× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 498811496cb62280f8eabe9fb345b2edc41d99886a4af319f2585fa8ebdc932b
File name: kIBF2Bu8R0Snnb.dll
Detection ratio: 11 / 57
Analysis date: 2016-09-19 08:54:24 UTC ( 1 year, 1 month ago ) View latest
Antivirus Result Update
AVware LooksLike.Win32.InfectedFile!B (v) 20160919
Baidu Win32.Trojan.WisdomEyes.151026.9950.9999 20160914
Bkav HW32.Packed.62AF 20160917
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20160725
Sophos ML trojan.win32.dorv.c!rfn 20160917
McAfee-GW-Edition BehavesLike.Win32.Locky.cc 20160918
Rising Malware.Generic!ZxEJHEGiF0V@1 (thunder) 20160919
Sophos AV Mal/RansomDl-B 20160919
Symantec Heur.AdvML.B 20160919
Tencent Win32.Trojan.Raasj.Auto 20160919
VIPRE LooksLike.Win32.InfectedFile!B (v) 20160919
Ad-Aware 20160919
AegisLab 20160919
AhnLab-V3 20160918
Alibaba 20160919
ALYac 20160919
Antiy-AVL 20160919
Arcabit 20160917
Avast 20160919
AVG 20160919
Avira (no cloud) 20160919
BitDefender 20160919
CAT-QuickHeal 20160919
ClamAV 20160916
CMC 20160916
Comodo 20160916
Cyren 20160919
DrWeb 20160919
Emsisoft 20160919
ESET-NOD32 20160919
F-Prot 20160919
F-Secure 20160919
Fortinet 20160919
GData 20160919
Ikarus 20160919
Jiangmin 20160919
K7AntiVirus 20160919
K7GW 20160919
Kaspersky 20160919
Kingsoft 20160919
Malwarebytes 20160919
McAfee 20160919
Microsoft 20160919
eScan 20160919
NANO-Antivirus 20160919
nProtect 20160919
Panda 20160918
Qihoo-360 20160919
SUPERAntiSpyware 20160919
TheHacker 20160918
TrendMicro 20160919
TrendMicro-HouseCall 20160919
VBA32 20160917
ViRobot 20160919
Yandex 20160918
Zillya 20160915
Zoner 20160919
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name WAB.EXE
Internal name WAB.EXE
File version 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Description Windows Contacts
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-09-19 07:06:40
Entry Point 0x0001E000
Number of sections 6
PE sections
PE imports
CryptDestroyKey
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW
RegQueryValueExA
RegCreateKeyW
OpenServiceW
ControlService
CryptVerifySignatureW
LookupPrivilegeValueW
RegOpenKeyExW
RegRestoreKeyW
DeleteService
CryptHashData
RegDeleteValueW
RegQueryValueExW
CryptCreateHash
CloseServiceHandle
RegisterEventSourceW
OpenProcessToken
DeregisterEventSource
RegEnumKeyW
SetTokenInformation
RegOpenKeyW
RegOpenKeyExA
RegQueryValueW
GetTokenInformation
DuplicateTokenEx
CryptReleaseContext
SetServiceStatus
QueryServiceStatusEx
RegQueryInfoKeyW
RegEnumKeyExW
OpenThreadToken
GetUserNameA
BuildExplicitAccessWithNameW
GetNamedSecurityInfoW
CreateProcessAsUserW
CryptDestroyHash
CryptAcquireContextW
CryptGetUserKey
SetEntriesInAclW
RevertToSelf
StartServiceW
RegSetValueExW
EnumDependentServicesW
OpenSCManagerW
ReportEventW
RegisterServiceCtrlHandlerExW
StartServiceCtrlDispatcherW
CreateServiceW
ChangeServiceConfigW
SetNamedSecurityInfoW
GetSaveFileNameW
GetFileTitleW
CommDlgExtendedError
SetGraphicsMode
Polygon
TextOutW
CreateFontIndirectW
Ellipse
GetGlyphOutlineW
CreatePen
SaveDC
GdiFlush
GetTextMetricsA
CombineRgn
GetClipBox
ModifyWorldTransform
GetPixel
SelectClipRgn
Rectangle
SetMapMode
GetBrushOrgEx
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetBkMode
GetCharacterPlacementW
CreateBitmap
SetWorldTransform
DeleteObject
GetObjectW
BitBlt
CreateDIBSection
RealizePalette
SetTextColor
CreatePatternBrush
GetBkColor
GetClipRgn
ExtTextOutW
GetOutlineTextMetricsA
GetTextExtentPoint32W
Escape
CreatePalette
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
GetFontData
PtVisible
GetDIBits
EnumFontFamiliesExW
ExtCreateRegion
SetTextAlign
SetBrushOrgEx
RectVisible
CreateCompatibleDC
CreateFontW
CreateDCW
SelectPalette
ScaleViewportExtEx
CreateRectRgn
SelectObject
SetPolyFillMode
GetDeviceCaps
SetWindowExtEx
CreateSolidBrush
SetPixelV
SetBkColor
SetViewportExtEx
CreateCompatibleBitmap
ImmReleaseContext
ImmGetContext
GetStdHandle
FileTimeToDosDateTime
ReleaseMutex
FileTimeToSystemTime
GetComputerNameA
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
HeapDestroy
GetFileAttributesW
lstrcmpW
GetLocalTime
FreeEnvironmentStringsA
CreatePipe
GetCurrentProcess
GetDriveTypeW
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
lstrcatA
UnhandledExceptionFilter
ExpandEnvironmentStringsA
SetErrorMode
GetLogicalDrives
GetFileInformationByHandle
GetLocaleInfoW
EnumResourceLanguagesW
GetFileTime
GetTempPathA
WideCharToMultiByte
lstrcmpiA
GetStringTypeA
GetSystemTimeAsFileTime
InterlockedExchange
WriteFile
MoveFileA
SetStdHandle
GlobalMemoryStatusEx
HeapReAlloc
GetStringTypeW
SetFileAttributesA
FreeLibrary
LocalFree
FormatMessageW
ResumeThread
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
MoveFileW
GetFullPathNameW
GetStringTypeExA
WritePrivateProfileStringW
SetLastError
GetUserDefaultUILanguage
GetSystemTime
DeviceIoControl
CopyFileW
GetUserDefaultLangID
GetModuleFileNameW
CopyFileA
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
GetConsoleFontSize
HeapSetInformation
SetProcessWorkingSetSize
GetVolumeInformationA
LoadLibraryExA
GetPrivateProfileStringA
SetThreadPriority
GetVolumeInformationW
TlsGetValue
MultiByteToWideChar
SetFilePointerEx
GetSystemPowerStatus
GetProfileIntA
GetModuleHandleA
CreateThread
GetSystemDirectoryW
GetSystemDefaultUILanguage
DeleteCriticalSection
GetExitCodeThread
GlobalAddAtomA
CreateSemaphoreW
ConvertDefaultLocale
CreateMutexW
MulDiv
ExitThread
SetEnvironmentVariableA
SetPriorityClass
TerminateProcess
FindCloseChangeNotification
SetUnhandledExceptionFilter
WriteConsoleA
SetCurrentDirectoryW
VirtualQuery
LocalFileTimeToFileTime
GetDiskFreeSpaceExW
SetEndOfFile
GetVersion
LeaveCriticalSection
HeapCreate
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetVersionExW
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetVersionExA
RtlUnwind
LocalLock
GlobalSize
GetStartupInfoA
UnlockFile
SystemTimeToFileTime
WinExec
GetFileSize
GetTimeZoneInformation
OpenProcess
GetPrivateProfileIntA
CreateDirectoryA
DeleteFileA
IsValidCodePage
GetWindowsDirectoryA
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
GetTempFileNameW
CreateFileMappingW
CompareStringW
GetFileSizeEx
GlobalReAlloc
RemoveDirectoryW
ExpandEnvironmentStringsW
lstrcmpA
FindNextFileW
FormatMessageA
GetDiskFreeSpaceA
CompareStringA
GetTempFileNameA
CreateFileMappingA
FindFirstFileW
DuplicateHandle
WaitForMultipleObjects
GlobalLock
SetEvent
CreateEventW
CreateFileW
IsDebuggerPresent
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LocalUnlock
InterlockedIncrement
GetLastError
GetNumberFormatA
DosDateTimeToFileTime
LCMapStringW
FindFirstChangeNotificationA
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
GetShortPathNameA
GetCPInfo
OpenFile
FileTimeToLocalFileTime
SizeofResource
CompareFileTime
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
HeapQueryInformation
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
SuspendThread
QueryPerformanceFrequency
ReleaseSemaphore
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
GlobalFlags
SearchPathA
CloseHandle
lstrcpynA
GetACP
GetModuleHandleW
FreeResource
GetFileAttributesExW
GetEnvironmentStrings
CreateProcessA
GetCurrentDirectoryW
UnmapViewOfFile
FindResourceW
VirtualFree
Sleep
