» firefox.exe
Overview
Analysis
File Details

firefox.exe

Aimersoft Resource Downloader

GetGo Software Ltd.

The executable firefox.exe has been detected as malware by 29 anti-virus scanners.

File name:

firefox.exe

Publisher:

Aimersoft Studio (signed by GetGo Software Ltd.)

Product:

Aimersoft Resource Downloader

Version:

3.0.0.1

MD5:

f2553cb63d02858786c9e45bd77008bd

SHA-1:

2f9abaadfc80b253ada4a39a7477bec3addbe3ff

SHA-256:

a1c998e90acc9cb493e9b7d410f24e83dde7ac6fcdd7b4640cf82407bbd31331

Scanner detections:

29 / 68

Status:

Malware

Analysis date:

4/23/2024 8:05:58 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1974588

17.01.26

Agnitum Outpost

Trojan.DL.Zurgop

7.1.1

AhnLab V3 Security

Worm/Win32.VBNA

2014.12.11

Avira AntiVirus

TR/Dldr.Waski.100464

7.11.194.62

avast!

Win32:BadRes [Trj]

2014.9-170126

AVG

Inject2

2018.0.2487

Baidu Antivirus

Trojan.Win32.Zurgop

4.0.3.17126

Bitdefender

Trojan.GenericKD.1974588

1.0.20.130

Comodo Security

UnclassifiedMalware

20325

Emsisoft Anti-Malware

Trojan.GenericKD.1974588

8.17.01.26.01

ESET NOD32

Win32/TrojanDownloader.Zurgop.BK

11.10857

Fortinet FortiGate

W32/Zurgop.BK!tr.dldr

1/26/2017

F-Secure

Trojan.GenericKD.1974588

11.2017-26-01_5

G Data

Trojan.GenericKD.1974588

17.1.24

IKARUS anti.virus

Trojan-Spy.Zbot

t3scan.1.8.5.0

K7 AntiVirus

Trojan-Downloader

13.186.14295

Malwarebytes

Worm.Agent.VB

v2017.01.26.01

McAfee

RDN/Downloader.a!tv

5600.6143

Microsoft Security Essentials

TrojanDownloader:Win32/Dofoil.T

1.11202

MicroWorld eScan

Trojan.GenericKD.1974588

18.0.0.78

NANO AntiVirus

Trojan.Win32.Waski.djgxzm

0.28.6.63850

Norman

Troj_Generic.XGNML

11.20170126

nProtect

Trojan.GenericKD.1974588

14.12.10.01

Panda Antivirus

Trj/Genetic.gen

17.01.26.01

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1015

Rising Antivirus

PE:Trojan.VBInject!1.6541

23.00.65.17124

Sophos

Mal/VB-ANY

4.98

Trend Micro House Call

TROJ_GEN.R042H09KE14

7.2.26

VIPRE Antivirus

Trojan.Win32.Generic

35608

File size:

98.1 KB (100,464 bytes)

Product version:

3.0.0.0

Trademarks:

Aimersoft Studio

Original file name:

Aimersoft Resource Downloader

File type:

Executable application (Win32 EXE)

Language:

Chinese

Common path:

C:\users\{user}\appdata\roaming\firefox.exe

Digital Signature

Signed by:

GetGo Software Ltd.

Authority:

COMODO CA Limited

Valid from:

12/19/2012 6:00:00 PM

Valid to:

12/20/2014 5:59:59 PM

Subject:

CN=GetGo Software Ltd., O=GetGo Software Ltd., STREET=1840 Knutsford Place, L=Victoria, S=BC, PostalCode=V8N 6E4, C=CA

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00EF51E3D40CEB9F88AEF48ADACCEF46E4

File PE Metadata

Compilation timestamp:

11/11/2014 7:34:58 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

Entry address:

0x1100

Entry point:

68, E8, 12, 10, 01, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, F4, 36, F0, 26, C0, 0F, 85, 4E, 8F, 3A, 8B, F0, 2E, 8C, 72, 09, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 2D, 43, 30, 30, 30, 2D, 49, 6E, 74, 65, 6C, 6C, 69, 73, 65, 6E, 73, 65, 00, 23, 32, 2E, 00, 00, 00, 00, FF, CC, 31, 00, 00, 73, F8, E7, 2E, 2A, DE, FA, 46, 96, F0, 8F, FC, 57, 31, DC, EC, 23, 4B, D0, C0, FC, 3D, DF, 49, A0, EE, B0, 1F, EB, A7, D7, 2F, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00... 
[+]

Entropy:

6.0134

Developed / compiled with:

Microsoft Visual Basic v5.0

Code size:

64 KB (65,536 bytes)

Remove firefox.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.