× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e5bea6e469ea2eb935799f2eaf92c637f609ae57030bf7c8f9f32a070316e7e2
File name: DOOUmSxSHWvuy0.dll.xxx
Detection ratio: 15 / 56
Analysis date: 2016-09-20 11:48:47 UTC ( 1 year, 2 months ago )
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Locky.N2109589772 20160920
AVware LooksLike.Win32.InfectedFile!B (v) 20160920
Baidu Win32.Trojan.WisdomEyes.151026.9950.9999 20160920
Bkav HW32.Packed.D055 20160919
CAT-QuickHeal Ransom.Locky.WR6 20160920
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20160725
Sophos ML trojan.win32.dorv.c!rfn 20160917
Kaspersky UDS:DangerousObject.Multi.Generic 20160920
McAfee-GW-Edition BehavesLike.Win32.Ramnit.cc 20160920
Panda Trj/Genetic.gen 20160919
Qihoo-360 HEUR/QVM39.1.0000.Malware.Gen 20160920
Rising Malware.Generic!ZxEJHEGiF0V@1 (thunder) 20160920
Symantec Heur.AdvML.B 20160920
Tencent Win32.Trojan.Raas.Auto 20160920
VIPRE LooksLike.Win32.InfectedFile!B (v) 20160920
Ad-Aware 20160920
AegisLab 20160920
Alibaba 20160920
ALYac 20160920
Antiy-AVL 20160920
Arcabit 20160920
Avast 20160920
AVG 20160920
Avira (no cloud) 20160920
BitDefender 20160920
ClamAV 20160920
CMC 20160916
Comodo 20160919
Cyren 20160920
DrWeb 20160920
Emsisoft 20160920
ESET-NOD32 20160920
F-Prot 20160920
F-Secure 20160920
Fortinet 20160920
GData 20160920
Ikarus 20160920
Jiangmin 20160920
K7AntiVirus 20160920
K7GW 20160920
Kingsoft 20160920
Malwarebytes 20160920
McAfee 20160920
Microsoft 20160920
eScan 20160920
NANO-Antivirus 20160920
nProtect 20160920
Sophos AV 20160920
SUPERAntiSpyware 20160919
TheHacker 20160920
TrendMicro 20160920
TrendMicro-HouseCall 20160920
VBA32 20160919
ViRobot 20160920
Yandex 20160919
Zillya 20160920
Zoner 20160920
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name WAB.DLL
Internal name WAB.DLL
File version 6.1.601.17514 (win7sp1_rtm.101119-1850)
Description Windows Contacts
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-09-20 06:08:27
Entry Point 0x0001E000
Number of sections 6
PE sections
PE imports
CryptDestroyKey
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW
RegQueryValueExA
RegCreateKeyW
OpenServiceW
ControlService
CryptVerifySignatureW
LookupPrivilegeValueW
RegOpenKeyExW
RegRestoreKeyW
DeleteService
CryptHashData
RegDeleteValueW
RegQueryValueExW
CryptCreateHash
CloseServiceHandle
RegisterEventSourceW
OpenProcessToken
DeregisterEventSource
RegEnumKeyW
SetTokenInformation
RegOpenKeyW
RegOpenKeyExA
RegQueryValueW
GetTokenInformation
DuplicateTokenEx
CryptReleaseContext
SetServiceStatus
QueryServiceStatusEx
RegQueryInfoKeyW
RegEnumKeyExW
OpenThreadToken
GetUserNameA
BuildExplicitAccessWithNameW
GetNamedSecurityInfoW
CreateProcessAsUserW
CryptDestroyHash
CryptAcquireContextW
CryptGetUserKey
SetEntriesInAclW
RevertToSelf
StartServiceW
RegSetValueExW
EnumDependentServicesW
OpenSCManagerW
ReportEventW
RegisterServiceCtrlHandlerExW
StartServiceCtrlDispatcherW
CreateServiceW
ChangeServiceConfigW
SetNamedSecurityInfoW
GetSaveFileNameW
GetFileTitleW
CommDlgExtendedError
SetGraphicsMode
Polygon
TextOutW
CreateFontIndirectW
Ellipse
GetGlyphOutlineW
CreatePen
SaveDC
GdiFlush
GetTextMetricsA
CombineRgn
GetClipBox
ModifyWorldTransform
GetPixel
SelectClipRgn
Rectangle
SetMapMode
GetBrushOrgEx
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetBkMode
GetCharacterPlacementW
CreateBitmap
SetWorldTransform
DeleteObject
GetObjectW
BitBlt
CreateDIBSection
RealizePalette
SetTextColor
CreatePatternBrush
GetBkColor
GetClipRgn
ExtTextOutW
GetOutlineTextMetricsA
GetTextExtentPoint32W
Escape
CreatePalette
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
GetFontData
PtVisible
GetDIBits
EnumFontFamiliesExW
ExtCreateRegion
SetTextAlign
SetBrushOrgEx
RectVisible
CreateCompatibleDC
CreateFontW
CreateDCW
SelectPalette
ScaleViewportExtEx
CreateRectRgn
SelectObject
SetPolyFillMode
GetDeviceCaps
SetWindowExtEx
CreateSolidBrush
SetPixelV
SetBkColor
SetViewportExtEx
CreateCompatibleBitmap
ImmReleaseContext
ImmGetContext
GetStdHandle
FileTimeToDosDateTime
ReleaseMutex
FileTimeToSystemTime
GetComputerNameA
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
HeapDestroy
GetFileAttributesW
lstrcmpW
GetLocalTime
FreeEnvironmentStringsA
CreatePipe
GetCurrentProcess
GetDriveTypeW
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
lstrcatA
UnhandledExceptionFilter
ExpandEnvironmentStringsA
SetErrorMode
GetLogicalDrives
GetFileInformationByHandle
GetLocaleInfoW
EnumResourceLanguagesW
GetFileTime
GetTempPathA
WideCharToMultiByte
lstrcmpiA
GetStringTypeA
GetSystemTimeAsFileTime
InterlockedExchange
WriteFile
MoveFileA
SetStdHandle
GlobalMemoryStatusEx
HeapReAlloc
GetStringTypeW
SetFileAttributesA
FreeLibrary
LocalFree
FormatMessageW
ResumeThread
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
MoveFileW
GetFullPathNameW
GetStringTypeExA
WritePrivateProfileStringW
SetLastError
GetUserDefaultUILanguage
GetSystemTime
DeviceIoControl
CopyFileW
GetUserDefaultLangID
GetModuleFileNameW
CopyFileA
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
HeapSetInformation
SetProcessWorkingSetSize
GetVolumeInformationA
LoadLibraryExA
GetPrivateProfileStringA
SetThreadPriority
GetVolumeInformationW
TlsGetValue
MultiByteToWideChar
SetFilePointerEx
GetSystemPowerStatus
GetProfileIntA
GetModuleHandleA
CreateThread
GetSystemDirectoryW
GetSystemDefaultUILanguage
DeleteCriticalSection
GetExitCodeThread
GlobalAddAtomA
CreateSemaphoreW
ConvertDefaultLocale
CreateMutexW
MulDiv
ExitThread
SetEnvironmentVariableA
SetPriorityClass
TerminateProcess
FindCloseChangeNotification
SetUnhandledExceptionFilter
WriteConsoleA
SetCurrentDirectoryW
VirtualQuery
LocalFileTimeToFileTime
GetDiskFreeSpaceExW
SetEndOfFile
GetVersion
LeaveCriticalSection
HeapCreate
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetVersionExW
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetVersionExA
RtlUnwind
LocalLock
GlobalSize
GetStartupInfoA
UnlockFile
SystemTimeToFileTime
WinExec
GetFileSize
GetTimeZoneInformation
OpenProcess
GetPrivateProfileIntA
CreateDirectoryA
DeleteFileA
IsValidCodePage
GetWindowsDirectoryA
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
GetTempFileNameW
CreateFileMappingW
CompareStringW
GetFileSizeEx
GlobalReAlloc
RemoveDirectoryW
ExpandEnvironmentStringsW
lstrcmpA
FindNextFileW
FormatMessageA
GetDiskFreeSpaceA
CompareStringA
GetTempFileNameA
CreateFileMappingA
FindFirstFileW
DuplicateHandle
WaitForMultipleObjects
GlobalLock
SetEvent
CreateEventW
CreateFileW
GetConsoleWindow
IsDebuggerPresent
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LocalUnlock
InterlockedIncrement
GetLastError
GetNumberFormatA
DosDateTimeToFileTime
LCMapStringW
FindFirstChangeNotificationA
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
GetShortPathNameA
GetCPInfo
OpenFile
FileTimeToLocalFileTime
SizeofResource
CompareFileTime
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
HeapQueryInformation
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
SuspendThread
QueryPerformanceFrequency
ReleaseSemaphore
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
GlobalFlags
SearchPathA
CloseHandle
lstrcpynA
GetACP
GetModuleHandleW
FreeResource
GetFileAttributesExW
GetEnvironmentStrings
CreateProcessA
GetCurrentDirectoryW
