install.rdf

Ask New Tabs

This is an Install Manifest file for the Ask New Tabs Firefox extension and provides metadata identifying the extension. It is installed within the Mozilla Firefox web browser as part of an addin/plugin.
MD5:
18a21d576320c8eabf189b87f1798721

SHA-1:
8b1a75cdfd075472bfaea4b46c25ed2f16e6243b

SHA-256:
03e2bfaf2175c429df9fa7e7cf6d2cb44003b21437ba654c054822e83d5ecb16

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
While the manifest file itself is not malware, it is linked to an unwanted Firefox extension.

Analysis date:
7/27/2017 3:55:26 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.MozillaPlugin.K
14.9.18.4

File size:
1.2 KB (1,230 bytes)

File type:
Resource Description Framework (RDF)

Common path:
C:\users\{user}\appdata\roaming\mozilla\firefox\profiles\{user}.default\extensions\{348a95a8-b9ab-d6ca-22e9-923be6250c62}\install.rdf

Mozilla Extension
Name:
Ask New Tabs

Description:
“Ask New Tabs for Firefox”

Home page:
http://www.search.ask.com/?o=APN10646A&gct=hp&d=102-0&v=u12521-326&t=4


<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:em="http://www.mozilla.org/2004/em-rdf#">
  <Description about="urn:mozilla:install-manifest">
    <em:id>{348A95A8-B9AB-D6CA-22E9-923BE6250C62}</em:id>
    <em:unpack>true</em:unpack>
    <em:name>Ask New Tabs</em:name>
    <em:version>5.0.0.12521</em:version>
    <em:description>Ask New Tabs for Firefox</em:description>
    <em:homepageURL>http://www.search.ask.com/?o=APN10646A&amp;gct=hp&amp;d=102-0&amp;v=u12521-326&amp;t=4</em:homepageURL>
    <em:targetApplication>
      <Description>
        <em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id>
        <!-- firefox -->
        <em:minVersion>4.0</em:minVersion>
        <em:maxVersion>29.*</em:maxVersion>
      </Description>
    </em:targetApplication>
    <em:updateURL>http://ffupdate.cdn.bn-update-download.com/update.rdf?id={348A95A8-B9AB-D6CA-22E9-923BE6250C62}&amp;p=jzip.com&amp;sysid=102&amp;appid=0&amp;v=u12521-326&amp;t=4</em:updateURL>
    <em:updateKey>
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5l5uUNAxoDP0gcVCfKweH63YtjLUzHBordUGwacNqgWd4E8JNxYiBXjBU8sxTI/MNVXIg7UyTzhwQIdkhWX9POuwOTmFA9BQMvLZst+XUxfuH6x1t8EGLfwasp+m4Pq1adTYxVlQsSEvURxztS5y7lVpppRBFEzC46IsVTAGUUwIDAQAB
</em:updateKey>
  </Description>
</RDF>
Remove install.rdf - Powered by Reason Core Security