home

AcroRd32.exe

Adobe Reader

Adobe Systems, Incorporated

This is a setup program which is used to install the application. It runs as a scheduled task under the Windows Task Scheduler. This is installed with multiple programs including Adobe Reader and Adobe Reader 9.1. The file has been seen being downloaded from mbox-ics.curitiba.pr.gov.br and multiple other hosts.
Publisher:
Adobe Systems Incorporated  (signed by Adobe Systems, Incorporated)

Product:
Adobe Reader

Description:
Adobe Reader 9.1

Version:
9.1.0.2009022700

MD5:
aa92c4ca02533cc14437df9d183fec30

SHA-1:
f1628ab13fe86a4caadf26d61870d4e13860f73d

SHA-256:
889d3f94ffa49cef34ff2c78b29a6c5a664315099c8ddb1cb585a4dd35c41a22

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/10/2025 5:34:20 PM UTC  (today)

File size:
341.4 KB (349,544 bytes)

Product version:
9.1.0.2009022700

Copyright:
Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.

Original file name:
AcroRd32.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Adobe Systems, Incorporated

Authority:
VeriSign, Inc.

Valid from:
9/19/2006 1:00:00 AM

Valid to:
11/5/2009 11:59:59 PM

Subject:
CN="Adobe Systems, Incorporated", OU=Acrobat Engineering, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Adobe Systems, Incorporated", L=San Jose, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
270D755C9F5AC3B7DB61F50998287078

File PE Metadata
Compilation timestamp:
2/28/2009 1:10:24 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:cZ/JlDYUwulh9cTk6OI79aJfXgY1zUTyr5hVGqllf:c1Y2h9cTOI7+XgTTSjwy

Entry address:
0x4174

Entry point:
E8, BB, 03, 00, 00, E9, 36, FD, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 40, 96, 40, 00, 89, 0D, 3C, 96, 40, 00, 89, 15, 38, 96, 40, 00, 89, 1D, 34, 96, 40, 00, 89, 35, 30, 96, 40, 00, 89, 3D, 2C, 96, 40, 00, 66, 8C, 15, 58, 96, 40, 00, 66, 8C, 0D, 4C, 96, 40, 00, 66, 8C, 1D, 28, 96, 40, 00, 66, 8C, 05, 24, 96, 40, 00, 66, 8C, 25, 20, 96, 40, 00, 66, 8C, 2D, 1C, 96, 40, 00, 9C, 8F, 05, 50, 96, 40, 00, 8B, 45, 00, A3, 44, 96, 40, 00, 8B, 45, 04, A3, 48, 96, 40, 00, 8D, 45, 08, A3, 54, 96, 40, 00, 8B...
 
[+]

Code size:
16 KB (16,384 bytes)

Scheduled Task
Task name:
{03BC301F-210D-4A00-B608-15DBB5999092}

Trigger:
Registration (Runs on registration)


The file AcroRd32.exe has been discovered within the following programs.

Adobe Illustrator CS6  by Adobe Systems Incorporated
Publisher's description - “Adobe Illustrator CS6 is the industry-standard vector graphics software, used worldwide by designers of all types who want to create digital graphics, illustrations, and typography for all kinds of media: print, web, interactive, video, and mobile.”
www.adobe.com/products/illustrator.html
7% remove it
Adobe Photoshop CS6  by Adobe Systems Incorporated
Adobe Photoshop CS6 is the industry-standard image editing software, used worldwide by professional photographers, amateur photographers, and designers who want to perfect their digital images.
www.adobe.com/go/ps_support
12% remove it
Adobe Reader  by Adobe Systems Incorporated
Publisher's description - “Acrobat Reader lets you read and print from any system any document created as an Adobe Portable Document Format (PDF) file, with its original appearance preserved.”
www.adobe.com
4% remove it
Adobe Reader 9  by Adobe Systems Incorporated
Adobe Acrobat and Reader are a set of applications designed to view, create, manipulate, print and manage files in Portable Document Format (PDF). Acrobat and Reader are widely used as a method of presenting information with a fixed layout similar to a paper publication.
10% remove it
Adobe Reader 9.1  by Adobe Systems Incorporated
Publisher's description - “Adobe Reader allows more securely view, print, search, sign, verify, and collaborate on PDF documents, online as well as offline, from your home or office. Reader has a completely redesigned interface, new tools, and new options for viewing information more efficiently.”
6% remove it
 
Powered by Should I Remove It?

The file AcroRd32.exe has been seen being distributed by the following 7 URLs.

http://mbox-ics.curitiba.pr.gov.br/service/home/.../?id=2333&part=2&auth=co&disp=i

https://dl-mail.ymail.com/ws/download/mailboxes/@.id==VjJ-XfIIOKo9qFTpzbg3dYz5iJoJz2IxqF0qbPSji9m5qKi-6PRt7eq5Xa4jFCqshz4C/messages/@.id==AJnmjkQAAav5V4oFfQJpMCzwY4Y/content/parts/@.id==2/raw?appid=YahooMailNeo&ymreqid=68d826d9-3d97-227c-019d-db003b010000&token=zitEzqOML3j84e6ealFTT5U7-km5qEQF52lp7AcCuBayWKZoFNJ7T3n0bW8bt7Hk4QS589m2ULn4HOf3kMCF_g&error=https://us-mg6.mail.yahoo.com/.../iframemsg?id=384473ae-f494-4336-55e9-d0e7c72fc325

https://drive.google.com/accounts

https://mail.google.com/mail/u/.../?ui=2&ik=ba72e60801&view=att&th=1543805752b757be&attid=0.1&disp=safe&realattid=f_ina1vqon0&zw

https://lms2.unitec.edu/draftfile.php/827521/user/draft/.../AcroRd32.exe

https://nowy.tlen.pl/api/v2/mails/messages/10001-d458e47e62299b08a6385f55/.../1.2

http://alicemail21c.rossoalice.alice.it/cp/ps/Mail/.../AcroRd32.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.