Resubmissions

24-04-2024 18:42

240424-xcswqsfb6t 1

24-04-2024 18:39

240424-xamxpsfb3w 1

Analysis

  • max time kernel
    149s
  • max time network
    148s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240412-en
  • resource tags

    arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    24-04-2024 18:42

General

  • Target

    https://acrobat.adobe.com/id/urn:aaid:sc:VA6C2:79b4ea8c-a655-4b6d-b979-1573521f7e76

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 3 IoCs
  • NTFS ADS 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 33 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of SetWindowsHookEx 13 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://acrobat.adobe.com/id/urn:aaid:sc:VA6C2:79b4ea8c-a655-4b6d-b979-1573521f7e76
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:5028
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0x48,0x10c,0x7ffb8574ab58,0x7ffb8574ab68,0x7ffb8574ab78
      2⤵
        PID:4120
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1836,i,1066929418669533477,11831176394202605588,131072 /prefetch:2
        2⤵
          PID:432
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1836,i,1066929418669533477,11831176394202605588,131072 /prefetch:8
          2⤵
            PID:1540
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2184 --field-trial-handle=1836,i,1066929418669533477,11831176394202605588,131072 /prefetch:8
            2⤵
              PID:3212
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2980 --field-trial-handle=1836,i,1066929418669533477,11831176394202605588,131072 /prefetch:1
              2⤵
                PID:1144
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2988 --field-trial-handle=1836,i,1066929418669533477,11831176394202605588,131072 /prefetch:1
                2⤵
                  PID:560
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4720 --field-trial-handle=1836,i,1066929418669533477,11831176394202605588,131072 /prefetch:1
                  2⤵
                    PID:3232
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3968 --field-trial-handle=1836,i,1066929418669533477,11831176394202605588,131072 /prefetch:8
                    2⤵
                      PID:4684
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4928 --field-trial-handle=1836,i,1066929418669533477,11831176394202605588,131072 /prefetch:8
                      2⤵
                        PID:4908
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4876 --field-trial-handle=1836,i,1066929418669533477,11831176394202605588,131072 /prefetch:8
                        2⤵
                        • NTFS ADS
                        PID:3992
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5156 --field-trial-handle=1836,i,1066929418669533477,11831176394202605588,131072 /prefetch:8
                        2⤵
                          PID:3136
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5160 --field-trial-handle=1836,i,1066929418669533477,11831176394202605588,131072 /prefetch:8
                          2⤵
                            PID:4664
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 --field-trial-handle=1836,i,1066929418669533477,11831176394202605588,131072 /prefetch:2
                            2⤵
                            • Suspicious behavior: EnumeratesProcesses
                            PID:1948
                        • C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
                          "C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
                          1⤵
                            PID:8
                          • C:\Windows\System32\rundll32.exe
                            C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                            1⤵
                              PID:1352
                            • C:\Users\Admin\AppData\Local\Temp\Temp1_Tax_Document.pdf.zip\Tax_Document.pdf\Tax_Document.pdf.exe
                              "C:\Users\Admin\AppData\Local\Temp\Temp1_Tax_Document.pdf.zip\Tax_Document.pdf\Tax_Document.pdf.exe"
                              1⤵
                              • Suspicious use of SetWindowsHookEx
                              PID:4128
                            • C:\Windows\system32\OpenWith.exe
                              C:\Windows\system32\OpenWith.exe -Embedding
                              1⤵
                              • Modifies registry class
                              • Suspicious use of SetWindowsHookEx
                              PID:1156
                            • C:\Windows\system32\OpenWith.exe
                              C:\Windows\system32\OpenWith.exe -Embedding
                              1⤵
                              • Modifies registry class
                              • Suspicious use of SetWindowsHookEx
                              PID:1040

                            Network

                            MITRE ATT&CK Enterprise v15

                            Replay Monitor

                            Loading Replay Monitor...

