Gridinsoft Logo

The SppExtComObjHook.dll File Analysis

Updated 1 year ago
Checked by Malware Check
SppExtComObjHook.dll

Technical Analysis

File Name SppExtComObjHook.dll
File Type
Win32 DLL
Magic Bytes PE32+ executable (DLL) (native) x86-64, for MS Windows
SSDEEP Hash
384:OzFnnqVKIfVKzDa4eTb60UnugPzjRYFJKX79xz1ORLg2:ucoa4eP5UnTfRYfKX79xIR
Scanner Version 1.0.174.174
Database Version 2024-05-03 23:00:21 UTC

Suspicious File Detected

Detected by 34 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
49%
Detection Rate
19,968
File Size (bytes)
34/70
Engines Detected
2024-05-03
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
2914300a6e0cdf7ed242505958ac0bb5
SHA1
684103f5c312ae956e66a02b965d9aad59710745
SHA256
29ae6f149e581f8dbdc01eed2d5d20b82b597c4b4c7e102cab6d012b168df4d8
SHA512
6fa6b773275e61596f1d4885fa3089ff24a2f72166dc0a2c40667f0bd03de26b032f2a39aa05e74077ada96bbb6b0785424bfe387b995c147fd74860a11948c9
ImpHash
09aa7a1a68855623e3ac071d6080ef31

Security Engines with Detections (34 of 70)

Bkav
W64.AIDetectMalware Malicious
Lionic
Hacktool.Win32.KMSAuto.3!c Malicious
MicroWorld-eScan
Application.Hacktool.BBJ Malicious
CAT-QuickHeal
HackTool.Win64CiR Malicious
Skyhigh
Generic pup.cpe Malicious
ALYac
Application.Hacktool.BBJ Malicious
Zillya
Tool.KMSAuto.Win64.203 Malicious
K7AntiVirus
Riskware ( 00584baa1 ) Malicious
Alibaba
HackTool:Win64/KMSAuto.4ecb8b1b Malicious
K7GW
Riskware ( 00584baa1 ) Malicious
CrowdStrike
win/grayware_confidence_100% (W) Malicious
Arcabit
Application.Hacktool.BBJ Malicious
TrendMicro-HouseCall
HackTool.Win64.AutoKMS.GAR.component Malicious
Kaspersky
HackTool.Win64.KMSAuto.ac Malicious
BitDefender
Application.Hacktool.BBJ Malicious
Emsisoft
Application.Hacktool.BBJ (B) Malicious
VIPRE
Application.Hacktool.BBJ Malicious
TrendMicro
HackTool.Win64.AutoKMS.GAR.component Malicious
FireEye
Application.Hacktool.BBJ Malicious
Sophos
KMS Activator (PUA) Malicious
Jiangmin
HackTool.KMSAuto.agi Malicious
Varist
W64/ABApplication.PPWM-2423 Malicious
Microsoft
HackTool:Win64/AutoKMS!MSR Malicious
ZoneAlarm
HackTool.Win64.KMSAuto.ac Malicious
GData
Application.Hacktool.BBJ Malicious
Cynet
Malicious (score: 100) Malicious
McAfee
Generic pup.cpe Malicious
Google
Detected Malicious
Cylance
unsafe Malicious
Panda
HackingTool/AutoKMS Malicious
Ikarus
PUA.Hacktool.KMS Malicious
MaxSecure
Trojan.Malware.106413943.susgen Malicious
DeepInstinct
MALICIOUS Malicious
alibabacloud
HackTool:Win/AutoKMS Malicious
36 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Image Base 0x180000000
Entry Point 0x180001d54
Compilation Time 2095-03-03 19:39:38
Checksum 0x000076dc (Actual: 0x000076dc)
OS Version 6.0
PEiD Signatures PE32+ executable (DLL) (native) x86-64, for MS Windows
Digital Signature The PE file does not contain a certificate table.
Imports 1 libraries
ntdll
Exports 0 functions
Resources 0 Resources
Sections 4 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 15,392 bytes 15,872 bytes 6.50 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 607D3450A1A01EEF7CA6E78DBABEC877
.data 0x00005000 1,520 bytes 1,536 bytes 1.82 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE EAA2684F15A37F2794B48ADF55395414
.idata 0x00006000 950 bytes 1,024 bytes 3.80 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 096A2AD754DD8AD9C0467505420D3B75
.reloc 0x00007000 148 bytes 512 bytes 1.96 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 6601198D9AC9E5814A4FE76F9958453E
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

The PE file does not contain a certificate table.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
34 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware