DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn
Static task
static1
Behavioral task
behavioral1
Sample
Trojan-GameThief.Win32.OnLineGames.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Trojan-GameThief.Win32.OnLineGames.dll
Resource
win10v2004-20241007-en
Target
54db4ae5160771fe0cc01f6942120008_JaffaCakes118
Size
57KB
MD5
54db4ae5160771fe0cc01f6942120008
SHA1
5e4b78a4914b0c810e4a35b48808c6626a53ac7c
SHA256
eb97b783ef379a8e2dca4daa07a3ab2446e0713b85186b4b51fc29b46912081c
SHA512
d99a13c6af368b93a5553c8cc91b04e8f2fc97149ffd954a04fdec57a391dae812f9d91104731af5b42901a7d4d150c2c77bd94e198efd50fb392e4f2af2df5e
SSDEEP
1536:UfJ/9PGoxtqu+jrGGH4/H2kwBdJyPxhfrtZHtgj5M:Uf59+oDqnjT2HuXyPxRfmM
Checks for missing Authenticode signature.
resource |
---|
unpack001/Trojan-GameThief.Win32.OnLineGames.sali |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE