PESCAN.IO - Analysis Report Basic |
|||||||
| File Structure |
|
PE Chart Code
Executable header (light blue)
Executable sections (pink)
Non-executable sections (black)
External injected code (red)
File Structure in red = malformed or corrupted header
Chart Code For Other Files
Printable characters (blue)
Non-printable characters (black)
| Information |
| Size: 19,00 KB SHA-256 Hash: BCF38A3640339224AC94141A60D1985AFB4F38F37D7440A3EC872E9D812FE2B3 SHA-1 Hash: DD6D9E4382BE04E070A1BCA734A70F25F7A935BC MD5 Hash: 4FFB7EBFC125E31602E911481A6B532F Imphash: D41D8CD98F00B204E9800998ECF8427E MajorOSVersion: 4 MinorOSVersion: 0 CheckSum: 00000000 EntryPoint (rva): 0 SizeOfHeaders: 200 SizeOfImage: A000 ImageBase: 0000000180000000 Architecture: x64 Characteristics: 2022 TimeDateStamp: C566CC71 Date: 12/12/2074 13:56:01 File Type: DLL Number Of Sections: 2 ASLR: Disabled Section Names (Optional Header): .text, .rsrc Number Of Executable Sections: 1 Subsystem: Windows Console |
| Sections Info |
| Section Name | Flags | ROffset | RSize | VOffset | VSize | Entropy | Chi2 |
|---|---|---|---|---|---|---|---|
| .text | 60000020 (Code, Executable, Readable) | 200 | 4600 | 2000 | 4429 |
|
|
| .rsrc | 40000040 (Initialized Data, Readable) | 4800 | 400 | 8000 | 368 |
|
|
| Description |
| OriginalFilename: ReiHook.dll LegalCopyright: Copyright 2022 ProductName: ReiHook FileVersion: 1.0.0.0 FileDescription: ReiHook ProductVersion: 1.0.0.0 Language: Unknown (ID=0x0) CodePage: Unicode (UTF-16 LE) (0x4B0) |
| Signatures |
| Certificate - Digital Signature Not Found: • The file is not signed |
| Packer/Compiler |
| Compiler: Microsoft Visual .NET - (You can use a decompiler for this...) • AnyCPU: False • Version: v4.0 Compiler: Microsoft Visual Studio Detect It Easy (die) • PE+(64): library: .NET(v4.0.30319)[-] • PE+(64): linker: Microsoft Linker(48.0)[-] • PE+(64): archive: Resources(-)[-] • Entropy: 5.26616 |
| File Access |
| ReiHook.dll |
| File Access (UNICODE) |
| ReiHook.dll |
| Interest's Words |
| attrib start |
| Interest's Words (UNICODE) |
| ping |
| Strings/Hex Code Found With The File Rules |
| Rule Type | Encoding | Matched (Word) |
|---|---|---|
| Text | Unicode | Keyboard Key ([F5]) |
| Text | Ascii | Keyboard Key (Scroll) |
| Text | Ascii | Technique to insert malicious code into a vulnerable application (Injection) |
| Text | Ascii | Technique used to insert malicious code into legitimate processes (Inject) |
| Resources |
| Path | DataRVA | Size | FileOffset | Code | Text |
|---|---|---|---|---|---|
| \VERSION\1\0 | 8058 | 30C | 4858 | 0C0334000000560053005F00560045005200530049004F004E005F0049004E0046004F0000000000BD04EFFE000001000000 | ..4...V.S._.V.E.R.S.I.O.N._.I.N.F.O............... |
| Intelligent String |
| • 1.0.0.0 • ReiHook.dll • G:\Backup\Visual Studio\ReiHook - Descenders\ReiHook\obj\x64\Release\ReiHook.pdb |
| Extra Analysis |
| Metric | Value | Percentage |
|---|---|---|
| Ascii Code | 10673 | 54,8571% |
| Null Byte Code | 6643 | 34,1437% |
© 2026 All rights reserved.