firefox_setup.zip

The file firefox_setup.zip has been detected as a potentially unwanted program by 2 anti-malware scanners. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from cdn.downloadsterfiles.net.
MD5:
6b1eae7ede027b1dbf5fec6136939d86

SHA-1:
16794abec7915288d63bdca3b9530a8f78967d0c

SHA-256:
a13125ba6fd6cfb2d76138ccba1d4cb54502a59006b3973f0c17612eea9665e1

Scanner detections:
2 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
12/26/2024 1:22:17 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
infected with Trojan.InstallCore.1151
9.0.1.05190

ESET NOD32
Win32/InstallCore.TP potentially unwanted application
7.0.302.0

File size:
858.4 KB (878,969 bytes)

Common path:
C:\users\{user}\downloads\firefox_setup.zip

The file firefox_setup.zip has been seen being distributed by the following URL.

Remove firefox_setup.zip - Powered by Reason Core Security