AcroRd32.exe

Adobe Reader

Adobe Systems, Incorporated

This is installed with multiple programs including Adobe Reader 9.3.4 and Adobe Photoshop CS6. The file has been seen being downloaded from mail-attachment.googleusercontent.com and multiple other hosts.
Publisher:
Adobe Systems Incorporated  (signed by Adobe Systems, Incorporated)

Product:
Adobe Reader

Description:
Adobe Reader 9.5

Version:
9.5.1.283

MD5:
8a4e324e2c857d7b762b62a684e03e9c

SHA-1:
02bba8a2c8a622d556ffd77472c924c7f64d1659

SHA-256:
ef9a48553e800aa72f095a642e727982c2ed94247b8dd54fa9f635545632ec9a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 12:55:43 AM UTC  (today)

File size:
349.4 KB (357,808 bytes)

Product version:
9.5.1.283

Copyright:
Copyright 1984-2010 Adobe Systems Incorporated and its licensors. All rights reserved.

Original file name:
AcroRd32.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\adobe\reader 9.0\reader\acrord32.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
9/27/2009 8:00:00 PM

Valid to:
11/4/2012 6:59:59 PM

Subject:
CN="Adobe Systems, Incorporated", OU=Acrobat Engineering, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Adobe Systems, Incorporated", L=San Jose, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0290965E913340CDA6634CEF31F7FD07

File PE Metadata
Compilation timestamp:
3/27/2012 8:40:42 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:mulLgwir74on8Bqg0OYM9aJfXgY1zUTyr5hVeNaQC:mq59on8B4OYM+XgTTSj44

Entry address:
0x4334

Entry point:
E8, BB, 03, 00, 00, E9, 36, FD, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 48, B6, 40, 00, 89, 0D, 44, B6, 40, 00, 89, 15, 40, B6, 40, 00, 89, 1D, 3C, B6, 40, 00, 89, 35, 38, B6, 40, 00, 89, 3D, 34, B6, 40, 00, 66, 8C, 15, 60, B6, 40, 00, 66, 8C, 0D, 54, B6, 40, 00, 66, 8C, 1D, 30, B6, 40, 00, 66, 8C, 05, 2C, B6, 40, 00, 66, 8C, 25, 28, B6, 40, 00, 66, 8C, 2D, 24, B6, 40, 00, 9C, 8F, 05, 58, B6, 40, 00, 8B, 45, 00, A3, 4C, B6, 40, 00, 8B, 45, 04, A3, 50, B6, 40, 00, 8D, 45, 08, A3, 5C, B6, 40, 00, 8B...
 
[+]

Entropy:
5.3103

Code size:
20 KB (20,480 bytes)

The file AcroRd32.exe has been discovered within the following programs.

Adobe Photoshop CS6  by Adobe Systems Incorporated
Adobe Photoshop CS6 is the industry-standard image editing software, used worldwide by professional photographers, amateur photographers, and designers who want to perfect their digital images.
www.adobe.com/go/ps_support
12% remove it
Adobe Reader 9.1  by Adobe Systems Incorporated
Adobe Acrobat and Reader are a set of applications designed to view, create, manipulate, print and manage files in Portable Document Format (PDF). Acrobat and Reader are widely used as a method of presenting information with a fixed layout similar to a paper publication.
www.adobe.com
6% remove it
Adobe Reader 9.3.4  by Adobe Systems Incorporated
Publisher's description - “Adobe Reader allows more securely view, print, search, sign, verify, and collaborate on PDF documents, online as well as offline, from your home or office. Reader has a completely redesigned interface, new tools, and new options for viewing information more efficiently.”
12% remove it
Adobe Reader 9.5.1  by Adobe Systems Incorporated
8% remove it
Adobe Reader 9.5.2  by Adobe Systems Incorporated
6% remove it
Adobe Reader 9.5.5  by Adobe Systems Incorporated
Publisher's description - “Acrobat Reader lets you read and print from any system any document created as an Adobe Portable Document Format (PDF) file, with its original appearance preserved.”
12% remove it
 
Powered by Should I Remove It?

The file AcroRd32.exe has been seen being distributed by the following 4 URLs.

https://mail-attachment.googleusercontent.com/.../?ui=2&ik=e90fd3c9dd&view=att&th=1380a2b60faa7ba6&attid=0.1&disp=safe&realattid=f_h3ogpj2z0&zw&saduie=AG9B_P8_rDCUNmReejL1MuNIvLft&sadet=1340200509667&sads=ly2cfyjBv7yrtyIHmbGqp-xesTQ