inf[.]inf | Triage

Resubmissions

Sharing

Copy URL

Twitter E-mail

General

Target

inf.inf
Size

1.3MB
MD5

73dea1a75637e14f6fcd012fe2815636
SHA1

f1edca0d6464b76bc4956352571d8941c02d2c4e
SHA256

fd03dd58aa7cb5236f4df8cde3fb07af304c6f402cd48b86eefcecb8e7b86883
SHA512

f6dc462194037a5c4e0b186088f1fd75befe4cb88bf1dcc7477987951332fc18f8aa66389d567e01677990b022fea6849a66a24510027794e12e2a517edde8d0
SSDEEP

24576:SkMiDApH5iholXZFFqn14hhzk8wncu0Z9Ml+5PkjyDs5U2cuC:tApsolXTF8mhC1c9WCkjMs5Uq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
inf.inf

Files

inf.inf
.exe windows:5 windows x86 arch:x86

dc8730fd7ae2a648fc7266ee1e825793

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetDefaultCommConfigW
GetEnvironmentStrings
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesExW
GetFileAttributesW
GetFileType
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDrives
GetModuleFileNameA
GetModuleFileNameW
GetOEMCP
GetOverlappedResult
GetPrivateProfileStringA
GetProcessHeap
GetProcessTimes
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetTimeFormatA
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExA
GetVersionExW
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
GetConsoleCP
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryW
LocalAlloc
LocalFree
MoveFileW
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
RemoveDirectoryW
ResetEvent
RtlUnwind
SearchPathW
SetConsoleCtrlHandler
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetEvent
SetFilePointer
SetHandleCount
SetHandleInformation
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileSectionA
GetComputerNameW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FreeConsole
FormatMessageW
FlushFileBuffers
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FatalAppExitA
ExpandEnvironmentStringsW
ExitProcess
EnumSystemLocalesA
EnterCriticalSection
DuplicateHandle
DeleteFileW
DeleteCriticalSection
CreateSemaphoreW
CreateProcessW
CreateFileW
CreateFileA
CreateEventW
CreateDirectoryW
CompareStringW
CompareStringA
CloseHandle
CancelIo
BackupRead
AllocConsole
GetModuleHandleA
LoadLibraryA
GetProcAddress
InterlockedExchange
VirtualAlloc

user32

LoadCursorW
PeekMessageW
MsgWaitForMultipleObjects
CharNextW

advapi32

SetSecurityDescriptorDacl
SetEntriesInAclW
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegNotifyChangeKeyValue
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
OpenProcessToken
MakeSelfRelativeSD
MakeAbsoluteSD
LookupAccountSidW
LookupAccountNameW
IsValidSid
InitializeSecurityDescriptor
InitializeAcl
GetTokenInformation
GetSidIdentifierAuthority
GetSecurityInfo
GetSecurityDescriptorLength
GetSecurityDescriptorControl
GetLengthSid
GetAclInformation
FreeSid
EqualSid
CreateProcessAsUserW
CopySid
AllocateAndInitializeSid
RegOpenKeyA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorSacl
SetSecurityInfo
SetNamedSecurityInfoW

shell32

SHGetDiskFreeSpaceA
CheckEscapesW
DragQueryFile
SHEmptyRecycleBinW
SHFileOperationW
ShellExecuteW
ShellExecuteEx
SHQueryRecycleBinA
SHLoadNonloadedIconOverlayIdentifiers
SHInvokePrinterCommandA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
SHGetDiskFreeSpaceExW

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

shlwapi

StrCmpNIW
StrRChrA
StrStrA
StrCmpNIA

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 807KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

dc8730fd7ae2a648fc7266ee1e825793

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 27KB - Virtual size: 807KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 27KB - Virtual size: 807KB