FindNextChangeNotification
GetFileAttributesExA
VirtualAlloc
GetFullPathNameA
GetOEMCP
ResetEvent
VarUI4FromStr
VariantChangeType
LoadRegTypeLib
SafeArrayGetLBound
SafeArrayGetElement
UnRegisterTypeLib
RegisterTypeLib
SafeArrayGetDim
SystemTimeToVariantTime
VariantClear
SysAllocString
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetVartype
VariantTimeToSystemTime
LoadTypeLib
SysFreeString
SafeArrayCopy
VariantInit
SysStringLen
GetModuleBaseNameW
EnumProcesses
EnumProcessModules
SHGetFolderLocation
SHQueryRecycleBinW
SHEmptyRecycleBinW
SHCreateDirectoryExW
SHBrowseForFolderW
DragQueryFileW
SHFileOperationW
SHGetDesktopFolder
SHGetPathFromIDListW
ExtractIconExW
Shell_NotifyIconW
SHGetSpecialFolderPathW
SHGetMalloc
CommandLineToArgvW
DragFinish
PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW
SHCopyKeyW
PathIsUNCW
PathQuoteSpacesW
StrStrIW
PathAppendW
PathFindExtensionW
PathStripToRootW
PathMakeSystemFolderW
PathCombineW
PathUnmakeSystemFolderW
RedrawWindow
GetMessagePos
RegisterWindowMessageW
UnregisterHotKey
SetMenuItemBitmaps
LoadBitmapW
SetRectEmpty
DestroyMenu
PostQuitMessage
GetForegroundWindow
SetWindowPos
IsWindow
GrayStringW
EndPaint
WindowFromPoint
GetMessageTime
SetMenuItemInfoW
SetActiveWindow
GetDC
GetAsyncKeyState
ReleaseDC
GetDlgCtrlID
GetMenu
UnregisterClassA
SendMessageA
UnregisterClassW
GetClassInfoW
GetMenuItemInfoW
DefWindowProcW
AllowSetForegroundWindow
DrawTextW
GetNextDlgTabItem
InSendMessage
CallNextHookEx
LoadImageW
GetActiveWindow
RegisterHotKey
MapVirtualKeyExW
EnumClipboardFormats
GetWindowTextLengthW
MsgWaitForMultipleObjects
GetTopWindow
PtInRect
DrawEdge
GetClassInfoExW
UpdateWindow
GetPropW
EqualRect
EnumWindows
CreateCaret
GetWindowTextW
GetMessageW
ShowWindow
GetCaretPos
DrawFrameControl
SetPropW
GetDesktopWindow
PeekMessageW
SetWindowsHookExW
EnableWindow
CharUpperW
MapWindowPoints
LoadIconW
TranslateMessage
IsWindowEnabled
GetWindow
DestroyCaret
RegisterClassW
GetIconInfo
LoadAcceleratorsW
LoadStringA
SetParent
SetClipboardData
CharLowerA
GetWindowPlacement
LoadStringW
SetWindowLongW
IsIconic
TrackPopupMenuEx
DrawFocusRect
SetTimer
IsDialogMessageW
FillRect
MonitorFromPoint
CopyRect
DeferWindowPos
GetDialogBaseUnits
CreateWindowExW
TabbedTextOutW
GetWindowLongW
GetCursorPos
GetMenuStringW
DragDetect
SetFocus
VkKeyScanExW
GetMonitorInfoW
BeginPaint
OffsetRect
SetCaretPos
ReleaseCapture
KillTimer
TrackMouseEvent
GetComboBoxInfo
CharPrevW
TranslateAcceleratorW
GetClipboardData
GetParent
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
GetWindowRect
InflateRect
SetCapture
DrawIcon
EnumChildWindows
IntersectRect
SendDlgItemMessageW
PostMessageW
InvalidateRect
CheckDlgButton
CreatePopupMenu
CheckMenuItem
GetSubMenu
GetClassLongW
GetLastActivePopup
SetWindowTextW
GetDlgItem
RemovePropW
BringWindowToTop
ClientToScreen
GetScrollInfo
TrackPopupMenu
PostThreadMessageW
GetMenuItemCount
GetMenuState
ShowOwnedPopups
LoadCursorW
GetSystemMenu
ReuseDDElParam
GetMenuItemID
InsertMenuW
SetForegroundWindow
GetClientRect
OpenClipboard
EmptyClipboard
GetCaretBlinkTime
CreateDialogIndirectParamW
DrawTextExW
SetLayeredWindowAttributes
EndDialog
GetKeyboardLayout
FindWindowW
GetCapture
ScreenToClient
MessageBeep
LoadMenuW
RemoveMenu
GetWindowThreadProcessId
GetSysColorBrush
BeginDeferWindowPos
MessageBoxW
SendMessageW
RegisterClassExW
SetMenu
MoveWindow
DialogBoxIndirectParamW
AppendMenuW
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
DispatchMessageW
RegisterClipboardFormatW
GetKeyState
EndDeferWindowPos
SystemParametersInfoA
UpdateLayeredWindow
GetDoubleClickTime
DestroyIcon
