firefox.exe

The application firefox.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from dhc.freewindowsmediaconverter.com and multiple other hosts.
MD5:
b1ea5671a64e329cc9d201f125e6dc61

SHA-1:
b6c4c8fee46d71f72a1790f98280661bf30a00d2

SHA-256:
2abff30f04b5526458a3673e3e11813fd6d79515802248eb6963d512dbdb3ac4

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 3:48:54 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Win.Reputation
16.3.1.10

File size:
5 Bytes

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\firefox.exe

File PE Metadata
OS bitness:
Win64

Entropy:
1.5219

Packer / compiler:
RLPack FullEdition V1.1X

The file firefox.exe has been seen being distributed by the following 14 URLs.

http://dhc.freewindowsmediaconverter.com/download/b94/.../setup.exe

http://mbttd.com/engine/.../cyc3VwcGx5X3BsYXRmb3JtX2FjY291bnRfaWQ9NDA1JnN1cHBseV9wbGF0Zm9ybV9pZD00NzUmbGluZV9pdGVtX2lkPTcyMjQ?ext_click_id=0PXfecTgN2XZah2OJgzbn0bWen6eMpYCtRsqCg4hcrB6pdlrFnrVYf2J9jQeaUNjI1SdbtxWJ9Wz0LWkWHBnKQEf1dVsQjr_Q7PHGzLOa3NDvTFh0vdg4gBTGGl4kENVEvO6ST6ahM9I4S2PIEy6eHhLD7M9pORKm0WCIG2zot7KLtkB19xAFXorHc20cZHJGIK8HbIHZt1n_JNLIzQdNxdBcnUsTnw0JqfaRKsqadMqfgjxn0qBkn0PX1XqYHAGDo_ljGC83J04uOftYvZF93VX0oe-A1UMAPlo4QaJY10kXd1QwfoBBfoYkt38GVMaQ6RM5bHmvsqqsxUMAxchmnax5Nux5U89aI5DuhbUXwTSfKtkZmIpAaZlcNFiQJ8CvhDvCW8T_DANJeCy

Remove firefox.exe - Powered by Reason Core Security