infinitylock | f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf

Analysis

max time kernel
95s
max time network
129s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
25-03-2024 03:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b805db8f6a84475ef76b795b0d1ed6ae.exe
Size

211KB
MD5

b805db8f6a84475ef76b795b0d1ed6ae
SHA1

7711cb4873e58b7adcf2a2b047b090e78d10c75b
SHA256

f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf
SHA512

62a2c329b43d186c4c602c5f63efc8d2657aa956f21184334263e4f6d0204d7c31f86bda6e85e65e3b99b891c1630d805b70997731c174f6081ecc367ccf9416
SSDEEP

1536:YoCFfC303p22fkZrRQpnqjoi7l832fbu9ZXILwVENbM:rCVC303p22sZrRQpnviB832Du9WMON

Score

10^/10

infinitylock ransomware

Malware Config

Signatures

InfinityLock Ransomware
Also known as InfinityCrypt. Based on the open-source HiddenTear ransomware.
ransomware infinitylock

Drops file in Program Files directory 64 IoCs

Processes:

b805db8f6a84475ef76b795b0d1ed6ae.exe

description	ioc	process
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\themes\dark\s_filetype_xd.svg.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\js\nls\hu-hu\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\js\nls\fi-fi\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\themes\dark\cstm_brand_preview2x.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\themes\dark\cstm_brand_preview.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\js\nls\fr-fr\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\js\nls\nb-no\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Trust Protection Lists\Mu\Advertising.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_filter_18.svg.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_share_18.svg.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\js\nls\en-gb\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_filter-hover_32.svg.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\pt-br_get.svg.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Microsoft.VCLibs.x86.14.00.appx.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\nls\ro-ro\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\js\nls\eu-es\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\js\nls\da-dk\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\walk-through\js\nls\es-es\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Trust Protection Lists\Mu\LICENSE.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\arrow-right.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\combinepdf\js\nls\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\generic-rhp-app\css\main.css.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\hi_contrast\core_icons_highcontrast_retina.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\en-us\PlayStore_icon.svg.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\S_IlluNoSearchResults_180x160.svg.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\win\CP1258.TXT.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\UIThemes\DarkTheme.acrotheme.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\plugins.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\back-arrow-disabled.svg.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\progress-indeterminate.gif.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Download_on_the_App_Store_Badge_zh_tw_135x40.svg.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_selectlist_checkmark_18.svg.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\js\nls\hr-hr\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\nls\ru-ru\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\viewer\nls\root\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\ENU\Viewer.aapp.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\combinepdf\images\example_icons2x.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\js\nls\it-it\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\themes\dark\adobe_sign_tag.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Locales\hi.pak.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\css\main-selector.css.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\sample-thumb.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\images\themeless\compare_poster.jpg.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\images\s_listview_18.svg.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\js\nls\fr-ma\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Mac\CROATIAN.TXT.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Locales\nb.pak.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer-select\js\nls\zh-cn\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\fullscreen-exit.svg.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\icudt40.dll.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\sv_get.svg.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\ca-es\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\js\nls\en-ae\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\combinepdf\js\nls\sv-se\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\images\themeless\Playstore\fr_get.svg.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\js\nls\ru-ru\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Google\Update\1.3.36.151\goopdateres_ja.dll.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Locales\vi.pak.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\win-scrollbar\themes\dark\arrow-left.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\themes\dark\bg_pattern_RHP.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\pages-app\js\nls\ja-jp\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\walk-through\images\cross.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe
File opened for modification	C:\Program Files (x86)\WindowsPowerShell\Modules\PackageManagement\1.0.0.1\DSCResources\MSFT_PackageManagement\fr-FR\MSFT_PackageManagement.schema.mfl.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF	b805db8f6a84475ef76b795b0d1ed6ae.exe

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

Processes:

b805db8f6a84475ef76b795b0d1ed6ae.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	b805db8f6a84475ef76b795b0d1ed6ae.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	b805db8f6a84475ef76b795b0d1ed6ae.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

b805db8f6a84475ef76b795b0d1ed6ae.exe

description pid process

Token: SeDebugPrivilege 3348 b805db8f6a84475ef76b795b0d1ed6ae.exe

description	pid	process
Token: SeDebugPrivilege	3348	b805db8f6a84475ef76b795b0d1ed6ae.exe

