home

rakjj.dll

DriverDevelop.com

The module rakjj.dll by DriverDevelop.com has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory.
Publisher:
DriverDevelop.com  (signed and verified)

Version:
1.0.0.0

MD5:
53d40b095ac8fd999163f44eec28657a

SHA-1:
1d6a9979e4552bac3e9532f3f359693c518305fa

SHA-256:
12da4e43fecdd76cedffe6a8bbdd064ddda79f1a958d87f8dbede5a7c8ca4e39

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/25/2024 4:51:14 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.9.6.17

File size:
1.5 MB (1,545,208 bytes)

Product version:
1.0.0.0

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\hz$d.094.1706\data\rakjj.dll

Digital Signature
Signed by:
DriverDevelop.com

Authority:
DriverDevelop.com

Valid from:
8/15/2009 11:02:01 AM

Valid to:
8/13/2019 11:02:01 AM

Subject:
E=ca@zndev.com, CN=DriverDevelop.com Signtools Test cert, OU=Dept. CodeSign CA, O=DriverDevelop.com, S=BeiJing, C=CN

Issuer:
E=ca@zndev.com, CN=DriverDevelop.com CA, OU=DriverDevelop.com CA, O=DriverDevelop.com, L=BeiJing, S=BeiJing, C=CN

Serial number:
011E

File PE Metadata
Compilation timestamp:
8/22/2016 5:19:10 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:XFjAJDkkhWMyfSxthV/jiAcg9GzPyrLEaN2Q0BdWlKocfkFXhRB4vJ7mbSPfoGdE:1AJkJMyqxNWAf9GzPykO0BdDLfkXBsdy

Entry address:
0x2A24C4

Entry point:
E9, 00, D4, FF, FF, 88, 9C, E5, FC, 77, 9F, 2A, 3B, 06, 2D, 96, AB, 1E, 4D, 87, D5, 52, 7A, D8, 40, 1A, 2F, A2, D1, BB, 61, 53, 54, C4, 34, 71, B0, 8C, D5, 30, 9B, A5, 06, 21, B9, 52, C9, 8E, CA, 27, 36, 27, D4, 4F, 00, 31, 20, 27, E4, 85, 9C, 35, 4F, 23, 01, 43, 1C, 43, 49, 11, A7, B8, D2, A2, AC, ED, 2F, 81, F5, D3, ED, D5, 80, D9, ED, 1B, BE, CE, 95, 75, B9, 8C, 88, CC, 6B, 22, 83, B2, B6, 46, C3, 37, C1, 0A, EF, F3, 6D, 9B, 3E, 94, 10, 81, 9E, 29, AD, 73, 49, E9, 4E, DF, 26, 88, 2D, AF, 58, 72, 37, 71...
 
[+]

Entropy:
7.9392

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
1.4 MB (1,477,632 bytes)

Remove rakjj.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.