Overview

overview

5

Static

static

5

7BIC.pdf

windows10-1703-x64

3

7BIC.pdf

windows7-x64

3

7BIC.pdf

windows10-2004-x64

3

7BIC.pdf

windows11-21h2-x64

3

Analysis

  • max time kernel
    94s
  • max time network
    129s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    21-08-2024 05:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7BIC.pdf

  • Size

    1.6MB

  • MD5

    f295aba287f5eaec2d0170f0a602661b

  • SHA1

    7c838786f78732ded439310aa107171fdce82d77

  • SHA256

    95e0416424dea94f38d8a7e06903875e5d99472412fd5f93e629aaf0553de80e

  • SHA512

    9cf916f841a786b930c0cb561a9dfd6106c459758c264bd9f8c21f4d0bb9eadd3aeec2932ad0cd6c83dbcf01a9194f43586bdc91aebbcdc6602665a589d06298

  • SSDEEP

    49152:jzKHqbUGnRj0omsVQt/LEtD6QulPUcSHFtBUzGo4:SHq4g6Yq5Qul8f/BpB

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 11 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 20 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\7BIC.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Checks processor information in registry
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2588
    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" -c
      2⤵
      • System Location Discovery: System Language Discovery
      • Suspicious use of WriteProcessMemory
      PID:2064
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" -c --type=collab-renderer --proc=2064
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies registry class
        PID:3400
        • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\FullTrustNotifier.exe
          "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\FullTrustNotifier.exe" GetChannelUri
          4⤵
          • System Location Discovery: System Language Discovery
          PID:404
    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
      2⤵
      • System Location Discovery: System Language Discovery
      • Suspicious use of WriteProcessMemory
      PID:1232
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=38844BCC6488B11168255303B25039A1 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=38844BCC6488B11168255303B25039A1 --renderer-client-id=2 --mojo-platform-channel-handle=1756 --allow-no-sandbox-job /prefetch:1
        3⤵
        • System Location Discovery: System Language Discovery
        PID:2688
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=5CF12C7F56E947535DF869756B9696FC --mojo-platform-channel-handle=1764 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        PID:4124
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=8754EE794ACF7F8A51EAC7DC4FB7EA60 --mojo-platform-channel-handle=2324 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        PID:5020
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=FECC09A028EDCCB4257924147B2182E9 --mojo-platform-channel-handle=1992 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        PID:2988
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=51CA4815AF879A35293C6EA6579D9DE0 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=51CA4815AF879A35293C6EA6579D9DE0 --renderer-client-id=6 --mojo-platform-channel-handle=2332 --allow-no-sandbox-job /prefetch:1
        3⤵
        • System Location Discovery: System Language Discovery
        PID:4880
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=F8C3F8D90B55B25DF7291F2338B38C3C --mojo-platform-channel-handle=2012 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        PID:2984
  • C:\Windows\System32\CompPkgSrv.exe
    C:\Windows\System32\CompPkgSrv.exe -Embedding
    1⤵
      PID:496

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
      Filesize

      36KB

      MD5

      b30d3becc8731792523d599d949e63f5

      SHA1

      19350257e42d7aee17fb3bf139a9d3adb330fad4

      SHA256

      b1b77e96279ead2b460de3de70e2ea4f5ad1b853598a4e27a5caf3f1a32cc4f3

      SHA512

      523f54895fb07f62b9a5f72c8b62e83d4d9506bda57b183818615f6eb7286e3b9c5a50409bc5c5164867c3ccdeae88aa395ecca6bc7e36d991552f857510792e

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
      Filesize

      56KB

      MD5

      752a1f26b18748311b691c7d8fc20633

      SHA1

      c1f8e83eebc1cc1e9b88c773338eb09ff82ab862

      SHA256

      111dac2948e4cecb10b0d2e10d8afaa663d78d643826b592d6414a1fd77cc131

      SHA512

      a2f5f262faf2c3e9756da94b2c47787ce3a9391b5bd53581578aa9a764449e114836704d6dec4aadc097fed4c818831baa11affa1eb25be2bfad9349bb090fe5

