Summary

Владислав разработчик.pdf

File Владислав разработчик.pdf

Summary
Download Resubmit sample

Size 156.7KB
Type PDF document, version 1.7, 2 pages
MD5 ddf0f9c2f4e50078b3447c0c8e03405c
SHA1 b5b00d1cc386c94f72d5a116e49c751eefe009c9
SHA256 74e6c6bc2426d8350880d60c8ba266723ddcd9897c506686b6c739ad026f37e7
SHA512
5f4f2972f4cfeafeda6e49d4ed6c7d73d6b4c2544c595e6ec9e5086e0249407bdc52368049b7400182519fe962f09399b12561c20eacca7214bd3c904b11b9ef
CRC32 8E5D527C
ssdeep None
Yara
  • invalid_trailer_structure - (no description)

Score

This file appears fairly benign with a score of 0.1 out of 10.

Please notice: The scoring system is currently still in development and should be considered an alpha feature.

Feedback

Expecting different results? Send us this analysis and we will inspect it. Click here

Information on Execution

Analysis
Category Started Completed Duration Routing Logs
FILE April 18, 2025, 3:58 p.m. April 18, 2025, 4 p.m. 117 seconds internet Show Analyzer Log
Show Cuckoo Log

Analyzer Log

2025-04-18 15:57:55,015 [analyzer] DEBUG: Starting analyzer from: C:\tmp4hzt0l
2025-04-18 15:57:55,030 [analyzer] DEBUG: Pipe server name: \??\PIPE\VSQoaGGtQQxUxxeRhIpUbD
2025-04-18 15:57:55,030 [analyzer] DEBUG: Log pipe server name: \??\PIPE\zJcUPTYbdAeWmYJEW
2025-04-18 15:57:55,280 [analyzer] DEBUG: Started auxiliary module Curtain
2025-04-18 15:57:55,280 [analyzer] DEBUG: Started auxiliary module DbgView
2025-04-18 15:57:55,780 [analyzer] DEBUG: Started auxiliary module Disguise
2025-04-18 15:57:55,983 [analyzer] DEBUG: Loaded monitor into process with pid 504
2025-04-18 15:57:55,983 [analyzer] DEBUG: Started auxiliary module DumpTLSMasterSecrets
2025-04-18 15:57:55,983 [analyzer] DEBUG: Started auxiliary module Human
2025-04-18 15:57:55,983 [analyzer] DEBUG: Started auxiliary module InstallCertificate
2025-04-18 15:57:55,983 [analyzer] DEBUG: Started auxiliary module Reboot
2025-04-18 15:57:56,030 [analyzer] DEBUG: Started auxiliary module RecentFiles
2025-04-18 15:57:56,030 [analyzer] DEBUG: Started auxiliary module Screenshots
2025-04-18 15:57:56,030 [analyzer] DEBUG: Started auxiliary module Sysmon
2025-04-18 15:57:56,030 [analyzer] DEBUG: Started auxiliary module LoadZer0m0n
2025-04-18 15:57:56,171 [lib.api.process] INFO: Successfully executed process from path 'C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\AcroRd32.exe' with arguments [u'C:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\\u0412\u043b\u0430\u0434\u0438\u0441\u043b\u0430\u0432 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a.pdf'] and pid 3008
2025-04-18 15:57:56,358 [analyzer] DEBUG: Loaded monitor into process with pid 3008
2025-04-18 15:57:58,108 [analyzer] INFO: Added new file to list with pid 3008 and path C:\Users\Administrator\AppData\Roaming\Adobe\Acrobat\9.0\UserCache.bin
2025-04-18 15:57:58,328 [analyzer] INFO: Added new file to list with pid 3008 and path C:\Users\Administrator\AppData\Local\Adobe\Color\Profiles\wscRGB.icc
2025-04-18 15:57:58,358 [analyzer] INFO: Added new file to list with pid 3008 and path C:\Users\Administrator\AppData\Local\Adobe\Color\Profiles\wsRGB.icc
2025-04-18 15:57:58,375 [analyzer] INFO: Added new file to list with pid 3008 and path C:\Users\Administrator\AppData\Local\Adobe\Color\ACECache10.lst
2025-04-18 15:58:01,437 [analyzer] INFO: Added new file to list with pid 3008 and path C:\Users\Administrator\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents-journal
2025-04-18 15:58:01,467 [analyzer] INFO: Added new file to list with pid 3008 and path C:\Users\Administrator\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
2025-04-18 14:59:35,137 [analyzer] INFO: Analysis timeout hit, terminating analysis.
2025-04-18 14:59:35,355 [lib.api.process] ERROR: Failed to dump memory of 32-bit process with pid 3008.
2025-04-18 14:59:35,637 [analyzer] INFO: Terminating remaining processes before shutdown.
2025-04-18 14:59:35,637 [lib.api.process] INFO: Successfully terminated process with pid 3008.
2025-04-18 14:59:35,668 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\roaming\\adobe\\acrobat\\9.0\\shareddataevents-journal' does not exist, skip.
2025-04-18 14:59:35,668 [analyzer] INFO: Analysis completed.

