home

readerdc_en_ma_install.exe

Adobe Download Manager

Adobe Systems Incorporated

This is a setup and installation application. The file has been seen being downloaded from admdownload.adobe.com.
Publisher:
Adobe Systems Incorporated

Product:
Adobe Download Manager

Version:
2.0.0.119s

MD5:
fdf371285f7db1cb77817ccbf10e96cb

SHA-1:
4993f7353b5c1291b7bf42d0c19ee7f54298dab5

SHA-256:
91ba7a783b51319d2d3d5466f82e992373ad7ef28dfca4c7c39f77bcf71a7a04

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 9:11:44 AM UTC  (today)

File size:
1.2 MB (1,268,960 bytes)

Product version:
2.0.0.119s

Copyright:
Copyright 2015 Adobe Systems Incorporated. All rights reserved.

Original file name:
Adobe Download Manager

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\readerdc_en_ma_install.exe

File PE Metadata
Compilation timestamp:
7/1/2016 12:37:12 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:zguFmX7ElTv+n2jqVVo5oAxB2uHgb80kb2x8cbMV0LrZFxey+q0y:zEX7Ov+2Aa5oAquAHk2x8am0LrZFcZTy

Entry address:
0x1000

Entry point:
60, 0F, B3, FD, 52, 68, 93, AF, F5, 00, F6, C0, F0, 4D, C0, CE, DE, 68, E9, 3D, 93, 00, 85, D8, C6, C7, 62, 0F, AC, C6, 14, B4, 74, 0F, C0, F3, 87, E8, C1, E5, EC, E8, 0A, 00, 00, 00, 85, D9, 89, D7, 0F, BA, F6, CC, 3B, C2, 83, E6, 00, 0F, C0, C2, 10, F6, 80, DA, AE, 0F, AF, CB, 0F, AF, C1, 69, DE, 6F, BC, 8E, FF, 0F, BA, F5, 32, 81, C6, 04, 0B, 00, 00, 0F, AC, DB, F9, 87, D1, 81, EE, 03, 0B, 00, 00, 42, 80, C0, 09, F7, C0, DB, 7D, 08, 15, 0F, BC, D6, 3D, F7, DB, 00, 00, 72, 03, 0F, B7, C5, 81, FE, D4, 06...
 
[+]

Entropy:
7.9813  (probably packed)

Code size:
1.9 MB (1,949,696 bytes)

The file readerdc_en_ma_install.exe has been seen being distributed by the following URL.

https://admdownload.adobe.com/bin/.../readerdc_en_ma_install.exe

Scan readerdc_en_ma_install.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.