c154ec2d62ecbdab62fd4fdf97157ff93efbc1640871a68bca38e43dad55d2b4

Analysis

max time kernel
152s
max time network
33s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
11/05/2023, 18:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

WLANOptimizer.exe
Size

106KB
MD5

e998f77c0943056319a6a46c330606a4
SHA1

f69f38d17a6b97d75a479d584d07e49fa43bf29d
SHA256

c154ec2d62ecbdab62fd4fdf97157ff93efbc1640871a68bca38e43dad55d2b4
SHA512

484424d5edb1574e0f5aef981995dc852ba277a3dfbeb9542aabe56cf4b8a7df8e4a75742829399d63278d328616f39d8df780f1e57f89930848515b228dfb28
SSDEEP

1536:5/tmdEb3KQHXPUel8WV17Mq4ahXu/nNPzzlK9HXXCUc1Wm/nps8F7Yq8Ih:3mMvqq4fnNQXCrWm/npsMp

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe
Token: 33	2004	WLANOptimizer.exe
Token: SeIncBasePriorityPrivilege	2004	WLANOptimizer.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2004	WLANOptimizer.exe

Suspicious use of SendNotifyMessage 1 IoCs

pid	Process
2004	WLANOptimizer.exe

C:\Users\Admin\AppData\Local\Temp\WLANOptimizer.exe
"C:\Users\Admin\AppData\Local\Temp\WLANOptimizer.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2004

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2004-54-0x0000000002220000-0x0000000002260000-memory.dmp

Filesize
256KB

Download
memory/2004-55-0x0000000002220000-0x0000000002260000-memory.dmp

Filesize
256KB

Download
memory/2004-56-0x0000000002220000-0x0000000002260000-memory.dmp

Filesize
256KB

Download
memory/2004-57-0x0000000002220000-0x0000000002260000-memory.dmp

Filesize
256KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads