cfb52395dc51ac84f6aaa2b71ce5113ffdc1150023f73dd1510669f33ad420d6

Analysis

max time kernel
148s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
04/04/2024, 19:22

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

c0a322cb79f246a8b837a465c2524822_JaffaCakes118.pdf
Size

91KB
MD5

c0a322cb79f246a8b837a465c2524822
SHA1

957fc52667a49461852e60c9596f67c0b3571f4f
SHA256

cfb52395dc51ac84f6aaa2b71ce5113ffdc1150023f73dd1510669f33ad420d6
SHA512

e65735c27bde7cfa03d462d686a72d78e682ce31380f557331d91f9e7eada9fda5dae06c3b582826acfc9b99bb409f9252ce91fe5705a885d8eff2e9cb2839ef
SSDEEP

1536:ksh3xxJtR5K02a/w8NdFaze/SaPM5OfR/+dvKUWvEmSo3W9qNT6J+KW6pOu2yLXo:71HXKo/wOAe/Sak5g/0vKlsPqNT6+Xu0

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	AcroRd32.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	AcroRd32.exe

Modifies Internet Explorer settings 1 TTPs 1 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3045580317-3728985860-206385570-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION	AcroRd32.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
3004	AcroRd32.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
3004	AcroRd32.exe
3004	AcroRd32.exe
3004	AcroRd32.exe
3004	AcroRd32.exe
3004	AcroRd32.exe
3004	AcroRd32.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3004 wrote to memory of 3768	3004	AcroRd32.exe	89
PID 3004 wrote to memory of 3768	3004	AcroRd32.exe	89
PID 3004 wrote to memory of 3768	3004	AcroRd32.exe	89
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 3640	3768	RdrCEF.exe	91
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92
PID 3768 wrote to memory of 4716	3768	RdrCEF.exe	92

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c0a322cb79f246a8b837a465c2524822_JaffaCakes118.pdf"
1⤵
- Checks processor information in registry
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:3004
- C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
  "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:3768
- - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=858DBBF424D8504BF5FA3C46BEBF09FA --mojo-platform-channel-handle=1740 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
    3⤵
    PID:3640
- - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=29AA7A3A1279DA9E105AC10837F9E5DD --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=29AA7A3A1279DA9E105AC10837F9E5DD --renderer-client-id=2 --mojo-platform-channel-handle=1748 --allow-no-sandbox-job /prefetch:1
    3⤵
    PID:4716
- - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=B9684F80124C28BA8B8D7A16EE44A072 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=B9684F80124C28BA8B8D7A16EE44A072 --renderer-client-id=4 --mojo-platform-channel-handle=2176 --allow-no-sandbox-job /prefetch:1
    3⤵
    PID:1588
- - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=FA00BE8CCC55FD19C50376EDAB7F134A --mojo-platform-channel-handle=2436 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
    3⤵
    PID:988
- - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=215560D9766974BF744DC759FB245319 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=215560D9766974BF744DC759FB245319 --renderer-client-id=6 --mojo-platform-channel-handle=2568 --allow-no-sandbox-job /prefetch:1
    3⤵
    PID:3720
- - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=8B7FD27BAF1070BF449C2223F7BCD99E --mojo-platform-channel-handle=2840 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
    3⤵
    PID:1564
- - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=A57A16D14DC18068477C4992AEC127D9 --mojo-platform-channel-handle=2852 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
    3⤵
    PID:1340

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

Filesize
64KB

MD5
e401e0ac5846a2e78d51330eb24c0d61

SHA1
6838ab0ea8ef54fe7d7c50b000ea509cd281350a

SHA256
6ff7115d3e65092696425fa31ffd8185cdd6a963c58be00b5606a62c332ba3ae

SHA512
e6a736579f325c98910523cc25e8e66fc2b0dd3179e3b24f3e80f0984de2576937408f88855922a3e2cbefe5e97bd22a74301e567108d8e59b0da956c53b034f

Download Submit
C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

Filesize
64KB

MD5
b63486c4911ceca9e14161ba6f42b858

SHA1
a18e1f5edef9ea998b42456e3f551516e0800327

SHA256
047818045d4cd9ac17409a0185df21eeac565d4069a997c730ab8bfe936bcdb4

SHA512
3f7ed7b1c3aacb969db776e30f9e5abba88cddaad2c465bfdbf7381232e1561793b81300ccde702daa301afb6e503a65a3980b64040df6b5b42846df9d24d10d

Download Submit
memory/3004-34-0x000000000C460000-0x000000000C481000-memory.dmp

Filesize
132KB

Download