Cuckoo Log

2025-04-18 15:58:29,940 [cuckoo.core.scheduler] INFO: Task #6298258: acquired machine win7x6420 (label=win7x6420)
2025-04-18 15:58:29,941 [cuckoo.core.resultserver] DEBUG: Now tracking machine 192.168.168.220 for task #6298258
2025-04-18 15:58:30,312 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 3265067 (interface=vboxnet0, host=192.168.168.220)
2025-04-18 15:58:30,347 [cuckoo.machinery.virtualbox] DEBUG: Starting vm win7x6420
2025-04-18 15:58:31,293 [cuckoo.machinery.virtualbox] DEBUG: Restoring virtual machine win7x6420 to vmcloak
2025-04-18 15:58:57,257 [cuckoo.core.guest] INFO: Starting analysis #6298258 on guest (id=win7x6420, ip=192.168.168.220)
2025-04-18 15:58:58,262 [cuckoo.core.guest] DEBUG: win7x6420: not ready yet
2025-04-18 15:59:03,288 [cuckoo.core.guest] INFO: Guest is running Cuckoo Agent 0.10 (id=win7x6420, ip=192.168.168.220)
2025-04-18 15:59:03,367 [cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=win7x6420, ip=192.168.168.220, monitor=latest, size=6660546)
2025-04-18 15:59:04,938 [cuckoo.core.resultserver] DEBUG: Task #6298258: live log analysis.log initialized.
2025-04-18 15:59:05,873 [cuckoo.core.resultserver] DEBUG: Task #6298258 is sending a BSON stream
2025-04-18 15:59:06,245 [cuckoo.core.resultserver] DEBUG: Task #6298258 is sending a BSON stream
2025-04-18 15:59:07,146 [cuckoo.core.resultserver] DEBUG: Task #6298258: File upload for 'shots/0001.jpg'
2025-04-18 15:59:07,161 [cuckoo.core.resultserver] DEBUG: Task #6298258 uploaded file length: 133479
2025-04-18 15:59:08,269 [cuckoo.core.resultserver] DEBUG: Task #6298258: File upload for 'shots/0002.jpg'
2025-04-18 15:59:08,281 [cuckoo.core.resultserver] DEBUG: Task #6298258 uploaded file length: 125282
2025-04-18 15:59:09,364 [cuckoo.core.resultserver] DEBUG: Task #6298258: File upload for 'shots/0003.jpg'
2025-04-18 15:59:09,378 [cuckoo.core.resultserver] DEBUG: Task #6298258 uploaded file length: 125568
2025-04-18 15:59:16,730 [cuckoo.core.resultserver] DEBUG: Task #6298258: File upload for 'shots/0004.jpg'
2025-04-18 15:59:16,746 [cuckoo.core.resultserver] DEBUG: Task #6298258 uploaded file length: 123763
2025-04-18 15:59:19,490 [cuckoo.core.guest] DEBUG: win7x6420: analysis #6298258 still processing
2025-04-18 15:59:34,689 [cuckoo.core.guest] DEBUG: win7x6420: analysis #6298258 still processing
2025-04-18 15:59:35,599 [cuckoo.core.resultserver] DEBUG: Task #6298258: File upload for 'curtain/1744981175.5.curtain.log'
2025-04-18 15:59:35,617 [cuckoo.core.resultserver] DEBUG: Task #6298258 uploaded file length: 36
2025-04-18 15:59:35,636 [cuckoo.core.resultserver] DEBUG: Task #6298258: File upload for 'sysmon/1744981175.62.sysmon.xml'