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
      Filesize

      64KB

      MD5

      bcf1f8b5762ce97655825ad3188a052d

      SHA1

      2b2564dc47525b2c313b33aaf902a302da4d7cf7

      SHA256

      93c2a047cae408e99a77c65fd275f7b8784f3c297c8a6ec35ab071006993102d

      SHA512

      393ee1e6f88c212833b8ec7d3b59699bce21e7146afec996f5a5d329a8acd44532654f282c9da912690c8764156ba797a34bed16c9df1855b1384677281a8d59

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer
      Filesize

      92KB

      MD5

      aebe0d2eb7a2077a55e57a955e62406a

      SHA1

      3f811b8148f12220f4b45699135e6d21c9847d8a

      SHA256

      87aa4c64348b534771f03919b5bdca09596e89f6e0cca0a992bb3d290ec4155a

      SHA512

      efa1b082925a4e478fcea74764bbacb91d43da8c01c4b360a34e6f7402af23f91c93b5e91c6266120e144b5300e8dae73a62a7b6d7c4328410128f6a72a7baed

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer
      Filesize

      92KB

      MD5

      1208d48e1ca9267e8109527c7770f83f

      SHA1

      f6e42ed458ba6980fddca311158f53b58ea28014

      SHA256

      3e02feb15dac5e094af089cddc49424886a26bee11392160700bdcc2bacc11d3

      SHA512

      f66aabe1f1193697974d459b963f7d97f28fad8582ff3f11c1bc67aa5e807ecab231d51d49f5c2a1a3471c19de9399212b7ba12f8a5468c943a656b2586d87cd

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer
      Filesize

      92KB

      MD5

      245950c48f668cf2fcb3c64778e64089

      SHA1

      3a5a14c820f58e35a3fc6f5de29669f0840587d8

      SHA256

      a027cf12f2055635a3020f08e0448b2f0314791260ccd25570426088c5b0e307

      SHA512

      4fc8448536663b551cc716d78715f06d4ed217fbdf755924f0b30aebbb6212798a61c6638f919d5c14bdb6998d6a12f0ca37281f3c7f484c1821fbfc98d4a24d

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer
      Filesize

      92KB

      MD5

      b702bb7bfaf0932635d2f681e700c8a6

      SHA1

      515ad7c4f9740ca945a0643e3eb237c4e2f18fd0

      SHA256

      773b154ced9ac5c53b11216c6ebe50183a5a050c52668e3447d0f577d526d6f4

      SHA512

      6fe80f0a6e20367d69bc5612537bebacafa4ad1545ac206aea52931ca712c5ee6f1f6803ac1a4bb8ea043e3cf1f5f9fb99ba41b3d166947d84a3cd7ed28cc3f9

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\resources\resource-18
      Filesize

      3.6MB

      MD5

      4761e9e5022ad59232d3ff1d6365fc28

      SHA1

      2fbb4de0513928aaf315dba85359cc2e475f90d3

      SHA256

      52089e103b099774a479dc435d5902b82c85a458522d9ea52657c3011405c58c

      SHA512

      3cc9497e99bf308b2f90ba2d45bb36f8b765fc184d457d06f63fcf0f4d74fc55d4a450878d1ca713fa6f9b70850e96c6b5fd3af9e84e3dde7e597f520b0d5f90

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
      Filesize

      471B

      MD5

      faecfd834ece5a7fd099821afd0bf64b

      SHA1

      d4a1a0212724b99c02cb6816e2859ae41163169a

      SHA256

      944d8f4d34c7fcdbeabd742c5ace8dd12373d5d7732344d43223701baffef06f

      SHA512

      f8e3d483197b380de6d59dd58296cdbd6251daf6df8a4164f6b229a0c88984fe09bee7cdb8914c01acf9982ddbc82469d04cb8695b1cf68fe4ac7f44e7652355

