» firefox_setup.zip
Overview
Analysis
File Details
Downloads (1)

firefox_setup.zip

The file firefox_setup.zip has been detected as a potentially unwanted program by 2 anti-malware scanners. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from cdn.downloadsterfiles.net.

File name:

firefox_setup.zip

MD5:

6b1eae7ede027b1dbf5fec6136939d86

SHA-1:

16794abec7915288d63bdca3b9530a8f78967d0c

SHA-256:

a13125ba6fd6cfb2d76138ccba1d4cb54502a59006b3973f0c17612eea9665e1

Scanner detections:

2 / 68

Status:

Potentially unwanted

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:

11/15/2024 6:01:14 AM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

infected with Trojan.InstallCore.1151

9.0.1.05190

ESET NOD32

Win32/InstallCore.TP potentially unwanted application

7.0.302.0

File size:

858.4 KB (878,969 bytes)

Common path:

C:\users\{user}\downloads\firefox_setup.zip

The file firefox_setup.zip has been seen being distributed by the following URL.

http://cdn.downloadsterfiles.net/c?x=sfSLFwV76 ikC2AbI7X0ZpxSa2u7qR/5KTLa3xO4iwA=&c=fF/GNCAg/6ZPJn2C d/ oGBz51MP1RymTL4R9oI18QUqE4NsDOFFq/kyqMpC6l HAhJBdoz4gVHndeJkeEQDjnjpKJLE0NsUUCn4X7oX47N 1LrkD8qGNEYjXvOuwXcc9MKSjN9j5CFNa7Blf4cdhg==&downloadAs=Firefox_Setup.exe&fallback_url=http://download-installer.cdn.mozilla.net/pub/firefox/releases/38.0.5/win32/.../Firefox Setup Stub 38.0.5.exe

Remove firefox_setup.zip - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.