8007e418c83a0f3205677d6e8610e9a1c4c703453ee7a5322e49b51dbf1221fd

Sharing

Copy URL Twitter E-mail

General

Target

8007e418c83a0f3205677d6e8610e9a1c4c703453ee7a5322e49b51dbf1221fd
Size

9.5MB
MD5

92d3cb023d6bcab4a42e9523f9967698
SHA1

de94c112fd70c7824a9367d9f8e4244ebb96563d
SHA256

8007e418c83a0f3205677d6e8610e9a1c4c703453ee7a5322e49b51dbf1221fd
SHA512

526fc690b0390353bee42c54dbb80dddd78ea0c10755a17243a843c11966cf73c26d8512c3413751de6c020daf225d967557a7a7b076e6260e1269b111b1d891
SSDEEP

196608:d8ygwTcdnlXewF6n8JtvpHE44zr4lHIcoJ9nAvSom1tlEC:dJgwwRlNFSmtvB34zrs/oJ9nylm1tmC

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GD32 MCU Dfu Drivers.exe
unpack001/GD_DFU_DLL.dll
unpack001/m8_t221_231115.exe

Files

8007e418c83a0f3205677d6e8610e9a1c4c703453ee7a5322e49b51dbf1221fd
.zip
GD32 MCU Dfu Drivers.exe
.exe windows:6 windows x64 arch:x64

cefaa8ebec815b03e0b8bdd59c9d8c15

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\qltang\Desktop\vcp_test_project\GDMCUDfuDrivers\x64\Release\GDMCUDfuDrivers.pdb

Imports

kernel32

RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
IsValidCodePage
GetStdHandle
GetProcessHeap
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDriveTypeW
GetTimeZoneInformation
HeapQueryInformation
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
OutputDebugStringW
LCMapStringW
GetCurrentDirectoryW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
HeapSize
HeapReAlloc
VirtualQuery
VirtualAlloc
GetSystemInfo
ExitProcess
RaiseException
CreateEventA
RtlPcToFileHeader
RtlUnwindEx
RtlLookupFunctionEntry
GetCommandLineA
IsProcessorFeaturePresent
IsDebuggerPresent
RtlCaptureContext
HeapFree
ExitThread
CreateThread
FindResourceExW
SearchPathA
GetProfileIntA
Sleep
VirtualProtect
GetTempFileNameA
GetTempPathA
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetCPInfo
GetOEMCP
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FindNextFileA
FileTimeToLocalFileTime
SuspendThread
SetThreadPriority
FormatMessageA
LocalFree
GlobalSize
GetCurrentProcessId
WritePrivateProfileStringA
GetSystemTimeAsFileTime
GetFileType
SetStdHandle
HeapAlloc
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetCurrentThread
GetVolumeInformationA
GetModuleFileNameA
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
CompareStringA
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
LoadLibraryW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleExW
GetModuleHandleW
GetModuleFileNameW
GetSystemDirectoryW
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
DecodePointer
EncodePointer
OutputDebugStringA
InitializeCriticalSectionAndSpinCount
GetACP
MultiByteToWideChar
GetTickCount
UnmapViewOfFile
GetFileSize
FileTimeToSystemTime
SetFileTime
WriteFile
GetFileAttributesA
LocalFileTimeToFileTime
SystemTimeToFileTime
ReadFile
SetFilePointer
CreateFileA
InitializeCriticalSectionEx
GetVersionExA
CopyFileA
MoveFileA
LoadLibraryA
GetCurrentDirectoryA
FreeLibrary
GetLastError
RemoveDirectoryA
DeleteFileA
SetCurrentDirectoryA
SetFileAttributesA
CreateDirectoryA
GetCurrentProcess
GetModuleHandleA
GetProcAddress
FindResourceW
WideCharToMultiByte
ResetEvent
SetEvent
WaitForSingleObject
LockResource
FreeResource
SizeofResource
LoadResource
FindResourceA
GlobalAlloc
ResumeThread
GlobalFree
MulDiv
GlobalUnlock
GlobalLock
CloseHandle
GetStringTypeW