EnumDisplayMonitors
IsWindowVisible
WinHelpW
UnpackDDElParam
SystemParametersInfoW
MonitorFromWindow
FrameRect
SetRect
DeleteMenu
MonitorFromRect
CharNextW
CallWindowProcW
GetClassNameW
DestroyWindow
ModifyMenuW
ValidateRect
IsRectEmpty
GetFocus
InsertMenuItemW
CloseClipboard
SetCursor
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
VerQueryValueW
InternetTimeFromSystemTimeW
HttpQueryInfoW
InternetGetLastResponseInfoW
InternetConnectW
InternetReadFile
InternetCloseHandle
InternetTimeToSystemTimeW
InternetGetConnectedState
InternetErrorDlg
HttpSendRequestW
InternetOpenW
InternetSetOptionW
HttpOpenRequestW
HttpAddRequestHeadersW
mixerGetLineControlsW
mixerGetControlDetailsW
mciGetErrorStringW
mixerOpen
mixerSetControlDetails
mciSendCommandW
mixerClose
PlaySoundA
mixerGetDevCapsW
mixerGetLineInfoW
GdipDrawImageRectRect
GdipGetFontStyle
GdipDrawRectangleI
GdipCreateLineBrushFromRectWithAngleI
GdipSaveGraphics
GdipGetGenericFontFamilySansSerif
GdipTranslateMatrix
GdipDrawImageRectRectI
GdipCreateBitmapFromScan0
GdipGetImageVerticalResolution
GdipDisposeImage
GdipImageSelectActiveFrame
GdipGetFamilyName
GdipGetFontSize
GdipGetCompositingMode
GdipGetTextRenderingHint
GdipGetCellAscent
GdipGetClipBounds
GdipSetStringFormatAlign
GdipImageGetFrameCount
GdipGetImageWidth
GdipDrawImageI
GdipStringFormatGetGenericTypographic
GdipCreateFont
GdipCloneBrush
GdipCloneStringFormat
GdipSetClipRect
GdipFree
GdipGetImageRawFormat
GdipGetImageHeight
GdipDeleteStringFormat
GdipTranslateWorldTransform
GdipSetPenDashStyle
GdipSetTextRenderingHint
GdipCreateBitmapFromHICON
GdipGetImageHorizontalResolution
GdipSetImageAttributesColorMatrix
GdipSaveImageToFile
GdipMeasureString
GdipTransformMatrixPoints
GdipSetPenBrushFill
GdipBitmapSetResolution
GdiplusStartup
GdipGetFamily
GdipFillPath
GdipCreateBitmapFromStream
GdipGetImageThumbnail
GdipGetImageEncoders
GdipFillRectangleI
GdipDisposeImageAttributes
GdipSetCompositingMode
GdipClosePathFigure
GdipCreateMatrix
GdipDrawLine
GdipRotateMatrix
GdipGetImageGraphicsContext
GdipRestoreGraphics
GdipGetImageEncodersSize
GdipBitmapLockBits
GdipClonePen
GdipGetCellDescent
GdipStringFormatGetGenericDefault
GdipDrawPath
GdipDeleteFontFamily
GdipCloneFontFamily
GdipCreatePath
GdipBitmapUnlockBits
GdipFillRectangle
GdipDeleteFont
GdipSetPixelOffsetMode
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipDrawLineI
GdipBitmapGetPixel
GdipCreateFontFamilyFromName
GdipSetStringFormatFlags
GdipDeleteBrush
GdipRotateWorldTransform
GdipInvertMatrix
GdipAddPathArcI
GdipSetMatrixElements
GdipSetClipRectI
GdipGetStringFormatFlags
GdipGetClipBoundsI
GdipGetImagePixelFormat
GdipCreateSolidFill
GdipSetSmoothingMode
GdipSetStringFormatTrimming
GdipGetEmHeight
GdipGetDC
GdipDeleteMatrix
GdipGetLineSpacing
GdipDeleteGraphics
GdipTransformPath
GdipCreateImageAttributes
GdipCreateFromHDC
GdipCreatePen1
GdipDrawRectangle
GdipAlloc
GdipDeletePath
GdipDeletePen
GdipSetInterpolationMode
GdipDrawString
GdipCloneImage
GdipReleaseDC
_except_handler3
_CIsin
free
exit
calloc
_exit
_wtoi
__set_app_type
CreateStreamOnHGlobal
OleLockRunning
CoRegisterClassObject
CoInitialize
CoTaskMemAlloc
CoRevokeClassObject
CoLockObjectExternal
OleSetContainedObject
CoTaskMemRealloc
CoCreateInstance
RegisterDragDrop
CLSIDFromProgID
RevokeDragDrop
CoUninitialize
CoCreateInstanceEx
CoCreateGuid
CoTaskMemFree
CLSIDFromString
StringFromGUID2
OleInitialize
SnmpUtilOidCpy
SnmpUtilOidNCmp
SnmpUtilVarBindFree
CreateURLMonikerEx
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
15.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.1.7601.17514

