Hello all.

I recently downloaded firefox from the official site as per usual (windows version) and I ran a virustotal check and got a trojan positive.

The md5sum is: 4409905bd4544c6f45e4d5737f130d75

The sha256sum is:

d390bfce3fed1be8c153aebfb9f28043981071b5338745e9207547178f32bf64

Please verify if this file is legitamate.

  • Moonrise2473@feddit.it
    ·
    18 days ago

    It's signed by Mozilla (extremely unlikely that's a virus unless they got hacked) and it's detected as trojan only by "max secure", a questionable snake oil product that is like a broken clock, correct only twice a day

    Conclusion: it's safe

  • lnxtx@feddit.nl
    ·
    18 days ago

    False-positive?

    https://www.virustotal.com/gui/file/d390bfce3fed1be8c153aebfb9f28043981071b5338745e9207547178f32bf64/detection

    • wallmenis@lemmy.one
      ·
      18 days ago

      I have read on the firefox forum that this particular anti-malware engine flags these like that. I just want to know to be sure. Is there somewhere where I can check if it was officially generated by firefox (other than the signature which seems legit)

      • wallmenis@lemmy.one
        ·
        18 days ago

        Follow up:

        Ok so aparently 7z compression is the culprit. If I extract the file. There is a setup-stub.exe file that shows clear in there.