» palemoon.exe
Overview
Analysis
File Details
Behaviors (1)

palemoon.exe

Pale Moon

Markus Straver

File name:

palemoon.exe

Publisher:

Moonchild Productions (signed by Markus Straver)

Product:

Pale Moon

Description:

Pale Moon web browser

Version:

27.1.0.6246

MD5:

4cd74a5b1110824bd20ee6f97505edf0

SHA-1:

7f021e0a45b5747c6521abdb5c7c21dfaa5609a2

SHA-256:

91b6b2faf8729c1649e868cff7e3d0557ee0e56874af26ad71ffb61c6060ddd9

Scanner detections:

2 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

11/15/2024 12:53:39 AM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/Floxif.H virus

6.3.12010.0

F-Prot

W32/Floxif.B

4.6.5.141

File size:

458.5 KB (469,551 bytes)

Product version:

27.1.0

©Pale Moon, Firefox and Mozilla Developers, available under the MPL 2.0.

Trademarks:

The Pale Moon logo and project names are the property of Moonchild Productions.

Original file name:

palemoon.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\pale moon\palemoon.exe

Digital Signature

Signed by:

Markus Straver

Authority:

StartCom Ltd.

Valid from:

1/21/2016 8:39:48 AM

Valid to:

1/21/2018 8:39:48 AM

Subject:

CN=Markus Straver, O=Markus Straver, L=Linköping, S=Ostergotlands, C=SE

Issuer:

CN=StartCom Class 2 Object CA, OU=StartCom Certification Authority, O=StartCom Ltd., C=IL

Serial number:

147B9472DADDEDDB717A246C68DDBB89

File PE Metadata

Compilation timestamp:

2/7/2017 4:51:31 AM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x2DF6

Entry point:

E9, 8A, 96, 00, 00, E9, 7B, FE, FF, FF, 56, 6A, 04, 6A, 20, E8, 0B, 26, 00, 00, 59, 59, 8B, F0, 56, FF, 15, 80, 40, 41, 00, A3, 14, C6, 41, 00, A3, 10, C6, 41, 00, 85, F6, 75, 05, 6A, 18, 58, 5E, C3, 83, 26, 00, 33, C0, 5E, C3, 6A, 0C, 68, 10, 8F, 41, 00, E8, B5, 23, 00, 00, 83, 65, E4, 00, E8, C3, 18, 00, 00, 83, 65, FC, 00, FF, 75, 08, E8, 23, 00, 00, 00, 59, 8B, F0, 89, 75, E4, C7, 45, FC, FE, FF, FF, FF, E8, 0B, 00, 00, 00, 8B, C6, E8, CC, 23, 00, 00, C3, 8B, 75, E4, E8, 9E, 18, 00, 00, C3, 55, 8B, EC... 
[+]

Entropy:

7.5547

Packer / compiler:

Xtreme-Protector v1.05

Code size:

72.5 KB (74,240 bytes)

Shell Open Command

Open type:

ftp

Command:

"C:\Program Files\pale moon\palemoon.exe" -osint -url "%1"

Scan palemoon.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.