» AcroRd32.exe
Overview
Analysis
File Details
Programs (9)
Downloads (17)

AcroRd32.exe

Adobe Reader

Adobe Systems, Incorporated

This is installed with multiple programs including Adobe After Effects CC 2015 and Adobe Acrobat XI Standard. The file has been seen being downloaded from www.email.cz and multiple other hosts.

File name:

AcroRd32.exe

Publisher:

Adobe Systems Incorporated (signed by Adobe Systems, Incorporated)

Product:

Adobe Reader

Description:

Adobe Reader

Version:

11.0.10.32

MD5:

7a97aa40d8a3da4a9095873c72d524c5

SHA-1:

d219db66995e0548ea1226cb1806388b1ac718f7

SHA-256:

00d2ce2c35e8f2d31c2a8778c6e8846be3d1467cd1e66aa494571a14dea0e4d1

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/6/2024 8:23:06 AM UTC (today)

File size:

1.5 MB (1,534,184 bytes)

Product version:

11.0.10.32

Original file name:

AcroRd32.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\adobe\reader 11.0\reader\acrord32.exe

Digital Signature

Signed by:

Adobe Systems, Incorporated

Authority:

Symantec Corporation

Valid from:

7/16/2014 7:00:00 PM

Valid to:

7/17/2015 6:59:59 PM

Subject:

CN="Adobe Systems, Incorporated", OU=Acrobat XI, O="Adobe Systems, Incorporated", L=San Jose, S=California, C=US, SERIALNUMBER=2748129, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:

CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

7AA3C98FD96740972FCF8725373F3E50

File PE Metadata

Compilation timestamp:

12/2/2014 10:54:17 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

24576:8fJVAXknwvrPymlvoCO1kCjTPADOwWPg9kl0nE58bi4O8b8ITDnlLGk3S:M+XGwv2tP1zTPADnWPMklKu8bi4O8b81

Entry address:

0x1039

Entry point:

E8, FB, 01, 00, 00, E9, 4A, 11, 0E, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 6A, FE, 68, 98, EF, 53, 00, 68, D0, 18, 4E, 00, 64, A1, 00, 00, 00, 00, 50, 83, EC, 5C, A1, 38, E9, 54, 00, 31, 45, F8, 33, C5, 89, 45, E4, 53, 56, 57, 50, 8D, 45, F0, 64, A3, 00, 00, 00, 00, 89, 65, E8, 8B, 5D, 08, 8B, 45, 0C, 89, 45, A4, 8B, 75, 14, 8B, 4D, 18, 89, 4D, A0, BF, 22, 00, 00, C0, 89, 7D, AC, 85, F6, 74, 21, 8B, 46, 08, 85, C0, 74, 1A, 8B, 48, 04, 85, C9, 74, 13, 66, 83, 38, 08, 72, 0D, 51... 
[+]

Entropy:

6.3611

Code size:

1 MB (1,097,728 bytes)

The file AcroRd32.exe has been discovered within the following programs.

Adobe Acrobat XI Pro by Adobe Systems Incorporated

Adobe Acrobat is a set of application software to view, create, manipulate, print and manage files in Portable Document Format (PDF). Acrobat and Reader are widely used as a method of presenting information with a fixed layout similar to a paper publication.

www.adobe.com

6% remove it

Adobe Acrobat XI Standard by Adobe Systems Incorporated

Publisher's description - “Whether you need to create, edit, or sign PDF documents, you can do it easier with Adobe® Acrobat® XI Standard — the solution that makes PDFs work harder so you don't have to.”

4% remove it

Adobe After Effects CC 2015 by Adobe Systems Incorporated

12% remove it

Adobe Reader XI by Adobe Systems Incorporated

Adobe Acrobat and Adobe Reader XI are a set of applications designed to view, create, manipulate, print and manage files in Portable Document Format (PDF). Acrobat and Reader are widely used as a method of presenting information with a fixed layout similar to a paper publication.

3% remove it

Adobe Reader XI (11.0.06) by Adobe Systems Incorporated

Publisher's description - “Adobe Reader software is the free trusted standard for reliably viewing, printing, and annotating PDF documents. It’s the only PDF file viewer that can open and interact with all types of PDF content, including forms and multimedia.”

6% remove it

Adobe Reader XI (11.0.07) by Adobe Systems Incorporated

5% remove it

Adobe Reader XI (11.0.08) by Adobe Systems Incorporated

6% remove it

Adobe Reader XI (11.0.09) by Adobe Systems Incorporated

5% remove it

Adobe Reader XI Lite by Adobe Systems Incorporated

Publisher's description - “Adobe Reader XI Font Pack enables you to display and interact with documents authored in languages other than those supported in your native Adobe Reader. It is needed to correctly display a document when an author does not embed the appropriate font into the document.”

