home

palemoon.exe

Pale Moon

Moonchild Productions

It runs as a scheduled task under the Windows Task Scheduler.
Publisher:
Moonchild Productions

Product:
Pale Moon

Description:
Pale Moon web browser

Version:
24.2.0

MD5:
1ee172c078404e9815dc9986b97a4f5a

SHA-1:
2b4f80cf9000fb4f453a0c0fa36e6f0eafcfc600

SHA-256:
9ac21c6bfe449633799968386eaad904604b70b14aa816736622638cebd650b6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 1:52:00 AM UTC  (today)

File size:
267.5 KB (273,920 bytes)

Product version:
24.2.2

Copyright:
©Pale Moon, Firefox and Mozilla Developers, available under the MPL 2.0.

Trademarks:
The Pale Moon logo and project names are the property of Moonchild Productions.

Original file name:
palemoon.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\pale moon\palemoon.exe

File PE Metadata
Compilation timestamp:
12/8/2013 2:53:15 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:tE9giUqozIxdHFPzqf9giUqozIxdHFP8d:tpigzIxVFbHigzIxVFi

Entry address:
0x2EA3

Entry point:
E8, B9, 02, 00, 00, E9, 91, FE, FF, FF, 55, 8B, EC, 5D, E9, FC, 00, 00, 00, 83, 3D, B4, 64, 40, 00, 00, 74, 03, 33, C0, C3, 56, 6A, 04, 6A, 20, FF, 15, D0, 40, 40, 00, 59, 59, 8B, F0, 56, FF, 15, 50, 40, 40, 00, A3, B4, 64, 40, 00, A3, B0, 64, 40, 00, 85, F6, 75, 05, 6A, 18, 58, 5E, C3, 83, 26, 00, 33, C0, 5E, C3, 6A, 14, 68, A8, 48, 40, 00, E8, 72, 03, 00, 00, FF, 35, B4, 64, 40, 00, 8B, 35, 4C, 40, 40, 00, FF, D6, 89, 45, E4, 83, F8, FF, 75, 0C, FF, 75, 08, FF, 15, D8, 40, 40, 00, 59, EB, 65, 6A, 08, E8...
 
[+]

Entropy:
7.5917

Code size:
9.5 KB (9,728 bytes)

Scheduled Task
Task name:
{9BBD2D42-C3D8-4AE9-A19D-3683D96A68CA}

Trigger:
Registration (Runs on registration)


3 Shell Open Commands
Open type:
ftp

Command:
"C:\Program Files\pale moon\palemoon.exe" -osint -url "%1"

Open type:
http

Command:
"C:\Program Files\pale moon\palemoon.exe" -osint -url "%1"

Open type:
https

Command:
"C:\Program Files\pale moon\palemoon.exe" -osint -url "%1"


Scan palemoon.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.