AcroRd32.exe

Adobe Reader

Adobe Systems, Incorporated

This is a setup program which is used to install the application. This is installed with multiple programs including Adobe Reader XI (11.0.07) and Adobe Acrobat XI Pro. The file has been seen being downloaded from dl-mail.ymail.com and multiple other hosts.
Publisher:
Adobe Systems Incorporated  (signed by Adobe Systems, Incorporated)

Product:
Adobe Reader

Description:
Adobe Reader

Version:
11.0.13.17

MD5:
f91eba6fbdb6953f951a0fc109cb6ffe

SHA-1:
caf18d70d79e6961b5c4cf79ec1001a213d5828e

SHA-256:
0e560b03dbf9bf0f51162772fea5b97b0a1fff90ffa6ea182d181791c0b65692

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/14/2024 2:34:34 AM UTC  (today)

File size:
1.5 MB (1,541,352 bytes)

Product version:
11.0.13.17

Copyright:
Copyright 1984-2012 Adobe Systems Incorporated and its licensors. All rights reserved.

Original file name:
AcroRd32.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\adobe\reader 11.0\reader\acrord32.exe

Digital Signature
Authority:
Symantec Corporation

Valid from:
6/4/2015 3:00:00 AM

Valid to:
5/8/2017 2:59:59 AM

Subject:
CN="Adobe Systems, Incorporated", OU=Acrobat XI, O="Adobe Systems, Incorporated", L=San Jose, S=California, C=US, SERIALNUMBER=2748129, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
6CF9CF47C58EBF93623DCBB2BF3B55F7

File PE Metadata
Compilation timestamp:
9/27/2015 1:11:23 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:yfXb+lg+q+NhW7C148eBtaZbffHMqgCGAz45amdBH4O8b8ITDnlvyC/:+b+lg+xy+1HeBta1ffHMvAzAamnH4O85

Entry address:
0x1039

Entry point:
E8, FB, 01, 00, 00, E9, 9A, 2A, 0E, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 6A, FE, 68, D0, 10, 54, 00, 68, 20, 32, 4E, 00, 64, A1, 00, 00, 00, 00, 50, 83, EC, 5C, A1, 38, 09, 55, 00, 31, 45, F8, 33, C5, 89, 45, E4, 53, 56, 57, 50, 8D, 45, F0, 64, A3, 00, 00, 00, 00, 89, 65, E8, 8B, 5D, 08, 8B, 45, 0C, 89, 45, A4, 8B, 75, 14, 8B, 4D, 18, 89, 4D, A0, BF, 22, 00, 00, C0, 89, 7D, AC, 85, F6, 74, 21, 8B, 46, 08, 85, C0, 74, 1A, 8B, 48, 04, 85, C9, 74, 13, 66, 83, 38, 08, 72, 0D, 51...
 
[+]

Code size:
1.1 MB (1,104,384 bytes)

The file AcroRd32.exe has been discovered within the following programs.

Adobe Acrobat XI Pro  by Adobe Systems Incorporated
Adobe Acrobat is a set of application software to view, create, manipulate, print and manage files in Portable Document Format (PDF). Acrobat and Reader are widely used as a method of presenting information with a fixed layout similar to a paper publication.
www.adobe.com
6% remove it
Adobe Acrobat XI Standard  by Adobe Systems Incorporated
Publisher's description - “Whether you need to create, edit, or sign PDF documents, you can do it easier with Adobe® Acrobat® XI Standard — the solution that makes PDFs work harder so you don't have to.”
4% remove it
Adobe Reader XI (11.0.06)  by Adobe Systems Incorporated
Publisher's description - “Adobe Reader software is the free trusted standard for reliably viewing, printing, and annotating PDF documents. It’s the only PDF file viewer that can open and interact with all types of PDF content, including forms and multimedia.”
6% remove it
Adobe Reader XI (11.0.07)  by Adobe Systems Incorporated
5% remove it
Adobe Reader XI (11.0.08)  by Adobe Systems Incorporated
6% remove it
 
Powered by Should I Remove It?

The file AcroRd32.exe has been seen being distributed by the following 18 URLs.

https://dl-mail.ymail.com/ws/download/mailboxes/@.id==MTQ2NTAxODk2MyAxNjQwOTAgMTY0MCBtYXJrd3JpZ2h0a2Vlc2hvbmRAeWFob28uY29t/messages/@.id==AGd2w0MAAEaWVpe3HA5X4P-vskk/content/parts/.../raw?appid=YahooMailNeo&token=VgQmusm37D5O-8RCNLuRLLurFfBd8RdOb4X433gyFSDV2nXbAA3-vIMK_O_TQQ3m4VG6wCzN8ZNgQ34LTEevOMqrbHbfo5KPritJKPChzq8&ymreqid=033acd10-bacf-11e5-c000-93347e5215b7

https://sg2000.webmail.hinet.net/.../sendAttach.do?msg=BF9911EA85FDA0EA53E5A7D638C24CF9&pid=0&owaspcsrftkn=EBHN-7LS2-IVN6-8KIR-YKVT-NXDL-7Y2H-ACSK

https://nninc-my.sharepoint.com/personal/ricardo_lima_nninc_com/.../AcroRd32.exe

https://dl-mail.ymail.com/ws/download/mailboxes/@.id==VjJ-utvA1rQd1qhlZ9xnn3yQhmaR6tsicEOpkEnEIoHelLgxOlriz3i-iv0CBXLvaOulTTpyq5YqMmuNko1CJ8bt3Q/messages/@.id==AEu_imIAAuKcV9HDkQDS8FF4-ns/content/parts/@.id==2/raw?appid=YahooMailNeo&ymreqid=9ec79457-5d46-fffe-01ce-b30033010000&token=zitEzqOML3j84e6ealFTT5U7-km5qEQF52lp7AcCuBYg_Ye4QSAu8DWMm2T6pMjMWOaXcFY8h7O8HKUtV1BUiGaRzYUu00nXyogxyAcTp8lBiQMps39YFQ0c_Tek7sGv&error=https://br-mg5.mail.yahoo.com/.../iframemsg?id=9c3c3752-a927-5f50-a385-570c89ebab62

https://mg.mail.yahoo.com/ya/.../imIAABARVjkXUgYx8OvtivA&fid=Draft&pid=2&clean=0&appid=YahooMailNeo

http://mail.uol.com.br/attachment?msg_id=OTM3OA&folder=DRAFT&disposition=attachment&ctype=AcroRd32.exe&&accountId=0

https://mg.mail.yahoo.com/.../download?m=YaDownload&mid=2_0_0_3_112682_AGgaDUwAAgZWVrxrqQkvkD6pfIQ&fid=Draft&pid=2&clean=0&appid=YahooMailNeo

temp:AcroRd32.exe