Analysis

  • max time kernel
    150s
  • max time network
    162s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/03/2024, 09:20 UTC

General

  • Target

    be3e22523c1c17bff9aba6f0e42341cd.pdf

  • Size

    59KB

  • MD5

    be3e22523c1c17bff9aba6f0e42341cd

  • SHA1

    af1d19d148ff7fa0b0436b37519cd43a192c325d

  • SHA256

    09aa72e93ea0a87b0fdff32017192eef8ba9d251c7a49161c2d5bfcd023626f4

  • SHA512

    653dfebe6b3d43e0742e66be322ca09a3395aeae3ccd0acc7bb39ec81ad38c6ffdc4f2839dd96a236fdd03e6856fba84e47dc3746202422aea33e5a73f0cc257

  • SSDEEP

    1536:7gWSKIq1oL/jUOqnM5DvIPj8xf1OMAE6ykq4JtQRw/vfsi:hS1jUclxf10Bq4JK2vfsi

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 20 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\be3e22523c1c17bff9aba6f0e42341cd.pdf"
    1⤵
    • Checks processor information in registry
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4836
    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2480
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=6CFCAB73A33B558D17A8E35D02C871C7 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=6CFCAB73A33B558D17A8E35D02C871C7 --renderer-client-id=2 --mojo-platform-channel-handle=1708 --allow-no-sandbox-job /prefetch:1
        3⤵
          PID:3212
        • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
          "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=A6DBA0D48C19FF2753CC425CDF449F89 --mojo-platform-channel-handle=1824 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
          3⤵
            PID:4332
          • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
            "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=883474095C2E69F8D8ABD2F64F1EBBB6 --mojo-platform-channel-handle=2268 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
            3⤵
              PID:2356
            • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
              "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=8166603CBCDAF68FE4523F66FCD0444C --mojo-platform-channel-handle=1764 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
              3⤵
                PID:1396
              • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=974EBF1231064E81057146C8CF4598E9 --mojo-platform-channel-handle=2396 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
                3⤵
                  PID:3608
                • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                  "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=65A657E5E0110A1D192B3B918A661FBC --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=65A657E5E0110A1D192B3B918A661FBC --renderer-client-id=8 --mojo-platform-channel-handle=1836 --allow-no-sandbox-job /prefetch:1
                  3⤵
                    PID:2240
                • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                  "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
                  2⤵
                    PID:3028
                • C:\Windows\System32\CompPkgSrv.exe
                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                  1⤵
                    PID:4012

