Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

C000567858802230.pdf

windows7-x64

1

C000567858802230.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/03/2024, 21:11 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    C000567858802230.pdf

  • Size

    53KB

  • MD5

    90fbc13ae668f93b456326e7de70770f

  • SHA1

    74b5d3f16d69396519d909fa79042fdf0f03b007

  • SHA256

    56df818e3aa57919be9874284a46f64250b0131837c9302c0988938e92109a10

  • SHA512

    0d40ae77556310f8f4b2143e36b46952c1e0da669e93e7bf074b41f2814c8bf144dcc27d2fc09fb5add60c4f143b0d93b8287a9977c9e36b90b90f6a13cb812f

  • SSDEEP

    1536:Dt7vJehhQQBJehhQQ7jAq3ixqlo7giAKVkaJ0XwIrzv4GtWH:p1evQSevQTqyxqUhAKVP2wIrzwGtWH

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 20 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\C000567858802230.pdf"
    1⤵
    • Checks processor information in registry
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1268
    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:3952
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=029CEC80AB52698919993FC5DB6D91FB --mojo-platform-channel-handle=1752 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
        3⤵
          PID:5084
        • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
          "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=11950648F4AC1138D55DD19CA56B46F3 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=11950648F4AC1138D55DD19CA56B46F3 --renderer-client-id=2 --mojo-platform-channel-handle=1760 --allow-no-sandbox-job /prefetch:1
          3⤵
            PID:464
          • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
            "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=DDED64D1576FF719E1B4F36D0F09A7A7 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=DDED64D1576FF719E1B4F36D0F09A7A7 --renderer-client-id=4 --mojo-platform-channel-handle=2160 --allow-no-sandbox-job /prefetch:1
            3⤵
              PID:1988
            • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
              "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=BC4421A8AC03E47C0171DD30650D7A9D --mojo-platform-channel-handle=1816 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
              3⤵
                PID:3648
              • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=3858E0E5004D4EB50743C6423FB753FB --mojo-platform-channel-handle=1932 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
                3⤵
                  PID:4400
                • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                  "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=AA55C76883653F6EA8F19A4FE983E4E3 --mojo-platform-channel-handle=2680 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
                  3⤵
                    PID:4368
                • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                  "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
                  2⤵
                    PID:4536
                • C:\Windows\System32\CompPkgSrv.exe
                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                  1⤵
                    PID:4104
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4584 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:8
                    1⤵
                      PID:2880

