» install_reader11_uk_mssa_aaa_aih.exe
Overview
Analysis
File Details
Downloads (1)

install_reader11_uk_mssa_aaa_aih.exe

Adobe Reader

The executable install_reader11_uk_mssa_aaa_aih.exe has been detected as malware by 10 anti-virus scanners. This is a setup program which is used to install the application. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from adobe-reader.1800download.com.

File name:

Product:

Adobe Reader

Version:

1.0.0.0

MD5:

b6d7ad1f857b0b56ad967840e5ea25c1

SHA-1:

3fa334a1bb89fd20e1f7819bef5cd245e79b673e

SHA-256:

73b3c5b40e096460663569fc8b69609cc9f4288da6448c94623e40b0d69ee467

Scanner detections:

10 / 68

Status:

Malware

Analysis date:

10/17/2025 4:21:02 AM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:SaliCode

160326-0

AVG

Win32/Sality

2015.0.4568

Dr.Web

Win32.Sector.30

9.0.1.05190

Emsisoft Anti-Malware

Application.Bundler.ME

11.5.0.6191

ESET NOD32

Win32/Sality.NBA virus

8.0.319.0

F-Prot

W32/Sality.gen2

4.6.5.141

Kaspersky

Virus.Win32.Sality

15.0.0.562

McAfee

Trojan.Artemis!A3C2687EC9DE

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.219.1878.0

Norman

Application.Bundler.ME

10.04.2016 15:29:17

File size:

495.7 KB (507,592 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\install_reader11_uk_mssa_aaa_aih.exe

File PE Metadata

Compilation timestamp:

5/20/2013 6:53:00 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:JMuZabUocErIUAIBuZpv9gTXXoS3f2KwgfW4YrdX:VZafcE3BuZpeTXXoS3f2KK4Yd

Entry address:

0x331C

Entry point:

18, FC, 0F, AF, F2, 81, F1, EA, 92, 12, E5, 2B, E9, 19, EB, 87, F1, 77, 03, 0F, AF, CF, 02, FE, 80, FF, B9, 81, FA, 24, F0, 00, 00, 8A, EB, 25, 51, F8, F9, 91, 0D, 25, C5, B0, AF, 68, E0, 5B, 99, 00, 1C, 3D, 31, D5, 41, E8, 00, 00, 00, 00, 59, BD, 04, 10, 4A, 35, 52, 68, AC, 82, 49, 00, 89, FF, 69, EE, 34, 5F, CD, C4, 88, C6, F3, 11, FE, 8A, F6, 19, CD, 2A, F0, 3B, C1, 0F, BE, FA, 69, DE, 90, 9A, 7A, 9D, 81, FA, DB, 50, 00, 00, 72, 06, 85, CF, 03, DF, 11, C8, 8B, D7, 0F, AF, C6, 43, 3A, C4, 87, DD, 84, C2... 
[+]

Entropy:

7.9121 (probably packed)

Code size:

24 KB (24,576 bytes)

The file install_reader11_uk_mssa_aaa_aih.exe has been seen being distributed by the following URL.

http://adobe-reader.1800download.com/get_azure_file/wUiS4WnYccXEwj 8WvauHEA0kxQ8PDK1GR/6cteQv A8/yOn9np5iNEIJ1Xlarn4O3OuyxdSMWmeW7DzCr50ybhq1s6PDE b/CXqTx jqnDmgfTZpZrSl2lZ9N1w2hcXRn3 AD9xlsoq/.../ExWtjdb0AT4c3KyZ65PCsXhBjhASz1M9PUCbgBgfh98Onh1N0dzeG5HgfntPSMni6FBWC2q9iK1ehgXSVFgF4

Remove install_reader11_uk_mssa_aaa_aih.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.