C:\Users\Admin\AppData\Local\Temp\b805db8f6a84475ef76b795b0d1ed6ae.exe
"C:\Users\Admin\AppData\Local\Temp\b805db8f6a84475ef76b795b0d1ed6ae.exe"
1⤵
- Drops file in Program Files directory
- Checks processor information in registry
- Suspicious use of AdjustPrivilegeToken
PID:3348

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\icudtl.dat.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
16B

MD5
34224bdfad0c531b9482500888b8e13a

SHA1
1086f6509f12cf44d254ff0c6c16611b8c5926ab

SHA256
59620f3729e880b5ba47fcea8a5f393bcf67692751ee330a4a29143f5f9cfb84

SHA512
b553549bf802b6f3a2179903eda8e3f43c5c090c4db402eadbd5a2b985d02675bf509dc6643b81c78f991d4caa31a8f21f1029f5a71655a66569fb45128d3d14

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_remove_18.svg.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
720B

MD5
c4ea690fde8c184bbc01f15bbf6da5a2

SHA1
ecd09b54be92e08c45c17d9545e82d160e0b3971

SHA256
b4bb337af186ba98d3b710d9fe5152fa184f0c83c09ef193dfa88c5652f1a318

SHA512
47392ac40de0d14d0a66d32465b56c03bfa454dfa38668e34a0a8ef14da2480b5b06673425ab3447b6f9193e5667e133b93ef0fd11314dea982252cdca640432

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\images\example_icons.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
688B

MD5
4da34f835dabf6e91e7725ea8b3e868f

SHA1
6d27bf9add59d1a9a402bf5733a193d7403fad6a

SHA256
091753cc7cc63695c109f375841b11ab6c61a27df9faf8f6f01d92ec4dc8fce6

SHA512
f947ab7fd433f4b68cad77d8fbf2f04445c03165a5690b6c129b9765ea902abc0da1a7860166e42cf02ba1d31c5c721082796c7a1082747120f2b45ab415d88f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\images\example_icons2x.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
1KB

MD5
68a94860106dbcc730c9d2509b154208

SHA1
34668fa942c20953c9c78dd4a5e9020685fe025e

SHA256
98d530295e6a0fae2c6d6ed77e84aa7f5d7ff20cd5ca30969824412acc3c31ab

SHA512
8c5fb16e80fe946c791466b4f01a05c2fa12571068af6acb1a579e18ac5f9a3449129827096229ff048b2d531d7596994c6fd2252e0c84cbef8f0a8f67c31c04

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
448B

MD5
f8fe834a34a5ef3eca5ae7a6af075f8c

SHA1
9c8318e963b4f0b00b526dd55227c236028dae46

SHA256
2315e41568e9070afcab0cad543b3e3e2e6c47944b5e16bead0af18c1c1b7544

SHA512
97185e5ff7fbd3d06d5d468eabc90a3a03b5b3216e13de551cce2b81af3f92c12878d44635583490c11fa98256c6905fb1dc4033ecee9c733d10a8de1f91492d

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_2x.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
624B

MD5
9c1c0ede4c33e4e6c3fce0c699815e56

SHA1
ee9f2497b25c2f943078d2c1d2d85bb3b7a786fb

SHA256
e26d9e36eecacb22c3af1aab298005dd0a36322c5946c08002f4b250ed9e5bb6

SHA512
d78b4680aeb983a0a0b0f45e09ec0189eee1baf901ab7a4beb2f732e5f2233311f438d18d9762ca8dfe706f3042d9de4dd0540eae97218523966efcdf0ecda26

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
400B

MD5
c0e8e5f6e17e32fe36f7223e8549a90b

SHA1
c152b6b0bc1027520230fe426a075b7ed3fdb4fd

SHA256
3b08498d27cf87a11566238696287f86465fe65d724a9de14f5cb4158bb0921b

SHA512
283616d228f2c7488d625cdba9f6bcb5be27c0f8884af37c96a3aab361a623065ebcca6a844038b15f795dadc13a96fff97f022759937d71974220f343164ada

