home

dtlhook.dll

MonReboot Detours Package

GuangxiNanningshi Shengtaian E-Commerce Development Co.,LTD.

Publisher:
深圳市驱动人生软件技术有限公司  (signed by GuangxiNanningshi Shengtaian E-Commerce Development Co.,LTD.)

Product:
MonReboot Detours Package

Description:
MonReboot

Version:
Express Version 2.1 Build_216

MD5:
8697eecc2b4adef18be6c7bbf93ed92e

SHA-1:
4d498e4fbab428a41330bfd3dea98d2b7f28b783

SHA-256:
fab09fbc3a00bf26f45a99e7fa1254f49a0d813b922bbde9680d4122bbdf6eaa

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 10:53:24 PM UTC  (today)

File size:
72 KB (73,688 bytes)

Product version:
Express Version 2.1 Build_216

Copyright:
Copyright (C) 2010 深圳市驱动人生软件技术有限公司。保留所有权利。

Original file name:
MonReboot.DLL

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\hdwapp\dtlhook.dll

Digital Signature
Signed by:
GuangxiNanningshi Shengtaian E-Commerce Development Co.,LTD.

Authority:
Thawte, Inc.

Valid from:
4/23/2014 4:00:00 PM

Valid to:
4/24/2015 3:59:59 PM

Subject:
CN="GuangxiNanningshi Shengtaian E-Commerce Development Co.,LTD.", O="GuangxiNanningshi Shengtaian E-Commerce Development Co.,LTD.", L=Nanning, S=Guangxi, C=CN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
57A07F5F478EC9930DB77FC749A93A8F

File PE Metadata
Compilation timestamp:
11/13/2012 7:03:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
768:n16zi2GjInO0Mdgb2p/a3Owc2k6CHNwteqs23v4/5i39EFtozRtQsv6Z:nkzi5xgbteF9HNwMqyY2toz3/v4

Entry address:
0x28F4

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, E6, 1C, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, 8B, C1, 8B, 4C, 24, 04, C7, 00, 80, 91, 00, 10, 8B, 09, 83, 60, 08, 00, 89, 48, 04, C2, 08, 00, 53, 8B, 5C, 24, 08, 56, 8B, F1, C7, 06, 80, 91, 00, 10, 8B, 43, 08, 89, 46, 08, 85, C0, 8B, 43, 04, 57, 74, 31, 85, C0, 74, 27, 50, E8, 8D, 1D, 00, 00, 8B, F8, 47, 57, E8, 17, 02, 00, 00, 85, C0, 59, 59, 89, 46, 04, 74, 18, FF, 73, 04, 57, 50, E8, 0B, 1D, 00, 00, 83, C4, 0C, EB, 09...
 
[+]

Entropy:
5.7497

Code size:
32 KB (32,768 bytes)

Scan dtlhook.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.