                            Downloads

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                              Filesize

                              1KB

                              MD5

                              a5e20c5d4db6c97bf522c67bb0c4a157

                              SHA1

                              b33651b19277b645b9ae03bbe57c5a41b516996d

                              SHA256

                              724b6a859e641b86e00b413fdcc4998e79088025c2f6b429f43710c870fbd05a

                              SHA512

                              24011ce52a9bf3fd47075c6ffe9309022b265bcc71fbfddd3138d724876ffe1540411e09422c617460a9b50be8486adbe5bf61bdd20c431d6479391b02250fb9

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_acrobat.adobe.com_0.indexeddb.leveldb\CURRENT

                              Filesize

                              16B

                              MD5

                              46295cac801e5d4857d09837238a6394

                              SHA1

                              44e0fa1b517dbf802b18faf0785eeea6ac51594b

                              SHA256

                              0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                              SHA512

                              8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                              Filesize

                              3KB

                              MD5

                              995cfc8165ecd7a8a5ae2d938aab4ee8

                              SHA1

                              454c02ce3e5fad9df51c0c315b8fbcd8b333c758

                              SHA256

                              b448585b5d8a51a240b7b1dab65865a49cd6a1bb4ed14b227c9e3343f591b814

                              SHA512

                              ca451968395e0ea3aeb3e82a4d2b93ef94897f2efbd5bd04727a4d50f74e736f782c1fd71655f28c20387ab7368252644523b02adcc0314fef2bb85c529a2927

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                              Filesize

                              2B

                              MD5

                              d751713988987e9331980363e24189ce

                              SHA1

                              97d170e1550eee4afc0af065b78cda302a97674c

                              SHA256

                              4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                              SHA512

                              b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                              Filesize

                              2KB

                              MD5

                              1de50c0cfb06d8e926aa10c9817028de

                              SHA1

                              5418619989be42b0d0c79e3e0c699a04947354e5

                              SHA256

                              ebbb6560ccfd4189ef999de99195e97f425365695c492c06087b5bbd55e6790e

                              SHA512

                              6487361a991d4fda0d8e2d4ef3b0fc9133258fe6f253b6416670744f98b78bc726246a3cd3c4e0c040e89af857edb5643580aabe96e1307c77fbde6f17b3f2f2

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                              Filesize

                              3KB

                              MD5

                              b42f0fcd9785d51bc393135b7af27b72

                              SHA1

                              7d1b79bba296970593030ace386b1e40f10620d4

                              SHA256

                              0456b3613a6e3403ff17149e7d43f5c16e704faea7e37bba796b9b510d1f38d3

                              SHA512

                              b0fc91d2478f4958e1b7f794c95a9cd393802e83f330249d537d1927dd1287f9492702351c5855004c39050a06cf486a2f6a3c9ff7f2571d597d74b401f8eac9

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                              Filesize

                              2KB

                              MD5

                              7634561532bf17f183bb654c414f8e0a

                              SHA1

                              4297e1d7321520f381aaee777513dcea5effbe4a

                              SHA256

                              b06289ef20cc3b8b664a40dfc49c9305990ac03ad2cd2559788a0de3aa111b59

                              SHA512

                              7f06b8b320afc26b601e93db28683fb4a29d85e031194d73b09b0424080c3b69de29def0471158f2e1b277ae349d36b05a3a4a0a8ff1e32aa8ff994572b6b6aa

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                              Filesize

                              3KB

                              MD5

                              f72d298915999d835873edd540b559d6

                              SHA1

                              eb4865742abf495453d95cf4c80d2c503f332172

                              SHA256

                              c0ab8922c87692137a5b6fca22cb8d5b855b2cde79e93e4c532240c3f8fd8e2f

                              SHA512

                              f03f2dff15122dca2462836aae2d3b1755bc7bba739e8abcf5ec6c77a8eb231a9f79f9c3ab53891259b2e8d5e36d07815e9401333aa4a7ce8ce761977587464f

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              8KB

                              MD5

                              8b29ae5a7276f0a2eaf6550b101fbda1

                              SHA1

                              a7f94a104257b8848394fa772fe4162df1155c53

                              SHA256

                              de68c1d3e5691e3317fd747b0d3d75f230c54ea3c710a2975af753f770f34c18

                              SHA512

                              311bbe5a5eb91a8ee554db68f574c4fe14f3033cc156551e8b10c7acf13a2ee99238de34ea1dbee5b98fb93328cbf46c893050d536d92c3cf828c306c69ca1d9