user32

GetWindowRgn
LoadAcceleratorsW
MapVirtualKeyA
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
UpdateLayeredWindow
GetUpdateRect
SetClassLongPtrA
DestroyAcceleratorTable
ModifyMenuA
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
CopyIcon
GetIconInfo
GetDoubleClickTime
EnableScrollBar
LockWindowUpdate
CreatePopupMenu
BringWindowToTop
UnionRect
SetCursorPos
NotifyWinEvent
MessageBeep
GetSystemMenu
LoadMenuW
GetAsyncKeyState
IsZoomed
TrackMouseEvent
LoadImageW
LoadImageA
DestroyIcon
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
MonitorFromPoint
SetParent
EnumDisplayMonitors
SetRectEmpty
SetLayeredWindowAttributes
KillTimer
SetTimer
DeleteMenu
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
IntersectRect
UnregisterClassA
RealChildWindowFromPoint
CopyImage
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
ShowOwnedPopups
TranslateMessage
GetMessageA
GetCursorPos
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuState
GetWindowThreadProcessId
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
DrawIconEx
IsRectEmpty
OffsetRect
InflateRect
GetSysColorBrush
SetWindowRgn
DrawStateA
DrawFrameControl
DrawEdge
PostQuitMessage
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
CharUpperA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongPtrA
GetClassLongA
SetWindowLongPtrA
GetWindowLongPtrA
SetWindowLongA
PtInRect
EqualRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
DestroyCursor
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
MapVirtualKeyExA
IsCharLowerA
GetNextDlgGroupItem
PostThreadMessageA
IsClipboardFormatAvailable
SetFocus
GetDlgCtrlID
FrameRect
CharUpperBuffA
RegisterClipboardFormatA
MapDialogRect
SubtractRect
GetKeyNameTextA
CopyAcceleratorTableA
DrawFocusRect
CreateAcceleratorTableA
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
PostMessageA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
SendDlgItemMessageA
GetDesktopWindow
wsprintfA
MessageBoxA
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
LoadIconW
CopyRect
LoadCursorA
SetCursor
GetParent
GetWindowLongA
SendMessageA
GetSysColor
FillRect
InvalidateRect
ReleaseDC
GetDC
SetRect
EnableWindow
GetMenuStringA

gdi32

SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateEllipticRgn
CreateRectRgnIndirect
Ellipse
GetBkColor
GetTextColor
GetTextExtentPoint32A
PatBlt
CreatePolygonRgn
Polygon
Polyline
GetTextMetricsA
CopyMetaFileA
CreateDCA
CreateFontIndirectA
SetRectRgn
DPtoLP
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
GetRgnBox
OffsetRgn
RoundRect
SetViewportOrgEx
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExA
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceA
SetTextAlign
SetROP2
SetViewportExtEx
ExtTextOutA
TextOutA
MoveToEx
CreatePalette
GetDeviceCaps
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
GetObjectA
SetTextColor
SetBkColor
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
CreateSolidBrush
DeleteObject
DeleteDC
SelectObject

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

DragFinish
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHAppBarMessage
ShellExecuteA
SHGetFileInfoA
DragQueryFileA

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsA
PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathIsDirectoryA
PathRemoveFileSpecW

uxtheme

GetThemeColor
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
DrawThemeParentBackground
GetCurrentThemeName
IsAppThemed
DrawThemeText

ole32

OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
CreateStreamOnHGlobal
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx

oleaut32

OleLoadPicture
SysStringLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysAllocString

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDrawImageRectI

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 584KB - Virtual size: 583KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6.7MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GD_DFU_DLL.dll
.dll windows:5 windows x86 arch:x86

db0869602e3443313c4fda04aa3cbcc9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Code_Driver\GD DFU v2.0\Release\GD_DFU_DLL.pdb