4% remove it

The file AcroRd32.exe has been seen being distributed by the following 17 URLs.

https://www.email.cz/download/i/.../AcroRd32.exe

https://mg.mail.yahoo.com/.../download?m=YaDownload&mid=2_0_0_2_57709_AEHuw0MAABQtVSG9AQTeGC8AWbs&fid=Sent&pid=2&clean=0&appid=YahooMailNeo&ymreqid=2195598b-df29-44d9-013a-5000d5010000

https://mg.mail.yahoo.com/.../download?m=YaDownload&mid=2_0_0_3_16992_AC7kimIAAAP1VUgK2Q0PwOTJxnE&fid=Draft&pid=2&clean=0&appid=YahooMailNeo

https://files-download2.acrocomcontent.com/api/ddx/.../7a674db4-f439-49cc-8801-8eaddd2d3b18?dlticket=F6Y_fhqyRAey_MseyajNww&html_errors=true&x-api-client-id=api_browser

https://mg.mail.yahoo.com/.../download?m=YaDownload&mid=2_0_0_3_4261_AJPNexsAAA9pVL IVQi6YM8V3bg&fid=Draft&pid=2&clean=0&appid=YahooMailNeo

https://dl-mail.ymail.com/ws/download/mailboxes/@.id==VjJ-14L8B0E7ir5j2_3eylumrIHijrmjYfsayW9iYiOZmYBFaAsplInRVgqgmkranWwC-OZtZrw2rULBXQ-scIJXZQ/messages/@.id==AL_mjkQADG2jVyYr6gRlAGpOJTM/content/parts/@.id==2/raw?appid=YahooMailNeo&token=zitEzqOML3j84e6ealFTT5U7-km5qEQF52lp7AcCuBbO8ysriw4f5XByCt9VEcs1HBCo6g9wivJVZV6p8AT6HA&error=https://us-mg6.mail.yahoo.com/.../iframemsg?id=92b5a4c7-1c62-7073-f170-d40ac9b952b9&ymreqid=a7971208-d33e-a5c0-01a6-bb0030010000

https://mg.mail.yahoo.com/.../download?m=YaDownload&mid=2_0_0_3_27967_AO5UimIAAFIBVUIg6AYiUFVsDRU&fid=Draft&pid=2&clean=0&appid=YahooMailNeo

https://mg.mail.yahoo.com/.../download?m=YaDownload&mid=2_0_0_3_7632_AJnmjkQAACMIVU7urQvi FZr8ko&fid=Draft&pid=2&clean=0&appid=YahooMailNeo

https://mg.mail.yahoo.com/.../download?m=YaDownload&mid=2_0_0_3_839_AFHFCmoAAASNVL9UuQ1SKKdnKqY&fid=Draft&pid=2&clean=0&appid=YahooMailNeo

https://dl-mail.ymail.com/ws/download/mailboxes/@.id==VjJ-WYuiNhmE2q-AmVgEAF4MObReoKhORb_ELgVVdETHZcD7p9P2bZX2_hqaRE3IDOyH/messages/@.id==AEdUimIAACq0Vwxd_AXQSF7XyvA/content/parts/@.id==2/raw?appid=YahooMailNeo&ymreqid=6547dc32-a47c-7e8a-0152-920014010000&token=zitEzqOML3j84e6ealFTT5U7-km5qEQF52lp7AcCuBY7XhgLxfcHayHziPZw1ChGefmqjpWZgsSEIzNVqfHvQg&error=https://ca-mg5.mail.yahoo.com/.../iframemsg?id=7f1575d5-9bac-9c73-a3d1-9b232a995a29

https://commercialtax.gujarat.gov.in/.../GISExcelupload.do

https://partners.birlasunlife.com/_layouts/AbfsReportsControls/.../ADPremiumDueCertificate.aspx?PolicyID=000058946&Ok=Ok&MailView=Y&DesigCode=Y

http://shipping.snapdeal.com/vendor/DROPSHIP/.../print-selected

https://onedrive.live.com/.../xFRb4ylHQKKVwr6j4=7

https://files.acrocomcontent.com/api/ddx/.../a39fde20-6efd-4a65-8b0d-206b5d64e6d0?dlticket=u1Xr1fXtSbeZyBOhvcd_5w&x-api-client-id=api_browser

https://catalyst.uw.edu/collectit/file/shareesq/35617/143200/.../573d01c31d7012f18cd4115cfe9653c3131ada575baeb45d018fa863ba31c7dd

https://mg.mail.yahoo.com/.../download?m=YaDownload&mid=2_0_0_3_67357_AJe imIAAEBOVO0U2QoOOC0rbRk&fid=Draft&pid=2&clean=0&appid=YahooMailNeo

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.