Overview

overview

6

Static

static

6

W8 or Cert...ms.pdf

windows7-x64

4

W8 or Cert...ms.pdf

windows10-2004-x64

3

Certificat...us.pdf

windows7-x64

3

Certificat...us.pdf

windows10-2004-x64

3

W-8BEN Ind...ls.pdf

windows7-x64

3

W-8BEN Ind...ls.pdf

windows10-2004-x64

3

W-8BEN-E Entities.pdf

windows7-x64

3

W-8BEN-E Entities.pdf

windows10-2004-x64

3

W-8ECI Inc...ss.pdf

windows7-x64

3

W-8ECI Inc...ss.pdf

windows10-2004-x64

3

W-8EXP Tax Exempt.pdf

windows7-x64

3

W-8EXP Tax Exempt.pdf

windows10-2004-x64

3

W-8IMY For...ip.pdf

windows7-x64

3

W-8IMY For...ip.pdf

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-08-2024 23:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    W-8BEN-E Entities.pdf

  • Size

    307KB

  • MD5

    e6131315346a213ee805a4f8ed881770

  • SHA1

    483153589d2dfa11fd4ca1c314cb8ba57dfc2986

  • SHA256

    d67fc5abae5af11df5d6168a60f7a7e7f27044efa63f660cb76c0e47a241ef6e

  • SHA512

    3acd63de95e25384332939353593bf44fe7bb6e3fed9e2abb3262cc9cf426845069311e321c22cdeaa497a3c5c896932818895ee76e261a9c298912c018fcf67

  • SSDEEP

    3072:HoCqxzVjAIZVa8t8Qfk6V61eK4Ib4Z63n1qsmqU+BIjzrYbqvGKjgh96AXTdz:bszVjAAainfkmfLXkGvFjgD6mTN

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 11 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 20 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\W-8BEN-E Entities.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Checks processor information in registry
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4848
    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" -c
      2⤵
      • System Location Discovery: System Language Discovery
      • Suspicious use of WriteProcessMemory
      PID:464
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" -c --type=collab-renderer --proc=464
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies registry class
        PID:1384
        • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\FullTrustNotifier.exe
          "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\FullTrustNotifier.exe" GetChannelUri
          4⤵
          • System Location Discovery: System Language Discovery
          PID:1188
    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
      2⤵
      • System Location Discovery: System Language Discovery
      • Suspicious use of WriteProcessMemory
      PID:3504
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=935DFDC0EFC932CD75753C0B07BC51AA --mojo-platform-channel-handle=1724 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        PID:2408
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=24BD50A521E4D139F006CB7C877A9D44 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=24BD50A521E4D139F006CB7C877A9D44 --renderer-client-id=2 --mojo-platform-channel-handle=1732 --allow-no-sandbox-job /prefetch:1
        3⤵
        • System Location Discovery: System Language Discovery
        PID:848
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=0656085D9293D5D3B04996958C2A9154 --mojo-platform-channel-handle=2344 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        PID:372
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=B26BAEDC43FF6A8B4DE070AC29F4A71B --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=B26BAEDC43FF6A8B4DE070AC29F4A71B --renderer-client-id=5 --mojo-platform-channel-handle=2444 --allow-no-sandbox-job /prefetch:1
        3⤵
        • System Location Discovery: System Language Discovery
        PID:1528
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=135B341854ABF6811C0FDF353018C2FE --mojo-platform-channel-handle=1952 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        PID:816
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=1D327EFD09ABF93E818D0B32C73D4487 --mojo-platform-channel-handle=2552 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        PID:2060
  • C:\Windows\System32\CompPkgSrv.exe
    C:\Windows\System32\CompPkgSrv.exe -Embedding
    1⤵
      PID:2924
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=3812,i,4174666705242427184,7333705955694532165,262144 --variations-seed-version --mojo-platform-channel-handle=1436 /prefetch:8
      1⤵
        PID:2408

