home

octb1bf.tmp.exe

iTunes

Apple Inc.

This is a self-extracting archive and installer. This is installed with iTunes. The file has been seen being downloaded from download.informer.com and multiple other hosts.
Publisher:
Apple Inc.  (signed and verified)

Product:
iTunes

Description:
iTunes Installer

Version:
11.0.5.5

MD5:
d99c7e0fee909aec6d652f919f715dd3

SHA-1:
f453f386a4b27d80b2baa0206f805e64edd4daab

SHA-256:
a17249a1f51aa76a2ad1473ac109928b6f3796bed9b50acd2a6e6da21ebeb5a9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 9:35:58 AM UTC  (today)

File size:
85 MB (89,082,704 bytes)

Product version:
11.0.5.5

Copyright:
© Apple Inc. All Rights Reserved.

Original file name:
iTunesSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\octb1bf.tmp.exe

Digital Signature
Signed by:
Apple Inc.

Authority:
VeriSign, Inc.

Valid from:
5/24/2013 3:00:00 AM

Valid to:
7/24/2015 2:59:59 AM

Subject:
CN=Apple Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Apple Inc., L=Cupertino, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
47DE2F9FBF7A1D4191F45773FA113E1D

File PE Metadata
Compilation timestamp:
8/16/2013 7:43:35 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
1572864:GuKec2E8XFu+hO45LAv3GJGe/LwEQdQILgeilAzyATNuxHpA2r+:rHE8NO4BxG0LwEQnSAOQNubTi

Entry address:
0xBA63

Entry point:
E8, F4, 55, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, A3, 14, 8B, 41, 00, 5D, C3, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A1, 00, 6C, 41, 00, 33, C5, 89, 45, FC, 83, A5, D8, FC, FF, FF, 00, 53, 6A, 4C, 8D, 85, DC, FC, FF, FF, 6A, 00, 50, E8, E7, D1, FF, FF, 8D, 85, D8, FC, FF, FF, 89, 85, 28, FD, FF, FF, 8D, 85, 30, FD, FF, FF, 83, C4, 0C, 89, 85, 2C, FD, FF, FF, 89, 85, E0, FD, FF, FF, 89, 8D, DC, FD, FF, FF, 89, 95, D8, FD, FF, FF, 89, 9D, D4, FD, FF, FF, 89, B5, D0, FD, FF, FF, 89...
 
[+]

Entropy:
7.9998  (probably packed)

Code size:
71.5 KB (73,216 bytes)

The file octb1bf.tmp.exe has been discovered within the following programs.

ARO 2013  by Support.com
Publisher's description - “ARO scans your PC for unnecessary registry and junk files, and runs a baseline security scan to ensure your antivirus, antispyware, and firewall are configured properly.”
go.support.com?linkid=101306
62% remove it
iTunes  by Apple Inc.
Apple's iTunes is a proprietary media player computer program, used for playing and organizing digital music and video files on desktop computers. It can also manage contents on iPod, iPhone and iPad.
www.apple.com/itunes
9% remove it
 
Powered by Should I Remove It?

The file octb1bf.tmp.exe has been seen being distributed by the following 24 URLs.

http://download.informer.com/.../itunessetup.exe

https://api.ipsw.me/v2.1/iTunes/win/11.0.5/.../dl

http://appldnld.apple.com/iTunes10/.../iTunesSetup.exe

http://gsf-cf.softonic.com//f45/3f3/.../file?id_file=30110&channel=WEB&instance=softonic_it&type=PROGRAM&fdh=no&SD_used=0&Expires=1379287416&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=AwOGFPdBZ5JzphJXPuX7r7YwV5GcodAl2AONry~eM1nPh9tOL012lYTku52tzxkSopmOS8RtR-5wpMf2R1k9jfyrl0tbzOpgpR~aNaXipZqbdro2BJnFDJqq0txtoRINvkq3TTrvM~wN3NylplXd7bIE6139ahznGsA-toXfVaw_&filename=iTunesSetup.exe

http://itunes.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-em6eMpZ6jmZk=

http://www.afterdawn.com/software/.../download.cfm?version_id=66977&software_id=936&mirror_id=19707&installer=0&perion=0&air_installer=0

http://downloadze1.net/go.php?u=aHR0cHM6Ly9zZWN1cmUtYXBwbGRubGQuYXBwbGUuY29tL2lUdW5lczExLzA5MS05MjY5LjIwMTMwODE2LkF6ZnJlL2lUdW5lc1NldHVwLmV4ZQ==&cmd=go

http://itunes.software.informer.com/.../

http://x.chip.de/downloads/extern/desktop/?bid=426377&c=0644b35821ce2af8455db87fb21223f7&url=http://appldnld.apple.com/iTunes11/.../iTunesSetup.exe

http://toolboox.com/.../itunes.exe

http://soft.archive2.clubic.com/files/fe6a05e963272872e1de9faa1f3f8515/521a2d57/.../itunes_11-0-5_fr_11140_32.exe

http://appldnld.apple.com/iTunes10/.../iTunesSetup.exe

http://appldnld.apple.com/iTunes11/.../iTunesSetup.exe

http://www.filehippo.com/es/download/file/.../

http://appldnld.apple.com/iTunes11/.../iTunesSetup.exe

https://zima54d.storage.yandex.net/rdisk/6a1ca4cb971ee35078001f373fbbaa57/53b7f1e0/.../x-msdownload&fsize=89082704&hid=99e9ff1f857f5c028f4716e045db8515&media_type=executable&rtoken=65c6908bcb33023330643355b9e386fb&rtimestamp=53b7f1e0&force_default=no

https://downloader.disk.yandex.ru/disk/6a1ca4cb971ee35078001f373fbbaa57/53b7f1e0/.../x-msdownload&fsize=89082704&hid=99e9ff1f857f5c028f4716e045db8515&media_type=executable

http://download.oldapps.com/.../iTunesSetup1105.exe

http://appldnld.apple.com/iTunes11/.../iTunesSetup.exe

https://secure-appldnld.apple.com/iTunes11/.../iTunesSetup.exe

http://www.techspot.com/downloads.php?action=download_now&id=70&evp=eb7d0aa020deed41d57f7ee0b8772e33&file=1

http://www.oldapps.com/itunes.php?app=D99C7E0FEE909AEC6D652F919F715DD3

http://download-euro.oldapps.com/.../iTunesSetup1105.exe

http://appldnld.apple.com/iTunes11/.../iTunesSetup.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.