home

mozilla firefox.exe

Firefox

Mozilla Corporation

Publisher:
Mozilla Corporation

Product:
Firefox

Version:
31.0

MD5:
532a37736152374d40404d7581ff638e

SHA-1:
2b3c6bf8c86a6a6300f72d23078da07d683518e1

SHA-256:
480c73e9c849211d7ff5217314bd447153a6f4474bba037520101a81652a4b21

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/25/2024 10:48:19 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Trojan horse SHeur4.CDXV
2014.0.4189

Qihoo 360 Security
Malware.QVM20.Gen
1.0.0.1015

File size:
420 KB (430,074 bytes)

Product version:
31.0

Copyright:
©Firefox and Mozilla Developers; available under the MPL 2 license.

Trademarks:
Firefox is a Trademark of The Mozilla Foundation.

Original file name:
firefox.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\vmware\horizon thinapp\packagecache\mozilla firefox\mozilla firefox.exe

File PE Metadata
Compilation timestamp:
7/17/2014 2:56:10 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:KprZKqTlM9VOMSqImm/SHdCzxT7oX3/Dif:IrZK4lMPOMSAMO3/Dif

Entry address:
0x13A6

Entry point:
6A, 00, 6A, 01, 6A, 00, E8, 14, A3, 00, 00, 85, C0, 75, 08, 6A, FE, FF, 15, 00, 71, 21, 66, E8, B8, FC, FF, FF, 50, E8, 79, FC, FF, FF, CC, B8, 5B, 61, 21, 66, E8, 15, A7, 00, 00, 81, EC, B4, 00, 00, 00, 83, 65, F0, 00, 56, 57, 8B, F9, 8D, 8D, 40, FF, FF, FF, E8, 74, 19, 00, 00, FF, 75, 10, 33, F6, FF, 75, 0C, 46, 57, 8B, C8, 89, 75, FC, E8, B0, 21, 00, 00, 8B, 4D, 08, 50, E8, 07, 22, 00, 00, 8D, 8D, 40, FF, FF, FF, 89, 75, F0, C6, 45, FC, 00, E8, 45, 1E, 00, 00, 8B, 4D, F4, 8B, 45, 08, 5F, 5E, 64, 89, 0D...
 
[+]

Entropy:
5.5324

Code size:
86 KB (88,064 bytes)

Shell Open Command
Open type:
ftp

Command:
"C:\users\{user}\appdata\local\vmware\horizon thinapp\packagecache\mozilla firefox\mozilla firefox.exe" -osint -url "%1"


Scan mozilla firefox.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.