2025-04-18 15:59:35,643 [cuckoo.core.resultserver] DEBUG: Task #6298258 uploaded file length: 843612
2025-04-18 15:59:35,648 [cuckoo.core.resultserver] DEBUG: Task #6298258: File upload for 'files/dfa8b6912e19a543_wscrgb.icc'
2025-04-18 15:59:35,650 [cuckoo.core.resultserver] DEBUG: Task #6298258 uploaded file length: 66208
2025-04-18 15:59:35,659 [cuckoo.core.resultserver] DEBUG: Task #6298258: File upload for 'files/9be9bb13360cbb88_wsrgb.icc'
2025-04-18 15:59:35,661 [cuckoo.core.resultserver] DEBUG: Task #6298258 uploaded file length: 2676
2025-04-18 15:59:35,664 [cuckoo.core.resultserver] DEBUG: Task #6298258: File upload for 'files/557b7ae84b1bdb69_acecache10.lst'
2025-04-18 15:59:35,665 [cuckoo.core.resultserver] DEBUG: Task #6298258 uploaded file length: 1946
2025-04-18 15:59:35,672 [cuckoo.core.resultserver] DEBUG: Task #6298258: File upload for 'files/a5979563664d1986_shareddataevents'
2025-04-18 15:59:35,674 [cuckoo.core.resultserver] DEBUG: Task #6298258 uploaded file length: 3072
2025-04-18 15:59:35,677 [cuckoo.core.resultserver] DEBUG: Task #6298258: File upload for 'files/2cbbfbe12768f624_usercache.bin'
2025-04-18 15:59:35,681 [cuckoo.core.resultserver] DEBUG: Task #6298258 uploaded file length: 69063
2025-04-18 15:59:36,517 [cuckoo.core.resultserver] DEBUG: Task #6298258: File upload for 'shots/0005.jpg'
2025-04-18 15:59:36,542 [cuckoo.core.resultserver] DEBUG: Task #6298258 uploaded file length: 133477
2025-04-18 15:59:36,556 [cuckoo.core.resultserver] DEBUG: Task #6298258 had connection reset for <Context for LOG>
2025-04-18 15:59:37,708 [cuckoo.core.guest] INFO: win7x6420: analysis completed successfully
2025-04-18 15:59:37,722 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Redsocks
2025-04-18 15:59:37,754 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer
2025-04-18 15:59:38,770 [cuckoo.machinery.virtualbox] INFO: Successfully generated memory dump for virtual machine with label win7x6420 to path /srv/cuckoo/cwd/storage/analyses/6298258/memory.dmp
2025-04-18 15:59:38,771 [cuckoo.machinery.virtualbox] DEBUG: Stopping vm win7x6420
2025-04-18 16:00:26,722 [cuckoo.core.resultserver] DEBUG: Stopped tracking machine 192.168.168.220 for task #6298258
2025-04-18 16:00:27,580 [cuckoo.core.scheduler] DEBUG: Released database task #6298258
2025-04-18 16:00:27,618 [cuckoo.core.scheduler] INFO: Task #6298258: analysis procedure completed

Signatures

Yara rule detected for file (1 event)
description (no description) rule invalid_trailer_structure
Screenshots
Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action VT Location
No hosts contacted.
Cuckoo

We're processing your submission... This could take a few seconds.