× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c84620193cb248e36c7fdb4db2982e1e961870cff2eac76f4199f4b1041e6241
File name: FirefoxPortable32-55.0.1.zip
Detection ratio: 1 / 59
Analysis date: 2017-08-11 04:58:18 UTC ( 2 months, 1 week ago ) View latest
Antivirus Result Update
TheHacker Trojan/Refroso.drxr 20170810
Ad-Aware 20170811
AegisLab 20170811
AhnLab-V3 20170811
Alibaba 20170811
ALYac 20170811
Antiy-AVL 20170811
Arcabit 20170811
Avast 20170811
AVG 20170811
Avira (no cloud) 20170811
AVware 20170811
Baidu 20170811
BitDefender 20170811
Bkav 20170810
CAT-QuickHeal 20170810
ClamAV 20170810
CMC 20170810
Comodo 20170811
CrowdStrike Falcon (ML) 20170804
Cylance 20170811
Cyren 20170811
DrWeb 20170811
Emsisoft 20170811
Endgame 20170721
ESET-NOD32 20170811
F-Prot 20170811
F-Secure 20170811
Fortinet 20170811
GData 20170811
Ikarus 20170810
Sophos ML 20170607
Jiangmin 20170811
K7AntiVirus 20170810
K7GW 20170811
Kaspersky 20170811
Kingsoft 20170811
Malwarebytes 20170811
MAX 20170811
McAfee 20170811
McAfee-GW-Edition 20170810
Microsoft 20170810
eScan 20170811
NANO-Antivirus 20170811
nProtect 20170811
Palo Alto Networks (Known Signatures) 20170811
Panda 20170810
Qihoo-360 20170811
Rising 20170811
SentinelOne (Static ML) 20170806
Sophos AV 20170811
SUPERAntiSpyware 20170811
Symantec 20170811
Symantec Mobile Insight 20170811
Tencent 20170811
TrendMicro-HouseCall 20170811
Trustlook 20170811
VBA32 20170810
VIPRE 20170811
ViRobot 20170811
Webroot 20170811
WhiteArmor 20170731
Yandex 20170807
Zillya 20170810
ZoneAlarm by Check Point 20170811
Zoner 20170811
The file being studied is a compressed stream! More specifically, it is a Google Chrome Extension file.
Interesting properties
The studied file contains at least one Portable Executable.
The ZIP magic number has been left instead of substituting it with Cr24, this is perfectly legit.
Contained files
Compression metadata
Contained files
184
Uncompressed size
126077811
Highest datetime
2017-08-11 06:47:14
Lowest datetime
2005-05-13 00:54:00
Contained files by extension
dll
62
nsh
25
exe
12
ini
11
png
10
xpi
9
txt
5
chk
3
ico
2
xml
2
js
2
ja
2
nsi
1
1/
1
aff
1
jpg
1
tlb
1
dic
1
ttf
1
Contained files by type
Portable Executable
74
unknown
73
directory
25
PNG
10
XML
1
JPG
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x00000000

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
0

ZipCompressedSize
0

FileTypeExtension
zip

ZipFileName
FirefoxPortable32/

ZipBitFlag
0x0002

ZipModifyDate
2017:08:11 06:46:29

File identification
MD5 71d46fa207bc167c6a26cba368b48e7e
SHA1 37fc46340dedbd5a9d42c33d97c555ec190e2da6
SHA256 c84620193cb248e36c7fdb4db2982e1e961870cff2eac76f4199f4b1041e6241
ssdeep
786432:eOY3QpyQX9tu4ZZU8hANyxgGWtaRhOuA9nraPZ/fPjGkjRusJNkeIKKp:eOxpyR4HkttatA4PZ/fPj2sWKKp

File size 47.5 MB ( 49827124 bytes )
File type Google Chrome Extension
Magic literal
Zip archive data, at least v2.0 to extract

TrID Speckie Dictionary Installation (71.4%)
ZIP compressed archive (28.5%)
Tags
nsis zipped contains-pe crx

VirusTotal metadata
First submission 2017-08-11 04:55:49 UTC ( 2 months, 1 week ago )
Last submission 2017-08-12 00:20:59 UTC ( 2 months, 1 week ago )
File names FirefoxPortable32-55.0.1.zip
FirefoxPortable32.zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!