home

AcroRd32.exe

Adobe Acrobat Reader DC

Adobe Systems, Incorporated

This is installed with multiple programs including Extended Asian Language font pack for Adobe Acrobat Reader DC and Adobe Acrobat Reader DC. The file has been seen being downloaded from onedrive.live.com and multiple other hosts.
Publisher:
Adobe Systems Incorporated  (signed by Adobe Systems, Incorporated)

Product:
Adobe Acrobat Reader DC

Description:
Adobe Acrobat Reader DC

Version:
15.16.20039.185268

MD5:
c282a6792fb3c2e4cf37082891a5d69c

SHA-1:
3db406df9e7452d1088366d4d0d4f9fa3108c325

SHA-256:
10e78e39c9a7ccb175482b316d6f04ab4cb74be57fd21d64b37242e64b41d497

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
8/9/2025 4:38:06 PM UTC  (today)

File size:
2.1 MB (2,172,600 bytes)

Product version:
15.16.20039.185268

Copyright:
Copyright 1984-2016 Adobe Systems Incorporated and its licensors. All rights reserved.

Original file name:
AcroRd32.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\adobe\acrobat reader dc\reader\acrord32.exe

Digital Signature
Signed by:
Adobe Systems, Incorporated

Authority:
Symantec Corporation

Valid from:
5/13/2015 7:00:00 PM

Valid to:
5/7/2017 6:59:59 PM

Subject:
CN="Adobe Systems, Incorporated", OU=Acrobat DC, O="Adobe Systems, Incorporated", L=San Jose, S=California, C=US, SERIALNUMBER=2748129, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
10FB713319027F3F1F1C0667B3C38CA9

File PE Metadata
Compilation timestamp:
5/3/2016 8:25:05 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:ggphMV4dijqzpSL8vq8gcqK4f4e24O8b8ITDnlyPW0BI:poWimzDvqAqK4aPA

Entry address:
0x12B7

Entry point:
E8, EE, 01, 00, 00, E9, 93, A1, 0E, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 6A, FE, 68, 28, ED, 54, 00, 68, F0, B0, 4E, 00, 64, A1, 00, 00, 00, 00, 50, 83, EC, 5C, A1, 00, 36, 56, 00, 31, 45, F8, 33, C5, 89, 45, E4, 53, 56, 57, 50, 8D, 45, F0, 64, A3, 00, 00, 00, 00, 89, 65, E8, 8B, 4D, 08, 89, 4D, D4, 8B, 4D, 0C, 89, 4D, 98, 8B, 75, 14, 8B, 5D, 18, BF, 22, 00, 00, C0, 89, 7D, 9C, 85, F6, 74, 24, 8B, 46, 08, 85, C0, 74, 1D, 8B, 50, 04, 85, D2, 74, 16, 66, 83, 38, 08, 72...
 
[+]

Entropy:
6.1304

Code size:
1.1 MB (1,155,072 bytes)

The file AcroRd32.exe has been discovered within the following programs.

Adobe Acrobat DC  by Adobe Systems Incorporated
www.adobe.com
4% remove it
Adobe Acrobat Reader DC  by Adobe Systems Incorporated
10% remove it
Adobe Acrobat Reader DC - Polish  by Adobe Systems Incorporated
7% remove it
Adobe Acrobat Reader DC - Russian  by Adobe Systems Incorporated
5% remove it
Adobe Acrobat Reader DC MUI  by Adobe Systems Incorporated
9% remove it
Adobe InDesign CC 2015  by Adobe Systems Incorporated
9% remove it
App-V Deployment Kit For Adobe Acrobat  by Adobe Systems Incorporated
12% remove it
Extended Asian Language font pack for Adobe Acrobat Reader DC  by Adobe Systems Incorporated
12% remove it
 
Powered by Should I Remove It?

The file AcroRd32.exe has been seen being distributed by the following 3 URLs.

https://onedrive.live.com/.../4NxiHskZFYQA8dvqeL3g=6&ithint=.exe

https://doc-08-ao-docs.googleusercontent.com/docs/securesc/m17h3cf1avq3rl5pc9ubm08qd0fgr050/rl3qcbbmtk5o03mn1oing03ge82o2n2t/1463472000000/.../09949249924012068484/0B4QD2BDgyjgMUkNCcmhPSHRIUmM?e=download

https://mg.mail.yahoo.com/ya/download?m=YaDownload&mid=2_0_0_2_70474_AMXmjkQAABDWVUfF8QAAADbdzqM&fid=Sent&pid=2&clean=0&appid=YahooMailBasic&redirectURL=https://us-mg6.mail.yahoo.com/neo/.../message?cmd=download.failure&fid=Sent&mid=2_0_0_2_70474_AMXmjkQAABDWVUfF8QAAADbdzqM&pid=2&tnef=&prefFilename=Mark Resume 2203.doc

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.