Download
Community
knowledgeBase
» inetinfo.exe
Overview
Analysis
File Details
Network (1)
inetinfo.exe
The application inetinfo.exe has been detected as a potentially unwanted program by 40 anti-malware scanners. While running, it connects to the Internet address unknown.prolexic.com on port 80 using the HTTP protocol.
File name:
inetinfo.exe
MD5:
dbf7f44a5e52847754021ad82c900e2f
SHA-1:
8111e6c8d746344ef00955834dd9836f2d1f00e2
SHA-256:
4f460e1f09b7c70e60e0960774ecc26d879991c4e60804fdde1a808ec90b7b71
Analysis
Scanner detections:
40 / 68
Status:
Potentially unwanted
Analysis date:
5/21/2024 10:58:36 AM UTC
(today)
Scan engine
Detection
Engine version
Lavasoft Ad-Aware
Generic.Brontok.6CDA2F95
403
Agnitum Outpost
I-Worm.Brontok.Gen.2
7.1.1
AhnLab V3 Security
HEUR/Fakon.mwf
2014.12.29
Avira AntiVirus
Worm/Rontobro.E
7.11.198.100
avast!
Win32:Brontok-CE [Wrm]
2014.9-151229
AVG
I-Worm/Brontok.X
2016.0.2881
Baidu Antivirus
Trojan.Win32.FakeFolder
4.0.3.151229
Bitdefender
Generic.Brontok.6CDA2F95
1.0.20.1815
Bkav FE
W32.BrontokQ
1.3.0.6267
Clam AntiVirus
Worm.Brontok.AI
0.98/21511
Comodo Security
Packed.Win32.Packer.~GEN
20516
Dr.Web
BackDoor.Generic.1138
9.0.1.0363
Emsisoft Anti-Malware
Generic.Brontok.6CDA2F95
8.15.12.29.07
ESET NOD32
Win32/Brontok.BF
9.10937
Fortinet FortiGate
W32/Brontok.D@mm
12/29/2015
F-Prot
W32/Brontok.FS@mm
v6.4.7.1.166
F-Secure
Generic.Brontok.6CDA2F95
11.2015-29-12_3
G Data
Generic.Brontok.6CDA2F95
15.12.24
IKARUS anti.virus
Email-Worm.Win32.Brontok
t3scan.1.8.5.0
K7 AntiVirus
EmailWorm
13.188.14468
Kaspersky
Email-Worm.Win32.Brontok
14.0.0.898
Malwarebytes
Trojan.Dropper
v2015.12.29.07
McAfee
W32/Rontokbro.gen@MM
5600.6537
Microsoft Security Essentials
Worm:Win32/Brontok.AS@mm
1.11302
MicroWorld eScan
Generic.Brontok.6CDA2F95
16.0.0.1089
NANO AntiVirus
Trojan.Win32.Brontok.pxug
0.30.0.64448
Norman
Rontokbro
11.20151229
nProtect
Worm/W32.Brontok.45374
14.12.26.01
Panda Antivirus
W32/Brontok.GS.worm
15.12.29.07
Qihoo 360 Security
Win32/Worm.Email-Worm.343
1.0.0.1015
Quick Heal
W32.Brontok.Q
12.15.14.00
Rising Antivirus
PE:Trojan.Win32.Generic.13BC347A!331101306
23.00.65.151227
Sophos
W32/Brontok-N
4.98
SUPERAntiSpyware
Adware.Lop
9418
Total Defense
Win32/ASuspect.HFAEN!genus
37.0.11355
Trend Micro House Call
WORM_RONTKBR.GEN
7.2.363
Trend Micro
WORM_RONTKBR.GEN
10.465.29
Vba32 AntiVirus
OScope.Trojan.VB.01849
3.12.26.3
VIPRE Antivirus
Email-Worm.Win32.Brontok.ik
36172
ViRobot
I-Worm.Win32.Brontok.45374[h]
2014.3.20.0
File Details
File size:
44.3 KB (45,374 bytes)
File type:
Executable application (Win32 EXE)
Common path:
C:\users\{user}\appdata\local\inetinfo.exe
File PE Metadata
OS version:
4.0
OS bitness:
Win32
Subsystem:
Windows GUI
Linker version:
5.12
CTPH (ssdeep):
768:anA/5XCC23x/yi9fl8+toI3XiS28AvLq+pmpLWNrLET2B3yE8PKv35BMCc:kw5XCCAnM+K6yS2NvLq+pmVWNrS2ByEA
Entry address:
0x30F25
Entry point:
E9, 2A, F2, FC, FF, 0C, 60, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, FC, 0E, 03, 00, 0C, 60, 02, 00...
[+]
Packer / compiler:
RLPack FullEdition V1.1X
Code size:
512 Bytes (512 bytes)
Network Communications
The executing file has been seen to make the following network communication in live environments.
TCP (HTTP):
Connects to
unknown.prolexic.com
 (72.52.4.121:80)
Remove inetinfo.exe
- Powered by Reason Core Security
X