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              7KB

                              MD5

                              78ead114d48394807f064dc20de6eb55

                              SHA1

                              0a54e28b5cdff52b18a9e9e42dc4cff0b7293540

                              SHA256

                              6e64ce4eee0539309dc745b8a335419e2bd0240ccc7e5c1040cd37fc944aad67

                              SHA512

                              dafa29ce28384bd51b4902cedbc08d65ddf66f89253e4a723f115febbb271dffcd4a354d6c663b26cad187ed22d0fb346c30ed479b91108ac192b2f8742f43cc

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              7KB

                              MD5

                              ce6aed876bd4662ea54ce27e4f94ba94

                              SHA1

                              40f7b0d39275dd8abf2a30241255bdccf6eceb3b

                              SHA256

                              1ac5c2f692f4bcac4fd943dc7f425c81c33c8529540f2328edbc08fa0f64cdca

                              SHA512

                              1b6a32ee13eab3ae7f497c563cd6f317b9973da87c0333288356b7160fe6b33b328f13372eeea2879b6a6ad1ddba8ee61415a117e65d4d478915b7981111ad83

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\7b539bde8ca0807396a791d6ee4db1189d0e5380\0f95d298-3f0f-41fc-bebb-ccd4956cc723\index-dir\the-real-index

                              Filesize

                              72B

                              MD5

                              98c0f2df2a3c83066d2cd5eb69fce7ec

                              SHA1

                              52999a29ef7afbc2230e1c6a24ee25a8e28f809d

                              SHA256

                              a2fe029f183729add991b3cae824fc8ab7a06129c454bd7fc86e5c536748ea12

                              SHA512

                              9782e3f94dfab66f2f1885a81efb59eee741e4fd16305231a1e4f8be31262bc140336e2ffd503dbd538b31c91874428a06f44f2c6998182211da213bae7efae3

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\7b539bde8ca0807396a791d6ee4db1189d0e5380\0f95d298-3f0f-41fc-bebb-ccd4956cc723\index-dir\the-real-index~RFe57b69e.TMP

                              Filesize

                              48B

                              MD5

                              eb62b3a9551c1600768e0d5b313877dc

                              SHA1

                              a8888c9f627aea4cf1e049220a6badb2166ae748

                              SHA256

                              49a2693fcb9cd4f949439a206408a0948e279edfb8611740e925511903131e72

                              SHA512

                              e665689cbcf8807c4bb1551587e95573f3c846415503cb113798800196f68c848931919793ff7f2805f13fc5b35747303bfa99a50e2db41294ad0d796a9d2a04

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\7b539bde8ca0807396a791d6ee4db1189d0e5380\index.txt

                              Filesize

                              155B

                              MD5

                              64ddcf86392b87507d3208110aa8c3fc

                              SHA1

                              98ab748a8552c6c6ad32a4bccb4685e0e021b81d

                              SHA256

                              7c4f0b709bf84154c4ca7b648770f573bf848bf657c6f74517c7c63be87343e8

                              SHA512

                              e6c75839ca3036321b81828032cb26b4aaad89789841f74ea0da1b62b318e326f958b6e58b39979a3069da062d7c839414c3e915a494924e54f42a72bcd7d4c7

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\7b539bde8ca0807396a791d6ee4db1189d0e5380\index.txt~RFe57b6cd.TMP

                              Filesize

                              161B

                              MD5

                              e92d3a00d74419b6d6956cf114d67128

                              SHA1

                              b33413173d178f1649b67b68a27d18d9b4a3e7cb

                              SHA256

                              b8e79a40aa21245a18b60170df587cf39d0c6ac732ac2170beb18407c8cc1021

                              SHA512

                              cdd1dc4ed441de0f615518094a289611831e8bcc18d4c6d4f9aa1f4f1f020b9a78306176be54d6fe2b011f470a993ed168995481351e1ea1d43b46df95816501

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                              Filesize

                              72B

                              MD5

                              1c785511d888c9f1c037de0df9390dd2

                              SHA1

                              cd79a246ddd5e6b34b85cf682a8b9b397da307af

                              SHA256

                              2e61c27fae83deb0a6b85c682c6da3877e711394d936754beaacb7500cd6bf2e

                              SHA512

                              e682903ca7c9f5bd745d7268dd7780dddc037134373a40568a433984fc08e5fc8f181381adcb34ef091b0f9e4e0643ae87abe8fa64da273ad25155810507272c

