00ea610425be41c213b88a33b8e0b769_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

00ea610425be41c213b88a33b8e0b769_JaffaCakes118
Size

1.9MB
MD5

00ea610425be41c213b88a33b8e0b769
SHA1

2366a410f739967a9d0798b4c5048dc2acad7b4d
SHA256

d9de81c97b736af6a3176a5d7740604d8d4221c45c122114ff95eba1910ade1c
SHA512

cd226dea7ca86e14b5493a511c732844e0cf2f3a3977772be5d0ad9e8c48d7c2eebf26294c1717b22714afc5cb460bd135634fa90766517d796f41d98c2df1fc
SSDEEP

49152:4gUAhoRmAyrEniEwd+tA12G0dW+FV4P5ggGpzIbe:4gUAhumTrErntO2G0dW+v4igGFMe

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Y3kRat2k5RC10/upx.exe	upx

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Y3kRat2k5RC10/Client.exe
unpack001/Y3kRat2k5RC10/Connector.exe
unpack001/Y3kRat2k5RC10/EditSrv.exe
unpack001/Y3kRat2k5RC10/SrvIconChange.exe
unpack001/Y3kRat2k5RC10/server.exe
unpack001/Y3kRat2k5RC10/upx.exe

Files

00ea610425be41c213b88a33b8e0b769_JaffaCakes118
.zip
Y3kRat2k5RC10/77169.orgʹð˵.txt
Y3kRat2k5RC10/77169.org˵.htm
.html
Y3kRat2k5RC10/Client.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

MEW
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�uۊ��
Size: 374KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Y3kRat2k5RC10/Connector.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

MEW
Size: - Virtual size: 616KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�uۊ��
Size: 224KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Y3kRat2k5RC10/EditSrv.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

MEW
Size: - Virtual size: 588KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�uۊ��
Size: 211KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Y3kRat2k5RC10/Online.wav
Y3kRat2k5RC10/PHP Notify Script/index.php
Y3kRat2k5RC10/PHP Notify Script/ip.html
Y3kRat2k5RC10/SrvIconChange.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

