Class: WebToolbar
Toolbars enhance the capabilities of user software and are installed with the user’s consent. They are not malicious. However, some toolbars are installed along with other software components. These toolbars make use of special installers that employ a variety of methods to automatically receive permission to install a toolbar, e.g. flagging an “I agree” option by default. In order to warn users about attempts to install unwanted content, we detect as WebToolbar any toolbars being installed on users’ computers without their permission as well as the associated toolbar installers.Read more
Platform: Win32
Win32 is an API on Windows NT-based operating systems (Windows XP, Windows 7, etc.) that supports execution of 32-bit applications. One of the most widespread programming platforms in the world.Family: Perion
No family descriptionExamples
C42155BBF523D6760D3BF2C6ADE45E060D2B30341200180567665794B499035F
CAEF94C1F1F82673AB79391D56D7B157
B6517F9726F611881B98BD3AAFE56B51
347972DF53A35A41DBCE5DFCB1BA4851
Tactics and Techniques: Mitre*
Adversaries may interact with the Windows Registry to hide configuration information within Registry keys, remove information as part of cleaning up, or as part of other techniques to aid in persistence and execution.
Adversaries may interact with the Windows Registry to hide configuration information within Registry keys, remove information as part of cleaning up, or as part of other techniques to aid in persistence and execution.
Adversaries may disable or modify system firewalls in order to bypass controls limiting network usage. Changes could be disabling the entire mechanism as well as adding, deleting, or modifying particular rules. This can be done numerous ways depending on the operating system, including via command-line, editing Windows Registry keys, and Windows Control Panel.
* © 2025 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.