abigail[.]dat | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abigail.dat
Size

324KB
MD5

c98b71997b4926c712920ca2dbed350c
SHA1

eaad594f82cda5112798398771c9f56ee57a419f
SHA256

f9fe73b87a148cbc9b725d0ae94636b8cee0599f28a9a639ddaccde4252589a6
SHA512

c8530b823e2c94940163f52d08193eb1d32d32fbce644b1084145949e52178bac43a2ee5def12c076da13be5c45fc457f5ec917535e85b542f3c3a82a0103b91
SSDEEP

6144:I0R3xbcJsI6Vg3heuA251OYB++i5UqHzQQnNhoEPfbt:IG3xoJcVHw1OY8+EHEQnNhoEnbt

Score

N/A

Malware Config

Signatures

Files

abigail.dat
.dll regsvr32 windows x86

0e1f77790f3663cd051d324d2aa4f42a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
FindFirstFileA
FindFirstFileW
GetFileAttributesA
GetFileAttributesW
GetFullPathNameW
SetFileAttributesW
SetUnhandledExceptionFilter
SetErrorMode
QueryPerformanceCounter
DeviceIoControl
LeaveCriticalSection
ReleaseSemaphore
ReleaseMutex
OpenMutexW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsFree
GetSystemInfo
GetLocalTime
GetVersion
GetSystemDirectoryW
GetWindowsDirectoryW
VirtualProtect
CreateFileMappingW
MapViewOfFileEx
VirtualLock
VirtualUnlock
FindResourceExW
GetModuleHandleA
GetModuleHandleW
LoadResource
CompareFileTime
LoadLibraryW
GlobalAlloc
LocalAlloc
SetCommMask
SetCommState
SetCommTimeouts
lstrcmpA
lstrcmpiA
lstrlenA
lstrlenW
CreateFileMappingA
IsBadWritePtr
IsBadStringPtrW
GetComputerNameA
GetComputerNameW
SystemTimeToFileTime
CloseHandle
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeW
GetFileType
GetStdHandle
GetProcessHeap
WriteConsoleW
ExpandEnvironmentStringsW
GetCommandLineA
VirtualAlloc
GetTickCount
ExitThread
WaitForSingleObject
CreateThread
DebugBreak
LoadLibraryA
GetModuleFileNameA
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
RaiseException
RtlUnwind
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsSetValue
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
DecodePointer
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP

user32

SendMessageA
DialogBoxParamA
GetWindow
FindWindowW
GetDesktopWindow
SetRect
GetSysColor
ScreenToClient
GetCursorPos
MessageBoxW
GetPropW
RedrawWindow
GetDC
SetForegroundWindow
GetSystemMetrics
SetClipboardData
OpenClipboard
UnregisterClassW
GetMessageTime
FindWindowA
EndDialog

gdi32

CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreateFontIndirectW
GetEnhMetaFileA
GetStockObject

advapi32

RegCloseKey
RegNotifyChangeKeyValue

ole32

CoCreateGuid
CoInitializeEx

shlwapi

PathGetDriveNumberA
PathFindSuffixArrayA
PathFindOnPathA
PathFindExtensionA
PathFileExistsA
StrToIntA
StrStrIA

Exports

Exports

DllRegisterServer
DllUnregisterServer
foreflap
tigua
typhlomolge

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e1f77790f3663cd051d324d2aa4f42a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

shlwapi

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 104KB

.data Size: 191KB - Virtual size: 190KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 104KB - Virtual size: 104KB

.data
Size: 191KB - Virtual size: 190KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 6KB - Virtual size: 6KB