MEW
Size: - Virtual size: 568KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�uۊ��
Size: 217KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Y3kRat2k5RC10/compress.bat
Y3kRat2k5RC10/icons/5_spots.ico
Y3kRat2k5RC10/icons/5spots_ico_new.ico
Y3kRat2k5RC10/icons/About.ICO
Y3kRat2k5RC10/icons/Apache2DSOApp.ico
Y3kRat2k5RC10/icons/ApacheDSOApp.ico
Y3kRat2k5RC10/icons/AutoUpdate.ico
Y3kRat2k5RC10/icons/CHEMICAL.ICO
Y3kRat2k5RC10/icons/CHIP.ICO
Y3kRat2k5RC10/icons/CLXMDIApp.ico
Y3kRat2k5RC10/icons/CONSTRUC.ICO
Y3kRat2k5RC10/icons/CustData.ICO
Y3kRat2k5RC10/icons/Dd216.ico
Y3kRat2k5RC10/icons/Dd218.ico
Y3kRat2k5RC10/icons/DualList.ICO
Y3kRat2k5RC10/icons/EARTH.ICO
Y3kRat2k5RC10/icons/FACTORY.ICO
Y3kRat2k5RC10/icons/FINANCE.ICO
Y3kRat2k5RC10/icons/HANDSHAK.ICO
Y3kRat2k5RC10/icons/JavaCup.ico
Y3kRat2k5RC10/icons/LOGOAPP.ICO
Y3kRat2k5RC10/icons/MDIAPP.ICO
Y3kRat2k5RC10/icons/OKCANCL1.ICO
Y3kRat2k5RC10/icons/OKCANCL2.ICO
Y3kRat2k5RC10/icons/PASSWORD.ICO
Y3kRat2k5RC10/icons/RECERROR.ICO
Y3kRat2k5RC10/icons/SDIAPP.ICO
Y3kRat2k5RC10/icons/SHIPPING.ICO
Y3kRat2k5RC10/icons/SKYLINE.ICO
Y3kRat2k5RC10/icons/Secur05.ico
Y3kRat2k5RC10/icons/Shell.ico
Y3kRat2k5RC10/icons/TABPGDLG.ICO
Y3kRat2k5RC10/icons/TECHNLGY.ICO
Y3kRat2k5RC10/icons/Thumbs.db
Y3kRat2k5RC10/icons/Win2kApp.ico
Y3kRat2k5RC10/icons/XPAPP.ico
Y3kRat2k5RC10/icons/XPForm.ico
Y3kRat2k5RC10/icons/XtrazPluginDefaultIcon.ico
Y3kRat2k5RC10/icons/backgammon_ico_new.ico
Y3kRat2k5RC10/icons/bouncy-bob.ico
Y3kRat2k5RC10/icons/bouncy_ico_new.ico
Y3kRat2k5RC10/icons/checkers.ico
Y3kRat2k5RC10/icons/checkers_ico_new.ico
Y3kRat2k5RC10/icons/chess02.ico
Y3kRat2k5RC10/icons/chess_ico_new.ico
Y3kRat2k5RC10/icons/clxabout.ico
Y3kRat2k5RC10/icons/clxduallist.ico
Y3kRat2k5RC10/icons/clxemployee.ico
Y3kRat2k5RC10/icons/clxmddata.ico
Y3kRat2k5RC10/icons/clxokcnhlp2.ico
Y3kRat2k5RC10/icons/clxpassword.ico
Y3kRat2k5RC10/icons/clxrecerror.ico
Y3kRat2k5RC10/icons/clxtabpgdlg.ico
Y3kRat2k5RC10/icons/console.ico
Y3kRat2k5RC10/icons/custom_away.ico
Y3kRat2k5RC10/icons/dcdemo.ICO
Y3kRat2k5RC10/icons/delphi.ico
Y3kRat2k5RC10/icons/draw-me-icons.ico
Y3kRat2k5RC10/icons/eMusicClient.ico
Y3kRat2k5RC10/icons/ebay.ico
Y3kRat2k5RC10/icons/ebay_desktop.ico
Y3kRat2k5RC10/icons/ebay_hover.ico
Y3kRat2k5RC10/icons/freeoffers.ico
Y3kRat2k5RC10/icons/games.ico
Y3kRat2k5RC10/icons/greeting-card.ico
Y3kRat2k5RC10/icons/groovy.ico
Y3kRat2k5RC10/icons/groups.ico
Y3kRat2k5RC10/icons/icon.ico
Y3kRat2k5RC10/icons/icon1.ico
Y3kRat2k5RC10/icons/icon2.ico
Y3kRat2k5RC10/icons/icon4.ico
Y3kRat2k5RC10/icons/icon5.ico
Y3kRat2k5RC10/icons/icon6.ico
Y3kRat2k5RC10/icons/icq-small-sendmap.ico
Y3kRat2k5RC10/icons/idr_main.ico
Y3kRat2k5RC10/icons/interactive-center.ico
Y3kRat2k5RC10/icons/mobile_ico_new.ico
Y3kRat2k5RC10/icons/my-photo.ico
Y3kRat2k5RC10/icons/ndpsetup.ico
Y3kRat2k5RC10/icons/nici.ico
Y3kRat2k5RC10/icons/paint shop pro browse.ico
Y3kRat2k5RC10/icons/paint shop pro doc.ico
Y3kRat2k5RC10/icons/paint shop pro resource.ico
Y3kRat2k5RC10/icons/parker.ico
Y3kRat2k5RC10/icons/parker_ico_new.ico
Y3kRat2k5RC10/icons/phisland.ico
Y3kRat2k5RC10/icons/poker_ico_new.ico
Y3kRat2k5RC10/icons/pool.ico
Y3kRat2k5RC10/icons/puzzle.ico
Y3kRat2k5RC10/icons/puzzle_inlay_ico_new.ico
Y3kRat2k5RC10/icons/roundtarget.ico
Y3kRat2k5RC10/icons/rps.ico
Y3kRat2k5RC10/icons/rps_ico_new.ico
Y3kRat2k5RC10/icons/squareoff.ico
Y3kRat2k5RC10/icons/squareoff_ico_new.ico
Y3kRat2k5RC10/icons/statusHelp.ico
Y3kRat2k5RC10/icons/sumo01.ico
Y3kRat2k5RC10/icons/sumo_ico_new.ico
Y3kRat2k5RC10/icons/super_groovy_ico_new.ico
Y3kRat2k5RC10/icons/teddy.ico
Y3kRat2k5RC10/icons/teddy_ico_new.ico
Y3kRat2k5RC10/icons/tools.ico
Y3kRat2k5RC10/icons/universe.ico
Y3kRat2k5RC10/icons/vatars32x32.ico
Y3kRat2k5RC10/icons/vhosticon.ico
Y3kRat2k5RC10/icons/video.ico
Y3kRat2k5RC10/icons/video_ico_new.ico
Y3kRat2k5RC10/icons/warsheep.ico
Y3kRat2k5RC10/icons/wordNinja.ico
Y3kRat2k5RC10/icons/word_ninja_ico_new.ico
Y3kRat2k5RC10/icons/zuma.ico
Y3kRat2k5RC10/icons/zuma_ico_new.ico
Y3kRat2k5RC10/icons/zylom.ico
Y3kRat2k5RC10/server.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 679KB - Virtual size: 678KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 20B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Y3kRat2k5RC10/upx.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 156KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 121KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Y3kRat2k5RC10/ĺڿͬ.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

