15c23205_75h_d2k_eng[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

15c23205_75h_d2k_eng.zip
Size

1.3MB
MD5

ce57d10cc2c7e27b09a8e4ce4f8697b2
SHA1

9fc3561049350b76db9cee17b706d1b5a2900028
SHA256

f7bc8b22d23a4510f3205490ba5dfe0acb653a8f141f899e554140f17f31adda
SHA512

067f5bd1bb1f5abed20ae4d8e8196e6b78cdd29289681faa40b0a783b5964f03836590d2b7765f449a2cb3957eba531ed8163f76af6c5685bab45ee7cf91f08f
SSDEEP

24576:mH16UyBPI1iMi149YpgtyZK7vp/Yw+khH16UyBPI1iMi149YpgtyZK7vp/Yw+k/:mYUyBf4FyavrNhYUyBf4FyavrN/

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/15C23205/Philips.exe
unpack001/15C23205/PhilipsMonitorSetup.exe

Files

15c23205_75h_d2k_eng.zip
.zip
15C23205/FLURRY20.ICM
15C23205/LCD145.ICM
15C23205/PLUMP17.ICM
15C23205/PLUMP19.ICM
15C23205/PLUMP21.ICM
15C23205/Philips.exe
.exe windows:4 windows x86 arch:x86

c712112cbda201cc4e23c287e741b704

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateDirectoryA
GetPrivateProfileStringA
DeleteFileA
FreeLibrary
GetTempFileNameA
LoadLibraryA
GetTempPathA
GetSystemDirectoryA
GetFileAttributesA
GetProcAddress
lstrcpynA
SetFilePointer
lstrcpyA
LoadResource
FindResourceA
CompareStringA
CreateProcessA
WaitForSingleObject
GetStartupInfoA
RemoveDirectoryA
FindNextFileA
GetFileSize
ExitProcess
CreateFileA
GetLastError
FormatMessageA
Sleep
lstrlenA
GetDiskFreeSpaceA
FindFirstFileA
CloseHandle
WriteFile
ReadFile
GetModuleFileNameA
LockResource
GetWindowsDirectoryA
lstrcmpA
LCMapStringW
GetFileType
GetStdHandle
RtlUnwind
GetOEMCP
GetACP
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
LCMapStringA
FindClose
GetCPInfo
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
MultiByteToWideChar
GetStringTypeW
GetStringTypeA
WideCharToMultiByte
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
GetModuleHandleA
HeapFree
HeapAlloc

user32

SendMessageA
TranslateMessage
SystemParametersInfoA
wsprintfA
GetWindowLongA
GetParent
SetWindowTextA
GetWindowTextA
GetWindow
SetDlgItemTextA
EndDialog
SendDlgItemMessageA
DialogBoxParamA
GetDesktopWindow
GetDlgItemTextA
KillTimer
EnableWindow
SetTimer
PostMessageA
SetFocus
CreateDialogParamA
DestroyWindow
GetDlgItem
GetDC
ReleaseDC
ScreenToClient
SetWindowLongA
PeekMessageA
SetWindowPos
GetClientRect
MapWindowPoints
GetSysColor
LoadStringA
MessageBeep
MessageBoxA
GetClassNameA
DispatchMessageA
GetWindowRect
CreateWindowExA

gdi32

DeleteObject
SetTextColor
SelectObject
SetBkMode
GetTextExtentPointA
CreateFontIndirectA
TextOutA

comctl32

ord17
PropertySheetA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA

lz32

LZOpenFileA
LZCopy
LZClose

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 831B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
15C23205/Philips.inf
15C23205/PhilipsMonitorSetup.exe
.exe windows:4 windows x86 arch:x86

c712112cbda201cc4e23c287e741b704

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateDirectoryA
GetPrivateProfileStringA
DeleteFileA
FreeLibrary
GetTempFileNameA
LoadLibraryA
GetTempPathA
GetSystemDirectoryA
GetFileAttributesA
GetProcAddress
lstrcpynA
SetFilePointer
lstrcpyA
LoadResource
FindResourceA
CompareStringA
CreateProcessA
WaitForSingleObject
GetStartupInfoA
RemoveDirectoryA
FindNextFileA
GetFileSize
ExitProcess
CreateFileA
GetLastError
FormatMessageA
Sleep
lstrlenA
GetDiskFreeSpaceA
FindFirstFileA
CloseHandle
WriteFile
ReadFile
GetModuleFileNameA
LockResource
GetWindowsDirectoryA
lstrcmpA
LCMapStringW
GetFileType
GetStdHandle
RtlUnwind
GetOEMCP
GetACP
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
LCMapStringA
FindClose
GetCPInfo
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
MultiByteToWideChar
GetStringTypeW
GetStringTypeA
WideCharToMultiByte
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
GetModuleHandleA
HeapFree
HeapAlloc

user32

SendMessageA
TranslateMessage
SystemParametersInfoA
wsprintfA
GetWindowLongA
GetParent
SetWindowTextA
GetWindowTextA
GetWindow
SetDlgItemTextA
EndDialog
SendDlgItemMessageA
DialogBoxParamA
GetDesktopWindow
GetDlgItemTextA
KillTimer
EnableWindow
SetTimer
PostMessageA
SetFocus
CreateDialogParamA
DestroyWindow
GetDlgItem
GetDC
ReleaseDC
ScreenToClient
SetWindowLongA
PeekMessageA
SetWindowPos
GetClientRect
MapWindowPoints
GetSysColor
LoadStringA
MessageBeep
MessageBoxA
GetClassNameA
DispatchMessageA
GetWindowRect
CreateWindowExA

gdi32

DeleteObject
SetTextColor
SelectObject
SetBkMode
GetTextExtentPointA
CreateFontIndirectA
TextOutA

comctl32

ord17
PropertySheetA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA

lz32

LZOpenFileA
LZCopy
LZClose

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 831B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
15C23205/SQUARE20.ICM
15C23205/Square19.icm
15C23205/VALVE14.ICM
15C23205/VALVE15.ICM
15C23205/VALVE17.ICM
15C23205/install.txt
15C23205/vivid17.icm
15C23205/vivid19.icm
15C23205/vivid21.icm

Sharing

General

Malware Config

Signatures

Files

c712112cbda201cc4e23c287e741b704

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

advapi32

shell32

lz32

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 1024B - Virtual size: 831B

.data Size: 10KB - Virtual size: 17KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 40KB - Virtual size: 40KB

c712112cbda201cc4e23c287e741b704

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

advapi32

shell32

lz32

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 1024B - Virtual size: 831B

.data Size: 10KB - Virtual size: 17KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 1024B - Virtual size: 831B

.data
Size: 10KB - Virtual size: 17KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 40KB - Virtual size: 40KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 1024B - Virtual size: 831B

.data
Size: 10KB - Virtual size: 17KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 40KB - Virtual size: 40KB