Manalyze report for 3dd8d3f51681f3b5bd66e92483156d6284f370f0191e23e2b0a988c30707d665

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2021-Jul-24 22:21:04
Detected languages	English - United States
CompanyName	Mozilla Corporation
FileDescription	Firefox Installer
FileVersion	`149.0.2`
LegalCopyright	Mozilla Corporation
OriginalFilename	setup-stub.exe
ProductName	Firefox
ProductVersion	`149.0.2`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ v6.0 DLL` `Microsoft Visual C++ 6.0 DLL (Debug)` `Microsoft Visual C++ 6.0 - 8.0` `Microsoft Visual C++` `Microsoft Visual C++ v6.0`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains references to internet browsers: firefox.exe` `Contains another PE executable: This program cannot be run in DOS mode.` Contains domain names: cacerts.digicert.com crl3.digicert.com crl4.digicert.com details.mozilla.org digicert.com download-stats.mozilla.org download.mozilla.org http://cacerts.digicert.com http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0 http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0 http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0 http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C http://crl3.digicert.com http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0 http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O http://crl3.digicert.com/DigiCertGlobalRootCA.crl0 http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0 http://crl3.digicert.com/DigiCertTrustedRootG4.crl0 http://crl3.digicert.com/sha2-assured-cs-g1.crl05 http://crl4.digicert.com http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0 http://crl4.digicert.com/DigiCertGlobalRootCA.crl07 http://crl4.digicert.com/sha2-assured-cs-g1.crl0K http://download-stats.mozilla.org http://download-stats.mozilla.org/stub/v12/release/release/en-GB/ http://mozilla.org http://nsis.sf.net http://nsis.sf.net/NSIS_Error http://ocsp.digicert.com0 http://ocsp.digicert.com0A http://ocsp.digicert.com0C http://ocsp.digicert.com0N http://ocsp.digicert.com0X http://www.digicert.com http://www.digicert.com/CPS0 https://download.mozilla.org https://download.mozilla.org/?os https://mozilla.org0 https://product-details.mozilla.org https://product-details.mozilla.org/1.0/firefox_versions.json https://support.mozilla.org https://support.mozilla.org/kb/firefox-users-windows-7-8-and-81-moving-extended-support https://www.digicert.com https://www.digicert.com/CPS0 https://www.mozilla.org https://www.mozilla.org/en-GB/firefox/installer-help/?channel https://www.mozilla.org/firefox/system-requirements/ mozilla.org nsis.sf.net product-details.mozilla.org stats.mozilla.org support.mozilla.org www.digicert.com www.mozilla.org
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to SHA256`
Suspicious	The PE is an NSIS installer	`Unusual section name found: .ndata`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExW` `Can access the registry: RegCreateKeyExW RegEnumKeyW RegQueryValueExW RegSetValueExW RegCloseKey RegDeleteValueW RegDeleteKeyW RegOpenKeyExW RegEnumValueW` `Possibly launches other programs: CreateProcessW` `Can create temporary files: CreateFileW GetTempPathW` `Functions related to the privilege level: AdjustTokenPrivileges OpenProcessToken` `Changes object ACLs: SetFileSecurityW` `Can shut the system down or lock the screen: ExitWindowsEx`
Info	The PE is digitally signed.	`Signer: Mozilla Corporation` `Issuer: DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1`
Safe	VirusTotal score: 0/72 (Scanned on 2026-04-14 15:29:59)	`All the AVs think this file is safe.`

Hashes

MD5	`1cbf30889d2b152da3da277a795f2b94`
SHA1	`53a52bb7d3eb1eda61872bce4ed73448bf5dd877`
SHA256	`3dd8d3f51681f3b5bd66e92483156d6284f370f0191e23e2b0a988c30707d665`
SHA3	`2c8930c3074e448d7b41e6cb53c6ff926c2c44fc03836500f1e96e878999f8f8`
SSDeep	`12288:+TyggauoOzhuW/sTIdvPi0fWLAeVKw6kcUelxbdUnhasLw:+TKdopcAuprZdds8`
Imports Hash	`6e7f9a29f2c85394521a08b9f31f6275`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xd8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2021-Jul-24 22:21:04
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0x6800`
SizeOfInitializedData	`0x2da00`
SizeOfUninitializedData	`0x800`
AddressOfEntryPoint	`0x000034C5 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x8000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`6.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x79000`
SizeOfHeaders	`0x400`
Checksum	`0xc5753`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`c25464d6f87775ef687d2492f92ddf9a`
SHA1	`a677494d25d0faa3f930f79fe685b6774b6feaf0`
SHA256	`7cd9eab4e0c35d904dd9fdca813e73bba62713fc55086eac92f6c56b6c13e212`
SHA3	`2ce9c6eb931ca624729d77e94366d66496816debbb223f27496435073a2b8212`
VirtualSize	`0x6793`
VirtualAddress	`0x1000`
SizeOfRawData	`0x6800`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.49526`

