O:\OOO330\ooo\redland\wntmsci12.pro\bin\librdf.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2121c2ede8aeb845b8daf76ed70b0c7e_JaffaCakes118.dll
Resource
win7-20240220-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
2121c2ede8aeb845b8daf76ed70b0c7e_JaffaCakes118.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
2121c2ede8aeb845b8daf76ed70b0c7e_JaffaCakes118
-
Size
97KB
-
MD5
2121c2ede8aeb845b8daf76ed70b0c7e
-
SHA1
45a4a7f1361811b7c522043108d824a4e69e6eec
-
SHA256
98ed21c31e74f5815deebcf366d955b668622dca42c60df78116c0a6c3322ea4
-
SHA512
5a28194be358e425c6dd74b49e8c999eecd4e0327912b18e0be39b0befbf46c23989236cae6d4d61812913281ebeed65ad818d55d2def906f9127ccb3a59f4bf
-
SSDEEP
3072:YB2b+5Q3+PwDw2uWexZNssnfyw7zMQXFOjcFAlIE:Y0b+kw2CnL7QQ1GcFAl
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2121c2ede8aeb845b8daf76ed70b0c7e_JaffaCakes118
Files
-
2121c2ede8aeb845b8daf76ed70b0c7e_JaffaCakes118.dll windows:5 windows x86 arch:x86
7d828736655bcf4be9a8d40734623d6d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
libeay32
ord1042
ord1043
ord1044
ord503
ord504
ord502
ord341
ord342
ord340
raptor
raptor_serializer_set_error_handler
raptor_stringbuffer_copy_to_string
raptor_stringbuffer_length
raptor_stringbuffer_append_counted_string
raptor_new_stringbuffer
raptor_format_locator
raptor_free_memory
raptor_vsnprintf
raptor_free_sequence
raptor_sequence_push
raptor_sequence_get_at
raptor_new_sequence
raptor_guess_parser_name
raptor_new_parser
raptor_namespace_get_counted_prefix
raptor_sequence_size
raptor_namespace_get_uri
raptor_parse_abort
raptor_parse_chunk
raptor_www_abort
raptor_get_feature
raptor_feature_from_uri
raptor_parser_set_feature_string
raptor_parser_get_accept_header
raptor_finish
raptor_free_parser
raptor_www_free
raptor_start_parse
raptor_parser_set_uri_filter
raptor_set_generate_id_handler
raptor_set_warning_handler
raptor_set_error_handler
raptor_set_namespace_handler
raptor_set_statement_handler
raptor_get_need_base_uri
raptor_www_fetch
raptor_www_set_write_bytes_handler
raptor_www_set_http_accept
raptor_www_new
raptor_parse_file_stream
raptor_parse_uri
raptor_syntaxes_enumerate
raptor_uri_set_handler
raptor_init
raptor_sequence_pop
raptor_free_iostream
raptor_new_iostream_to_string
raptor_uri_uri_string_to_filename
raptor_uri_uri_string_is_file_uri
raptor_uri_filename_to_uri_string
raptor_uri_resolve_uri_reference
raptor_serializers_enumerate
raptor_serialize_start
raptor_serialize_start_to_file_handle
raptor_serialize_end
raptor_free_stringbuffer
raptor_serializer_set_warning_handler
raptor_serialize_statement
raptor_serialize_set_namespace
raptor_serializer_set_feature_string
raptor_serializer_get_feature
raptor_free_serializer
raptor_new_serializer
raptor_new_iostream_to_file_handle
rasqal
rasqal_query_results_formats_enumerate
rasqal_query_results_formats_check
rasqal_new_world
rasqal_set_triples_source_factory
rasqal_languages_enumerate
rasqal_query_get_data_graph_sequence
rasqal_free_data_graph
rasqal_query_get_user_data
rasqal_free_world
rasqal_query_results_formatter_write
rasqal_new_query_results_formatter_by_mime_type
rasqal_new_query_results_formatter
rasqal_free_query_results_formatter
rasqal_query_results_next_triple
rasqal_query_results_get_triple
rasqal_query_results_get_boolean
rasqal_query_results_is_syntax
rasqal_query_results_is_graph
rasqal_query_results_is_boolean
rasqal_query_results_is_bindings
rasqal_query_results_get_binding_value_by_name
rasqal_query_results_get_binding_name
rasqal_query_results_get_binding_value
rasqal_query_results_get_bindings
rasqal_query_results_get_bindings_count
rasqal_query_results_finished
rasqal_query_results_next
rasqal_query_set_warning_handler
rasqal_query_set_offset
rasqal_query_get_offset
rasqal_query_set_limit
rasqal_query_get_limit
rasqal_query_prepare
rasqal_free_query_results
rasqal_query_execute
rasqal_literal_as_variable
rasqal_variable_set_value
rasqal_new_uri_literal
rasqal_alloc_memory
rasqal_free_memory
rasqal_new_string_literal
rasqal_new_simple_literal
rasqal_free_query
rasqal_new_query
rasqal_query_set_user_data
rasqal_query_set_error_handler
rasqal_query_results_get_count
msvcr90
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
fprintf
isprint
rename
_access
fopen
_errno
strerror
fclose
feof
fread
_snprintf
abort
__iob_func
strrchr
atoi
isdigit
strncpy
strtol
strncmp
fwrite
fputc
strstr
isspace
isalnum
getenv
_mktemp
memset
fputs
sprintf
memcpy
malloc
free
calloc
_getpid
kernel32
GetCurrentProcessId
Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DisableThreadLibraryCalls
QueryPerformanceCounter
GetSystemTimeAsFileTime
InterlockedExchange
GetCurrentThreadId
GetTickCount
Exports
Exports
GetVersionInfo
librdf_copyright_string
librdf_destroy_world
librdf_digest_final
librdf_digest_get_digest
librdf_digest_get_digest_length
librdf_digest_init
librdf_digest_print
librdf_digest_to_string
librdf_digest_update
librdf_digest_update_string
librdf_free_digest
librdf_free_hash
librdf_free_iterator
librdf_free_model
librdf_free_node
librdf_free_parser
librdf_free_query
librdf_free_query_results
librdf_free_query_results_formatter
librdf_free_serializer
librdf_free_statement
librdf_free_storage
librdf_free_stream
librdf_free_uri
librdf_free_world
librdf_get_concept_ms_namespace
librdf_get_concept_resource_by_index
librdf_get_concept_schema_namespace
librdf_get_concept_uri_by_index
librdf_hash_get
librdf_hash_get_as_boolean
librdf_hash_get_as_long
librdf_hash_get_del
librdf_hash_interpret_template
librdf_hash_print
librdf_hash_print_keys
librdf_hash_print_values
librdf_hash_put_strings
librdf_init_world
librdf_iterator_add_map
librdf_iterator_end
librdf_iterator_get_context
librdf_iterator_get_key
librdf_iterator_get_object
librdf_iterator_get_value
librdf_iterator_have_elements
librdf_iterator_next
librdf_log_message_code
librdf_log_message_facility
librdf_log_message_level
librdf_log_message_locator
librdf_log_message_message
librdf_model_add
librdf_model_add_statement
librdf_model_add_statements
librdf_model_add_string_literal_statement
librdf_model_add_submodel
librdf_model_add_typed_literal_statement
librdf_model_as_stream
librdf_model_contains_context
librdf_model_contains_statement
librdf_model_context_add_statement
librdf_model_context_add_statements
librdf_model_context_as_stream
librdf_model_context_remove_statement
librdf_model_context_remove_statements
librdf_model_context_serialize
librdf_model_enumerate
librdf_model_find_statements
librdf_model_find_statements_in_context
librdf_model_find_statements_with_options
librdf_model_get_arc
librdf_model_get_arcs
librdf_model_get_arcs_in
librdf_model_get_arcs_out
librdf_model_get_contexts
librdf_model_get_feature
librdf_model_get_source
librdf_model_get_sources
librdf_model_get_storage
librdf_model_get_target
librdf_model_get_targets
librdf_model_has_arc_in
librdf_model_has_arc_out
librdf_model_load
librdf_model_print
librdf_model_query_execute
librdf_model_remove_statement
librdf_model_remove_submodel
librdf_model_serialise
librdf_model_set_feature
librdf_model_size
librdf_model_sync
librdf_model_to_counted_string
librdf_model_to_string
librdf_model_transaction_commit
librdf_model_transaction_get_handle
librdf_model_transaction_rollback
librdf_model_transaction_start
librdf_model_transaction_start_with_handle
librdf_new_digest
librdf_new_empty_iterator
librdf_new_empty_stream
librdf_new_hash_from_array_of_strings
librdf_new_hash_from_hash
librdf_new_hash_from_string
librdf_new_iterator
librdf_new_model
librdf_new_model_from_model
librdf_new_model_with_options
librdf_new_node
librdf_new_node_from_blank_identifier
librdf_new_node_from_literal
librdf_new_node_from_node
librdf_new_node_from_normalised_uri_string
librdf_new_node_from_typed_counted_literal
librdf_new_node_from_typed_literal
librdf_new_node_from_uri
librdf_new_node_from_uri_local_name
librdf_new_node_from_uri_string
librdf_new_parser
librdf_new_parser_from_factory
librdf_new_query
librdf_new_query_from_factory
librdf_new_query_from_query
librdf_new_query_results_formatter
librdf_new_query_results_formatter_by_mime_type
librdf_new_serializer
librdf_new_serializer_from_factory
librdf_new_statement
librdf_new_statement_from_nodes
librdf_new_statement_from_statement
librdf_new_storage
librdf_new_storage_from_factory
librdf_new_storage_from_storage
librdf_new_storage_with_options
librdf_new_stream
librdf_new_stream_from_node_iterator
librdf_new_uri
librdf_new_uri_from_filename
librdf_new_uri_from_uri
librdf_new_uri_from_uri_local_name
librdf_new_uri_normalised_to_base
librdf_new_uri_relative_to_base
librdf_new_world
librdf_node_decode
librdf_node_encode
librdf_node_equals
librdf_node_get_blank_identifier
librdf_node_get_li_ordinal
librdf_node_get_literal_value
librdf_node_get_literal_value_as_counted_string
librdf_node_get_literal_value_as_latin1
librdf_node_get_literal_value_datatype_uri
librdf_node_get_literal_value_is_wf_xml
librdf_node_get_literal_value_language
librdf_node_get_type
librdf_node_get_uri
librdf_node_is_blank
librdf_node_is_literal
librdf_node_is_resource
librdf_node_print
librdf_node_static_iterator_create
librdf_node_to_counted_string
librdf_node_to_string
librdf_parser_enumerate
librdf_parser_get_accept_header
librdf_parser_get_feature
librdf_parser_get_namespaces_seen_count
librdf_parser_get_namespaces_seen_prefix
librdf_parser_get_namespaces_seen_uri
librdf_parser_get_uri_filter
librdf_parser_guess_name
librdf_parser_parse_as_stream
librdf_parser_parse_counted_string_as_stream
librdf_parser_parse_counted_string_into_model
librdf_parser_parse_file_handle_as_stream
librdf_parser_parse_file_handle_into_model
librdf_parser_parse_into_model
librdf_parser_parse_string_as_stream
librdf_parser_parse_string_into_model
librdf_parser_register_factory
librdf_parser_set_error
librdf_parser_set_feature
librdf_parser_set_uri_filter
librdf_parser_set_warning
librdf_query_execute
librdf_query_get_limit
librdf_query_get_offset
librdf_query_register_factory
librdf_query_results_as_stream
librdf_query_results_finished
librdf_query_results_formats_check
librdf_query_results_formats_enumerate
librdf_query_results_formatter_write
librdf_query_results_get_binding_name
librdf_query_results_get_binding_value
librdf_query_results_get_binding_value_by_name
librdf_query_results_get_bindings
librdf_query_results_get_bindings_count
librdf_query_results_get_boolean
librdf_query_results_get_count