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover_2x.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
560B

MD5
c02ea20b238a3c8b9bd3e8d5e3db3195

SHA1
94653c808582907dc5949f362392031dc70198bf

SHA256
e1336081b44336e2594218bea0ef3a23b27d0e546927beacd657401a4712489f

SHA512
d0d36a545623ece72f1f458253cef520101d8f1e6ec1f48ddfa64fb68089d7ab9448448bbd7f4c235b584f017dc0931c755273923637b3b39d57c2b84984ed2d

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
400B

MD5
b567a616a60a95f8d4cde825f21e4d5e

SHA1
b6974f9fe92997187f2efcb148e1e35bae784c1f

SHA256
5351fd1b0b24dae5c1130579eba7f2bcf7eea497aeb2fa4b5f2e42d1d712a384

SHA512
6558735bd11bc4bb955ac3df71991961f1573990400454ef36f89fd4778daa47d581400bf65c87e135d9c4185e7103ac441a547e173f4fb32594f2f3cdb43290

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
560B

MD5
29f6da9252089c88d2bf31bf0c0865a2

SHA1
5a773293731531b22e04a43161859239f96a5425

SHA256
1d20dc046ff5719300617574a4a1f2ba28afa01fd66bc49f1fe33c014343dbb1

SHA512
4ed10caea55bcafff52a2ca815428ac4cf00643da89fe3d90e79e3ef8ee96fdd6a3f3c6f5b2af5ee00579d4febbe8cde2794b91f42ac2ac54bb278d1e3e8e0ed

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
400B

MD5
1459d6268932b951727100773e9be7f5

SHA1
f1029a6a2d711650c6500c4483005ce1d1148de2

SHA256
b6519d1eb95aa64573510547937a3820d1c25803e95c7d387b8dcac58f08c264

SHA512
dd4106b5a73ff155be3a9a2eef4ad9ef85bee4b174eb4453c3340793ae566d9e94ad2fe1848033a0a5268b2226f93312970860d4470fbefad82da028682e6707

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_hover_2x.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
560B

MD5
83ac4fee852e84fd5e6b5f91b7f64542

SHA1
6fb38a720d1b31471100796201098eafba38f2fe

SHA256
e7bf12ad1e9a98f211318f69a6cec423805229b3257e6a0a125cbe81364c7595

SHA512
430bba7f38c5bc3819d42239c532b5e63d8a767e226e2e0588cea707b426e5ac397cca300324d9171cac65242f0828b337108e7439762621e16696b502678c17

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
7KB

MD5
24dbbf8c13e3f3a6cb7e279a6dc49aaa

SHA1
148b3d2f83d4a4b2b27c92bf313ace1e461eb810

SHA256
389385a0da53f3722bc1d0565a9ed33b4a28d8e4954779641f4a1385227c5e57

SHA512
ccd17f4e28e9986e6322d1ebf6ceae2f8e3708d3997e4a88279a5ab546f5a2631b217c245ad95ba1a34c2abbbfcbb4619ed75c6ff7082d801a1085b72b55244a

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons_ie8.gif.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
7KB

MD5
41cb073aa9df607fc5f4b586518e22be

SHA1
69e41de06bc21549b8d43e37b6cb85b4afb5bffd

SHA256
144ec38f27399672f68493e6f19ff8e28330b552f4d60e198f0bb243945b3cbd

SHA512
ef1fb20c844b367f5d412dcbbfd0bb20acd1fde4dddb3a6b3989a550778dba322259907d9e50e78d6e9800c3763e98b56f113a00c28ddf33bb490c681d2eae39

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\icons_retina.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
15KB

MD5
8e1237b993a40fe110bff5bb859bfeb4

SHA1
c4aec7ee2f631ecd49f6e11d6da16028aa958f35

SHA256
88f97f7f76a477d7974636067c4eec6126a6abfe44bc2436d4ec0148c89d0a0b

SHA512
21804e84f53e1891c85d006e060095b4172318aea18688b9ea42fe2b183fd6d792c4fddce5c0d81e128baa5c7794334fef11352dd1d0d9550f828ddd58797ebc