                  Network

                  • flag-us
                    DNS
                    13.86.106.20.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    13.86.106.20.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    173.178.17.96.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    173.178.17.96.in-addr.arpa
                    IN PTR
                    Response
                    173.178.17.96.in-addr.arpa
                    IN PTR
                    a96-17-178-173deploystaticakamaitechnologiescom
                  • flag-us
                    DNS
                    74.32.126.40.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    74.32.126.40.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    g.bing.com
                    Remote address:
                    8.8.8.8:53
                    Request
                    g.bing.com
                    IN A
                    Response
                    g.bing.com
                    IN CNAME
                    g-bing-com.a-0001.a-msedge.net
                    g-bing-com.a-0001.a-msedge.net
                    IN CNAME
                    dual-a-0001.a-msedge.net
                    dual-a-0001.a-msedge.net
                    IN A
                    204.79.197.200
                    dual-a-0001.a-msedge.net
                    IN A
                    13.107.21.200
                  • flag-us
                    GET
                    https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=1274699ffad84cbfa737548f899e7f39&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid=
                    Remote address:
                    204.79.197.200:443
                    Request
                    GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=1274699ffad84cbfa737548f899e7f39&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid= HTTP/2.0
                    host: g.bing.com
                    accept-encoding: gzip, deflate
                    user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                    Response
                    HTTP/2.0 204
                    cache-control: no-cache, must-revalidate
                    pragma: no-cache
                    expires: Fri, 01 Jan 1990 00:00:00 GMT
                    set-cookie: MUID=357F97DD7DE663E50FA383E37C0662F8; domain=.bing.com; expires=Fri, 04-Apr-2025 09:21:07 GMT; path=/; SameSite=None; Secure; Priority=High;
                    strict-transport-security: max-age=31536000; includeSubDomains; preload
                    access-control-allow-origin: *
                    x-cache: CONFIG_NOCACHE
                    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                    x-msedge-ref: Ref A: 8B779124B4BD493E9F124FFA8A4080FA Ref B: LON04EDGE1209 Ref C: 2024-03-10T09:21:07Z
                    date: Sun, 10 Mar 2024 09:21:06 GMT
                  • flag-us
                    GET
                    https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=1274699ffad84cbfa737548f899e7f39&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid=
                    Remote address:
                    204.79.197.200:443
                    Request
                    GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=1274699ffad84cbfa737548f899e7f39&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid= HTTP/2.0
                    host: g.bing.com
                    accept-encoding: gzip, deflate
                    user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                    cookie: MUID=357F97DD7DE663E50FA383E37C0662F8
                    Response
                    HTTP/2.0 204
                    cache-control: no-cache, must-revalidate
                    pragma: no-cache
                    expires: Fri, 01 Jan 1990 00:00:00 GMT
                    set-cookie: MSPTC=vCed6ylhfh24CHCFTB18ljoSyBkHSx-SurBPEYBtb_g; domain=.bing.com; expires=Fri, 04-Apr-2025 09:21:07 GMT; path=/; Partitioned; secure; SameSite=None
                    strict-transport-security: max-age=31536000; includeSubDomains; preload
                    access-control-allow-origin: *
                    x-cache: CONFIG_NOCACHE
                    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                    x-msedge-ref: Ref A: 7E374784124944539C5D269E16E5498C Ref B: LON04EDGE1209 Ref C: 2024-03-10T09:21:07Z
                    date: Sun, 10 Mar 2024 09:21:06 GMT
                  • flag-us
                    GET
                    https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=1274699ffad84cbfa737548f899e7f39&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid=
                    Remote address:
                    204.79.197.200:443
                    Request
                    GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=1274699ffad84cbfa737548f899e7f39&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid= HTTP/2.0
                    host: g.bing.com
                    accept-encoding: gzip, deflate
                    user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                    cookie: MUID=357F97DD7DE663E50FA383E37C0662F8; MSPTC=vCed6ylhfh24CHCFTB18ljoSyBkHSx-SurBPEYBtb_g
                    Response
                    HTTP/2.0 204
                    cache-control: no-cache, must-revalidate
                    pragma: no-cache
                    expires: Fri, 01 Jan 1990 00:00:00 GMT
                    strict-transport-security: max-age=31536000; includeSubDomains; preload
                    access-control-allow-origin: *
                    x-cache: CONFIG_NOCACHE
                    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                    x-msedge-ref: Ref A: 865B5AC700FB4AB9B40C81B7C633004F Ref B: LON04EDGE1209 Ref C: 2024-03-10T09:21:07Z
                    date: Sun, 10 Mar 2024 09:21:06 GMT
                  • flag-us
                    DNS
                    95.221.229.192.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    95.221.229.192.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    9.228.82.20.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    9.228.82.20.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    205.47.74.20.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    205.47.74.20.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    200.197.79.204.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    200.197.79.204.in-addr.arpa
                    IN PTR
                    Response
                    200.197.79.204.in-addr.arpa
                    IN PTR
                    a-0001a-msedgenet
                  • flag-us
                    DNS
