34bd0f73306cec3110ade740fca32bf49c2d565a85714550efad722ba6e02aae

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
16/06/2024, 08:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

113546097531-2024.pdf
Size

109KB
MD5

8b09961b37d52210258f29c18644ca6c
SHA1

719521208dd4218c0356c020760e8556705c1597
SHA256

34bd0f73306cec3110ade740fca32bf49c2d565a85714550efad722ba6e02aae
SHA512

3c9d09b6377ebd2d218af3b37649e914f9aca984c4ff7014c9f2186d53407fce70e09b294e0158c0e2205cb217389c1c78945bee7e4de3aed3633cc8eb96ec0a
SSDEEP

1536:S9n1nv+XUs1fS2nTai6IEbguurV8dOll5ha/+XH:81mXn1fVllXa/+XH

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	AcroRd32.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	AcroRd32.exe

Modifies Internet Explorer settings 1 TTPs 1 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION	AcroRd32.exe

Suspicious behavior: EnumeratesProcesses 20 IoCs

pid	Process
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
3768	AcroRd32.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe
3768	AcroRd32.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3768 wrote to memory of 3732	3768	AcroRd32.exe	92
PID 3768 wrote to memory of 3732	3768	AcroRd32.exe	92
PID 3768 wrote to memory of 3732	3768	AcroRd32.exe	92
PID 3732 wrote to memory of 2968	3732	AdobeCollabSync.exe	94
PID 3732 wrote to memory of 2968	3732	AdobeCollabSync.exe	94
PID 3732 wrote to memory of 2968	3732	AdobeCollabSync.exe	94
PID 3768 wrote to memory of 2004	3768	AcroRd32.exe	95
PID 3768 wrote to memory of 2004	3768	AcroRd32.exe	95
PID 3768 wrote to memory of 2004	3768	AcroRd32.exe	95
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 4656	2004	RdrCEF.exe	96
PID 2004 wrote to memory of 3464	2004	RdrCEF.exe	97
PID 2004 wrote to memory of 3464	2004	RdrCEF.exe	97
PID 2004 wrote to memory of 3464	2004	RdrCEF.exe	97
PID 2004 wrote to memory of 3464	2004	RdrCEF.exe	97
PID 2004 wrote to memory of 3464	2004	RdrCEF.exe	97
PID 2004 wrote to memory of 3464	2004	RdrCEF.exe	97
PID 2004 wrote to memory of 3464	2004	RdrCEF.exe	97
PID 2004 wrote to memory of 3464	2004	RdrCEF.exe	97
PID 2004 wrote to memory of 3464	2004	RdrCEF.exe	97
PID 2004 wrote to memory of 3464	2004	RdrCEF.exe	97
PID 2004 wrote to memory of 3464	2004	RdrCEF.exe	97
PID 2004 wrote to memory of 3464	2004	RdrCEF.exe	97
PID 2004 wrote to memory of 3464	2004	RdrCEF.exe	97
PID 2004 wrote to memory of 3464	2004	RdrCEF.exe	97

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\113546097531-2024.pdf"
1⤵
- Checks processor information in registry
- Modifies Internet Explorer settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:3768
- C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe
  "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" -c
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:3732
- - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" -c --type=collab-renderer --proc=3732
    3⤵
    PID:2968
  - - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\FullTrustNotifier.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\FullTrustNotifier.exe" GetChannelUri
      4⤵
      PID:904
- C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
  "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:2004
- - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=A26FDBF3FBD5260F16EEA3ECCB59AFB7 --mojo-platform-channel-handle=1724 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
    3⤵
    PID:4656
- - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=723E6BA385984CF9FB285B02ABFBE5FF --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=723E6BA385984CF9FB285B02ABFBE5FF --renderer-client-id=2 --mojo-platform-channel-handle=1736 --allow-no-sandbox-job /prefetch:1
    3⤵
    PID:3464
- - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=E723C11F87BC747BCD86F2E68E8DF9C5 --mojo-platform-channel-handle=2284 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
    3⤵
    PID:3228
- - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=CBD66BD6F21A0DF970D92EBB57F5B9D9 --mojo-platform-channel-handle=2400 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
    3⤵
    PID:1056
- - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=BF41E7A8DE60C11E22E80900E8AEC75F --mojo-platform-channel-handle=2492 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
    3⤵
    PID:5020
- - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=E315E8FCDDB177228A442E9297DF77AE --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=E315E8FCDDB177228A442E9297DF77AE --renderer-client-id=7 --mojo-platform-channel-handle=2524 --allow-no-sandbox-job /prefetch:1
    3⤵
    PID:2768

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4140,i,1067197275908310731,12785105794523264014,262144 --variations-seed-version --mojo-platform-channel-handle=3672 /prefetch:8
1⤵
PID:5012

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

Filesize
36KB

MD5
b30d3becc8731792523d599d949e63f5

SHA1
19350257e42d7aee17fb3bf139a9d3adb330fad4

SHA256
b1b77e96279ead2b460de3de70e2ea4f5ad1b853598a4e27a5caf3f1a32cc4f3

SHA512
523f54895fb07f62b9a5f72c8b62e83d4d9506bda57b183818615f6eb7286e3b9c5a50409bc5c5164867c3ccdeae88aa395ecca6bc7e36d991552f857510792e

