Manalyze report for 2e569c780941c537653c826a69e8853c73bd00dcac11ec4b99776c881dd26b67

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2026-Jun-01 12:27:04
Detected languages	English - United States
Debug artifacts	desktop-launcher.pdb
Comments
LegalCopyright	License: MPL 2
CompanyName	Mozilla Foundation
FileDescription
FileVersion	`151.0.3`
ProductVersion	`151.0.3`
InternalName
LegalTrademarks	Mozilla
OriginalFilename	desktop-launcher.exe
ProductName	Firefox
BuildID	20260601110758

Plugin Output

Info	Interesting strings found in the binary:	`Contains domain names: download.mozilla.org https://www.mozilla.org https://www.mozilla.org/firefox/new/ mozilla.org www.mozilla.org`
Suspicious	The PE is possibly packed.	`Unusual section name found: .fptable`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExW` `Can access the registry: RegGetValueW` `Can create temporary files: CreateFileW GetTempPathW` `Has Internet access capabilities: WinHttpConnect WinHttpOpen WinHttpOpenRequest WinHttpQueryDataAvailable WinHttpQueryHeaders WinHttpReadData WinHttpReceiveResponse WinHttpSendRequest WinHttpSetStatusCallback`
Info	The PE is digitally signed.	`Signer: Mozilla Corporation` `Issuer: DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1`
Safe	VirusTotal score: 0/71 (Scanned on 2026-06-09 19:30:51)	`All the AVs think this file is safe.`

Hashes

MD5	`e6631c16d2dac76f822d1f1db9977d58`
SHA1	`3f3ce19ab28cd8b2484e25e8ae2c02e04eb6e262`
SHA256	`2e569c780941c537653c826a69e8853c73bd00dcac11ec4b99776c881dd26b67`
SHA3	`9eaa78b48bb3e9f77f2dbfaf5f47250710951c8f1e523984650228f6950c646d`
SSDeep	`6144:fWhYXxt/WgyaNmbXMHupIeIAK+XDsBRHJeq9:2YXxtrmTMHupIeNzwHJeS`
Imports Hash	`ccdb603157b5619d36fce9cf87287a20`

DOS Header

e_magic	`MZ`
e_cblp	`0x78`
e_cp	`0x1`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0`
e_ss	`0`
e_sp	`0`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x78`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`8`
TimeDateStamp	2026-Jun-01 12:27:04
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x33a00`
SizeOfInitializedData	`0x29000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000000000000F250 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x73000`
SizeOfHeaders	`0x400`
Checksum	`0x60967`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_GUARD_CF` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x800000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`414aecd1154392d00b108ed4b74f9a48`
SHA1	`c73f053d1009482d6adcee020eb568af96948cf5`
SHA256	`49971c76d4129ab57e4a78e03df411b46ff9c24a928546242bf9201c30e377a7`
SHA3	`498855907c23d7d315a4111f6d198970bc0e736c49a1f28856364872d23222d7`
VirtualSize	`0x3380e`
VirtualAddress	`0x1000`
SizeOfRawData	`0x33a00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.47145`

.rdata

MD5	`f32dc4e34bf41c99dcff8965e22afc7b`
SHA1	`3ff36f335f22f4ea44cb57e3749a524c84788ac5`
SHA256	`f0bc6931beaf1a3b125f726c665cb8b3d7a9b156e0e9769aa01b0914a8ffe76c`
SHA3	`0d709d1b97bad7e0735f7a1289b8daad31b36000214b5e4ca32cffc5809ef435`
VirtualSize	`0x1283c`
VirtualAddress	`0x35000`
SizeOfRawData	`0x12a00`
PointerToRawData	`0x33e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.02138`

.data

MD5	`1583d1b29157125589c59836257862f0`
SHA1	`2ae234296224df669e6e79db1dd15289e6d3ce29`
SHA256	`9fe301eaa97161f192b0b8524c2fc048957b3a72360ffa129b426a776c196f57`
SHA3	`b018aa13b48d7693407b6e375cddc73b90ed5d07757095fcc432dc65438ccad9`
VirtualSize	`0x125d8`
VirtualAddress	`0x48000`
SizeOfRawData	`0x1400`
PointerToRawData	`0x46800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.7546`

.pdata

MD5	`d2f3755f012a1d31fe91967a1a4b38cc`
SHA1	`b5f2feba862db590c6cf3793ceac19394bca1213`
SHA256	`3ef1301b491b698e3d0ae5e5ec915e38d8b5ec0fc3516dd0e36b0688a00d2499`
SHA3	`cb2a706355b7d5e7872ac957f79cc3dd1c02cb24d9c2e704c728abe84e882ca5`
VirtualSize	`0x2760`
VirtualAddress	`0x5b000`
SizeOfRawData	`0x2800`
PointerToRawData	`0x47c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.43058`

.fptable

MD5	`bf619eac0cdf3f68d496ea9344137e8b`
SHA1	`5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5`
SHA256	`076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560`
SHA3	`622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59`
VirtualSize	`0x100`
VirtualAddress	`0x5e000`
SizeOfRawData	`0x200`
PointerToRawData	`0x4a400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0`