                    41.110.16.96.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    41.110.16.96.in-addr.arpa
                    IN PTR
                    Response
                    41.110.16.96.in-addr.arpa
                    IN PTR
                    a96-16-110-41deploystaticakamaitechnologiescom
                  • flag-us
                    DNS
                    tse1.mm.bing.net
                    Remote address:
                    8.8.8.8:53
                    Request
                    tse1.mm.bing.net
                    IN A
                    Response
                    tse1.mm.bing.net
                    IN CNAME
                    mm-mm.bing.net.trafficmanager.net
                    mm-mm.bing.net.trafficmanager.net
                    IN CNAME
                    dual-a-0001.a-msedge.net
                    dual-a-0001.a-msedge.net
                    IN A
                    204.79.197.200
                    dual-a-0001.a-msedge.net
                    IN A
                    13.107.21.200
                  • flag-us
                    GET
                    https://tse1.mm.bing.net/th?id=OADD2.10239339388162_1MFS3CT3ZOVTF7TJA&pid=21.2&w=1080&h=1920&c=4
                    Remote address:
                    204.79.197.200:443
                    Request
                    GET /th?id=OADD2.10239339388162_1MFS3CT3ZOVTF7TJA&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
                    host: tse1.mm.bing.net
                    accept: */*
                    accept-encoding: gzip, deflate, br
                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                    Response
                    HTTP/2.0 200
                    cache-control: public, max-age=2592000
                    content-length: 384162
                    content-type: image/jpeg
                    x-cache: TCP_HIT
                    access-control-allow-origin: *
                    access-control-allow-headers: *
                    access-control-allow-methods: GET, POST, OPTIONS
                    timing-allow-origin: *
                    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                    x-msedge-ref: Ref A: E0CBC809641540D296849620DC0D0131 Ref B: LON04EDGE0915 Ref C: 2024-03-10T09:21:12Z
                    date: Sun, 10 Mar 2024 09:21:12 GMT
                  • flag-us
                    GET
                    https://tse1.mm.bing.net/th?id=OADD2.10239339388106_1F0ISFAHTJZF5WFN1&pid=21.2&w=1080&h=1920&c=4
                    Remote address:
                    204.79.197.200:443
                    Request
                    GET /th?id=OADD2.10239339388106_1F0ISFAHTJZF5WFN1&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
                    host: tse1.mm.bing.net
                    accept: */*
                    accept-encoding: gzip, deflate, br
                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                    Response
                    HTTP/2.0 200
                    cache-control: public, max-age=2592000
                    content-length: 464129
                    content-type: image/jpeg
                    x-cache: TCP_HIT
                    access-control-allow-origin: *
                    access-control-allow-headers: *
                    access-control-allow-methods: GET, POST, OPTIONS
                    timing-allow-origin: *
                    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                    x-msedge-ref: Ref A: 7F93BBBC2BE7494F98E6652143FE8F8E Ref B: LON04EDGE0915 Ref C: 2024-03-10T09:21:12Z
                    date: Sun, 10 Mar 2024 09:21:12 GMT
                  • flag-us
                    GET
                    https://tse1.mm.bing.net/th?id=OADD2.10239339388161_17PDPNJBHCJYF0MEC&pid=21.2&w=1920&h=1080&c=4
                    Remote address:
                    204.79.197.200:443
                    Request
                    GET /th?id=OADD2.10239339388161_17PDPNJBHCJYF0MEC&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
                    host: tse1.mm.bing.net
                    accept: */*
                    accept-encoding: gzip, deflate, br
                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                    Response
                    HTTP/2.0 200
                    cache-control: public, max-age=2592000
                    content-length: 555016
                    content-type: image/jpeg
                    x-cache: TCP_HIT
                    access-control-allow-origin: *
                    access-control-allow-headers: *
                    access-control-allow-methods: GET, POST, OPTIONS
                    timing-allow-origin: *
                    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                    x-msedge-ref: Ref A: 45CA031C350041A5B7DBE2DF16BE91BA Ref B: LON04EDGE0915 Ref C: 2024-03-10T09:21:12Z
                    date: Sun, 10 Mar 2024 09:21:12 GMT
                  • flag-us
                    GET
                    https://tse1.mm.bing.net/th?id=OADD2.10239339388105_129PTMAYKOFOO14GZ&pid=21.2&w=1920&h=1080&c=4
                    Remote address:
                    204.79.197.200:443
                    Request
                    GET /th?id=OADD2.10239339388105_129PTMAYKOFOO14GZ&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
                    host: tse1.mm.bing.net
                    accept: */*
                    accept-encoding: gzip, deflate, br
                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                    Response
                    HTTP/2.0 200
                    cache-control: public, max-age=2592000
                    content-length: 467466
                    content-type: image/jpeg
                    x-cache: TCP_HIT
                    access-control-allow-origin: *
                    access-control-allow-headers: *
                    access-control-allow-methods: GET, POST, OPTIONS
                    timing-allow-origin: *
                    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                    x-msedge-ref: Ref A: C2D6F82CDA414073BE4E5E5CE4A3CE51 Ref B: LON04EDGE0915 Ref C: 2024-03-10T09:21:14Z
                    date: Sun, 10 Mar 2024 09:21:13 GMT
                  • flag-us
                    GET
                    https://tse1.mm.bing.net/th?id=OADD2.10239317301162_1G7DYX5FX2938M3TM&pid=21.2&w=1920&h=1080&c=4
                    Remote address:
                    204.79.197.200:443
                    Request
                    GET /th?id=OADD2.10239317301162_1G7DYX5FX2938M3TM&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
                    host: tse1.mm.bing.net
                    accept: */*