Imports

kernel32

CreateFileA
CloseHandle
DeviceIoControl
Sleep
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
GetSystemTimeAsFileTime

msvcr90

__clean_type_info_names_internal
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
_unlock

Exports

Exports

??0CGD_DFU_DLL@@QAE@XZ
??4CGD_DFU_DLL@@QAEAAV0@ABV0@@Z
?fnGD_DFU_DLL@@YAHXZ
?nGD_DFU_DLL@@3HA
GDDFU_Abort
GDDFU_ClearStatus
GDDFU_DeviceClose
GDDFU_DeviceOpen
GDDFU_Download
GDDFU_GetDescriptor
GDDFU_GetPartNo
GDDFU_GetSIFData
GDDFU_GetState
GDDFU_GetStatus
GDDFU_Upload
GDDFU_WaitState
GDDFU_WaitStatus
GD_DFU_GETProductID

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
m8_t221_231115.exe
.exe windows:6 windows x86 arch:x86

084b16f7dcba89c78918242a6b666416

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Driver_dev\Visual Studio 2008\Projects\FirmwareUpdateTool2020\GD_DFU_DLL_Demo_Public\Release\GD_DFU_DLL_Demo.pdb

Imports

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA

kernel32

SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileA
FindFirstFileExA
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
VirtualQuery
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
RtlUnwind
OutputDebugStringW
WriteConsoleW
GetStringTypeW
FlushFileBuffers
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceW
CreateFileA
CloseHandle
GetLocalTime
SystemTimeToFileTime
GlobalAlloc
GlobalFree
Sleep
FindResourceA
HeapFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
HeapSize
GetLastError
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
GetCurrentThread
GetCurrentThreadId
GetVersionExA
FreeLibrary
GetModuleFileNameA
LoadLibraryExW
GlobalLock
GlobalDeleteAtom
lstrcmpA
MultiByteToWideChar
CompareStringA
InitializeCriticalSectionAndSpinCount
FreeResource
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
OutputDebugStringA
SetLastError
GetModuleFileNameW
GlobalUnlock
LoadLibraryW
SetEvent
WaitForSingleObject
SetThreadPriority
ResumeThread
GlobalAddAtomA
GetCurrentProcessId
EncodePointer
GetSystemDirectoryW
lstrcmpW
LoadLibraryA
GlobalFindAtomA
GlobalGetAtomNameA
GlobalSize
LocalFree
MulDiv
FormatMessageA
CopyFileA
DeleteFileA
FindClose
FindFirstFileA
CreateFileW
GetFileSize
GetFullPathNameA
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
lstrcmpiA
GetVolumeInformationA
GetThreadLocale
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GetCurrentDirectoryA
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
VerSetConditionMask
lstrcpyA
VerifyVersionInfoA
GetFileAttributesA
GetACP
VirtualProtect
GetOEMCP
GetCPInfo
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
SetErrorMode
SearchPathA
GetTempPathA
GetTempFileNameA
GetTickCount
GetProfileIntA
GetWindowsDirectoryA
FindResourceExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
CreateEventW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead

user32

IsRectEmpty
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
GetSysColorBrush
SetLayeredWindowAttributes
MonitorFromPoint
SetParent
ReuseDDElParam
UnpackDDElParam
LoadImageA
DestroyIcon
IntersectRect
InsertMenuItemA
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
InvalidateRect
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
CopyImage
LoadCursorW
LoadCursorA
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
CharUpperA
FillRect
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
InflateRect
GetMenuItemInfoA
DestroyMenu
SetRectEmpty
RemoveMenu
InsertMenuA
GetMenuState
GetMenuStringA
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
UnhookWindowsHookEx
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
LoadImageW
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackMouseEvent
GetAsyncKeyState
LoadMenuW
OffsetRect
SystemParametersInfoA
SetWindowPos
SetWindowContextHelpId
GetParent
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
SetWindowRgn
NotifyWinEvent
ModifyMenuA
PostThreadMessageA
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
MapVirtualKeyA
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
EnumChildWindows
RegisterClipboardFormatA
LockWindowUpdate
IsMenu
CreateWindowExA
SetClassLongA
CharNextA
InvalidateRgn
SetRect
GetNextDlgGroupItem
DrawIconEx
GetKeyNameTextA
UnionRect
GetWindow
MapDialogRect
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongA
GetDesktopWindow
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
ShowOwnedPopups
SetCursor
MessageBoxA
GetWindowThreadProcessId
GetLastActivePopup
RegisterWindowMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
CallWindowProcA
EnableWindow
LoadIconW
SendMessageA
GetSystemMenu
AppendMenuA
RegisterDeviceNotificationA
IsIconic
GetSystemMetrics
GetClientRect
RegisterClassA
GetClassInfoA
GetClassInfoExA
DrawIcon
UnregisterClassA
PostMessageA
PostQuitMessage
IsZoomed
RedrawWindow
GetWindowRgn
GetComboBoxInfo
DestroyCursor
CreateMenu
GetDoubleClickTime
InvertRect
HideCaret
GetIconInfo
GetUpdateRect
SubtractRect
MapVirtualKeyExA
IsCharLowerA
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
IsClipboardFormatAvailable
FrameRect
CopyIcon
SetMenuDefaultItem
GetMenuDefaultItem
EnableScrollBar
UpdateLayeredWindow
CharUpperBuffA
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawEdge
AdjustWindowRectEx
MessageBeep