UnmapViewOfFile
FindResourceW
VirtualFree
Sleep
FindNextChangeNotification
GetFileAttributesExA
VirtualAlloc
GetFullPathNameA
GetOEMCP
ResetEvent
VarUI4FromStr
VariantChangeType
LoadRegTypeLib
SafeArrayGetLBound
SafeArrayGetElement
UnRegisterTypeLib
RegisterTypeLib
SafeArrayGetDim
SystemTimeToVariantTime
VariantClear
SysAllocString
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetVartype
VariantTimeToSystemTime
LoadTypeLib
SysFreeString
SafeArrayCopy
VariantInit
SysStringLen
GetModuleBaseNameW
EnumProcesses
EnumProcessModules
SHGetFolderLocation
SHQueryRecycleBinW
SHEmptyRecycleBinW
SHCreateDirectoryExW
SHBrowseForFolderW
DragQueryFileW
SHFileOperationW
SHGetDesktopFolder
SHGetPathFromIDListW
ExtractIconExW
Shell_NotifyIconW
SHGetSpecialFolderPathW
SHGetMalloc
CommandLineToArgvW
DragFinish
PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW
SHCopyKeyW
PathIsUNCW
PathQuoteSpacesW
StrStrIW
PathAppendW
PathFindExtensionW
PathStripToRootW
PathMakeSystemFolderW
PathCombineW
PathUnmakeSystemFolderW
RedrawWindow
GetMessagePos
RegisterWindowMessageW
UnregisterHotKey
SetMenuItemBitmaps
LoadBitmapW
SetRectEmpty
DestroyMenu
PostQuitMessage
GetForegroundWindow
SetWindowPos
IsWindow
GrayStringW
EndPaint
WindowFromPoint
GetMessageTime
SetMenuItemInfoW
SetActiveWindow
GetDC
GetAsyncKeyState
ReleaseDC
GetDlgCtrlID
GetMenu
UnregisterClassA
SendMessageA
UnregisterClassW
GetClassInfoW
GetMenuItemInfoW
DefWindowProcW
AllowSetForegroundWindow
DrawTextW
GetNextDlgTabItem
InSendMessage
CallNextHookEx
LoadImageW
GetActiveWindow
RegisterHotKey
MapVirtualKeyExW
EnumClipboardFormats
GetWindowTextLengthW
MsgWaitForMultipleObjects
GetTopWindow
PtInRect
DrawEdge
GetClassInfoExW
UpdateWindow
GetPropW
EqualRect
EnumWindows
CreateCaret
GetWindowTextW
GetMessageW
ShowWindow
GetCaretPos
DrawFrameControl
SetPropW
GetDesktopWindow
PeekMessageW
SetWindowsHookExW
EnableWindow
CharUpperW
MapWindowPoints
LoadIconW
TranslateMessage
IsWindowEnabled
GetWindow
DestroyCaret
RegisterClassW
GetIconInfo
LoadAcceleratorsW
LoadStringA
SetParent
SetClipboardData
CharLowerA
GetWindowPlacement
LoadStringW
SetWindowLongW
IsIconic
TrackPopupMenuEx
DrawFocusRect
SetTimer
IsDialogMessageW
FillRect
MonitorFromPoint
CopyRect
DeferWindowPos
GetDialogBaseUnits
CreateWindowExW
TabbedTextOutW
GetWindowLongW
GetCursorPos
GetMenuStringW
DragDetect
SetFocus
VkKeyScanExW
GetMonitorInfoW
BeginPaint
OffsetRect
SetCaretPos
ReleaseCapture
KillTimer
TrackMouseEvent
GetComboBoxInfo
CharPrevW
TranslateAcceleratorW
GetClipboardData
GetParent
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
GetWindowRect
InflateRect
SetCapture
DrawIcon
EnumChildWindows
IntersectRect
SendDlgItemMessageW
PostMessageW
InvalidateRect
CheckDlgButton
CreatePopupMenu
CheckMenuItem
GetSubMenu
GetClassLongW
GetLastActivePopup
SetWindowTextW
GetDlgItem
RemovePropW
BringWindowToTop
ClientToScreen
GetScrollInfo
TrackPopupMenu
PostThreadMessageW
GetMenuItemCount
GetMenuState
ShowOwnedPopups
LoadCursorW
GetSystemMenu
ReuseDDElParam
GetMenuItemID
InsertMenuW
SetForegroundWindow
GetClientRect
OpenClipboard
EmptyClipboard
GetCaretBlinkTime
CreateDialogIndirectParamW
DrawTextExW
SetLayeredWindowAttributes
EndDialog
GetKeyboardLayout
FindWindowW
GetCapture
ScreenToClient
MessageBeep
LoadMenuW
RemoveMenu
GetWindowThreadProcessId
GetSysColorBrush
BeginDeferWindowPos
MessageBoxW
SendMessageW
RegisterClassExW
SetMenu
MoveWindow
DialogBoxIndirectParamW
AppendMenuW
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
DispatchMessageW
RegisterClipboardFormatW
GetKeyState
EndDeferWindowPos
SystemParametersInfoA
UpdateLayeredWindow
