home

AcroRd32.exe

Adobe Reader

Adobe Systems, Incorporated

This is a setup program which is used to install the application. This is installed with multiple programs including Adobe Reader 9 - Polish and Adobe Reader 9. The file has been seen being downloaded from s6195.chomikuj.pl and multiple other hosts.
Publisher:
Adobe Systems Incorporated  (signed by Adobe Systems, Incorporated)

Product:
Adobe Reader

Description:
Adobe Reader 9.0

Version:
9.0.0.2008061200

MD5:
e16dd9faeca97b4c185426e5672becba

SHA-1:
f32087a346bcc58dedcfe1bc32f221d486a385c7

SHA-256:
c21bfc263890f02763f56b4e9f5cf9113656cf09d7864b53ec2fd2024bdadd60

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/17/2024 5:46:27 AM UTC  (today)

File size:
341.4 KB (349,544 bytes)

Product version:
9.0.0.2008061200

Copyright:
Copyright 1984-2008 Adobe Systems Incorporated and its licensors. All rights reserved.

Original file name:
AcroRd32.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\adobe\reader 9.0\reader\acrord32.exe

Digital Signature
Signed by:
Adobe Systems, Incorporated

Authority:
VeriSign, Inc.

Valid from:
9/19/2006 1:00:00 AM

Valid to:
11/5/2009 11:59:59 PM

Subject:
CN="Adobe Systems, Incorporated", OU=Acrobat Engineering, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Adobe Systems, Incorporated", L=San Jose, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
270D755C9F5AC3B7DB61F50998287078

File PE Metadata
Compilation timestamp:
6/12/2008 10:47:15 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:NWZPFoacFYwo+e9nyLUYZQgO529aJfXgY1zUTyr5hVaSalu:Nu45knkZlO52+XgTTSjMSN

Entry address:
0x4054

Entry point:
E8, BB, 03, 00, 00, E9, 36, FD, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 40, 96, 40, 00, 89, 0D, 3C, 96, 40, 00, 89, 15, 38, 96, 40, 00, 89, 1D, 34, 96, 40, 00, 89, 35, 30, 96, 40, 00, 89, 3D, 2C, 96, 40, 00, 66, 8C, 15, 58, 96, 40, 00, 66, 8C, 0D, 4C, 96, 40, 00, 66, 8C, 1D, 28, 96, 40, 00, 66, 8C, 05, 24, 96, 40, 00, 66, 8C, 25, 20, 96, 40, 00, 66, 8C, 2D, 1C, 96, 40, 00, 9C, 8F, 05, 50, 96, 40, 00, 8B, 45, 00, A3, 44, 96, 40, 00, 8B, 45, 04, A3, 48, 96, 40, 00, 8D, 45, 08, A3, 54, 96, 40, 00, 8B...
 
[+]

Code size:
16 KB (16,384 bytes)

The file AcroRd32.exe has been discovered within the following programs.

Adobe Reader 9  by Adobe Systems Incorporated
Adobe Acrobat and Reader are a set of applications designed to view, create, manipulate, print and manage files in Portable Document Format (PDF). Acrobat and Reader are widely used as a method of presenting information with a fixed layout similar to a paper publication.
www.adobe.com
10% remove it
Adobe Reader 9 - Italiano  by Adobe Systems Incorporated
Publisher's description - “Adobe Reader 9 Font Packs enable you to display and interact with documents authored in languages other than those supported in your native Adobe Reader software. They are needed to correctly display a document when an author does not embed the appropriate font into the document.”
www.adobe.it/support/main.html
10% remove it
Adobe Reader 9 - Polish  by Adobe Systems Incorporated
8% remove it
Adobe Reader 9.3  by Adobe Systems Incorporated
Publisher's description - “Adobe Reader allows more securely view, print, search, sign, verify, and collaborate on PDF documents, online as well as offline, from your home or office. Reader has a completely redesigned interface, new tools, and new options for viewing information more efficiently.”
10% remove it
 
Powered by Should I Remove It?

The file AcroRd32.exe has been seen being distributed by the following 10 URLs.

http://s6195.chomikuj.pl/File.aspx?e=90hbKcQLeITQ2Jmepksgkrm16CHprWRyLIbLzlQo8FG6DxGa4L6d4bvmyNtRCpwVMN8VXdkHEPBI_3MI7zNPNfXJR-2rrew3AlSGOPFu14YMzXD1xt7OYZlqs99UliFLq7gUNI4xR5E74qKDhKJDXA&pv=2

http://zalacznik.wp.pl/.../AcroRd32.exe

http://s6195.chomikuj.pl/File.aspx?e=90hbKcQLeITQ2Jmepksgkrm16CHprWRyLIbLzlQo8FFFaYc6Tqvls5NB8A03UFFd2zHQLnVA5Ko7fEAOFTFi3hrNp8FFvJbgjTULJkJTHq9qtW29QB2oqRHtPXdKOxEXnH3oDJD80iBuxBVdrRL3yQ&pv=2

http://jobs.alrifai.com/x/.../a6e4hznt3fhx

https://mail.google.com/mail/u/.../?ui=2&ik=b430e42f8e&view=att&th=144f5f87a4161acf&attid=0.1&disp=safe&realattid=f_ht69f6mx0&zw

https://mail-attachment.googleusercontent.com/.../?ui=2&ik=d7b4268ad7&view=att&th=1469536e22e5419e&attid=0.1&disp=safe&realattid=f_hwdh6c9x1&zw&saduie=AG9B_P-LJL5LwzRGZBY1li0Xe813&sadet=1402662765757&sads=7yiHc2NqDJ1QJK0nxGUfyarjyVk

http://s10570.chomikuj.pl/File.aspx?e=90hbKcQLeITQ2Jmepksgkrm16CHprWRyLIbLzlQo8FF0lhNaR3zchw7hNdAPogUppVctfo6SWrKu8moUA7oyfBdA8XYcoKIvGUDsV18JF8uvbBOdBHiFWBSINx84EQN4q4aqZ0lRHEh2ungJRMouPg&pv=2

https://mg.mail.yahoo.com/.../download?m=YaDownload&mid=2_0_0_3_38831_ABuvCmoAALjhVbGg4Q3HWM7vFcQ&fid=Draft&pid=9&clean=0&appid=YahooMailNeo

temp:AcroRd32.exe

https://mg.mail.yahoo.com/.../download?m=YaDownload&mid=2_0_0_2_88801_AJXECmoAACYAUnsl9gAAAAHwdhM&fid=Sent&pid=2&clean=0&appid=YahooMailNeo&ymreqid=f0ca96b1-fe32-8569-0110-f30058010000

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.