gdi32

ExtTextOutA
GetTextExtentPoint32A
CreateFontIndirectA
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateDCA
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
CopyMetaFileA
SetPixelV
GetTextFaceA
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
GetWindowOrgEx
GetViewportOrgEx
SetPaletteEntries
ExtFloodFill
RoundRect
LPtoDP
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExA
Rectangle
Polyline
Polygon
CreatePolygonRgn
Ellipse
CreateEllipticRgn
DPtoLP
SetRectRgn
GetMapMode
GetBkColor
GetTextColor
OffsetRgn
GetRgnBox
CreateRoundRectRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
RealizePalette
PatBlt
GetDIBits
CombineRgn
GetTextMetricsA
GetTextCharsetInfo
EnumFontFamiliesA
CreateRectRgnIndirect
CreateDIBitmap
CreateCompatibleBitmap
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
TextOutA
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
DeleteDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
RegCloseKey

shell32

SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetFileInfoA
DragQueryFileA
ShellExecuteA
DragFinish
SHGetDesktopFolder
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHAppBarMessage

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsA
PathFindExtensionA
PathFindFileNameA
StrFormatKBSizeA
PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA

uxtheme

GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeText
DrawThemeParentBackground
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
OpenThemeData
CloseThemeData
GetThemePartSize
IsAppThemed

ole32

CreateStreamOnHGlobal
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CoDisconnectObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoInitializeEx
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

SysStringLen
OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi
SysAllocStringByteLen
VariantCopy
VarBstrFromDate
VariantChangeType
SysAllocStringLen
SysFreeString
VariantInit
VariantClear

oledlg

ord8

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage

gd_dfu_dll

GDDFU_Download
GDDFU_GetStatus
GDDFU_Abort
GDDFU_Upload
GDDFU_DeviceOpen
GDDFU_DeviceClose
GDDFU_WaitStatus

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cefaa8ebec815b03e0b8bdd59c9d8c15

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 584KB - Virtual size: 583KB

.data Size: 6.7MB - Virtual size: 6.7MB

.pdata Size: 78KB - Virtual size: 77KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 184KB - Virtual size: 183KB

db0869602e3443313c4fda04aa3cbcc9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcr90

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 880B

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 512B - Virtual size: 384B

084b16f7dcba89c78918242a6b666416

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

setupapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

gd_dfu_dll

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 312KB - Virtual size: 312KB

.data Size: 22KB - Virtual size: 46KB

.gfids Size: 106KB - Virtual size: 106KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 584KB - Virtual size: 583KB

.data
Size: 6.7MB - Virtual size: 6.7MB

.pdata
Size: 78KB - Virtual size: 77KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 184KB - Virtual size: 183KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 880B

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 512B - Virtual size: 384B

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 312KB - Virtual size: 312KB

.data
Size: 22KB - Virtual size: 46KB

.gfids
Size: 106KB - Virtual size: 106KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 122KB - Virtual size: 121KB

.reloc
Size: 122KB - Virtual size: 121KB