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
      Filesize

      338B

      MD5

      a4d99268f5056fcc3c0ca4c3eed71b43

      SHA1

      45d7f75076ffc8817f2e0a6571d1feef75a1eedf

      SHA256

      7b0dbb631f5d5cf218937a4052a07a5b968d16024b28312b42b9651b49c1e049

      SHA512

      62af063639ed5b09e924dbdbaa5637fe4309e8c25c4a7c9d82ef7b199dbd634684c49a8457e8e5972e118d588985c6473f68f9dac7b277c9853c9b407e4fc772

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
      Filesize

      400B

      MD5

      8cf6bf4df8cdc4dcee96906de2f86b43

      SHA1

      5127ac46f9f44172325e731a82cd3cb06e5c525b

      SHA256

      9c3cb59670b7a3da71273032e51065b8ffbd33d09975e5f2d0b996c9354f9f90

      SHA512

      584a12b4bbf7001d0902a2919376b16f3711e9e5cb4276bb6554b7b56e57491afca563749f40303c887b16da1ebb0254bb035de5342cbbb25c56a83e777f859e

      Download Submit

    • C:\Users\Admin\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents
      Filesize

      12KB

      MD5

      6c91e46c59d800090ef2237fa1c571ce

      SHA1

      43fee7fe207cee8fc327833c0578647583f3cf41

      SHA256

      53d80b237685364f983af7853d590113346195030e45d3a21fbfed8bb7568e29

      SHA512

      88dd12ec17a48233771947a8e7d540745092408e13f76180679b06f02dd5a94ffabd9e7171f558a66d10696b65bcc1bd041555752bd869e941b327ab10e77bfb

      Download Submit

    • C:\Users\Admin\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents
      Filesize

      12KB

      MD5

      aa12e77268b4a418041c28edca284359

      SHA1

      e996b886d8a746a847ce481cd1eea899109e313a

      SHA256

      f7f66d839cd4cb4e582325513ee930363d919c1fa6ea39fe73e7f931ce72b9d5

      SHA512

      cfcab6b5f43761f23994f89dcfe01a85694e302a7acc76dd6e431184bbae02bdeb3add81e9f20579ddb1750ac90e4f4c432753e0f71b1f08905d7657e1f9abaa

      Download Submit

    • C:\Users\Admin\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents
      Filesize

      12KB

      MD5

      7efa5fe41339174d25b8373c38684e54

      SHA1

      fec3577a15b370512f3db60e2bb218d95a3bda74

      SHA256

      0e6de81e8ad8fcc204b67d993c6a3b3081758ae7383fa602d746598ae24624cc

      SHA512

      b4d879a068c108e3c1000fb45ed83f3e817c02d20c2904dd57e6d20d27c3b445959bd5ff48d520f1df026cf865338447d3f7084512e860deb9c7f2356eb0ff5a

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\DC\Security\addressbook.acrodata
      Filesize

      14KB

      MD5

      947f93fe0eed44767626846f28cfde05

      SHA1

      f6276d2a2b4a9d8a8e23c84019cd3961e9d60e88

      SHA256

      06a576fc14e995c437b26c0d150b4e84cd745e7cedfd972a84b42b51c842fc9b

      SHA512

      f97739eb0d22a99b06ef340aefb0d5a5b45b679d28accff3de2565166392c7d2fabaa33f945696f7d456ba2ef323f48e43eb26578f71c8b2e8ed32fb4dc69bc9

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\DC\Security\addressbook.acrodata
      Filesize

      5.4MB

      MD5

      a1704864c4cf60bee94efcf0bc41820d

      SHA1

      397b15d6f4e34164f08ee1fb560b32bf02e57181

      SHA256

      7a969b1616fe584ef8c6fa03258b43e43785001bb2e2effc86848ffa2aae7d06

      SHA512

      bd96aa47c4d2d83af91cff0a838979729ac93913ca16132ebd5e795292daca28a298407e9fe439b365878c12ef13c64e6257caf5efbb8fe84010bd626eccc2cc

      Download Submit