                    Network

                    • flag-us
                      DNS
                      209.205.72.20.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      209.205.72.20.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      41.134.221.88.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      41.134.221.88.in-addr.arpa
                      IN PTR
                      Response
                      41.134.221.88.in-addr.arpa
                      IN PTR
                      a88-221-134-41deploystaticakamaitechnologiescom
                    • flag-us
                      DNS
                      4.159.190.20.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      4.159.190.20.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      149.220.183.52.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      149.220.183.52.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      chromewebstore.googleapis.com
                      Remote address:
                      8.8.8.8:53
                      Request
                      chromewebstore.googleapis.com
                      IN A
                      Response
                      chromewebstore.googleapis.com
                      IN A
                      216.58.213.10
                      chromewebstore.googleapis.com
                      IN A
                      172.217.169.10
                      chromewebstore.googleapis.com
                      IN A
                      172.217.169.42
                      chromewebstore.googleapis.com
                      IN A
                      142.250.179.234
                      chromewebstore.googleapis.com
                      IN A
                      142.250.180.10
                      chromewebstore.googleapis.com
                      IN A
                      142.250.187.202
                      chromewebstore.googleapis.com
                      IN A
                      142.250.187.234
                      chromewebstore.googleapis.com
                      IN A
                      142.250.178.10
                      chromewebstore.googleapis.com
                      IN A
                      172.217.16.234
                      chromewebstore.googleapis.com
                      IN A
                      142.250.200.10
                      chromewebstore.googleapis.com
                      IN A
                      142.250.200.42
                      chromewebstore.googleapis.com
                      IN A
                      216.58.201.106
                      chromewebstore.googleapis.com
                      IN A
                      216.58.204.74
                    • flag-us
                      DNS
                      chromewebstore.googleapis.com
                      Remote address:
                      8.8.8.8:53
                      Request
                      chromewebstore.googleapis.com
                      IN Unknown
                      Response
                    • flag-us
                      DNS
                      10.213.58.216.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      10.213.58.216.in-addr.arpa
                      IN PTR
                      Response
                      10.213.58.216.in-addr.arpa
                      IN PTR
                      lhr25s25-in-f101e100net
                      10.213.58.216.in-addr.arpa
                      IN PTR
                      ber01s14-in-f10�H
                    • flag-us
                      DNS
                      157.123.68.40.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      157.123.68.40.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      171.39.242.20.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      171.39.242.20.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      135.240.123.92.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      135.240.123.92.in-addr.arpa
                      IN PTR
                      Response
                      135.240.123.92.in-addr.arpa
                      IN PTR
                      a92-123-240-135deploystaticakamaitechnologiescom
                    • flag-us
                      DNS
                      98.117.19.2.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      98.117.19.2.in-addr.arpa
                      IN PTR
                      Response
                      98.117.19.2.in-addr.arpa
                      IN PTR
                      a2-19-117-98deploystaticakamaitechnologiescom
                    • flag-us
                      DNS
                      107.117.19.2.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      107.117.19.2.in-addr.arpa
                      IN PTR
                      Response
                      107.117.19.2.in-addr.arpa
                      IN PTR
                      a2-19-117-107deploystaticakamaitechnologiescom
                    • flag-us
                      DNS
                      37.56.20.217.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      37.56.20.217.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      11.227.111.52.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      11.227.111.52.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      101.58.20.217.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      101.58.20.217.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      1.173.189.20.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      1.173.189.20.in-addr.arpa
                      IN PTR
                      Response
                    • 216.58.213.10:443
                      chromewebstore.googleapis.com
                      tls
                      2.0kB
                       8.0kB
                       17
                      18
                    • 13.107.246.64:443
                      46 B
                       40 B
                       1
                      1
                    • 8.8.8.8:53
                      209.205.72.20.in-addr.arpa
                      dns
                      72 B
                       158 B
                       1
                      1

                      DNS Request

                      209.205.72.20.in-addr.arpa

                    • 8.8.8.8:53
                      41.134.221.88.in-addr.arpa
                      dns
                      72 B
                       137 B
                       1
                      1

                      DNS Request

                      41.134.221.88.in-addr.arpa

                    • 8.8.8.8:53
                      4.159.190.20.in-addr.arpa
                      dns
                      71 B
                       157 B
                       1
                      1

                      DNS Request

                      4.159.190.20.in-addr.arpa

                    • 8.8.8.8:53
                      149.220.183.52.in-addr.arpa
                      dns
                      73 B
                       147 B
                       1
                      1

                      DNS Request

                      149.220.183.52.in-addr.arpa

                    • 8.8.8.8:53
                      chromewebstore.googleapis.com
                      dns
                      75 B
                       283 B
                       1
                      1

                      DNS Request

                      chromewebstore.googleapis.com

                      DNS Response

                      216.58.213.10
                      172.217.169.10
                      172.217.169.42
                      142.250.179.234
                      142.250.180.10
                      142.250.187.202
                      142.250.187.234
                      142.250.178.10
                      172.217.16.234
                      142.250.200.10
                      142.250.200.42
                      216.58.201.106
                      216.58.204.74

                    • 8.8.8.8:53
                      chromewebstore.googleapis.com
                      dns
                      75 B
                       132 B
                       1
                      1

                      DNS Request

                      chromewebstore.googleapis.com

                    • 8.8.8.8:53
                      10.213.58.216.in-addr.arpa
                      dns
                      72 B
                       141 B
                       1
                      1