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\new_icons.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
8KB

MD5
4bdb45e46da71efa08c86bde7fbc0a7b

SHA1
145fb8e42f80ab9c6e2dca781cdd6ec9ca8a0916

SHA256
6e5210f918a9c0e1bddbf6365827f74d9213354682eac8a035efdc6660403635

SHA512
2171165d8761b401ea6558ca7b3ae77620b4b976524e0bad298381cccf6f2f03a4971c18904ed97e1fd1ce4abaab153fe50bbf6fb50c7dc2aec31ceac7bd07f4

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\images\new_icons_retina.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
17KB

MD5
0c68138825f067cf0e6deed8fb2f8470

SHA1
b7fedbbb353013cc6d0f2eb66cb75db23fe70bf3

SHA256
3f738d65164ae3d243663984987680f8c08c6211a1e40dce422e75fc5d9519d9

SHA512
a01d043446e28a87a583d4aa5089595d3a873c1e1ced2767b2f70d87bd6b7ec6045ca844f5de252f5839cc50a09f044d78707eb4a6c05feaa97f5afde35b9316

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\bg_pattern_RHP.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
192B

MD5
654b36bdf77498f24e6867d2f0c0ab6a

SHA1
f321260ca2c7aaac717a8c23e547b025ae90d539

SHA256
3b8b342a45de9ac8330c4dc299c2724686f47c3859df50853761260ad8cdc6c0

SHA512
2519f652ec6e932f43b48fcc0f58e210d4f73b44ecb6d8eaf4c6917e9b75c8f7f8f02213e1203df5c1fb35432a45ac0461966a143cccf4be7bb8daae0f1003c4

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\bg_patterns_header.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
704B

MD5
85654e053f7b35b94b77fa67c55d0a0f

SHA1
961e9cb317c97e21965fa374c6283dae6dc746e1

SHA256
84739b12f513c713ddf02b1422b87b491463502892ae8bb850efac1837aa8680

SHA512
d2a02d7f6f573d2142cac87454fe9b12364df83782f82a0869d64500f007eee25472d5f4e8965612adf8a217806b5b19d490c7d9c181184674964180f1ac57ad

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\illustrations.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
8KB

MD5
2010c2f520e05704ec3d94cedfad76dc

SHA1
f78e6addd4862c16e8b5121c70ed08df3630c6d4

SHA256
840a5565dcae0b65b70616857a773e70a38ef813271ad7d4c6c34e13536d534b

SHA512
61b8544a5001c471bd8ff08d04e4a8b38364090391ac96ff85442f9d85aac1a84a7b7e6e3c589bea5744f1ecdfe3cef8827a04fa6cd4b1d8bcc4f7f41cd1b594

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\images\illustrations_retina.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
19KB

MD5
1412d9b7e7496f7aa4d03ea05fb5ec50

SHA1
65767d893b5ce6a2b566a996a3e3e3104259a700

SHA256
7d4b1901d48d2ea31093368e3cdfb1ea3e83847f9f62bd12a0206d56307e2658

SHA512
ad1869d5bd2f85a5fc0c51c0685cca228df066f1b5f65e749d877cc3e21b79f83fec18d29628e4d9f3624549bf0ac2bf1cce9e7b3eb4bdad3571c80462d07478

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\js\nls\en-gb\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
832B

MD5
c48cc194b46ef37fe2c74fd2aead8396

SHA1
759cafa31344a4585c84fe700ee00a496ae567ec

SHA256
47a4292f3455094e07dcb6e23d978a6b2fc8e61f4778595b0644ab64893ebaf6

SHA512
c5a8175a7dba4960de61b74e4b183ee96bab612e9d24533672c3dc408f1cbc0a540eae44d21f2e214d74a2d217d08cfc01f1587004ae2a4326ea312a6ec43b6b

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
1KB

MD5
2091c4bb396df459057f4a4fefc7f8c8

SHA1
5cb7ee4db1ffa48c5485c652d94ab86e2eb16b9d

SHA256
8d64108a7996e1218ac7db83aa0c6cee8e2a70fe155a7aa4b1aadb5abcebbab2

SHA512
79913e76c0c90fd0c98c3a49afd61f5141ed46408aede10558c3e36576193f511f84616ed9f7f4313d4831c5c41edc4b9dc147fe474e04bf630cc9711e8710df