                    accept-encoding: gzip, deflate, br
                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                    Response
                    HTTP/2.0 200
                    cache-control: public, max-age=2592000
                    content-length: 316678
                    content-type: image/jpeg
                    x-cache: TCP_HIT
                    access-control-allow-origin: *
                    access-control-allow-headers: *
                    access-control-allow-methods: GET, POST, OPTIONS
                    timing-allow-origin: *
                    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                    x-msedge-ref: Ref A: E9C56AB821DA47EF83BC6F8544A483D5 Ref B: LON04EDGE0915 Ref C: 2024-03-10T09:21:14Z
                    date: Sun, 10 Mar 2024 09:21:14 GMT
                  • flag-us
                    GET
                    https://tse1.mm.bing.net/th?id=OADD2.10239317301571_1RETF70DD01UVNE0Z&pid=21.2&w=1080&h=1920&c=4
                    Remote address:
                    204.79.197.200:443
                    Request
                    GET /th?id=OADD2.10239317301571_1RETF70DD01UVNE0Z&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
                    host: tse1.mm.bing.net
                    accept: */*
                    accept-encoding: gzip, deflate, br
                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                    Response
                    HTTP/2.0 200
                    cache-control: public, max-age=2592000
                    content-length: 239387
                    content-type: image/jpeg
                    x-cache: TCP_HIT
                    access-control-allow-origin: *
                    access-control-allow-headers: *
                    access-control-allow-methods: GET, POST, OPTIONS
                    timing-allow-origin: *
                    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                    x-msedge-ref: Ref A: ED26EB69183548D185EFFCAE1A1B9881 Ref B: LON04EDGE0915 Ref C: 2024-03-10T09:21:18Z
                    date: Sun, 10 Mar 2024 09:21:18 GMT
                  • flag-us
                    DNS
                    103.169.127.40.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    103.169.127.40.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    135.240.123.92.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    135.240.123.92.in-addr.arpa
                    IN PTR
                    Response
                    135.240.123.92.in-addr.arpa
                    IN PTR
                    a92-123-240-135deploystaticakamaitechnologiescom
                  • flag-us
                    DNS
                    32.134.221.88.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    32.134.221.88.in-addr.arpa
                    IN PTR
                    Response
                    32.134.221.88.in-addr.arpa
                    IN PTR
                    a88-221-134-32deploystaticakamaitechnologiescom
                  • flag-us
                    DNS
                    56.126.166.20.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    56.126.166.20.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    183.142.211.20.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    183.142.211.20.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    104.241.123.92.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    104.241.123.92.in-addr.arpa
                    IN PTR
                    Response
                    104.241.123.92.in-addr.arpa
                    IN PTR
                    a92-123-241-104deploystaticakamaitechnologiescom
                  • flag-us
                    DNS
                    119.110.54.20.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    119.110.54.20.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    240.221.184.93.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    240.221.184.93.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    211.178.17.96.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    211.178.17.96.in-addr.arpa
                    IN PTR
                    Response
                    211.178.17.96.in-addr.arpa
                    IN PTR
                    a96-17-178-211deploystaticakamaitechnologiescom
                  • flag-us
                    DNS
                    211.135.221.88.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    211.135.221.88.in-addr.arpa
                    IN PTR
                    Response
                    211.135.221.88.in-addr.arpa
                    IN PTR
                    a88-221-135-211deploystaticakamaitechnologiescom
                  • flag-us
                    DNS
                    211.135.221.88.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    211.135.221.88.in-addr.arpa
                    IN PTR
                  • flag-us
                    DNS
                    180.178.17.96.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    180.178.17.96.in-addr.arpa
                    IN PTR
                    Response
                    180.178.17.96.in-addr.arpa
                    IN PTR
                    a96-17-178-180deploystaticakamaitechnologiescom
                  • flag-us
                    DNS
                    174.178.17.96.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    174.178.17.96.in-addr.arpa
                    IN PTR
                    Response
                    174.178.17.96.in-addr.arpa
                    IN PTR
                    a96-17-178-174deploystaticakamaitechnologiescom
                  • flag-us
                    DNS
                    22.236.111.52.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    22.236.111.52.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    42.134.221.88.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    42.134.221.88.in-addr.arpa
                    IN PTR
                    Response
                    42.134.221.88.in-addr.arpa
                    IN PTR
                    a88-221-134-42deploystaticakamaitechnologiescom
                  • flag-us
                    DNS
                    55.36.223.20.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    55.36.223.20.in-addr.arpa
                    IN PTR
                    Response
                  • 204.79.197.200:443
                    https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=1274699ffad84cbfa737548f899e7f39&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid=
                    tls, http2
                    2.0kB
                    9.2kB
                    21
                    18

