20a83d19646ad0b5071496812194cab568ed30f877da217c8d6fecc46fad037d

Sharing

Copy URL Twitter E-mail

General

Target

20a83d19646ad0b5071496812194cab568ed30f877da217c8d6fecc46fad037d
Size

6.2MB
MD5

95de1191a58ef1c724114fbdb6c15c38
SHA1

017c2d98b3a95327c50e06cc24a725ff2afe7583
SHA256

20a83d19646ad0b5071496812194cab568ed30f877da217c8d6fecc46fad037d
SHA512

0f76491a62542f0e117be66d6df764e1545185da4e8a60457a5077a1e0fb4fe1e53c02bc5bb9353539baf24a095b3aee3dae4b2082b8aefee60fc43209d00f8c
SSDEEP

98304:jRUIUDv2jweRWm6FhtXuJIS6s1TPZdHqBwu9W4aFV96Rbx48oCDh:VUIUDv2jweWm6Fht+KSjHqlkg1h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20a83d19646ad0b5071496812194cab568ed30f877da217c8d6fecc46fad037d

Files

20a83d19646ad0b5071496812194cab568ed30f877da217c8d6fecc46fad037d
.exe windows:5 windows x86 arch:x86

1136655f37226920e49e0ac1fede9835

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\项目\锯片套料\3A套料\HcarveMU_3A\Hcarve3A\Release_x86\Hcarve.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

GetModuleFileNameA
GetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetCommandLineA
GetFileType
SetStdHandle
GetFullPathNameA
GetACP
ExitThread
CreateThread
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetCPInfo
GetStringTypeW
LCMapStringW
OutputDebugStringW
GetDateFormatW
GetTimeFormatW
IsValidLocale
FreeLibraryAndExitThread
SetCurrentDirectoryW
LockResource
Sleep
LoadResource
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetTimeZoneInformation
ReadConsoleW
FindFirstFileExA
FindFirstFileExW
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
SizeofResource
FindResourceW
MultiByteToWideChar
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
WideCharToMultiByte
SetProcessWorkingSetSize
GetCurrentProcess
GetLogicalDrives
Beep
GetModuleFileNameW
GetDriveTypeW
CreateDirectoryW
CopyFileW
GetTickCount
lstrlenW
lstrcpyW
DeleteFileW
FreeLibrary
GetProcAddress
LoadLibraryW
GlobalMemoryStatus
OpenProcess
TerminateProcess
QueryPerformanceCounter
QueryPerformanceFrequency
MulDiv
SetThreadExecutionState
GetLastError
ReleaseMutex
CloseHandle
CreateMutexW
GetCommandLineW
InterlockedIncrement
InterlockedDecrement
WinExec
lstrcatW
GetWindowsDirectoryW
WaitForSingleObject
lstrcpynW
CreateProcessW
GetCurrentDirectoryW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetConsoleCtrlHandler
WriteConsoleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTempPathW
SearchPathW
FindResourceExW
LocalUnlock
LocalLock
SetErrorMode
VerifyVersionInfoW
VerSetConditionMask
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalAlloc
GlobalLock
GlobalUnlock
CompareStringW
GlobalFlags
GetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
VirtualProtect
GetUserDefaultLCID
ReplaceFileW
GetTempFileNameW
GetDiskFreeSpaceW
CompareStringA
GetCurrentThread
FindNextFileW
SystemTimeToFileTime
SetFileTime
SetFileAttributesW
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
GetThreadLocale
GetStringTypeExW
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
GetProfileIntW
GetVersionExW
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
SetEvent
GlobalGetAtomNameW
lstrcmpA
GetCurrentProcessId
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleW
GetModuleHandleA
FreeResource
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
FormatMessageW
LocalFree
GlobalSize
SetLastError
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
lstrcmpW
RemoveDirectoryW
GetProfileStringW
GlobalFree
GetVersion
MoveFileW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
EnumSystemLocalesW

