home

nthook64.dll

Flipora

The module nthook64.dll by Flipora has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Flipora - Discover the Web with Friends by Infoaxe.com which is a potentially unwanted software program.
Publisher:
Flipora  (signed and verified)

MD5:
13bc4f166f6beb4bc69655bfadbd31c8

SHA-1:
76fd155becb41827b776d4fb469547981d354a3a

SHA-256:
7383789066ca7fcf7a0d977eb0f19bbb9d020e03dc9f8b4e1e0cebd802de1356

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 1:01:45 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win64.Generic
16.8.2.2

File size:
51.3 KB (52,480 bytes)

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\Program Files\flipora\nthook64.dll

Digital Signature
Signed by:
Flipora

Authority:
VeriSign, Inc.

Valid from:
3/28/2012 8:00:00 PM

Valid to:
3/29/2015 7:59:59 PM

Subject:
CN=Flipora, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Flipora, L=Sunnyvale, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4E5D7F106293C44426F134E3A6C47BB9

File PE Metadata
Compilation timestamp:
1/15/2014 9:12:47 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:ae4VkrqhqVTzH4xHIn/rc2GbP2P9Q1NZ:QVgqhoTzYxo/rLQ21Q1

Entry address:
0x1B34

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, EB, 2A, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, A7, FE, FF, FF, CC, CC, CC, 48, 89, 4C, 24, 08, 48, 81, EC, 88, 00, 00, 00, 48, 8D, 0D, 19, A4, 00, 00, FF, 15, 4B, 55, 00, 00, 48, 8B, 05, 04, A5, 00, 00, 48, 89, 44, 24, 58, 45, 33, C0, 48, 8D, 54, 24, 60, 48, 8B, 4C, 24, 58, E8, 93, 4F, 00, 00, 48, 89, 44, 24, 50, 48, 83, 7C, 24...
 
[+]

Entropy:
5.9944

Code size:
23.5 KB (24,064 bytes)

The file nthook64.dll has been discovered within the following program.

Flipora - Discover the Web with Friends  by Infoaxe.com
Publisher's description - “Flipora is a Personalized Search and Discovery engine that is made by Infoaxe Inc. Bored on the Web? You'll never be anymore. Flipora recommends great websites to you automatically on topics you care about.”
68% remove it
 
Powered by Should I Remove It?

Remove nthook64.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.