0ad60986642132224fc2a6e67b408dfbc796378de4e486c46321d4f2e8c2bff7 | Triage

Submit
Reports

Overview

overview

6

Static

static

1

iobituninstaller.exe

windows7-x64

6

iobituninstaller.exe

windows10-2004-x64

6

Resubmissions

17-07-2023 20:19

230717-y3zmmsfe5s 6

17-07-2023 20:12

230717-yys93aef99 7

Sharing

General

Target

iobituninstaller.exe
Size

25.9MB
Sample

230717-y3zmmsfe5s
MD5

94a4af7e8f8688a26d041b02b06752ec
SHA1

5de675f8b29321449e42f6819e20dbfea03f539d
SHA256

0ad60986642132224fc2a6e67b408dfbc796378de4e486c46321d4f2e8c2bff7
SHA512

d5de4debcb5b37ed6ae3b81a80766eb3d6df27d36d4fee39d31d98dca06cd0837752b2995329ab874825f93d733c2f64370ac23abd655e586d1ca81338a9a027
SSDEEP

393216:h2oPRcmHvgDZGkB+C0pxAvRmpp9PvQeMLZwrB8E0/Z4oy1yMruqBmVvjfJFUX+ex:h2oPNm9ECmmegMBoZ4o/Mr4v3UueIeT

Score

6^/10

adware discovery persistence stealer

Static task

static1

Behavioral task

behavioral1

Sample

iobituninstaller.exe

Resource

win7-20230712-en

adware discovery persistence stealer

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

iobituninstaller.exe

Resource

win10v2004-20230703-en

adware discovery persistence stealer

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  iobituninstaller.exe
- Size
  
  25.9MB
- MD5
  
  94a4af7e8f8688a26d041b02b06752ec
- SHA1
  
  5de675f8b29321449e42f6819e20dbfea03f539d
- SHA256
  
  0ad60986642132224fc2a6e67b408dfbc796378de4e486c46321d4f2e8c2bff7
- SHA512
  
  d5de4debcb5b37ed6ae3b81a80766eb3d6df27d36d4fee39d31d98dca06cd0837752b2995329ab874825f93d733c2f64370ac23abd655e586d1ca81338a9a027
- SSDEEP
  
  393216:h2oPRcmHvgDZGkB+C0pxAvRmpp9PvQeMLZwrB8E0/Z4oy1yMruqBmVvjfJFUX+ex:h2oPNm9ECmmegMBoZ4o/Mr4v3UueIeT
Score

6^/10

adware discovery persistence stealer
- Drops desktop.ini file(s)
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Change Default File Association

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverypersistencestealer

behavioral2

adwarediscoverypersistencestealer

© 2018-2024

Terms | Privacy