home

rahook.dll

LogMeIn Rescue

LogMeIn, Inc.

This is installed with multiple programs including LogMeIn Rescue Technician Console and Console d'assistance LogMeIn Rescue. The file has been seen being downloaded from logmeincdn.http.internapcdn.net.
Publisher:
LogMeIn, Inc.  (signed and verified)

Product:
LogMeIn Rescue

Description:
LogMeIn Rescue Hook DLL

Version:
7.6.2421

MD5:
f490adf6ef31474a629069e422e07005

SHA-1:
ff92e8ae67a5570b62b95825a01b9846fa0050f7

SHA-256:
55d4b641fd92f251049f6454d88081fbb2450da38d9169ff0fb8937c698637a4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 4:29:13 PM UTC  (today)

File size:
292.9 KB (299,912 bytes)

Product version:
7.6.2421

Copyright:
Copyright © 2005-2015 LogMeIn, Inc. US patents pending.

Original file name:
rahook.dll

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Program Files\logmein rescue technician console\logmeinrescuetechnicianconsole_x64\rahook.dll

Digital Signature
Signed by:
LogMeIn, Inc.

Authority:
VeriSign, Inc.

Valid from:
9/24/2012 6:00:00 PM

Valid to:
10/10/2015 5:59:59 PM

Subject:
CN="LogMeIn, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="LogMeIn, Inc.", S=Massachusetts, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3D7B7E4F14BB04BF34C26686A61ABDA0

File PE Metadata
Compilation timestamp:
5/22/2015 3:39:49 AM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
3072:Cdjqj0WaI57KeX3Di4zbgBWTNbT4WR6yD2epUe9xTs2Iccf+pa0vkFLAegSjFK:guqI575TiiOWT9ToyD2YUqIDGslxK

Entry address:
0x179F4

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 37, 8B, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, 68, 6E, 02, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF...
 
[+]

Entropy:
5.5275

Code size:
149 KB (152,576 bytes)

The file rahook.dll has been discovered within the following programs.

Console d'assistance LogMeIn Rescue  by LogMeIn, Inc.
Publisher's description - “LogMeIn Rescue is a powerful, easy-to-use remote support solution comprising three main components: a Technician Console, a Customer Applet, and an Administration Center. The online interface used by support technicians to conduct remote support sessions.”
secure.logmeinrescue.com
About 6% of users remove it
LogMeIn Rescue Technician Console  by LogMeIn, Inc.
Publisher's description - “Technicians can choose to run the Technician Console in a supported browser or as a desktop application. The desktop app offers the same set of features as the browser-based version.”
secure.logmein.com
About 2% of users remove it
 
Powered by Should I Remove It?

The file rahook.dll has been seen being distributed by the following URL.

http://logmeincdn.http.internapcdn.net/logmeincdn/TechConsole/TechConsole7062421/.../rahook.dll

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.