Trojan.Win32.FireHooker or Trojan:Win32/FireHooker is the definition (from Kaspersky Labs) of a Trojan downloader, Trojan dropper, or Trojan spy created for the Windows platform. [1] Its first known detection goes back to September, 2015, according to the AVV Trend Micro.
This malware requires its main component to successfully perform its intended routine as a .dll file, by the name xul.dll. The file size is about 5120 bytes. [2] The file is being dropped by an DNS blocking installer or additional installers bundled with DNSblockers.
xul.dll, which is a known Mozilla Firefox DLL, loads in order to come to action the following APIs from the DLL file
- CERT_GetCommonName
- NSS_CMSSignerInfo_GetSigningCertificate
- NSS_CMSSignerInfo_Verify
- PORT_Set_Error
- VFY_VerifyDigestDirect [3]
- TR/FireHooker.1825 ( Avira)
- Trojan.GenericKD.2889803 ( Bitdefender)
- Win32/FireHooker.A ( ESET)
- Trojan.Win32.FireHooker.a ( Kaspersky Labs)
Trojan.Win32.FireHooker or Trojan:Win32/FireHooker is the definition (from Kaspersky Labs) of a Trojan downloader, Trojan dropper, or Trojan spy created for the Windows platform. [1] Its first known detection goes back to September, 2015, according to the AVV Trend Micro.
This malware requires its main component to successfully perform its intended routine as a .dll file, by the name xul.dll. The file size is about 5120 bytes. [2] The file is being dropped by an DNS blocking installer or additional installers bundled with DNSblockers.
xul.dll, which is a known Mozilla Firefox DLL, loads in order to come to action the following APIs from the DLL file
- CERT_GetCommonName
- NSS_CMSSignerInfo_GetSigningCertificate
- NSS_CMSSignerInfo_Verify
- PORT_Set_Error
- VFY_VerifyDigestDirect [3]
- TR/FireHooker.1825 ( Avira)
- Trojan.GenericKD.2889803 ( Bitdefender)
- Win32/FireHooker.A ( ESET)
- Trojan.Win32.FireHooker.a ( Kaspersky Labs)