b3f0fa86ccd9df7b9082f6b12a783ec0d68fcdb2a9d21931680382d4bfb75e2ac07765c5a3f05ad6449cb15e13a5ab58ed4950cdd315ef4d0ec4d24e757e4
-
SSDEEP
192:6D52BKugdwsWSZwFNsGpofFOJZj85zlvpcphbZJp:6D58KugdwcUJofFeZj85zlaDB
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes:
AcroRd32.exedescription ioc process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz AcroRd32.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 AcroRd32.exe -
Processes:
AcroRd32.exedescription ioc process Key created \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION AcroRd32.exe -
Suspicious behavior: EnumeratesProcesses 20 IoCs
Processes:
AcroRd32.exepid process 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
Processes:
AcroRd32.exepid process 4284 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 8 IoCs
Processes:
AcroRd32.exepid process 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe 4284 AcroRd32.exe -
Suspicious use of WriteProcessMemory 64 IoCs
Processes:
AcroRd32.exeRdrCEF.exedescription pid process target process PID 4284 wrote to memory of 4484 4284 AcroRd32.exe RdrCEF.exe PID 4284 wrote to memory of 4484 4284 AcroRd32.exe RdrCEF.exe PID 4284 wrote to memory of 4484 4284 AcroRd32.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3776 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe PID 4484 wrote to memory of 3988 4484 RdrCEF.exe RdrCEF.exe
Processes
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\958b4ea7e160137f31e8624ba133547b.pdf"1⤵
- Checks processor information in registry
- Modifies Internet Explorer settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4284 -
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=165140432⤵
- Suspicious use of WriteProcessMemory
PID:4484 -
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=F60C9C4C6FCD516AC9A9B9E337A743DF --mojo-platform-channel-handle=1744 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:3776
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=E55760B032F31D0364A210CB3C263135 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=E55760B032F31D0364A210CB3C263135 --renderer-client-id=2 --mojo-platform-channel-handle=1756 --allow-no-sandbox-job /prefetch:13⤵PID:3988
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=2A3FCDBDD95098B4E49350A871F69423 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=2A3FCDBDD95098B4E49350A871F69423 --renderer-client-id=4 --mojo-platform-channel-handle=2180 --allow-no-sandbox-job /prefetch:13⤵PID:2548
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=A638B736619AB713391DC3D96516A634 --mojo-platform-channel-handle=2572 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:4824
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=284A0AB0C97C2875BB11DE7C8839D24F --mojo-platform-channel-handle=1964 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:2828
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=2B7D5CBBB6DFA9161BE29D3BEF35ACB0 --mojo-platform-channel-handle=2596 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:4812
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=DC2289FE9DDA09CAD6586823AF4BF66F --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=DC2289FE9DDA09CAD6586823AF4BF66F --renderer-client-id=10 --mojo-platform-channel-handle=1912 --allow-no-sandbox-job /prefetch:13⤵PID:2632
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=165140432⤵PID:1436
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:2772
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
64KB
MD590a96a1a4e222c6db08a9470903df54f
SHA15665ac34dc737224188c4a4dcbc8f8ccd3bd9091
SHA256416c3e6bd71260093d95d653f12c82774d689e5f110f475116c6207ba7e42286
SHA51256d3cf8a4a5d998a20508ea521b81aa21a9171a905db6461ad2b466317857cd7cdbb6e740bb3f5228107645120710a75040aab891ad6f72e96009f607b58f113
-
Filesize
56KB
MD5752a1f26b18748311b691c7d8fc20633
SHA1c1f8e83eebc1cc1e9b88c773338eb09ff82ab862
SHA256111dac2948e4cecb10b0d2e10d8afaa663d78d643826b592d6414a1fd77cc131
SHA512a2f5f262faf2c3e9756da94b2c47787ce3a9391b5bd53581578aa9a764449e114836704d6dec4aadc097fed4c818831baa11affa1eb25be2bfad9349bb090fe5