target.exe

Adobe Self Extractor

Adobe Systems, Incorporated

This is a setup program which is used to install the application. This is installed with Adobe Acrobat Reader DC. The file has been seen being downloaded from cdn.idgdelivery.com and multiple other hosts.
Publisher:
Adobe Systems Incorporated  (signed by Adobe Systems, Incorporated)

Product:
Adobe Self Extractor

Version:
15.8.20082.147029

MD5:
1547ba864e4f003460aad99258712ada

SHA-1:
ff1b72f87c8d2f22fd998dc1910d6f2487cda0dd

SHA-256:
3a2be003623c93c49ecb58afada81b5dda7e5522fe583d5cca8f38572fd37cdb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/21/2017 3:41:33 AM UTC  (today)

File size:
75.3 MB (78,905,528 bytes)

Product version:
15.8.20082.147029

Copyright:
Copyright 2015 Adobe Systems Incorporated. All rights reserved.

Original file name:
AdobeSelfExtractor.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\target.exe

Digital Signature
Authority:
Symantec Corporation

Valid from:
5/13/2015 8:00:00 PM

Valid to:
5/7/2017 7:59:59 PM

Subject:
CN="Adobe Systems, Incorporated", OU=Acrobat DC, O="Adobe Systems, Incorporated", L=San Jose, S=California, C=US, SERIALNUMBER=2748129, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
10FB713319027F3F1F1C0667B3C38CA9

File PE Metadata
Compilation timestamp:
7/2/2015 10:37:41 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
1572864:lE1gtlHmiHYQEMgBtPMAV2mussvcHhvEPEm2m/TX3K0EjBkG:i1gtlGinFYtP8TssvcHhcPEm2+yT

Entry address:
0x22BF1

Entry point:
E8, 90, 74, 00, 00, E9, 7F, FE, FF, FF, 3B, 0D, E0, C6, 44, 00, 75, 02, F3, C3, E9, 71, 45, 00, 00, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, 00, 08, 45, 00, FF, 15, 3C, A2, 43, 00, 85, C0, 75, 18, 56, E8, 8F, 23, 00, 00, 8B, F0, FF, 15, C8, A2, 43, 00, 50, E8, 94, 23, 00, 00, 59, 89, 06, 5E, 5D, C3, 55, 8B, EC, 56, 8B, 75, 08, 83, FE, E0, 77, 6F, 53, 57, A1, 00, 08, 45, 00, 85, C0, 75, 1D, E8, C1, 71, 00, 00, 6A, 1E, E8, 17, 72, 00, 00, 68, FF, 00, 00, 00, E8, AE, 0D, 00, 00, A1, 00...
 
[+]

Entropy:
7.9987  (probably packed)

Code size:
228 KB (233,472 bytes)

The file target.exe has been discovered within the following program.

Adobe Acrobat Reader DC  by Adobe Systems Incorporated
www.adobe.com
10% remove it
 
Powered by Should I Remove It?

The file target.exe has been seen being distributed by the following 24 URLs.

http://cdn.idgdelivery.com/c?x=mOBZptZaAyFmn3RIuIiIAYcHhOU2jhmmuijUUCkANeU=&c=vw5u/Ey8nk1CZvCriO1iiwrmO2zK zWprEC7t87K01PWbxZhKaXBJtf55Cptge1O9Hrt/qQB5YIc /EZD2a6iP5npk8maQ0EGBvUrXp91DQKF MU63TC2cZDhfHANWHT&fallback_url=https://ardownload2.adobe.com/pub/adobe/reader/win/AcrobatDC/.../AcroRdrDC1500820082_en_US.exe&downloadAs=Adobe_Reader_DC_v15.008.20082.exe

http://downloads.pcauthority.com.au/?act=software.download&id=23020&t=1471839064&c=25ad18098d9e144d0e2fc9fd070e253ff3529847

http://downloads.pcauthority.com.au/?act=software.download&id=23020&t=1478774193&c=ac042eb8b08a55cd7482ec640f013865327383e9

http://downloads.pcauthority.com.au/?act=software.download&id=23020&t=1477001933&c=1ce8edc05ce7b9b0511491e43ccae41219189760

http://download1910.mediafire.com/tcp7qq68ucig/.../Adobe Acrobat Reader DC.exe

https://docs.google.com/uc?export=download&confirm=OMhs&id=0B823ECKY3pZwS28yMGliYjQyVnM

http://share2.earthlinktele.com/download.aspx?file=217522180

http://downloads.pcauthority.com.au/?act=software.download&id=23020&t=1476812034&c=c5eaaae5c854fddd4ab87f00b387c5567a023b0f

http://www.downloadcrew.com/?act=software.download&id=23020&t=1458630247&c=e16e29b75619aa4524bcf0691d403ef689527bcc

http://www.filehorse.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://1.2.3.5/.../AcroRdrDC1500820082_en_US.exe