librdf_query_results_is_bindings
librdf_query_results_is_boolean
librdf_query_results_is_graph
librdf_query_results_is_syntax
librdf_query_results_next
librdf_query_results_to_counted_string
librdf_query_results_to_file
librdf_query_results_to_file_handle
librdf_query_results_to_string
librdf_query_set_limit
librdf_query_set_offset
librdf_serializer_enumerate
librdf_serializer_get_feature
librdf_serializer_register_factory
librdf_serializer_serialize_model
librdf_serializer_serialize_model_to_counted_string
librdf_serializer_serialize_model_to_file
librdf_serializer_serialize_model_to_file_handle
librdf_serializer_serialize_model_to_iostream
librdf_serializer_serialize_model_to_string
librdf_serializer_serialize_stream_to_counted_string
librdf_serializer_serialize_stream_to_file
librdf_serializer_serialize_stream_to_file_handle
librdf_serializer_serialize_stream_to_iostream
librdf_serializer_serialize_stream_to_string
librdf_serializer_set_error
librdf_serializer_set_feature
librdf_serializer_set_namespace
librdf_serializer_set_warning
librdf_short_copyright_string
librdf_statement_clear
librdf_statement_decode
librdf_statement_decode_parts
librdf_statement_encode
librdf_statement_encode_parts
librdf_statement_equals
librdf_statement_get_object
librdf_statement_get_predicate
librdf_statement_get_subject
librdf_statement_init
librdf_statement_is_complete
librdf_statement_match
librdf_statement_print
librdf_statement_set_object
librdf_statement_set_predicate
librdf_statement_set_subject
librdf_statement_to_string
librdf_storage_add_reference
librdf_storage_add_statement
librdf_storage_add_statements
librdf_storage_close
librdf_storage_contains_statement
librdf_storage_context_add_statement
librdf_storage_context_add_statements
librdf_storage_context_as_stream
librdf_storage_context_remove_statement
librdf_storage_context_remove_statements
librdf_storage_context_serialise
librdf_storage_enumerate
librdf_storage_find_statements
librdf_storage_find_statements_in_context
librdf_storage_find_statements_with_options
librdf_storage_get_arcs
librdf_storage_get_arcs_in
librdf_storage_get_arcs_out
librdf_storage_get_contexts
librdf_storage_get_feature
librdf_storage_get_sources
librdf_storage_get_targets
librdf_storage_has_arc_in
librdf_storage_has_arc_out
librdf_storage_open
librdf_storage_query_execute
librdf_storage_register_factory
librdf_storage_remove_reference
librdf_storage_remove_statement
librdf_storage_serialise
librdf_storage_set_feature
librdf_storage_size
librdf_storage_supports_query
librdf_storage_sync
librdf_storage_transaction_commit
librdf_storage_transaction_get_handle
librdf_storage_transaction_rollback
librdf_storage_transaction_start
librdf_storage_transaction_start_with_handle
librdf_stream_add_map
librdf_stream_end
librdf_stream_get_context
librdf_stream_get_object
librdf_stream_next
librdf_stream_print
librdf_uri_as_counted_string
librdf_uri_as_string
librdf_uri_compare
librdf_uri_equals
librdf_uri_is_file_uri
librdf_uri_print
librdf_uri_to_counted_string
librdf_uri_to_filename
librdf_uri_to_string
librdf_version_decimal
librdf_version_major
librdf_version_minor
librdf_version_release
librdf_version_string
librdf_world_get_feature
librdf_world_init_mutex
librdf_world_open
librdf_world_set_digest
librdf_world_set_error
librdf_world_set_feature
librdf_world_set_logger
librdf_world_set_warning
Sections
.text Size: 65KB - Virtual size: 65KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