.rdata

MD5	`e36c6ad0568cd039e0c7810069438d6d`
SHA1	`0ca0cae5907009d274e5ca8d2b8eefd8e643ff2d`
SHA256	`8b7d535a3db9a53d02e8cba28e222eeaae8a5aac62d11f51854101e1c4cc1c61`
SHA3	`8009d1268b62023d44fd330df8b3ea1d0ec327a91b7e4c228754428b81a385fd`
VirtualSize	`0x14a4`
VirtualAddress	`0x8000`
SizeOfRawData	`0x1600`
PointerToRawData	`0x6c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.01371`

.data

MD5	`33b1d611a00420c98fa82231feaa907b`
SHA1	`559f9ae22605a5313910c57a5f60f3475281844c`
SHA256	`21ecd588acec5d27e9de9512929025603efc3aa4b79d0dd3825c5b1f01a78221`
SHA3	`3f9f6ebfa6ebf3214776578445f381ff49b9462a51230c13d5ad110559b43f7f`
VirtualSize	`0x2b018`
VirtualAddress	`0xa000`
SizeOfRawData	`0x600`
PointerToRawData	`0x8200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.15558`

.ndata

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x2f000`
VirtualAddress	`0x36000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_UNINITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.rsrc

MD5	`ac60136ad3420b41a4a64b4b19609771`
SHA1	`4e1a5a928608e970eea6ed04c354197dd6dd193b`
SHA256	`23822558b30e8510c62a3203edda358098d4a2c75e326e6d53084cf5db59208f`
SHA3	`6f7a934ed9a8a978f8132737dba892945fba498d0b3cea5723c78dc7913cd1ad`
VirtualSize	`0x13b98`
VirtualAddress	`0x65000`
SizeOfRawData	`0x13c00`
PointerToRawData	`0x8800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.20446`