GetDoubleClickTime
DestroyIcon
EnumDisplayMonitors
IsWindowVisible
WinHelpW
UnpackDDElParam
SystemParametersInfoW
MonitorFromWindow
FrameRect
SetRect
DeleteMenu
MonitorFromRect
CharNextW
CallWindowProcW
GetClassNameW
DestroyWindow
ModifyMenuW
ValidateRect
IsRectEmpty
GetFocus
InsertMenuItemW
CloseClipboard
SetCursor
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
VerQueryValueW
InternetTimeFromSystemTimeW
HttpQueryInfoW
InternetGetLastResponseInfoW
InternetConnectW
InternetReadFile
InternetCloseHandle
InternetTimeToSystemTimeW
InternetGetConnectedState
InternetErrorDlg
HttpSendRequestW
InternetOpenW
InternetSetOptionW
HttpOpenRequestW
HttpAddRequestHeadersW
mixerGetLineControlsW
mixerGetControlDetailsW
mciGetErrorStringW
mixerOpen
mixerSetControlDetails
mciSendCommandW
mixerClose
PlaySoundA
mixerGetDevCapsW
mixerGetLineInfoW
GdipDrawImageRectRect
GdipGetFontStyle
GdipDrawRectangleI
GdipCreateLineBrushFromRectWithAngleI
GdipSaveGraphics
GdipGetGenericFontFamilySansSerif
GdipTranslateMatrix
GdipDrawImageRectRectI
GdipCreateBitmapFromScan0
GdipGetImageVerticalResolution
GdipDisposeImage
GdipImageSelectActiveFrame
GdipGetFamilyName
GdipGetFontSize
GdipGetCompositingMode
GdipGetTextRenderingHint
GdipGetCellAscent
GdipGetClipBounds
GdipSetStringFormatAlign
GdipImageGetFrameCount
GdipGetImageWidth
GdipDrawImageI
GdipStringFormatGetGenericTypographic
GdipCreateFont
GdipCloneBrush
GdipCloneStringFormat
GdipSetClipRect
GdipFree
GdipGetImageRawFormat
GdipGetImageHeight
GdipDeleteStringFormat
GdipTranslateWorldTransform
GdipSetPenDashStyle
GdipSetTextRenderingHint
GdipCreateBitmapFromHICON
GdipGetImageHorizontalResolution
GdipSetImageAttributesColorMatrix
GdipSaveImageToFile
GdipMeasureString
GdipTransformMatrixPoints
GdipSetPenBrushFill
GdipBitmapSetResolution
GdiplusStartup
GdipGetFamily
GdipFillPath
GdipCreateBitmapFromStream
GdipGetImageThumbnail
GdipGetImageEncoders
GdipFillRectangleI
GdipDisposeImageAttributes
GdipSetCompositingMode
GdipClosePathFigure
GdipCreateMatrix
GdipDrawLine
GdipRotateMatrix
GdipGetImageGraphicsContext
GdipRestoreGraphics
GdipGetImageEncodersSize
GdipBitmapLockBits
GdipClonePen
GdipGetCellDescent
GdipStringFormatGetGenericDefault
GdipDrawPath
GdipDeleteFontFamily
GdipCloneFontFamily
GdipCreatePath
GdipBitmapUnlockBits
GdipFillRectangle
GdipDeleteFont
GdipSetPixelOffsetMode
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipDrawLineI
GdipBitmapGetPixel
GdipCreateFontFamilyFromName
GdipSetStringFormatFlags
GdipDeleteBrush
GdipRotateWorldTransform
GdipInvertMatrix
GdipAddPathArcI
GdipSetMatrixElements
GdipSetClipRectI
GdipGetStringFormatFlags
GdipGetClipBoundsI
GdipGetImagePixelFormat
GdipCreateSolidFill
GdipSetSmoothingMode
GdipSetStringFormatTrimming
GdipGetEmHeight
GdipGetDC
GdipDeleteMatrix
GdipGetLineSpacing
GdipDeleteGraphics
GdipTransformPath
GdipCreateImageAttributes
GdipCreateFromHDC
GdipCreatePen1
GdipDrawRectangle
GdipAlloc
GdipDeletePath
GdipDeletePen
GdipSetInterpolationMode
GdipDrawString
GdipCloneImage
GdipReleaseDC
_except_handler3
_CIsin
free
exit
calloc
_exit
_wtoi
__set_app_type
CreateStreamOnHGlobal
OleLockRunning
CoRegisterClassObject
CoInitialize
CoTaskMemAlloc
CoRevokeClassObject
CoLockObjectExternal
OleSetContainedObject
CoTaskMemRealloc
CoCreateInstance
RegisterDragDrop
CLSIDFromProgID
RevokeDragDrop
CoUninitialize
CoCreateInstanceEx
CoCreateGuid
CoTaskMemFree
CLSIDFromString
StringFromGUID2
OleInitialize
SnmpUtilOidCpy
SnmpUtilOidNCmp
SnmpUtilVarBindFree
CreateURLMonikerEx
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
15.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.1.601.17514

