ie4uinit.exe

  • File Path: C:\Windows\system32\ie4uinit.exe
  • Description: IE Per-User Initialization Utility

Hashes

Type Hash
MD5 8450580ADC40581006B7233F2B2803EB
SHA1 4847B6EC7851126774037130C518B377F454D1D3
SHA256 DD7FE0DBD6BD3B66437C093B707D1B2CA8AC72E4671B88829A4327FA6B8A00BD
SHA384 6B86056EE2FC3DF835CF06FAACE0EA8C7CD5311C0E5FFD0FD0A5F3A9911C1D1BD2EB168BB44F08BDEA3E8371AB0672E8
SHA512 1FC29268C19E1076EC16A36536A434AE51E25F53DD98173F22365D3C94B2DDE7FA477F90449FD189BDDF3E4507590386265127BFE5B67D07EFA43C59EBD08A77
SSDEEP 6144:M22QSvNlvMQBGwGk2FBSKrzise1JMQiGK4trw:rSn21d4uorw

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: IE4UINIT.EXE.MUI
  • Product Name: Internet Explorer
  • Company Name: Microsoft Corporation
  • File Version: 11.00.14393.0 (rs1_release.160715-1616)
  • Product Version: 11.00.14393.0
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

Possible Misuse

The following table contains possible examples of ie4uinit.exe being misused. While ie4uinit.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
LOLBAS Ie4uinit.yml Name: Ie4uinit.exe  
LOLBAS Ie4uinit.yml - Command: ie4uinit.exe -BaseSettings  
LOLBAS Ie4uinit.yml Description: Executes commands from a specially prepared ie4uinit.inf file.  
LOLBAS Ie4uinit.yml - Path: c:\windows\system32\ie4uinit.exe  
LOLBAS Ie4uinit.yml - Path: c:\windows\sysWOW64\ie4uinit.exe  
LOLBAS Ie4uinit.yml - IOC: ie4uinit.exe copied outside of %windir%  
LOLBAS Ie4uinit.yml - IOC: ie4uinit.exe loading an inf file (ieuinit.inf) from outside %windir%  
malware-ioc nukesped_lazarus .IE4UINIT.exe``{:.highlight .language-cmhg} © ESET 2014-2018

MIT License. Copyright (c) 2020-2021 Strontic.