                    HTTP Request

                    GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=1274699ffad84cbfa737548f899e7f39&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid=

                    HTTP Response

                    204

                    HTTP Request

                    GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=1274699ffad84cbfa737548f899e7f39&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid=

                    HTTP Response

                    204

                    HTTP Request

                    GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=1274699ffad84cbfa737548f899e7f39&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid=

                    HTTP Response

                    204
                  • 204.79.197.200:443
                    tse1.mm.bing.net
                    tls, http2
                    1.2kB
                    8.1kB
                    16
                    14
                  • 204.79.197.200:443
                    https://tse1.mm.bing.net/th?id=OADD2.10239317301571_1RETF70DD01UVNE0Z&pid=21.2&w=1080&h=1920&c=4
                    tls, http2
                    91.4kB
                    2.5MB
                    1850
                    1842

                    HTTP Request

                    GET https://tse1.mm.bing.net/th?id=OADD2.10239339388162_1MFS3CT3ZOVTF7TJA&pid=21.2&w=1080&h=1920&c=4

                    HTTP Request

                    GET https://tse1.mm.bing.net/th?id=OADD2.10239339388106_1F0ISFAHTJZF5WFN1&pid=21.2&w=1080&h=1920&c=4

                    HTTP Response

                    200

                    HTTP Request

                    GET https://tse1.mm.bing.net/th?id=OADD2.10239339388161_17PDPNJBHCJYF0MEC&pid=21.2&w=1920&h=1080&c=4

                    HTTP Response

                    200

                    HTTP Response

                    200

                    HTTP Request

                    GET https://tse1.mm.bing.net/th?id=OADD2.10239339388105_129PTMAYKOFOO14GZ&pid=21.2&w=1920&h=1080&c=4

                    HTTP Response

                    200

                    HTTP Request

                    GET https://tse1.mm.bing.net/th?id=OADD2.10239317301162_1G7DYX5FX2938M3TM&pid=21.2&w=1920&h=1080&c=4

                    HTTP Response

                    200

                    HTTP Request

                    GET https://tse1.mm.bing.net/th?id=OADD2.10239317301571_1RETF70DD01UVNE0Z&pid=21.2&w=1080&h=1920&c=4

