Comments (2)
And I don't even know what these .shc files are:
from pe-sieve.
hi!
- First of all, are you using the latest PE-sieve (0.1.6)? If not, can you please update it to the latest release and scan it once again?
- I see those DLLs are hooked. There are many reasons for DLLs being hooked, not all of them are malicious. PE-sieve detects the presence of a hook, but it is not meant to make a judgment if the hook is malicious or not. Read more about it on wiki. If you have an antivirus installed, it is very likely that it modifies memory of the processes in some way or the other - so, all those modifications are going to be detected by PE-sieve.
- If you download the version 0.1.6, it will print more information about where the hook leads to. Please drop me the reports and I will tell you more about interpreting them. From what I see for now, probably your hooks are non-malicious.
from pe-sieve.
Related Issues (20)
- Patch analyze bug? HOT 3
- Process overwriting HOT 1
- pe-sieve 0.3.4 API doesn't detect "Implanted" and "Implanted PE" + feature request. HOT 11
- Add JSON report as a buffer accessible through the API HOT 4
- found Chrome.exe as suspicios HOT 5
- Undetected 64 bit shellcode
- [Question] How can I dump a specific module(dll) of an running process? HOT 5
- Rust Bindings HOT 5
- some question about source code HOT 2
- Disk and memory PE headers comparision HOT 1
- Problem with VirtualQueryEx HOT 2
- can I add my own list of process, like malware in the laptop HOT 1
- Need help with PeSieve HOT 4
- help HOT 3
- Exe crashes after dump HOT 6
- Query on supported architectures HOT 1
- leak? HOT 8
- Error in appending a new Import Table HOT 2
- Overeager imports reconstruction HOT 1
- KERNEL32.VirtualProtectStub IAT hook Does not detect HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pe-sieve.