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
1KB

MD5
7dbfb924b55a44712553230dc161d37a

SHA1
c3bd7cd9fbeaf27b1540620909f0fb79957e6bce

SHA256
37860f5dc5b5dc3e56d4b8d1ac63d569cd888caf2520227443d6d051b3d8656f

SHA512
db61303032ca00fbf5570b2fc6c212802c0235f8939cd9b74b0bd58eaada75d4335d07488bb6d4035494dd15ba944442cdcf5d838fb4fe701953976ce4e24b33

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\task-handler\css\main.css.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
816B

MD5
e9eeb3b5ffcab1f0e8e959bbdb57c82f

SHA1
d174f3a6bf67fc6ed5d9569a830c7d58566a9c65

SHA256
d5c010436e7b45c63918093c987566f29a59065fec455c86ab46b88e08af5549

SHA512
793b44105c72196ecead8014aa2f97ad38f0bfc505ce07c8f214ec0dd8f57e7c0af7909cdeef0c0b201ceb21ac3e5c40bd7072737d329e69ea77b1f7694399d2

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\bun.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
2KB

MD5
cc64ffcab4bb95b2aba967690bfc881e

SHA1
8a997ad4fb607f67d69e7183b1d224f4b0f3a7b0

SHA256
a4b3abcaa3c4d451aed25e907ce51b3cb9bacfc4af039a90f18d3885cdb95560

SHA512
8ca04533d33d3931d57c6ca902e781bd4dc268714aa2bb0d3d1a01537ddbde160dccca409665ff7474b7003bab366a18a162d10266d0805c1abb09904d5a4d6f

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
2KB

MD5
d169946394450d703a8c0f668bb42639

SHA1
88de2bd4c7a0bdc0d68bcf9c3f278739b5f5b677

SHA256
5e3c46fadde592f58209493b8abcfdea7a5eb40cfc750389cf7de8e0389bf639

SHA512
2a10b3fde29a041ae1b0b960b12bcd46878fcc985958b10b34c53c008763290ad7d934509f503d6814dbc0fb50cc818fcf24fae26b0b1ed2464fe614d3864492

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview2x.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
4KB

MD5
60b1cd6be73ec4b81fa2ba1ca161b18a

SHA1
6909983d91c3fe44290be91649cadc8dcd89f659

SHA256
5df5feaaa3de014e8ec370de596bd07fb4118dccd08eb58d092a730816a89b59

SHA512
6b9010ad31c44bf644dc2d5e38afd8215014013e267d536825fd76d8cc2d085d66719c34b7d96db812ea46b49f47929204cd7a92558433947e9fa62ae2aa9f50

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
304B

MD5
f76e002e72b426d344c42414de443283

SHA1
17e0d0ff9b70e9bbd2b6b7e57347c30c6f6010be

SHA256
544f1d499296bfa8612445617e92b8c81249e8c2a99c18f2afad18bf06bbb8db

SHA512
b1ba1a47c8b1d8e7c76ac6c3600c40bee67bd6a64437c67fcaa1d69d54ed3e20b8faf0f2490e5ebdfe97101f1eb00e2e2d7c61b1e36e672883e787dc476164a1

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small2x.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
400B

MD5
6f03230296fd7e2608aaf6de4e153b07

SHA1
9723b97486c593ba41832ffbb47557507864cd87

SHA256
c199b1cd19e74efcb6dee9a1c1f28af9f399a19b637525ddf6ecc375d752b442

SHA512
2e23617e6fe22c3034d2411dfad01ad83f4f07c8357cd3a7ebad27928f3dc6c958b11ffcc438460e42ba64205bf7527ae79e27d6b06a056dbec69c1472023e31

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\nub.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
1008B