MEW Size: - Virtual size: 1.2MB

�uۊ�� Size: 374KB - Virtual size: 432KB

Headers

File Characteristics

Sections

MEW Size: - Virtual size: 616KB

�uۊ�� Size: 224KB - Virtual size: 284KB

Headers

File Characteristics

Sections

MEW Size: - Virtual size: 588KB

�uۊ�� Size: 211KB - Virtual size: 272KB

Headers

File Characteristics

Sections

MEW Size: - Virtual size: 568KB

�uۊ�� Size: 217KB - Virtual size: 276KB

Headers

File Characteristics

Sections

CODE Size: 679KB - Virtual size: 678KB

DATA Size: 11KB - Virtual size: 10KB

BSS Size: - Virtual size: 5KB

.idata Size: 11KB - Virtual size: 11KB

.tls Size: - Virtual size: 20B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 48KB - Virtual size: 47KB

.rsrc Size: 40KB - Virtual size: 40KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 156KB

UPX1 Size: 121KB - Virtual size: 124KB

.rsrc Size: 1024B - Virtual size: 4KB

MEW
Size: - Virtual size: 1.2MB

�uۊ��
Size: 374KB - Virtual size: 432KB

MEW
Size: - Virtual size: 616KB

�uۊ��
Size: 224KB - Virtual size: 284KB

MEW
Size: - Virtual size: 588KB

�uۊ��
Size: 211KB - Virtual size: 272KB

MEW
Size: - Virtual size: 568KB

�uۊ��
Size: 217KB - Virtual size: 276KB

CODE
Size: 679KB - Virtual size: 678KB

DATA
Size: 11KB - Virtual size: 10KB

BSS
Size: - Virtual size: 5KB

.idata
Size: 11KB - Virtual size: 11KB

.tls
Size: - Virtual size: 20B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 48KB - Virtual size: 47KB

.rsrc
Size: 40KB - Virtual size: 40KB

UPX0
Size: - Virtual size: 156KB

UPX1
Size: 121KB - Virtual size: 124KB

.rsrc
Size: 1024B - Virtual size: 4KB