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
        Filesize

        36KB

        MD5

        b30d3becc8731792523d599d949e63f5

        SHA1

        19350257e42d7aee17fb3bf139a9d3adb330fad4

        SHA256

        b1b77e96279ead2b460de3de70e2ea4f5ad1b853598a4e27a5caf3f1a32cc4f3

        SHA512

        523f54895fb07f62b9a5f72c8b62e83d4d9506bda57b183818615f6eb7286e3b9c5a50409bc5c5164867c3ccdeae88aa395ecca6bc7e36d991552f857510792e

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
        Filesize

        56KB

        MD5

        752a1f26b18748311b691c7d8fc20633

        SHA1

        c1f8e83eebc1cc1e9b88c773338eb09ff82ab862

        SHA256

        111dac2948e4cecb10b0d2e10d8afaa663d78d643826b592d6414a1fd77cc131

        SHA512

        a2f5f262faf2c3e9756da94b2c47787ce3a9391b5bd53581578aa9a764449e114836704d6dec4aadc097fed4c818831baa11affa1eb25be2bfad9349bb090fe5

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
        Filesize

        64KB

        MD5

        f24371fb076320473841c4d7b4c90003

        SHA1

        c306a5081b5c86187b852d8c3dc17cde90d208c9

        SHA256

        8c3543498deb0508a3e4c4304b7288e190a39584d5ac3f7cc43511c6c3abea52

        SHA512

        83d04bf82d5e578d7b8676459393cad61fc0e1fd772c6b10b620a24d5eb892a8c7645e14b18b2d03f62bafc0b055bcaf494cf2005c86b07acf4a05e3177500db

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer
        Filesize

        92KB

        MD5

        f1992bef72b18a0411b366f6f4941acf

        SHA1

        4810209e085cfbd5b6674bd9bc47b5567b24c286

        SHA256

        7c520c5b7757914776415c03e6bc3134b0ed0492776f6a9a1569a82e8009b4a7

        SHA512

        3d26812c13aa9dfb6f76c3c0ea33153a62844af1f79db4ffbd594b93473351a5f51afb4ee835cc9be637bcb8acdfc5e61b1464cf34770b60be3d25953be95b20

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer
        Filesize

        92KB

        MD5

        245950c48f668cf2fcb3c64778e64089

        SHA1

        3a5a14c820f58e35a3fc6f5de29669f0840587d8

        SHA256

        a027cf12f2055635a3020f08e0448b2f0314791260ccd25570426088c5b0e307

        SHA512

        4fc8448536663b551cc716d78715f06d4ed217fbdf755924f0b30aebbb6212798a61c6638f919d5c14bdb6998d6a12f0ca37281f3c7f484c1821fbfc98d4a24d

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer
        Filesize

        92KB

        MD5

        aebe0d2eb7a2077a55e57a955e62406a

        SHA1

        3f811b8148f12220f4b45699135e6d21c9847d8a

        SHA256

        87aa4c64348b534771f03919b5bdca09596e89f6e0cca0a992bb3d290ec4155a

        SHA512

        efa1b082925a4e478fcea74764bbacb91d43da8c01c4b360a34e6f7402af23f91c93b5e91c6266120e144b5300e8dae73a62a7b6d7c4328410128f6a72a7baed

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer
        Filesize

        92KB

        MD5

        67987375772d49f0e9b1c36f30103fac

        SHA1

        6bc547d0a5316e2d4c3dd40743492c4df1b5ebe1

        SHA256

        f69ce590cea7a20e972f473ac18aea88660fbd10a7e22aa86412c52fdd9ff1b6

        SHA512

        ff0f70298c1746d8530fa24c106a4acb4b62dedc2783a928019859dd5d4575cab66a428af075d69486fb532b882b55a349da9174f5289e1a6851fe408229939f

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\resources\resource-18
        Filesize

