Tag Archives: Petah Tikva

Avitzur Efrati Management Initiatives Ltd – 4% Anti-Virus Detection Rate – InstallCore

Hello! Hope you are doing well. I’m working from the local library today. Was looking for some downloads to play around with last night and found one, signed by Avitzur Efrati Management Initiatives Ltd. The file is named mozilla_firefox.exe.

Avitzur Efrati  Management Initiatives Ltd

The Avitzur Efrati Management Initiatives Ltd certificate shows that the publisher is located in Petah Tikva, Israel.

The problem here is that if mozilla_firefox.exe really was an installer file for Mozilla Firefox, it would have been signed by Mozilla Corporation and not by some unknown company. Here’s how the authentic Mozilla Firefox looks like when you double click on it. Notice that the “Verified publisher” says “Mozilla Corporation”.
Mozilla Corporation publisher

When I uploaded the file to VirusTotal – as I usually do when I find something that looks suspicious – Only 4% of the scanners detected the file. The file is detected as Generic.C83 by AVG and a variant of Win32/InstallCore.WT potentially unwanted by ESET-NOD32.

Did you also find a Avitzur Efrati Management Initiatives Ltd file? What kind of download was it?

Thank you for reading.