Imports

ADVAPI32.dll	`RegCreateKeyExW` `RegEnumKeyW` `RegQueryValueExW` `RegSetValueExW` `RegCloseKey` `RegDeleteValueW` `RegDeleteKeyW` `AdjustTokenPrivileges` `LookupPrivilegeValueW` `OpenProcessToken` `SetFileSecurityW` `RegOpenKeyExW` `RegEnumValueW`
SHELL32.dll	`SHGetSpecialFolderLocation` `SHFileOperationW` `SHBrowseForFolderW` `SHGetPathFromIDListW` `ShellExecuteExW` `SHGetFileInfoW`
ole32.dll	`OleInitialize` `OleUninitialize` `CoCreateInstance` `IIDFromString` `CoTaskMemFree`
COMCTL32.dll	`#17` `ImageList_Create` `ImageList_Destroy` `ImageList_AddMasked`
USER32.dll	`GetClientRect` `EndPaint` `DrawTextW` `IsWindowEnabled` `DispatchMessageW` `wsprintfA` `CharNextA` `CharPrevW` `MessageBoxIndirectW` `GetDlgItemTextW` `SetDlgItemTextW` `GetSystemMetrics` `FillRect` `AppendMenuW` `TrackPopupMenu` `OpenClipboard` `SetClipboardData` `CloseClipboard` `IsWindowVisible` `CallWindowProcW` `GetMessagePos` `CheckDlgButton` `LoadCursorW` `SetCursor` `GetWindowLongW` `GetSysColor` `SetWindowPos` `PeekMessageW` `SetClassLongW` `GetSystemMenu` `EnableMenuItem` `GetWindowRect` `ScreenToClient` `EndDialog` `RegisterClassW` `SystemParametersInfoW` `CreateWindowExW` `GetClassInfoW` `DialogBoxParamW` `CharNextW` `ExitWindowsEx` `DestroyWindow` `CreateDialogParamW` `SetTimer` `SetWindowTextW` `PostQuitMessage` `SetForegroundWindow` `ShowWindow` `wsprintfW` `SendMessageTimeoutW` `FindWindowExW` `IsWindow` `GetDlgItem` `SetWindowLongW` `LoadImageW` `GetDC` `ReleaseDC` `EnableWindow` `InvalidateRect` `SendMessageW` `DefWindowProcW` `BeginPaint` `EmptyClipboard` `CreatePopupMenu`
GDI32.dll	`SetBkMode` `SetBkColor` `GetDeviceCaps` `CreateFontIndirectW` `CreateBrushIndirect` `DeleteObject` `SetTextColor` `SelectObject`
KERNEL32.dll	`GetExitCodeProcess` `WaitForSingleObject` `GetModuleHandleA` `GetProcAddress` `GetSystemDirectoryW` `lstrcatW` `Sleep` `lstrcpyA` `WriteFile` `GetTempFileNameW` `CreateFileW` `lstrcmpiA` `RemoveDirectoryW` `CreateProcessW` `CreateDirectoryW` `GetLastError` `CreateThread` `GlobalLock` `GlobalUnlock` `GetDiskFreeSpaceW` `WideCharToMultiByte` `lstrcpynW` `lstrlenW` `SetErrorMode` `GetVersion` `GetCommandLineW` `GetTempPathW` `GetWindowsDirectoryW` `SetEnvironmentVariableW` `ExitProcess` `CopyFileW` `GetCurrentProcess` `GetModuleFileNameW` `GetFileSize` `GetTickCount` `MulDiv` `SetFileAttributesW` `GetFileAttributesW` `SetCurrentDirectoryW` `MoveFileW` `GetFullPathNameW` `GetShortPathNameW` `SearchPathW` `CompareFileTime` `SetFileTime` `CloseHandle` `lstrcmpiW` `lstrcmpW` `ExpandEnvironmentStringsW` `GlobalFree` `GlobalAlloc` `GetModuleHandleW` `LoadLibraryExW` `MoveFileExW` `FreeLibrary` `WritePrivateProfileStringW` `GetPrivateProfileStringW` `lstrlenA` `MultiByteToWideChar` `ReadFile` `SetFilePointer` `FindClose` `FindNextFileW` `FindFirstFileW` `DeleteFileW`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.11887`
MD5	`0f00beaf140227d8262e8e943266a020`
SHA1	`bf13e74c0440902117a3960435fa27c37bfc469c`
SHA256	`eb3b43d04c92fd203c53d20c2faf0e6dd5b337a43fee5b362ac5158c53639454`
SHA3	`0e39ead711fcdbce92c8e7b9d3b190e9dbd3ced02b32c0b189ae024fa480525a`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2d28`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.10872`
MD5	`4f2e710bc461acacfeca9eef116767b7`
SHA1	`6ac5300341438710a2e8e5a543e04bfbb83e30b4`
SHA256	`4aad470e8f0abbf5f77d188ea8cb3b0f90a45a82249105aa40d58bd1cd58fbaf`
SHA3	`f0eb6f7f8b924c5ec6c1cb3d7dcadd5bb10c38a05c6dce7ddf053638cef802f9`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1428`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.12398`
MD5	`a3b195fb3ad80f9bc343ecad38dc8afe`
SHA1	`789e46dce6cd6f2b39f45fc2325f7b6e40fcf558`
SHA256	`31d1c398501702fbfa6c88109d8b563d39af9c58c86fbe102c826a9faae88dc9`
SHA3	`f2965cc559f17e81f30b4be22ab171cb3560a100ecb203190346323876365110`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x528`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.57637`
MD5	`9ef9b589dc222b68dfe323d5ee586f4f`
SHA1	`75ccee51a1649ada9714577db4de84aa9edfeb98`
SHA256	`b011ce8cc0a9e0a2ea6371c54ced59a6f85df39bd472074b3a1b9c6bb091286f`
SHA3	`f7ccda6497d58946266df08a9f420b5b1fda472489c899c8bfbcaf22755616f1`

100

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x528`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.57637`
MD5	`9ef9b589dc222b68dfe323d5ee586f4f`
SHA1	`75ccee51a1649ada9714577db4de84aa9edfeb98`
SHA256	`b011ce8cc0a9e0a2ea6371c54ced59a6f85df39bd472074b3a1b9c6bb091286f`
SHA3	`f7ccda6497d58946266df08a9f420b5b1fda472489c899c8bfbcaf22755616f1`

101

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1428`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.12398`
MD5	`a3b195fb3ad80f9bc343ecad38dc8afe`
SHA1	`789e46dce6cd6f2b39f45fc2325f7b6e40fcf558`
SHA256	`31d1c398501702fbfa6c88109d8b563d39af9c58c86fbe102c826a9faae88dc9`
SHA3	`f2965cc559f17e81f30b4be22ab171cb3560a100ecb203190346323876365110`

102

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2d28`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.10872`
MD5	`4f2e710bc461acacfeca9eef116767b7`
SHA1	`6ac5300341438710a2e8e5a543e04bfbb83e30b4`
SHA256	`4aad470e8f0abbf5f77d188ea8cb3b0f90a45a82249105aa40d58bd1cd58fbaf`
SHA3	`f0eb6f7f8b924c5ec6c1cb3d7dcadd5bb10c38a05c6dce7ddf053638cef802f9`

103

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.11887`
MD5	`0f00beaf140227d8262e8e943266a020`
SHA1	`bf13e74c0440902117a3960435fa27c37bfc469c`
SHA256	`eb3b43d04c92fd203c53d20c2faf0e6dd5b337a43fee5b362ac5158c53639454`
SHA3	`0e39ead711fcdbce92c8e7b9d3b190e9dbd3ced02b32c0b189ae024fa480525a`

105

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x144`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.88808`
MD5	`9fb8d5ea6bf7cb739bcda1b7de2bb431`
SHA1	`ed928f05fb0399f1412de0ff3e9cdf3f47cadd8f`
SHA256	`43a32f8e0517095fc9c7ec79260a06838fa74fdc5a49d9668b59b07783a0438a`
SHA3	`98816066531182e28204ca110a2e6523bf2416f227bd3219d9908946bedbc4bc`

106

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x11c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.88094`
MD5	`2d12c45dc2c029044aaff357141cb900`
SHA1	`083db861ab3c7db23c6257878296e73a89a74b8b`
SHA256	`69897c784f1491eb3024b0d52c2897196a2e245974497fda1915db5fefcf8729`
SHA3	`349b5d605c9c3efe5e0c4e2faa12dd21022fc5f9b053f2cbf4e2a6b8bc656442`

111

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x60`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.48825`
MD5	`6be4e1387d369cf86e68eacbdd0e81dd`
SHA1	`351970fe2681b9b35b5d59ad052011ed96a96e17`
SHA256	`85025c8556952f6a651c2468c8a0d58853b0ba482be9ad5cd3060f216540dfc0`
SHA3	`45e552e173141e06d113209b6cc915042ad0b4d5531464b8dbe5637029f489cb`

7

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.71033`
Detected Filetype	Icon file
MD5	`57612e9a7b87a896af7f64b1e77538e7`
SHA1	`cacce4f3e5beeb479c7a31c5c45559d857ce2e14`
SHA256	`05808f7449f4d2ae4f8c00d668dc0548dde7a41afd5c1a2fa084a7d5a46c77d2`
SHA3	`99b46a70ebe83fe9e705262377a451a88336da0f895408f3c8f1247f18a6a9e6`

103 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.61517`
Detected Filetype	Icon file
MD5	`eaade72930b06b79369237bc8d9381e2`
SHA1	`2c8652a39a0ffc2a344557cfc43702736964b370`
SHA256	`f664e0baac5037efb96f90b14f9a617778be3f4712027fe033e60573b515ff72`
SHA3	`b6621c9f280de24cba543dd298412198e7f639ca48e902f5f1db9ae37bf6d04b`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x298`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.24156`
MD5	`b5f9f8c2bffca5683b00a27ae371927b`
SHA1	`269817a130835bb06304faf23823be66c3523ec4`
SHA256	`d0145ecb0047df422ff108393ce64bb8c06b12fe8401f1bfd28bcbd049c11dec`
SHA3	`4d05017d7eea475fe78245c73ac1fe574812447a1ca7b56b88b417f26432b27d`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x51b`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.30576`
MD5	`ba88d22f55d52713283d9468716b0957`
SHA1	`4e0f149d377e4eff45159c11533ada76f94ec882`
SHA256	`4f183e2c8ef0463b6c9b551d87fbc7a42b56aac932cc215d30b270decc3d1c02`
SHA3	`56bc0742c33939f81bab79b336ce7595b87337dcb49df452f07a9b57f45a744b`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	Mozilla Corporation
FileDescription	Firefox Installer
FileVersion (#2)	149.0.2
LegalCopyright	Mozilla Corporation
OriginalFilename	setup-stub.exe
ProductName	Firefox
ProductVersion (#2)	149.0.2

Resource LangID	English - United States

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0xd26650e9`
Unmarked objects	`0`
C objects (VS2003 (.NET) build 4035)	`2`
Total imports	`165`
Imports (VS2003 (.NET) build 4035)	`15`
48 (9044)	`10`
Resource objects (VS98 SP6 cvtres build 1736)	`1`

Errors

[*] Warning: Section .ndata has a size of 0!

Leave a comment

No comments yet.