_RDATA

MD5	`5b4e220949bc7fc22303e797b38bec93`
SHA1	`a0696b0effce678ff290ce7cadb3b68a92a5c478`
SHA256	`bf0da097e8de53cdadc3572fc30f7f6cce900206cdbcadc8277b2009a0fe9cba`
SHA3	`598f2045b5131b16e6bab4d5295c6c20fcf8188dd40f7f0ade840e91e2d865f1`
VirtualSize	`0x1f4`
VirtualAddress	`0x5f000`
SizeOfRawData	`0x200`
PointerToRawData	`0x4a600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.20636`

.rsrc

MD5	`2ffe082b0d98758cd1a6f32a07b415f3`
SHA1	`bb51b5576a69ffb9afc6a95e333fbe6d91ffea15`
SHA256	`014e7112110c4d1191802ee4b9d8aeff7e3af95bea21948c20e2307734067995`
SHA3	`51aa07b71d2fca2efe87d43b0ce106823781d5665aad0e3c526f4fc518cae290`
VirtualSize	`0x119c0`
VirtualAddress	`0x60000`
SizeOfRawData	`0x11a00`
PointerToRawData	`0x4a800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.50469`

.reloc

MD5	`025ea4f4b782de343e30eee628fc0fc7`
SHA1	`d566a21896c79b953d40ff73f8f0f311191b9aa1`
SHA256	`6cf02f04aee28a139c160ee67952f81bdc2251c27fdc9fe8384463a7cc9fd9bf`
SHA3	`e0840fdb552a19a530d6088bf4d9981cbe09a577d9f95353e00d990f77d3344d`
VirtualSize	`0xa38`
VirtualAddress	`0x72000`
SizeOfRawData	`0xc00`
PointerToRawData	`0x5c200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.11658`

Imports

ADVAPI32.dll	`RegGetValueW`
RPCRT4.dll	`UuidCreate`
SHELL32.dll	`ShellExecuteExW`
WINHTTP.dll	`WinHttpConnect` `WinHttpOpen` `WinHttpOpenRequest` `WinHttpQueryDataAvailable` `WinHttpQueryHeaders` `WinHttpReadData` `WinHttpReceiveResponse` `WinHttpSendRequest` `WinHttpSetStatusCallback`
KERNEL32.dll	`CloseHandle` `CompareStringW` `CreateEventW` `CreateFileW` `DecodePointer` `DeleteCriticalSection` `EncodePointer` `EnterCriticalSection` `EnumSystemLocalesW` `ExitProcess` `FindClose` `FindFirstFileExW` `FindNextFileW` `FlsAlloc` `FlsFree` `FlsGetValue` `FlsSetValue` `FlushFileBuffers` `FreeEnvironmentStringsW` `FreeLibrary` `GetACP` `GetCPInfo` `GetCommandLineA` `GetCommandLineW` `GetConsoleMode` `GetConsoleOutputCP` `GetCurrentProcess` `GetCurrentProcessId` `GetCurrentThreadId` `GetEnvironmentStringsW` `GetFileSizeEx` `GetFileType` `GetLastError` `GetLocaleInfoW` `GetModuleFileNameW` `GetModuleHandleExW` `GetModuleHandleW` `GetOEMCP` `GetProcAddress` `GetProcessHeap` `GetStartupInfoW` `GetStdHandle` `GetStringTypeW` `GetSystemInfo` `GetSystemTimeAsFileTime` `GetTempPathW` `GetUserDefaultLCID` `GetUserDefaultLocaleName` `HeapAlloc` `HeapFree` `HeapReAlloc` `HeapSize` `InitializeCriticalSectionEx` `InitializeSListHead` `IsDebuggerPresent` `IsProcessorFeaturePresent` `IsValidCodePage` `IsValidLocale` `LCMapStringEx` `LCMapStringW` `LeaveCriticalSection` `LoadLibraryExW` `MultiByteToWideChar` `QueryPerformanceCounter` `RaiseException` `ReadConsoleW` `ReadFile` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlPcToFileHeader` `RtlUnwind` `RtlUnwindEx` `RtlVirtualUnwind` `SetEnvironmentVariableW` `SetEvent` `SetFilePointerEx` `SetLastError` `SetStdHandle` `SetUnhandledExceptionFilter` `TerminateProcess` `UnhandledExceptionFilter` `VirtualProtect` `WaitForSingleObject` `WideCharToMultiByte` `WriteConsoleW` `WriteFile`

