Hello! Hope you are doing well. I’m working from the local library today. Was looking for some downloads to play around with last night and found one, signed by Avitzur Efrati Management Initiatives Ltd. The file is named mozilla_firefox.exe.
The Avitzur Efrati Management Initiatives Ltd certificate shows that the publisher is located in Petah Tikva, Israel.
The problem here is that if mozilla_firefox.exe really was an installer file for Mozilla Firefox, it would have been signed by Mozilla Corporation and not by some unknown company. Here’s how the authentic Mozilla Firefox looks like when you double click on it. Notice that the “Verified publisher” says “Mozilla Corporation”.
When I uploaded the file to VirusTotal – as I usually do when I find something that looks suspicious – Only 4% of the scanners detected the file. The file is detected as Generic.C83 by AVG and a variant of Win32/InstallCore.WT potentially unwanted by ESET-NOD32.
Did you also find a Avitzur Efrati Management Initiatives Ltd file? What kind of download was it?
Thank you for reading.
Yeah man i was wondering wtf.. Thanks for the explanation its very helpful
Thanks for the feedback!
This is on a download for microsoft word 2015. It says microsoft word 2015 free. If you go to download it comes up would you like microsoft word to make changes to your computer and that is what comes up as the verified publisher
I saw this appear with a free download of Microsoft Encarta. I did not install it.