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Unicode

InitializedDataSize
41984

EntryPoint
0x1e000

OriginalFileName
WAB.DLL

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
6.1.601.17514 (win7sp1_rtm.101119-1850)

TimeStamp
2016:09:20 07:08:27+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
WAB.DLL

ProductVersion
6.1.601.17514

FileDescription
Windows Contacts

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
117248

ProductName
Microsoft Windows Operating System

ProductVersionNumber
6.1.601.17514

FileTypeExtension
dll

ObjectFileType
Executable application

File identification
MD5 0726d661a5eb30eb22a3131161f6a7d2
SHA1 251e833380f7c70bfeae931043060d78d70e83e2
SHA256 e5bea6e469ea2eb935799f2eaf92c637f609ae57030bf7c8f9f32a070316e7e2
ssdeep
3072:++fWAustMLMlJ1/mHx1JGKJ7zALqpSVdW1ZtHn8AzdeAqaUkGS50fv+:++DustMwlKxPnlzALqQVUNRzdx/G

authentihash 6236624612f82cd89c26c46f0327c3a15c2e54df9523e30c146fec01541b497f
imphash 022feaad18f231bc36821c70d5f4247a
File size 152.5 KB ( 156160 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (46.3%)
Win64 Executable (generic) (41.0%)
Win32 Executable (generic) (6.6%)
Generic Win/DOS Executable (2.9%)
DOS Executable Generic (2.9%)
Tags
pedll

VirusTotal metadata
First submission 2016-09-20 08:22:11 UTC ( 1 year, 2 months ago )
Last submission 2016-09-20 11:48:47 UTC ( 1 year, 2 months ago )
File names RwjjKUw5U4bU.dll
DOOUmSxSHWvuy0.dll.xxx
WAB.DLL
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!