wlanext.pdb
Static task
static1
1 signatures
General
-
Target
wlanext.exe
-
Size
116KB
-
MD5
e87de1cdf0cfa133398c5c1df653abab
-
SHA1
28850245368fb6de6d3d7059b618ffbf9792472d
-
SHA256
7b22218e02e292ce656232f5d9c315865a194e7d0e5c908e12b48f7f8c6f29b3
-
SHA512
cd53e71180d2d13eacac827db0840ed8a8076fa45b6d3203eed084165ca0e4993bb1699d0e0a18dd8c91d3254a57dcc8d2ec2b68e6dd98e768f4e4933594665b
-
SSDEEP
1536:3T+Wrg9iEq1QHF/R2dzfGFG53ejcePbiTVgzk6aBLMhpbumU:3ig+8QPYzfGAabiTKzV5ub
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource wlanext.exe
Files
-
wlanext.exe.exe windows:10 windows x64 arch:x64
1d3b6671c13d5ab37840f806c274ed8d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
msvcrt
exit
__setusermatherr
_exit
__wgetmainargs
_amsg_exit
memset
_wtoi64
memcpy
_initterm
_fmode
_cexit
_commode
?terminate@@YAXXZ
_XcptFilter
__C_specific_handler
__set_app_type
wcscmp
api-ms-win-eventing-classicprovider-l1-1-0
UnregisterTraceGuids
GetTraceEnableLevel
TraceMessage
GetTraceLoggerHandle
RegisterTraceGuidsW
GetTraceEnableFlags
api-ms-win-core-registry-l1-1-0
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
api-ms-win-core-processthreads-l1-1-0
GetCurrentThread
GetCurrentProcess
OpenProcessToken
GetCurrentProcessId
ExitProcess
TerminateProcess
OpenThreadToken
GetCurrentThreadId
CreateThread
api-ms-win-core-errorhandling-l1-1-0
GetLastError
SetUnhandledExceptionFilter
SetLastError
UnhandledExceptionFilter
api-ms-win-security-base-l1-1-0
GetTokenInformation
CopySid
AdjustTokenPrivileges
EqualSid
GetLengthSid
IsValidSid
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-heap-l1-1-0
HeapSetInformation
HeapAlloc
HeapFree
GetProcessHeap
api-ms-win-core-synch-l1-1-0
CreateEventW
InitializeCriticalSection
ResetEvent
LeaveCriticalSection
DeleteCriticalSection
EnterCriticalSection
WaitForSingleObject
SetEvent
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-libraryloader-l1-2-0
FreeLibrary
GetProcAddress
LoadLibraryExW
GetModuleHandleW
api-ms-win-core-heap-l2-1-0
LocalFree
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetTickCount64
GetSystemTimeAsFileTime
api-ms-win-core-rtlsupport-l1-1-0
RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
api-ms-win-core-threadpool-legacy-l1-1-0
DeleteTimerQueueTimer
CreateTimerQueue
ChangeTimerQueueTimer
QueueUserWorkItem
CreateTimerQueueTimer
DeleteTimerQueueEx
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
api-ms-win-core-file-l1-1-0
WriteFile
CreateFileW
ReadFile
ntdll
RtlStringFromGUID
RtlNtStatusToDosError
NtDeviceIoControlFile
RtlFreeUnicodeString
NtWaitForSingleObject
api-ms-win-core-kernel32-legacy-l1-1-0
BindIoCompletionCallback
Sections
.text Size: 68KB - Virtual size: 66KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 4KB - Virtual size: 352B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 828B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