                    HTTP Response

                    200
                  • 96.17.178.174:80
                  • 8.8.8.8:53
                    13.86.106.20.in-addr.arpa
                    dns
                    71 B
                    157 B
                    1
                    1

                    DNS Request

                    13.86.106.20.in-addr.arpa

                  • 8.8.8.8:53
                    173.178.17.96.in-addr.arpa
                    dns
                    72 B
                    137 B
                    1
                    1

                    DNS Request

                    173.178.17.96.in-addr.arpa

                  • 8.8.8.8:53
                    74.32.126.40.in-addr.arpa
                    dns
                    71 B
                    157 B
                    1
                    1

                    DNS Request

                    74.32.126.40.in-addr.arpa

                  • 8.8.8.8:53
                    g.bing.com
                    dns
                    56 B
                    158 B
                    1
                    1

                    DNS Request

                    g.bing.com

                    DNS Response

                    204.79.197.200
                    13.107.21.200

                  • 8.8.8.8:53
                    95.221.229.192.in-addr.arpa
                    dns
                    73 B
                    144 B
                    1
                    1

                    DNS Request

                    95.221.229.192.in-addr.arpa

                  • 8.8.8.8:53
                    9.228.82.20.in-addr.arpa
                    dns
                    70 B
                    156 B
                    1
                    1

                    DNS Request

                    9.228.82.20.in-addr.arpa

                  • 8.8.8.8:53
                    205.47.74.20.in-addr.arpa
                    dns
                    71 B
                    157 B
                    1
                    1

                    DNS Request

                    205.47.74.20.in-addr.arpa

                  • 8.8.8.8:53
                    200.197.79.204.in-addr.arpa
                    dns
                    73 B
                    106 B
                    1
                    1

                    DNS Request

                    200.197.79.204.in-addr.arpa

                  • 8.8.8.8:53
                    41.110.16.96.in-addr.arpa
                    dns
                    71 B
                    135 B
                    1
                    1

                    DNS Request

                    41.110.16.96.in-addr.arpa

                  • 8.8.8.8:53
                    tse1.mm.bing.net
                    dns
                    62 B
                    173 B
                    1
                    1

                    DNS Request

                    tse1.mm.bing.net

                    DNS Response

                    204.79.197.200
                    13.107.21.200

                  • 8.8.8.8:53
                    103.169.127.40.in-addr.arpa
                    dns
                    73 B
                    147 B
                    1
                    1

                    DNS Request

                    103.169.127.40.in-addr.arpa

                  • 8.8.8.8:53
                    135.240.123.92.in-addr.arpa
                    dns
                    73 B
                    139 B
                    1
                    1

                    DNS Request

                    135.240.123.92.in-addr.arpa

                  • 8.8.8.8:53
                    32.134.221.88.in-addr.arpa
                    dns
                    72 B
                    137 B
                    1
                    1

                    DNS Request

                    32.134.221.88.in-addr.arpa

                  • 8.8.8.8:53
                    56.126.166.20.in-addr.arpa
                    dns
                    72 B
                    158 B
                    1
                    1

                    DNS Request

                    56.126.166.20.in-addr.arpa

                  • 8.8.8.8:53
                    183.142.211.20.in-addr.arpa
                    dns
                    73 B
                    159 B
                    1
                    1

                    DNS Request

                    183.142.211.20.in-addr.arpa

                  • 8.8.8.8:53
                    104.241.123.92.in-addr.arpa
                    dns
                    73 B
                    139 B
                    1
                    1

                    DNS Request

                    104.241.123.92.in-addr.arpa

                  • 8.8.8.8:53
                    119.110.54.20.in-addr.arpa
                    dns
                    72 B
                    158 B
                    1
                    1

                    DNS Request

                    119.110.54.20.in-addr.arpa

                  • 8.8.8.8:53
                    240.221.184.93.in-addr.arpa
                    dns
                    73 B
                    144 B
                    1
                    1

                    DNS Request

                    240.221.184.93.in-addr.arpa

                  • 8.8.8.8:53
                    211.178.17.96.in-addr.arpa
                    dns
                    72 B
                    137 B
                    1
                    1