user32

SetClassLongW
GetIconInfo
GetComboBoxInfo
DrawFrameControl
DrawEdge
LockWindowUpdate
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
GetTabbedTextExtentW
IsClipboardFormatAvailable
EnumDisplayMonitors
MonitorFromPoint
UpdateLayeredWindow
SetMenuDefaultItem
GetMenuDefaultItem
UnionRect
GetDialogBaseUnits
CopyImage
TrackMouseEvent
RealChildWindowFromPoint
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
SetParent
DeleteMenu
GetSystemMenu
SetWindowRgn
DrawIcon
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
CharUpperW
GetMessageW
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
GetMenuItemInfoW
DestroyMenu
MapVirtualKeyW
GetKeyNameTextW
IsZoomed
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CharUpperBuffW
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
DestroyIcon
wsprintfW
BeginDeferWindowPos
GetFocus
SetTimer
SetForegroundWindow
GetForegroundWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgItem
IsIconic
DeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
ToUnicodeEx
GetKeyboardLayout
CreateAcceleratorTableW
DestroyAcceleratorTable
PostThreadMessageW
WaitMessage
GetDoubleClickTime
IsCharLowerW
MapVirtualKeyExW
GetUpdateRect
DestroyCursor
MonitorFromRect
DefFrameProcW
DefMDIChildProcW
GetMessageTime
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
SendDlgItemMessageA
TranslateMDISysAccel
SendNotifyMessageW
InSendMessage
WindowFromDC
CreateMenu
SubtractRect
GetWindowRgn
CheckDlgButton
EndDeferWindowPos
GetDCEx
ClientToScreen
GetSysColorBrush
IsRectEmpty
GetClassLongW
DrawTextExW
GrayStringW
TabbedTextOutW
LoadImageW
UnregisterClassW
mouse_event
SetCursorPos
KillTimer
EnableWindow
GetSysColor
EnumChildWindows
SendMessageW
GetAsyncKeyState
InvalidateRect
DrawMenuBar
CheckMenuItem
EnableMenuItem
GetSubMenu
ModifyMenuW
GetSystemMetrics
DrawStateW
ReleaseDC
GetWindowTextW
GetClientRect
FillRect
WindowFromPoint
FrameRect
CopyRect
GetMessagePos
LoadMenuW
CreatePopupMenu
InsertMenuW
AppendMenuW
RemoveMenu
ScreenToClient
MessageBoxW
PostMessageW
IsWindow
GetDC
GetWindowRect
InflateRect
SetWindowLongW
GetParent
TranslateMessage
DispatchMessageW
PeekMessageW
GetKeyState
GetKeyboardState
FindWindowW
GetWindowThreadProcessId
OffsetRect
PtInRect
LoadCursorW
LoadIconW
DrawIconEx
UpdateWindow
LoadBitmapW
SystemParametersInfoW
SetCapture
ReleaseCapture
RedrawWindow
MessageBeep
SetCursor
CopyIcon
SetWindowPos
GetDlgCtrlID
SetMenuInfo
GetWindow
GetMenuItemID
GetMenuItemCount
RegisterWindowMessageW
GetCursorPos
DrawTextW
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
RegisterClipboardFormatW
EmptyClipboard
IsWindowVisible
SetRect
EqualRect
SetLayeredWindowAttributes
GetWindowLongW
SetRectEmpty
IntersectRect
EndPaint
BeginPaint
GetMenuState
GetMenuStringW
SetActiveWindow
GetWindowDC
DrawFocusRect
IsChild