Download Submit
C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

Filesize
56KB

MD5
752a1f26b18748311b691c7d8fc20633

SHA1
c1f8e83eebc1cc1e9b88c773338eb09ff82ab862

SHA256
111dac2948e4cecb10b0d2e10d8afaa663d78d643826b592d6414a1fd77cc131

SHA512
a2f5f262faf2c3e9756da94b2c47787ce3a9391b5bd53581578aa9a764449e114836704d6dec4aadc097fed4c818831baa11affa1eb25be2bfad9349bb090fe5

Download Submit
C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer

Filesize
92KB

MD5
4999eb82b9f4eb389e2d6284d32c9d0a

SHA1
21ae32b03c4d04ff6c10865b1fdfba429ada0e03

SHA256
0d54f253b6ba1677542a9d539cf761510753ae40568e79e225161e9828b14108

SHA512
1e066ff84b1f0e16c503d11e8da0607ee7d3b5aee222674e8acea57b02f37a11f1a9d7dcc4926cb880250f891a6a2b5e47f52e5bf6b827594ce2428f422a9a9e

Download Submit
C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer

Filesize
92KB

MD5
4a2a40f38b0f98a1666708616c2649f8

SHA1
400f7df1dc51a9875b497953450419a549dbf89a

SHA256
395145ce802bce2047be173d57f83260f41ff5355dbe2fbb14cf9cb7ea9b6168

SHA512
59b11126502fe43c2e673e2f6bb1a48b728eed2fa9472ef7a35be71cfc58130eb9b156454fa774fa4f48a3909a70b98d61c7a2670b99d16fa8c39a8109cca925

Download Submit
C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer

Filesize
92KB

MD5
ea1fd7a51ae74d7178b1ebd9f660dca1

SHA1
c1246b236e5a328949b3c4d5327103cc971fb2c6

SHA256
f9484d57695c189fa7a41d419f48b5b8b512f36e3dccf4089de275e92c46ed62

SHA512
4aeb3037b6b1291e6e586f20c0da3f9f7f658bd311a3baa5076fc21469a877cf0a6868f0c13c6a11705872bbe3df3572ae1512ea6082da75aca0fda5e3c304c8

Download Submit
C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer

Filesize
92KB

MD5
aebe0d2eb7a2077a55e57a955e62406a

SHA1
3f811b8148f12220f4b45699135e6d21c9847d8a

SHA256
87aa4c64348b534771f03919b5bdca09596e89f6e0cca0a992bb3d290ec4155a

SHA512
efa1b082925a4e478fcea74764bbacb91d43da8c01c4b360a34e6f7402af23f91c93b5e91c6266120e144b5300e8dae73a62a7b6d7c4328410128f6a72a7baed

Download Submit
C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer

Filesize
92KB

MD5
091bff081e9cb8a9c842ffc56f09c01c

SHA1
a346fb5a70062d2b3f0f37fa9eb3ce2f8ff75617

SHA256
bd010c54130a43704955c199625c0d6e0e5015bfdc4ce0f30b3c9f614e3aabb9

SHA512
a9d7ab279833098856396170c9d657911d19231ed2fc9c0e72139e3f46ecf1e1e326ef1705ead5aefc0990ae8d5380052a14366e3d17386280e0034bc6ee5afc

Download Submit
C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer

Filesize
92KB

MD5
f8ae91aa51f9bc9ddbf043d1f6f551e5

SHA1
0c5a257369921fed102f9d45853dac91506502b1

SHA256
e32e31160284cf045b0f81ed08764ed847dd53c6cebc131e4d639d78c8af8fe6

SHA512
1782c13a034fade152213a6901fd6804deaccdbe1fbe31941d3210ef08bcbb47165802ae8e117ac73cc283734648dc8c4fe9c74c25dcb171971edd8c1894d61a

Download Submit
C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer

Filesize
92KB

MD5
245950c48f668cf2fcb3c64778e64089

SHA1
3a5a14c820f58e35a3fc6f5de29669f0840587d8

SHA256
a027cf12f2055635a3020f08e0448b2f0314791260ccd25570426088c5b0e307

SHA512
4fc8448536663b551cc716d78715f06d4ed217fbdf755924f0b30aebbb6212798a61c6638f919d5c14bdb6998d6a12f0ca37281f3c7f484c1821fbfc98d4a24d

Download Submit
C:\Users\Admin\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents

Filesize
12KB

MD5
6134a50b59ae3061043f0e0b14da9f10

SHA1
8168383a11a89df9a5c9a4a3a4bfba9d7ee87147

SHA256
a79b4d4b240134ae5002d5af3be7b317267a55845f43d0954d14ecda4d5c9368

SHA512
37ef9a4ec4f8cfa92316578e494cc18e3cff3458e5379709223efc004bee2ae8b02c5a2d0ef8f6df8c469f89f4cdc45c60fe882c89deb78aba084c23dfb8c19c

Download Submit