                    DNS Request

                    211.178.17.96.in-addr.arpa

                  • 8.8.8.8:53
                    211.135.221.88.in-addr.arpa
                    dns
                    146 B
                    139 B
                    2
                    1

                    DNS Request

                    211.135.221.88.in-addr.arpa

                    DNS Request

                    211.135.221.88.in-addr.arpa

                  • 8.8.8.8:53
                    180.178.17.96.in-addr.arpa
                    dns
                    72 B
                    137 B
                    1
                    1

                    DNS Request

                    180.178.17.96.in-addr.arpa

                  • 8.8.8.8:53
                    174.178.17.96.in-addr.arpa
                    dns
                    72 B
                    137 B
                    1
                    1

                    DNS Request

                    174.178.17.96.in-addr.arpa

                  • 8.8.8.8:53
                    22.236.111.52.in-addr.arpa
                    dns
                    72 B
                    158 B
                    1
                    1

                    DNS Request

                    22.236.111.52.in-addr.arpa

                  • 8.8.8.8:53
                    42.134.221.88.in-addr.arpa
                    dns
                    72 B
                    137 B
                    1
                    1

                    DNS Request

                    42.134.221.88.in-addr.arpa

                  • 8.8.8.8:53
                    55.36.223.20.in-addr.arpa
                    dns
                    71 B
                    157 B
                    1
                    1

                    DNS Request

                    55.36.223.20.in-addr.arpa

                  MITRE ATT&CK Enterprise v15

                  Replay Monitor

                  Loading Replay Monitor...

                  Downloads

                  • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

                    Filesize

                    64KB

                    MD5

                    8922ea91f98bd47591b321322755d814

                    SHA1

                    42096d00f662fb8daab341940ecb57e3b5fc9b64

                    SHA256

                    c988a4ad0f8b04a27d448a3e9b19b6ee8d81f5a3b93ca4795db8f122b38007bc

                    SHA512

                    35ee8669c4ff097bacaaa7b9ac73f253b12848072476b6740c45422b6f5b172bf7dbf3343bfda7623ee2672c67d6bc02fe0dd37c873e794feb973b32ab79242c

                  • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

                    Filesize

                    36KB

                    MD5

                    b30d3becc8731792523d599d949e63f5

                    SHA1

                    19350257e42d7aee17fb3bf139a9d3adb330fad4

                    SHA256

                    b1b77e96279ead2b460de3de70e2ea4f5ad1b853598a4e27a5caf3f1a32cc4f3

                    SHA512

                    523f54895fb07f62b9a5f72c8b62e83d4d9506bda57b183818615f6eb7286e3b9c5a50409bc5c5164867c3ccdeae88aa395ecca6bc7e36d991552f857510792e

                  • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

                    Filesize

                    56KB

                    MD5

                    752a1f26b18748311b691c7d8fc20633

                    SHA1

                    c1f8e83eebc1cc1e9b88c773338eb09ff82ab862

                    SHA256

                    111dac2948e4cecb10b0d2e10d8afaa663d78d643826b592d6414a1fd77cc131

                    SHA512

                    a2f5f262faf2c3e9756da94b2c47787ce3a9391b5bd53581578aa9a764449e114836704d6dec4aadc097fed4c818831baa11affa1eb25be2bfad9349bb090fe5

                  • C:\Users\Admin\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents

                    Filesize

                    12KB

                    MD5

                    7a8fd2ee827d042a70710c30329bf9af

                    SHA1

                    fe2c278b5d7e52de8bc32544b3e6914f91f63fe5

                    SHA256

                    385e0ec07769006aca5d5ebf14a3a257ed25fbe8e33dc69fd4db3eaa937c3a5c

                    SHA512

                    4977705d58415a508bf0896ddfa3a7dfe70465ccdc548c2937c68d0c335dca327258a9e8dba872645813a07b0f4b19f1e2f87411b9eab832c6c648d4ecc46fa9

                  We care about your privacy.

                  This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.