MD5
2cc75a2707903f31cfbcee0278b8834d

SHA1
06d94b3921bfc317cf59d169889d5c370454589f

SHA256
a25bf55b169ec0271afcf35bde69c3265524306e05ec51c10e55bd1f4d989071

SHA512
5fd4bedf205b406291fde2d21862dc07f1c9a8515db380a4bced7d7a336cc2b8369dd60767e5c91f1b5b13d6173b8f6daef74438b29b8c147e290f2fbec56e01

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
1KB

MD5
b173afe6966f02207ece4d85bd8c6901

SHA1
1cb200a60a07ecb9158a7eff158d9defcfca5a1b

SHA256
94f0d352e01a0ee7f8336cbdb54045a5fcd3dfef5b9439748f3da6aad34adf6e

SHA512
da7e500a5d677ab8773ea708f0529fe8c938e1692c72953d3b1d2d7ba4e93232d2b50ea87d2437faad25c8f21aac1bdbdb5f6c30527f9df8115d952f621c3ada

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons2x.png.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
2KB

MD5
df4cce797a11f419c2ae3d7578b104d6

SHA1
6650891af7db825a7bbb90da45975c1de4a7edaf

SHA256
4e7fe2d6d6af94ff313f0e77c151f548beb289769631675aefe74badb012a026

SHA512
52661a6a330f2c8f0328ad388d3b63b5b23a53c6341541f175a824e5e2c5a726558daba1dc50575b9b87c3cfaf95ad1c6a00ba81ae71f911d9f99199bee67211

Download Submit
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\viewer\nls\nl-nl\ui-strings.js.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
848B

MD5
f29a511085c9cc008641e449af3bc39b

SHA1
c771d69b3fbfd35ee72dad5876fef2fc568a6e18

SHA256
33ce5c5b80d6811cf309d3dc8829b89d066a2b181ba85ede44c925e8777c7649

SHA512
67a05fb6b7e48b20b490b6f2c4924723bbe0cb6a24a2ce5077432d2e7a3fab9d2c64e49de3d8ac0ed0024adcfcc0a4570cda338b394a5ed78df8963961d11b0c

Download Submit
C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt.9695AAA3C60273CAF5BEB0C9A995518BCDF8209F0F9C03BC2149D03C9699EDEF
Filesize
32KB

MD5
d6984438fb13225b81ac7efe4fbbba2d

SHA1
1e4ad6014c61ba8ead0339e9845c9a320f6d266e

SHA256
3748c640b2e6f2a0e2e8b7f0ca1f5cf79965f78933359942252c5580bbe637d0

SHA512
1c199370c99c723a93549cd285f8e35c0d11b5661c3c031e19d7cd590558512e1a835856f885161e71d62a02ab3fd66c8f37af5cb3416dfca4eae5ce02a91fe3

Download Submit
memory/3348-5-0x0000000004E70000-0x0000000004E80000-memory.dmp

Filesize
64KB

Download
memory/3348-0-0x0000000000370000-0x00000000003AC000-memory.dmp

Filesize
240KB

Download
memory/3348-1-0x0000000004D70000-0x0000000004E0C000-memory.dmp

Filesize
624KB

Download
memory/3348-2-0x0000000074E80000-0x0000000075630000-memory.dmp

Filesize
7.7MB

Download
memory/3348-3-0x0000000005480000-0x0000000005A24000-memory.dmp

Filesize
5.6MB

Download
memory/3348-4-0x0000000004ED0000-0x0000000004F62000-memory.dmp

Filesize
584KB

Download
memory/3348-1167-0x0000000004E70000-0x0000000004E80000-memory.dmp

Filesize
64KB

Download
memory/3348-6-0x0000000004E30000-0x0000000004E3A000-memory.dmp

Filesize
40KB

Download
memory/3348-7-0x00000000050C0000-0x0000000005116000-memory.dmp

Filesize
344KB

Download
memory/3348-808-0x0000000074E80000-0x0000000075630000-memory.dmp

Filesize
7.7MB

Download
memory/3348-3452-0x0000000000C50000-0x0000000000CB6000-memory.dmp

Filesize
408KB

Download
memory/3348-3453-0x0000000004E70000-0x0000000004E80000-memory.dmp

Filesize
64KB

Download
memory/3348-3454-0x0000000004E70000-0x0000000004E80000-memory.dmp

Filesize
64KB

Download