» adobe acrobat xi pro 11.0.6 mu.exe
Overview
Analysis
File Details

adobe acrobat xi pro 11.0.6 mu.exe

Armadillo Incorporated

The application adobe acrobat xi pro 11.0.6 mu.exe by Armadillo has been detected as a potentially unwanted program by 23 anti-malware scanners.

File name:

Publisher:

Armadillo Incorporated (signed and verified)

Product:

Armadillo Incorporated

Version:

68.9.8.8070

MD5:

297fad1cc1c18d8a509890fc3b6385b2

SHA-1:

3fab2d3bf3c3f1a28bf9cee07b9e18579ab25f99

SHA-256:

fb01d9728e385e3998551dc5159e38f435d5c10e0044b7bb82bdfd068ab23fb4

Scanner detections:

23 / 68

Status:

Potentially unwanted

Explanation:

Bundles additional software, mostly toolbars and other potentially unwanted applications using the Vittalia monitization installer.

Analysis date:

11/24/2024 2:32:14 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Graftor.274815

313

Avira AntiVirus

PUA/DownloadAdmin.KK

8.3.3.4

Arcabit

Trojan.Graftor.D4317F

1.0.0.662

avast!

Win32:Malware-gen

2014.9-160327

AVG

Generic

2017.0.2791

Bitdefender

Gen:Variant.Graftor.274815

1.0.20.435

Bkav FE

W32.HfsAdware

1.3.0.7744

Dr.Web

Trojan.Vittalia.8677

9.0.1.087

Emsisoft Anti-Malware

Gen:Variant.Graftor.274815

8.16.03.27.12

ESET NOD32

Win32/DownloadAdmin.Q potentially unwanted (variant)

10.13227

F-Prot

W32/S-d3c41f53

v6.4.7.1.166

F-Secure

Gen:Variant.Graftor.274815

11.2016-27-03_1

G Data

Gen:Variant.Graftor.274815

16.3.25

IKARUS anti.virus

PUA.DownloadAdmin

t3scan.2.0.9.0

Kaspersky

not-a-virus:Downloader.Win32.DownloAdmin

14.0.0.452

Malwarebytes

PUP.Optional.DownLoadAdmin

v2016.03.27.12

MicroWorld eScan

Gen:Variant.Graftor.274815

17.0.0.261

Qihoo 360 Security

QVM10.1.Malware.Gen

1.0.0.1120

Reason Heuristics

PUP.DownloadAdmin (M)

16.3.27.12

Rising Antivirus

PE:Trojan.DownloadAdmin!1.A4A7 [F]

23.00.65.16325

Sophos

Download Admin (PUA)

4.98

Trend Micro House Call

PUA_DOWNADMIN.SM

7.2.87

VIPRE Antivirus

Trojan.Win32.Generic

48102

File size:

890.6 KB (911,936 bytes)

Product version:

68.9.8.8070

Original file name:

setup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\mwp_mar_2016\malware\adobe acrobat xi pro 11.0.6 mu.exe

Digital Signature

Signed by:

Armadillo Incorporated

Authority:

GoDaddy.com, Inc.

Valid from:

3/8/2016 11:17:38 PM

Valid to:

3/8/2017 11:17:38 PM

Subject:

CN=Armadillo Incorporated, O=Armadillo Incorporated, L=SAN FRANCISCO, S=California, C=US

Issuer:

CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

30F1E885B799F0DA

File PE Metadata

Compilation timestamp:

3/31/2015 6:12:57 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

24576:MHk7SjIP+8RAx3ViGpcb+NNldxwzYo2nvtE1:MEuhVkGpgiwzYZq

Entry address:

0x105A

Entry point:

E8, A1, D2, 00, 00, E9, A3, CB, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, FF, 25, 58, 8F, 48, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, FF, 25, E4, 8F, 48, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, FF, 25, 00, 90, 48, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 44, 24, 04, 85, C0, 74, 06, A1, 70, 01, 41, 00, C3, 8B, 4C, 24, 04, 85, C9, 74, 06, A1, 84, 01, 41, 00, C3, 8B, 54, 24, 04, 85, D2, 74, 06, A1, 8C, 01, 41, 00, C3, 8B, 44, 24, 04, 85, C0, 74, 06, A1, 54, 01, 41, 00, C3, 8B, 4C... 
[+]

Code size:

56.5 KB (57,856 bytes)

Remove adobe acrobat xi pro 11.0.6 mu.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.