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57b5f2.TMP

                              Filesize

                              48B

                              MD5

                              a54a698e26a9d8ed1afb994036db2d43

                              SHA1

                              27b544e0adb59d1da674931b02749e1079ca666e

                              SHA256

                              1e4b26d560c60f74f36c9f5cd611bf2bca77940c5fec95992e14dca572c96bb2

                              SHA512

                              01ad199afe53c7d50273e662cf37d5f0b1dfaee30e0753be5185e0740f8971089ba11fb25b78599bffe648ab937899634f8c19c542f7c61959b54eaf3e4302fd

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                              Filesize

                              129KB

                              MD5

                              3e9abadf8dc3aacc0239069b35c7bdf9

                              SHA1

                              37a3e6083b180512c1710d1a7c663c3b93fefc8c

                              SHA256

                              4d7bedea629c9951848592758a0aef023019125cf5dd8df1c3a42a3acd5ff7f8

                              SHA512

                              dd8acb22c3f02b8ecafcfd3d8e5147d16fa54690322da1274ad701076cae9cdb0153d7cfa6475a12de94e9c3f5881b1ed811a4ee8426b9d90d0b344bd2c95ae4

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                              Filesize

                              128KB

                              MD5

                              eb9e1fc48f43355ad2f1cf9db99dbf52

                              SHA1

                              5d84a421841809ca42063f6295ce046bfdb2b4e7

                              SHA256

                              ec8d43adb9c3aba7b9075023dd8ade88b739035a590196363f1f950193e42896

                              SHA512

                              a261f82084317b191435f7b4cc3d454b5ce8848646be2e552dd5c00dc5a3d6cc8abb113b5ffe3d0cb5ffd39a06f01f5a11428e710f1e7498d4349b6a02e5e44a

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                              Filesize

                              194KB

                              MD5

                              d4d90c3a6e3b8bd26629d932bcf97a63

                              SHA1

                              93b8753a71c28187dad99e7794faacb41d49483e

                              SHA256

                              a2eeb4f6a64ad4e2e52f240947800e35ed424429bcbd8a55e97da5b114dbd5c1

                              SHA512

                              850ed988c207d9560f6d442acc668af130740ac63cd56422b3ad999e75a5e113d331d61bd9cfeb124e3665dd643144a175e576bfe1f3ea7821f52b488380e24b

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                              Filesize

                              128KB

                              MD5

                              0a6ef935048dc19cd7398f7e33bb81a0

                              SHA1

                              9cdb42627c827e61bc852ebc03bc126c89257e79

                              SHA256

                              2e58685dbd78273c01066adf8c743da9afae130870a0d2e3e190a3035371162f

                              SHA512

                              f340f57e975208a7c3bb6b5473325163601b479771df181f6d059f1f2dfa8cd3d606943fdb11f4c44dea0e5ace99a4cf515b4f641a9c5f30ad8099563852bb99

                            • C:\Users\Admin\Downloads\Tax_Document.pdf.zip.crdownload

                              Filesize

                              13.9MB

                              MD5

                              2dd1a7c3a1e315e310ce0a8af9e57afb

                              SHA1

                              38092153924993101933d60a33394260f20468ce

                              SHA256

                              06e916ab0dcf4f5f0dd637bffb2db12e22d1a5a9fc511066a42a58a8fc486290

                              SHA512

                              1960fb0e9ca539bc0937552b9dfb267a524bdfd1229667bb35c51905202d166a1506ea881a2d83aac16102066b4027744bca402fbe7b6e9cd4f285a5ec602269

                            • C:\Users\Admin\Downloads\Tax_Document.pdf.zip:Zone.Identifier

                              Filesize

                              26B

                              MD5

                              fbccf14d504b7b2dbcb5a5bda75bd93b

                              SHA1

                              d59fc84cdd5217c6cf74785703655f78da6b582b

                              SHA256

                              eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

                              SHA512

                              aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

                            • memory/4128-367-0x0000000000CD0000-0x0000000000CD1000-memory.dmp

                              Filesize

                              4KB

                            • memory/4128-369-0x0000000000D80000-0x0000000001656000-memory.dmp

                              Filesize

                              8.8MB

                            • memory/4128-375-0x0000000000D80000-0x0000000001656000-memory.dmp

                              Filesize

                              8.8MB

                            • memory/4128-377-0x0000000000D80000-0x0000000001656000-memory.dmp

                              Filesize

                              8.8MB