Malware Delivered Through .inf File, (Mon, Jun 19th)
![](https://www.dataleakreport.com/wp-content/uploads/2023/04/Screen-Shot-2023-04-24-at-9.22.39-AM-1024x670.png)
Microsoft has used “.inf” files for a while[1]. They are simple text files and contain setup information in a driver package. They describe what must be performed to install a driver package on a device. When you read them, the syntax is straightforward to understand. The file is based on sections that describe what must be performed. One of them is very interesting for attackers: [RunPreSetupCommandsSection]. Note that .inf files cannot be executed “as is”.
Article Link: https://isc.sans.edu/diary/rss/29960
1 post – 1 participant