gdi32

GetMapMode
BeginPath
EndPath
FillPath
Polyline
CopyMetaFileW
CreateBitmap
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePatternBrush
CreateRectRgn
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextColor
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
PolyBezierTo
EnumFontFamiliesExW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateRectRgnIndirect
SetRectRgn
DPtoLP
GetCharWidthW
StretchDIBits
UnrealizeObject
GetBkColor
SetAbortProc
CreateEllipticRgn
CreateDIBSection
LPtoDP
CreateRoundRectRgn
CreateDIBitmap
GetTextCharsetInfo
GetRgnBox
CreatePolygonRgn
Polygon
CreatePalette
GetPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetSystemPaletteEntries
SetPixel
SetDIBColorTable
OffsetRgn
ExtFloodFill
SetPaletteEntries
FrameRgn
PtInRegion
SetPixelV
FillRgn
GetBoundsRect
GetViewportOrgEx
GetWindowOrgEx
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
RoundRect
DeleteDC
CreateSolidBrush
GetTextExtentPoint32W
CreateFontIndirectW
CreateFontW
GetCurrentObject
GetStockObject
GetTextMetricsW
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreatePen
GetDeviceCaps
Rectangle
DeleteObject
GetDIBits
SetDIBits
GetObjectW
StretchBlt
SelectObject
AngleArc
CreateDCW
StartDocW
EndDoc
StartPage
EndPage
AbortDoc
EnumFontFamiliesW
GetTextColor
Ellipse
PatBlt
Escape
PtVisible
RectVisible
TextOutW
PolylineTo
ExtTextOutW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

GetJobW
ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

SetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey
RegOpenKeyExW
RegQueryValueW
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExW
RegRestoreKeyW
RegSaveKeyW
RegSetValueExW
RegOpenKeyW
RegSetValueW
RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
OpenProcessToken
GetFileSecurityW
RegEnumKeyW

shell32

DragFinish
DragQueryFileW
ShellExecuteW
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHAddToRecentDocs
ShellExecuteExW
SHAppBarMessage
SHGetDesktopFolder
SHGetSpecialFolderLocation
ExtractIconW
SHFileOperationW

comctl32

ImageList_ReplaceIcon
ImageList_Draw
_TrackMouseEvent
ImageList_AddMasked

shlwapi

PathRemoveExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathFindFileNameW
PathFindExtensionW

uxtheme

GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeText
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeBackground
CloseThemeData
OpenThemeData
IsAppThemed

ole32

CreateOleAdviseHolder
CreateDataAdviseHolder
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
GetHGlobalFromILockBytes
OleCreateLinkFromData
OleCreateFromData
OleCreate
WriteClassStm
CreateItemMoniker
CreateGenericComposite
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
IsAccelerator
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleRegEnumVerbs
OleRegGetMiscStatus
CreateFileMoniker
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
OleLockRunning
OleSetMenuDescriptor
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleRun
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
StringFromGUID2
PropVariantCopy
CLSIDFromProgID
CoInitialize
CoCreateGuid
CoCreateInstance
CoInitializeEx
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoTreatAsClass
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleQueryLinkFromData
OleQueryCreateFromData
OleTranslateAccelerator
CLSIDFromString

oleaut32

SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
SysReAllocStringLen
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
VariantChangeType
SafeArrayAccessData
SafeArrayUnaccessData
CreateErrorInfo
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
SysAllocString
SysFreeString
GetErrorInfo
SetErrorInfo
SafeArrayUnlock

oledlg

OleUIBusyW

gdiplus

GdipGetImageWidth
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromStreamICM

cardpcie

CH367GetDrvVersion
CH367mOpenDevice
CH367mCloseDevice
CH367mGetIoBaseAddr
CH367mWriteIoByte
CH367mReadI2C
CH367mWriteI2C
CH367DelayUS
CH367mAccessBlock
CH367mReadIoByte

winmm

timeKillEvent
PlaySoundW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1003KB - Virtual size: 1003KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 23.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 318KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1136655f37226920e49e0ac1fede9835

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

cardpcie

winmm

oleacc

imm32

Sections

.text Size: 4.5MB - Virtual size: 4.5MB

.rdata Size: 1003KB - Virtual size: 1003KB

.data Size: 39KB - Virtual size: 23.0MB

.gfids Size: 138KB - Virtual size: 137KB

.giats Size: 512B - Virtual size: 28B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 276KB - Virtual size: 276KB

.reloc Size: 318KB - Virtual size: 317KB

.text
Size: 4.5MB - Virtual size: 4.5MB

.rdata
Size: 1003KB - Virtual size: 1003KB

.data
Size: 39KB - Virtual size: 23.0MB

.gfids
Size: 138KB - Virtual size: 137KB

.giats
Size: 512B - Virtual size: 28B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 276KB - Virtual size: 276KB

.reloc
Size: 318KB - Virtual size: 317KB