|
|
#3
10-25-2023, 14:07
|
|||
|
|||
other source binded it with a virus
It took me some time to track down this forum, I would like to thank you for your work. I first downloaded this hook from another source (downloadly.ir) it was working fine, but it seems it has been bundled with a virus and gave me some red flags so I did some digging and eventually found the source of this hook. Below some information about the dirty version.dll.
hybrid analysis red flags: http://www.hybrid-analysis.com/sample/d6670efa10094a946cba5e9e1b8f585836a8e545f854a0b7dcef475db91ccc6a/6527c6fe8727fe055a050a58 SHA265: d6670efa10094a946cba5e9e1b8f585836a8e545f854a0b7dcef475db91ccc6a I uploaded this assumed VIRUS here, maybe handy for analysis https://pixeldrain.com/u/qd61uDj3 (watch out virus, only download for analysis) I would like to know what exactly is added, any tips on how to find this out? kind regard, T 
|
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| How can I hook DllMain ? | ioannis | General Discussion | 12 | 07-29-2015 01:09 |
| Techsmith Morae Manager | squareD | General Discussion | 2 | 01-08-2010 01:10 |
| SST Hook -> Bluescreen!? | Cobi | General Discussion | 12 | 05-04-2005 09:37 |
Threaded Mode