                      DNS Request

                      10.213.58.216.in-addr.arpa

                    • 8.8.8.8:53
                      157.123.68.40.in-addr.arpa
                      dns
                      72 B
                       146 B
                       1
                      1

                      DNS Request

                      157.123.68.40.in-addr.arpa

                    • 8.8.8.8:53
                      171.39.242.20.in-addr.arpa
                      dns
                      72 B
                       158 B
                       1
                      1

                      DNS Request

                      171.39.242.20.in-addr.arpa

                    • 8.8.8.8:53
                      135.240.123.92.in-addr.arpa
                      dns
                      73 B
                       139 B
                       1
                      1

                      DNS Request

                      135.240.123.92.in-addr.arpa

                    • 8.8.8.8:53
                      98.117.19.2.in-addr.arpa
                      dns
                      70 B
                       133 B
                       1
                      1

                      DNS Request

                      98.117.19.2.in-addr.arpa

                    • 8.8.8.8:53
                      107.117.19.2.in-addr.arpa
                      dns
                      71 B
                       135 B
                       1
                      1

                      DNS Request

                      107.117.19.2.in-addr.arpa

                    • 8.8.8.8:53
                      37.56.20.217.in-addr.arpa
                      dns
                      71 B
                       131 B
                       1
                      1

                      DNS Request

                      37.56.20.217.in-addr.arpa

                    • 8.8.8.8:53
                      11.227.111.52.in-addr.arpa
                      dns
                      72 B
                       158 B
                       1
                      1

                      DNS Request

                      11.227.111.52.in-addr.arpa

                    • 8.8.8.8:53
                      101.58.20.217.in-addr.arpa
                      dns
                      72 B
                       132 B
                       1
                      1

                      DNS Request

                      101.58.20.217.in-addr.arpa

                    • 8.8.8.8:53
                      1.173.189.20.in-addr.arpa
                      dns
                      71 B
                       157 B
                       1
                      1

                      DNS Request

                      1.173.189.20.in-addr.arpa

                    MITRE ATT&CK Enterprise v15

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads

                    • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
                      Filesize

                      64KB

                      MD5

                      2d8e1348046c79f961c04f22d70e0bdf

                      SHA1

                      ae9d279af9ad94f4509a0bc71ef6b601115b600f

                      SHA256

                      0aed4cecba00add042773cedef99294d4eda5a6bd9c8cbf31e530ad13f89c3a4

                      SHA512

                      0a14befe0268a993f3e1b2e14c6d4d8d4d7bb44f7c5a132c93fadf98f107de890abed7eb69ead90a7dc983d723a63702f79087822421ca56e274f48407aa95cc

                      Download Submit

                    • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
                      Filesize

                      36KB

                      MD5

                      b30d3becc8731792523d599d949e63f5

                      SHA1

                      19350257e42d7aee17fb3bf139a9d3adb330fad4

                      SHA256

                      b1b77e96279ead2b460de3de70e2ea4f5ad1b853598a4e27a5caf3f1a32cc4f3

                      SHA512

                      523f54895fb07f62b9a5f72c8b62e83d4d9506bda57b183818615f6eb7286e3b9c5a50409bc5c5164867c3ccdeae88aa395ecca6bc7e36d991552f857510792e

                      Download Submit

                    • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
                      Filesize

                      56KB

                      MD5

                      752a1f26b18748311b691c7d8fc20633

                      SHA1

                      c1f8e83eebc1cc1e9b88c773338eb09ff82ab862

                      SHA256

                      111dac2948e4cecb10b0d2e10d8afaa663d78d643826b592d6414a1fd77cc131

                      SHA512

                      a2f5f262faf2c3e9756da94b2c47787ce3a9391b5bd53581578aa9a764449e114836704d6dec4aadc097fed4c818831baa11affa1eb25be2bfad9349bb090fe5

                      Download Submit

                    • memory/1268-93-0x000000000BED0000-0x000000000C17B000-memory.dmp

                      Filesize

                      2.7MB

                      Download

                    We care about your privacy.

                    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.