97236fb90e8c9a98b1212174c727b20ba40d959ab76b0dd53660326c6460bbae

Sharing

Copy URL Twitter E-mail

General

Target

97236fb90e8c9a98b1212174c727b20ba40d959ab76b0dd53660326c6460bbae
Size

150KB
MD5

7ffe049a4c7f985f1fc92b7efff0a072
SHA1

c0cf7c81ba651c692de17c910562857d05ac0a95
SHA256

97236fb90e8c9a98b1212174c727b20ba40d959ab76b0dd53660326c6460bbae
SHA512

d36452061c8c23aae18869e8f3e3a41abdb9055a80a4499309f5ea74020eb3f43185fad0cb6d3103cb2eab73c8d97292e229ed18179b1a679c6026333f3626d4
SSDEEP

3072:rimg2S3WQ+JLWvhR7u4doqTKdQD46CToQX+oQ+5oqMEc:zg2mWJavHKgX47oK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97236fb90e8c9a98b1212174c727b20ba40d959ab76b0dd53660326c6460bbae

Files

97236fb90e8c9a98b1212174c727b20ba40d959ab76b0dd53660326c6460bbae
.dll windows:5 windows x86 arch:x86

f9a7d08f56f241006229c4033a1b4f42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\users\nvaccess\appdata\local\temp\tmpwuvgoj\nvdaHelper\build\x86\liblouis\liblouis.dll.pdb

Imports

kernel32

GetModuleHandleW
GetModuleFileNameW
GetLastError
HeapFree
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
Sleep
GetProcAddress
ExitProcess
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
VirtualAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
RtlUnwind
WideCharToMultiByte
CloseHandle
LoadLibraryA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
GetProcessHeap

Exports

Exports

lou_backTranslate
lou_backTranslateString
lou_charSize
lou_charToDots
lou_compileString
lou_dotsToChar
lou_free
lou_getDataPath
lou_getProgramPath
lou_getTable
lou_hyphenate
lou_logEnd
lou_logFile
lou_logPrint
lou_setDataPath
lou_translate
lou_translateString
lou_version

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9a7d08f56f241006229c4033a1b4f42

Headers

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 118KB - Virtual size: 118KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 5KB - Virtual size: 20KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 118KB - Virtual size: 118KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 5KB - Virtual size: 20KB

.reloc
Size: 11KB - Virtual size: 11KB