home

rahook9x.dll

RemotelyAnywhere

3am Labs, Inc.

Publisher:
3am Labs, Inc.  (signed and verified)

Product:
RemotelyAnywhere

Description:
RemotelyAnywhere Hook DLL

Version:
7.00.531

MD5:
f3ca195e9919c4f281104780935b6ae0

SHA-1:
7426eae5caa7073e7124adca803b7562705f1a98

SHA-256:
7a692627aa478ccdafc2780ad9566e37105dae4095ee15bc865e31f9b2cfb14d

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 10:26:24 PM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
not-a-virus:RemoteAdmin.Win32.RemotelyAnywhere.a
15.11.22

File size:
11.3 KB (11,520 bytes)

Product version:
7.00.531

Copyright:
Copyright © 1998-2006 3am Labs, Inc. All rights reserved.

Original file name:
rahook.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\remotelyanywhere\rahook9x.dll

Digital Signature
Signed by:
3am Labs, Inc.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
10/5/2005 2:52:50 PM

Valid to:
10/7/2006 2:36:28 PM

Subject:
CN="3am Labs, Inc.", OU=Secure Application Development, O="3am Labs, Inc.", L=Woburn, S=Massachusetts, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
21E60D

File PE Metadata
Compilation timestamp:
3/7/2006 5:12:33 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.0

CTPH (ssdeep):
192:6pYkXSknlxPfwo9AKbqf7fsUWOA3gtL/CldolMC:WYk9fwoSs+LCcp

Entry address:
0x13E4

Entry point:
FF, 15, 08, 20, 00, 10, A2, 00, 30, 00, 10, E9, 10, FC, FF, FF, 8B, 44, 24, 0C, 33, C9, 39, 4C, 24, 04, 75, 21, 81, 78, 04, 12, 01, 00, 00, 75, 18, 81, 78, 08, 40, F1, 00, 00, 75, 0F, 8B, 15, 28, 40, 00, 10, 89, 50, 04, 89, 48, 08, 89, 48, 0C, 50, FF, 74, 24, 0C, FF, 74, 24, 0C, FF, 35, 24, 40, 00, 10, FF, 15, 30, 20, 00, 10, C2, 0C, 00, 83, 7C, 24, 04, 00, 74, 2D, 83, 3D, 24, 40, 00, 10, 00, 75, 43, 6A, 00, FF, 35, 10, 40, 00, 10, 68, F4, 13, 00, 10, 6A, 03, FF, 15, 48, 20, 00, 10, 33, C9, 85, C0, 0F, 95...
 
[+]

Entropy:
6.0164

Code size:
2 KB (2,048 bytes)

Scan rahook9x.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.