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Unicode

InitializedDataSize
41984

EntryPoint
0x1e000

OriginalFileName
WAB.EXE

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
6.1.7601.17514 (win7sp1_rtm.101119-1850)

TimeStamp
2016:09:19 08:06:40+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
WAB.EXE

ProductVersion
6.1.7601.17514

FileDescription
Windows Contacts

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
118784

ProductName
Microsoft Windows Operating System

ProductVersionNumber
6.1.7601.17514

FileTypeExtension
dll

ObjectFileType
Executable application

File identification
MD5 f8865b8a4ed8296d75577708ea1f98c7
SHA1 a98b2b10d781a8f10e982f640e35b0927f4c7bbc
SHA256 498811496cb62280f8eabe9fb345b2edc41d99886a4af319f2585fa8ebdc932b
ssdeep
3072:BDQEsQCZz5nRaGKeH0lPji7++gfTjMBTFFUYfvEoxAqaUkGS50fMG/HH:BD2Zz54GKe17+vTjsO/GQ

authentihash 0a915c3cb686330cfb5caeee40117f2494997bc50a25181238d6550aca0263a5
imphash 8ccc21a2702ff384165acbaced07de25
File size 154.5 KB ( 158208 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
pedll

VirusTotal metadata
First submission 2016-09-19 08:33:32 UTC ( 1 year, 1 month ago )
Last submission 2016-09-19 08:54:24 UTC ( 1 year, 1 month ago )
File names kIBF2Bu8R0Snnb.dll
WAB.EXE
U71a1foqTx.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!