WLANOptimizer[.]exe[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

WLANOptimizer.exe.bin
Size

106KB
MD5

e998f77c0943056319a6a46c330606a4
SHA1

f69f38d17a6b97d75a479d584d07e49fa43bf29d
SHA256

c154ec2d62ecbdab62fd4fdf97157ff93efbc1640871a68bca38e43dad55d2b4
SHA512

484424d5edb1574e0f5aef981995dc852ba277a3dfbeb9542aabe56cf4b8a7df8e4a75742829399d63278d328616f39d8df780f1e57f89930848515b228dfb28
SSDEEP

1536:5/tmdEb3KQHXPUel8WV17Mq4ahXu/nNPzzlK9HXXCUc1Wm/nps8F7Yq8Ih:3mMvqq4fnNQXCrWm/npsMp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
WLANOptimizer.exe.bin

Files

WLANOptimizer.exe.bin
.exe windows x86

a5ff5bece158009450034a7bac304edb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr90

__FrameUnwindFilter
_encoded_null
__CxxRegisterExceptionObject
__CxxDetectRethrow
__CxxQueryExceptionSize
__CxxUnregisterExceptionObject
??3@YAXPAX@Z
_cexit
_amsg_exit
_decode_pointer
_encode_pointer
__CxxExceptionFilter

msvcm90

?RegisterModuleUninitializer@<CrtImplementationDetails>@@YAXP$AAVEventHandler@System@@@Z
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@@Z
?ThrowNestedModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVException@System@@0@Z
?DoCallBackInDefaultDomain@<CrtImplementationDetails>@@YAXP6GJPAX@Z0@Z
?DoDllLanguageSupportValidation@<CrtImplementationDetails>@@YAXXZ
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@P$AAVException@3@@Z

wlanapi

WlanFreeMemory
WlanEnumInterfaces
WlanOpenHandle
WlanQueryInterface
WlanSetInterface
WlanCloseHandle

advapi32

AllocateAndInitializeSid
FreeSid
CheckTokenMembership

kernel32

GetCurrentProcess
HeapLock
HeapCompact
SetProcessWorkingSetSize
GetProcessHeap
QueryPerformanceCounter
Sleep
HeapUnlock
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId

mscoree

_CorExeMain

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 530B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5ff5bece158009450034a7bac304edb

Headers

DLL Characteristics

File Characteristics

Imports

msvcr90

msvcm90

wlanapi

advapi32

kernel32

mscoree

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 68KB - Virtual size: 68KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 1024B - Virtual size: 530B

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 68KB - Virtual size: 68KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 1024B - Virtual size: 530B