Delayed Imports

IDENTITY

Type	`LIMITEDACCESSFEATURE`
Language	English - United States
Codepage	UNKNOWN
Size	`0x38`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.091`
MD5	`36e6ead806a73a5a3bc2ce4f4271ab6a`
SHA1	`81a2c65bdd3b4acf0fe59c492c9b5bb0f707d5f7`
SHA256	`fb2ff6c0153228b41d9724562e77a0c6216a2e7ae8eddd4dd55441d737b3c73b`
SHA3	`5b806c73e94216aafbd67724a64e74cabcfcfa7e7f6a2d95945725baca3646d0`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x528`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.57637`
MD5	`9ef9b589dc222b68dfe323d5ee586f4f`
SHA1	`75ccee51a1649ada9714577db4de84aa9edfeb98`
SHA256	`b011ce8cc0a9e0a2ea6371c54ced59a6f85df39bd472074b3a1b9c6bb091286f`
SHA3	`f7ccda6497d58946266df08a9f420b5b1fda472489c899c8bfbcaf22755616f1`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1428`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.12398`
MD5	`a3b195fb3ad80f9bc343ecad38dc8afe`
SHA1	`789e46dce6cd6f2b39f45fc2325f7b6e40fcf558`
SHA256	`31d1c398501702fbfa6c88109d8b563d39af9c58c86fbe102c826a9faae88dc9`
SHA3	`f2965cc559f17e81f30b4be22ab171cb3560a100ecb203190346323876365110`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2d28`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.10872`
MD5	`4f2e710bc461acacfeca9eef116767b7`
SHA1	`6ac5300341438710a2e8e5a543e04bfbb83e30b4`
SHA256	`4aad470e8f0abbf5f77d188ea8cb3b0f90a45a82249105aa40d58bd1cd58fbaf`
SHA3	`f0eb6f7f8b924c5ec6c1cb3d7dcadd5bb10c38a05c6dce7ddf053638cef802f9`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc42a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.9823`
Detected Filetype	PNG graphic file
MD5	`042a45cb9cdee4528142ae10e2501114`
SHA1	`3653ec6f84b853ff508156f32b77fa31062caa0b`
SHA256	`48bd16b990c81456412f9339aaf0e748d2f58a039f210a7d88492b57bddf5107`
SHA3	`9f6ee9b3adc81cb87ac8b95d5da51b0d5cd1a985bce460fc9872f3072bb28662`

1 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.49052`
Detected Filetype	Icon file
MD5	`d2c3d620e4104e75278efffa93cbd1fa`
SHA1	`b2557517c0ab93855317dc913fa1f2a1be131636`
SHA256	`7c8159b1a924a1f8d00dab0db314e134adf76477364789133e124ff1f68fb0fc`
SHA3	`6e8063f8c857c32ccc29e68994d363787a00d6c31b6026e24f9cc725452f0e82`

1 (#3)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x32c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.36514`
MD5	`f61abc662e6725a71971d625424e35f5`
SHA1	`7d8f7192287ba2dd3ec96c4b15391175d61bc853`
SHA256	`c7c75e1d2233a062208f1e510bb9e6a499028ef7f0cd393a755042693180254a`
SHA3	`02d7a4db2f71f3072c982c549236793f9b14b09e379bada729011a6e73b4b7ec`

IDR_COMCTL32_MANIFEST

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x466`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.75547`
MD5	`937073371446fc86768c5b3cbfe989f6`
SHA1	`b667cca0233d5543ed89c689b393689acc93047a`
SHA256	`61efea6e786ac0b04926b579c026851ac2a375afdbe42bc39d652ba78fdeea83`
SHA3	`5f22d7859d29785bc6d6707e25b9be9e7b9afd377b37c63a17bff1921f4db11d`

1 (#4)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x466`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.75547`
MD5	`937073371446fc86768c5b3cbfe989f6`
SHA1	`b667cca0233d5543ed89c689b393689acc93047a`
SHA256	`61efea6e786ac0b04926b579c026851ac2a375afdbe42bc39d652ba78fdeea83`
SHA3	`5f22d7859d29785bc6d6707e25b9be9e7b9afd377b37c63a17bff1921f4db11d`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	151.0.3.567
ProductVersion	151.0.3.567
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_DLL`
Language	UNKNOWN
Comments
LegalCopyright	License: MPL 2
CompanyName	Mozilla Foundation
FileDescription
FileVersion (#2)	151.0.3
ProductVersion (#2)	151.0.3
InternalName
LegalTrademarks	Mozilla
OriginalFilename	desktop-launcher.exe
ProductName	Firefox
BuildID	20260601110758

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2026-Jun-01 12:27:04
Version	`0.0`
SizeofData	`45`
AddressOfRawData	`0x43dbc`
PointerToRawData	`0x42bbc`
Referenced File	desktop-launcher.pdb

TLS Callbacks

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140048040`
GuardCFCheckFunctionPointer	`5368988056`
GuardCFDispatchFunctionPointer	`0`
GuardCFFunctionTable	`0`
GuardCFFunctionCount	`0`
GuardFlags	`(EMPTY)`
CodeIntegrity.Flags	`0`
CodeIntegrity.Catalog	`0`
CodeIntegrity.CatalogOffset	`0`
CodeIntegrity.Reserved	`0`
GuardAddressTakenIatEntryTable	`0`
GuardAddressTakenIatEntryCount	`0`
GuardLongJumpTargetTable	`0`
GuardLongJumpTargetCount	`0`

RICH Header

Errors

Leave a comment

No comments yet.