home

dhook_64.dll

Kakasoft Software Co. Ltd.

Publisher:
Kakasoft Software Co. Ltd.  (signed and verified)

Version:
1.0.0.0

MD5:
a63de442e448ba39bf04a1326da27fad

SHA-1:
7607193a1a3109d33450bc19871d384121a57a76

SHA-256:
1c5c593d0e1c74754d0e867ad781fc521061b63182a4fbc2902d6c99ec24ca46

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 5:08:21 AM UTC  (today)

File size:
586.5 KB (600,600 bytes)

Product version:
1.0.0.0

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\ProgramData\dhook_64.dll

Digital Signature
Signed by:
Kakasoft Software Co. Ltd.

Authority:
VeriSign, Inc.

Valid from:
12/11/2012 5:30:00 AM

Valid to:
12/12/2013 5:29:59 AM

Subject:
CN=Kakasoft Software Co. Ltd., OU=Technical department, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Kakasoft Software Co. Ltd., L=shenzhen, S=guangdong, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
26E6AF3C3910B77FF10FEB6186D4E032

File PE Metadata
Compilation timestamp:
2/26/2012 9:07:41 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:pMRN38tAw7ZCY8hpgC80dMS6qimG5sJ/eYBMauc33kwh:23GYDhpZ8896qHG5sRUIh

Entry address:
0x73AD0

Entry point:
55, 48, 81, EC, A0, 00, 00, 00, 48, 8B, EC, 48, 89, 4D, 38, 89, 55, 44, 4C, 89, 45, 48, 48, C7, 45, 50, 00, 00, 00, 00, 90, 48, 8D, 4D, 58, 48, 8D, 15, 46, A6, FF, FF, 4C, 8B, 45, 38, 44, 8B, 4D, 44, 48, 8B, 45, 48, 48, 89, 44, 24, 20, E8, 20, BE, F9, FF, 90, 48, C7, 05, 34, 69, 01, 00, 00, 00, 00, 00, 48, C7, 05, 31, 69, 01, 00, 00, 00, 00, 00, C7, 05, 2F, 69, 01, 00, 00, 00, 00, 00, 48, 8D, 4D, 50, 48, 8D, 15, B0, 00, 00, 00, 4D, 33, C0, E8, 1C, A2, FF, FF, 48, 8D, 0D, 1D, 69, 01, 00, 48, 8B, 55, 50, E8...
 
[+]

Entropy:
5.9296

Code size:
459.5 KB (470,528 bytes)

Scan dhook_64.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.