Analysis
-
max time kernel
153s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
08-02-2024 02:42
Behavioral task
behavioral1
Sample
958b4ea7e160137f31e8624ba133547b.pdf
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
958b4ea7e160137f31e8624ba133547b.pdf
Resource
win10v2004-20231215-en
General
-
Target
958b4ea7e160137f31e8624ba133547b.pdf
-
Size
7KB
-
MD5
958b4ea7e160137f31e8624ba133547b
-
SHA1
47ebbd48d84449b22b7bfbc7dcf2a56c1a201dfd
-
SHA256
e2f53ef3b8439c2fada5164b998a60813154770433a18d9e60ef306a4db80378
-
SHA512
338b3f0fa86ccd9df7b9082f6b12a783ec0d68fcdb2a9d21931680382d4bfb75e2ac07765c5a3f05ad6449cb15e13a5ab58ed4950cdd315ef4d0ec4d24e757e4
-
SSDEEP
192:6D52BKugdwsWSZwFNsGpofFOJZj85zlvpcphbZJp:6D58KugdwcUJofFeZj85zlaDB
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes:
AcroRd32.exedescription ioc process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 AcroRd32.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz AcroRd32.exe -
Processes:
AcroRd32.exedescription ioc process Key created \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION AcroRd32.exe -
Suspicious behavior: EnumeratesProcesses 20 IoCs
Processes:
AcroRd32.exepid process 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
Processes:
AcroRd32.exepid process 4728 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 8 IoCs
Processes:
AcroRd32.exepid process 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe 4728 AcroRd32.exe -
Suspicious use of WriteProcessMemory 64 IoCs
Processes:
AcroRd32.exeRdrCEF.exedescription pid process target process PID 4728 wrote to memory of 2224 4728 AcroRd32.exe RdrCEF.exe PID 4728 wrote to memory of 2224 4728 AcroRd32.exe RdrCEF.exe PID 4728 wrote to memory of 2224 4728 AcroRd32.exe RdrCEF.exe PID 4728 wrote to memory of 1444 4728 AcroRd32.exe RdrCEF.exe PID 4728 wrote to memory of 1444 4728 AcroRd32.exe RdrCEF.exe PID 4728 wrote to memory of 1444 4728 AcroRd32.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 1140 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 2712 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 2712 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 2712 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 2712 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 2712 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 2712 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 2712 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 2712 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 2712 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 2712 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 2712 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 2712 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 2712 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 2712 2224 RdrCEF.exe RdrCEF.exe PID 2224 wrote to memory of 2712 2224 RdrCEF.exe RdrCEF.exe
Processes
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\958b4ea7e160137f31e8624ba133547b.pdf"1⤵
- Checks processor information in registry
- Modifies Internet Explorer settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4728 -
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=165140432⤵
- Suspicious use of WriteProcessMemory
PID:2224 -
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=C2DA12CDC035855656D1AA27BE604DBB --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=C2DA12CDC035855656D1AA27BE604DBB --renderer-client-id=2 --mojo-platform-channel-handle=1752 --allow-no-sandbox-job /prefetch:13⤵PID:1140
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=B42DBA677D0CD1EFFB591B65E7EA5105 --mojo-platform-channel-handle=1756 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:2712
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=26A4B37DCCA0EEA051EAB11AABB3B8EC --mojo-platform-channel-handle=2324 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:4284
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=95F06D9FD30840265F56261872F7B680 --mojo-platform-channel-handle=1684 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:1236
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=15E7FCB59637FB610BAFFD22CBAAA628 --mojo-platform-channel-handle=2024 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:2296
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=5DDB22A01FA4A0A1C057FF1310B7EBED --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=5DDB22A01FA4A0A1C057FF1310B7EBED --renderer-client-id=8 --mojo-platform-channel-handle=2084 --allow-no-sandbox-job /prefetch:13⤵PID:3704
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=6D71344F68498B02237AD2CBBF38E280 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=6D71344F68498B02237AD2CBBF38E280 --renderer-client-id=10 --mojo-platform-channel-handle=2320 --allow-no-sandbox-job /prefetch:13⤵PID:4316
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=165140432⤵PID:1444
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:4432
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
64KB
MD597974fd03a58d53b26836f101537e8f3
SHA168fc4656602c5246f2eece6c61a8640e27db810f
SHA256aa7aba2fecafc9b8f19d2cb757dc99d7551557a8b4668161d328000ad84f7886
SHA5122801ba66fa15cf2e6877fc7ef35286410fe9cc468c2a1c4bf9ff55318a32352d51ffe02574c8dbe04b8f161ca7d37316a9312c3643bec4434831f700f222b8bf
-
Filesize
56KB
MD5c26ed30e7d5ab440480838636efc41db
SHA1c66e0d00b56abebfb60d2fcc5cf85ad31a0d6591
SHA2566a3c5c4a8e57f77ecc22078fbf603ecc31fb82d429bd87b7b4b9261447092aef
SHA51296cdb78bca3e01d4513c31661987e5646e6a8ff24708918aa0d66dfa3ca5d98af4862c9f38c4f41f933c345d2d3adfb1d34d1430b33f45f916f41a9872a030df
-
Filesize
56KB
MD5752a1f26b18748311b691c7d8fc20633
SHA1c1f8e83eebc1cc1e9b88c773338eb09ff82ab862
SHA256111dac2948e4cecb10b0d2e10d8afaa663d78d643826b592d6414a1fd77cc131
SHA512a2f5f262faf2c3e9756da94b2c47787ce3a9391b5bd53581578aa9a764449e114836704d6dec4aadc097fed4c818831baa11affa1eb25be2bfad9349bb090fe5
-
Filesize
12KB
MD590ac188d3500ad7be0ed85185177a8e6
SHA18090ed31805ed2af99f195a91839d5e98bb75944
SHA25608abbdd04529b707acc86e60a4b8110c1ca2b4e65828a5d5a9eede5b860a630b
SHA5122d2e2f577fcb1d61441b507a863dbbf5d354a6572587291bdeb9695d320d2d29a8c1f3ec52f4e6eda4157e89fe15689e3342e0d3d75760c9ff79916405f646a9