        3.6MB

        MD5

        4761e9e5022ad59232d3ff1d6365fc28

        SHA1

        2fbb4de0513928aaf315dba85359cc2e475f90d3

        SHA256

        52089e103b099774a479dc435d5902b82c85a458522d9ea52657c3011405c58c

        SHA512

        3cc9497e99bf308b2f90ba2d45bb36f8b765fc184d457d06f63fcf0f4d74fc55d4a450878d1ca713fa6f9b70850e96c6b5fd3af9e84e3dde7e597f520b0d5f90

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
        Filesize

        471B

        MD5

        d5fdfaf5e0813ba512c3d6785be9fa41

        SHA1

        723982f8b65118b05a8c3fab44c20d144424fe06

        SHA256

        75ef8323eab42ba6d5fbfd2e88ff74f5a2a57ab5aa5f1155411d490f0fd686af

        SHA512

        d7c719947c14f66d817cbba9ee74f8f5855bd769abd3d5c66df3af187ea0480d576f0f0608b1e0f2e7d9304d3a24293be1d10a3676deed27274eb895248e8570

        Download Submit

      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
        Filesize

        400B

        MD5

        77b93fac9dea365b49c0da2ed8d9d428

        SHA1

        06ff9c49a6d0c1129c152894aefe4739b5066862

        SHA256

        a78a80bb8a5ae53f6544321413b93fa5235a500d1707614f2a477fbb0eca7f18

        SHA512

        d5c21e4f08e5a0de394134950a5c396111fe7aec580c18e6f1ba031b1c39f2ebba9a36a6e578fcf26b8f2e1f96de563b2b2865292baaac8149ce57bd53f079c7

        Download Submit

      • C:\Users\Admin\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents
        Filesize

        12KB

        MD5

        595efd5df74d07c41cc8365caab3e620

        SHA1

        e6da8e54d95d243ce9cbe8a07ab78e2f54048a6e

        SHA256

        03ccddc4bef22b39dd0b055de4db336290ee665f23b8bfcf6a6a7e4c5af16aeb

        SHA512

        60e19c46ba2fbf677af237fbaa0f07348e77e649f6d11e1c013d797b3f49549f0ec80095c8ff7c90b3c7c82a0a70bf5f65d1102986221ecc726ab30f2d4fc92f

        Download Submit

      • C:\Users\Admin\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents
        Filesize

        12KB

        MD5

        428e45fc06243da01fe1f0a1d13fca94

        SHA1

        5eef2ba26fca26fa7907b80560943a061750c45f

        SHA256

        7fa4b552073823a464aa7812481a263c625a68024a12dac1f2294f1872af9afd

        SHA512

        5a92c521a7a9ff007193f37fe71c4f4405df38abd24f307b6f9fa7dc127f793957f7ad51e4b2e98d973a2f451af73982eac3ceacc182c7cf345e4b4c8d85312b

        Download Submit

      • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\DC\Security\addressbook.acrodata
        Filesize

        14KB

        MD5

        947f93fe0eed44767626846f28cfde05

        SHA1

        f6276d2a2b4a9d8a8e23c84019cd3961e9d60e88

        SHA256

        06a576fc14e995c437b26c0d150b4e84cd745e7cedfd972a84b42b51c842fc9b

        SHA512

        f97739eb0d22a99b06ef340aefb0d5a5b45b679d28accff3de2565166392c7d2fabaa33f945696f7d456ba2ef323f48e43eb26578f71c8b2e8ed32fb4dc69bc9

        Download Submit

      • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\DC\Security\addressbook.acrodata
        Filesize

        5.4MB

        MD5

        a1704864c4cf60bee94efcf0bc41820d

        SHA1

        397b15d6f4e34164f08ee1fb560b32bf02e57181

        SHA256

        7a969b1616fe584ef8c6fa03258b43e43785001bb2e2effc86848ffa2aae7d06

        SHA512

        bd96aa47c4d2d83af91cff0a838979729ac93913ca16132ebd5e795292daca28a298407e9fe439b365878c12ef13c64e6257caf5efbb8fe84010bd626eccc2cc

        Download Submit