home

mozilla-firefox-todownload.exe

The executable mozilla-firefox-todownload.exe has been detected as malware by 1 anti-virus scanner. The file has been seen being downloaded from mozilla-firefox.todownload.com.
MD5:
07f322f07af137da867bd16176055039

SHA-1:
42600bf30fe5aecf19d7f733967b165869ebb598

SHA-256:
12f0381d47f2163203a8f9530109b48fba344f2678e35b1282577431a818d44c

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
4/25/2024 8:52:02 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Threat.Win.Reputation.IMP
15.12.26.21

File size:
1 MB (1,096,976 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\mozilla-firefox-todownload.exe

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:31nZePuTJyGoDz1xMUzoz9m76jx4GRU87wmww58IgXm4:zePODUZWkGdL372w5/Q

Entry address:
0xCB930

Entry point:
55, 8B, EC, 83, C4, F0, B8, 70, FB, 40, 00, E8, FD, D4, FF, FF, 57, 55, 83, C4, F4, 89, 4C, 24, 04, 89, 14, 24, 8B, D0, 8B, EA, 81, E5, 00, F0, FF, FF, 03, 14, 24, 81, C2, FF, 0F, 00, 00, 81, E2, 00, F0, FF, FF, 89, 54, 24, 08, 8B, 44, 24, 04, 89, 28, 8B, 44, 24, 08, 2B, C5, 8B, 54, 24, 04, 89, 42, 04, 8B, 35, E4, 35, 47, 00, EB, 3C, 8B, 5E, 08, 8B, 7E, 0C, 03, FB, 3B, EB, 76, 02, 8B, DD, 3B, 7C, 24, 08, 76, 04, 8B, 7C, 24, 08, 3B, FB, 76, 1E, 6A, 04, 68, 00, 10, 00, 00, 2B, FB, 57, 53, E8, 26, FC, FF, FF...
 
[+]

Entropy:
6.9542

Developed / compiled with:
Microsoft Visual C++

Code size:
829.5 KB (849,408 bytes)

The file mozilla-firefox-todownload.exe has been seen being distributed by the following URL.

http://mozilla-firefox.todownload.com/get/file/.../835359?gclid=CP_y5PvRkLICFad7QgodEB0AMA&s=8QchbR0n_nvoj7IQkwZazQ&t=1363653991&ext=.exe

Remove mozilla-firefox-todownload.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.