home

MousePhone.dll

BT Mouse Phone

LLC Mail.Ru

The module MousePhone.dll by LLC Mail.Ru has been detected as a potentially unwanted program by 4 anti-malware scanners.
Publisher:
LLC Mail.Ru  (signed and verified)

Product:
BT Mouse Phone

Version:
1, 0, 0, 0

MD5:
87c42d17ebe5f6661756228efa5aa8d3

SHA-1:
0035afa4d0b046a1ffec3878e2b95d835ce97757

SHA-256:
3a26ae61794be84afc36829cb01b76e1fee074e2530080221d2034a3cdebd43e

Scanner detections:
4 / 68

Status:
Potentially unwanted

Analysis date:
4/24/2024 12:14:31 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
Generic
2015.0.3363

Emsisoft Anti-Malware
Gen:Trojan.Heur.Lq0@uKW8zEk
8.14.09.02.06

Reason Heuristics
PUP.Optional.MailRu.K
14.9.2.22

Trend Micro House Call
TROJ_GEN.F47V0817
7.2.245

File size:
54.5 KB (55,840 bytes)

Product version:
1, 0, 0, 0

Copyright:
Copyright ? 2006

Original file name:
MousePhone.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\roaming\mail.ru\agent\mra\dll\mousephone.dll

Digital Signature
Signed by:
LLC Mail.Ru

Authority:
Thawte, Inc.

Valid from:
3/19/2014 7:00:00 AM

Valid to:
3/20/2015 6:59:59 AM

Subject:
CN=LLC Mail.Ru, O=LLC Mail.Ru, L=Moscow, S=Moscow, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
7BB5DEC99F34595AADEB59E1E5A0BD73

File PE Metadata
Compilation timestamp:
10/26/2006 11:36:49 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:4bRP2D6690EWnrf6dzbZmAZT6ePcPAnNUw3nq9m3NeldMfGYCo:y8nW8tXT6ePV3hslCG

Entry address:
0x3461

Entry point:
55, 8B, EC, 53, 8B, 5D, 08, 56, 8B, 75, 0C, 57, 8B, 7D, 10, 85, F6, 75, 09, 83, 3D, 60, 96, 00, 10, 00, EB, 26, 83, FE, 01, 74, 05, 83, FE, 02, 75, 22, A1, FC, 9B, 00, 10, 85, C0, 74, 09, 57, 56, 53, FF, D0, 85, C0, 74, 0C, 57, 56, 53, E8, E7, FE, FF, FF, 85, C0, 75, 04, 33, C0, EB, 4E, 57, 56, 53, E8, 4F, DB, FF, FF, 83, FE, 01, 89, 45, 0C, 75, 0C, 85, C0, 75, 37, 57, 50, 53, E8, C3, FE, FF, FF, 85, F6, 74, 05, 83, FE, 03, 75, 26, 57, 56, 53, E8, B2, FE, FF, FF, 85, C0, 75, 03, 21, 45, 0C, 83, 7D, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
24 KB (24,576 bytes)

Remove MousePhone.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.