9a669c706c3887c9753422e032ca11f67c6083c66ebd4e42efea71e23b50d2f4

Sharing

Copy URL Twitter E-mail

General

Target

9a669c706c3887c9753422e032ca11f67c6083c66ebd4e42efea71e23b50d2f4
Size

5.8MB
MD5

aaea108df28525b832ebe05caa89ac17
SHA1

f878429fa65a81c82f6f52ae8d065f99c6a473dc
SHA256

9a669c706c3887c9753422e032ca11f67c6083c66ebd4e42efea71e23b50d2f4
SHA512

a981a3e7a325cc35d9a73bfe1f18e9ba311db8b56dbc7d2ed0853790234e92e907463dac4b113e8088f72c9c279027b55a6b5158cfb37d9813d305abe50cd09d
SSDEEP

98304:qmdqNUbzFitdGzCl7K3xaxtWHdQ3uvYkvpXmpu9JdsELFSFoFLOAkGkzdnEVomFR:q8KQCl7LxtWHmWpWpu9JdlFLOyomFHKW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a669c706c3887c9753422e032ca11f67c6083c66ebd4e42efea71e23b50d2f4

Files

9a669c706c3887c9753422e032ca11f67c6083c66ebd4e42efea71e23b50d2f4
.exe windows:5 windows x86 arch:x86

bcf7f5d1f889e885a7bd8286cf05b147

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\SVN Windows项目\GD_Link\Tags\V4.6.9.13723\Release\GD-Link Programmer.pdb

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

hid

HidD_GetAttributes
HidP_GetCaps
HidD_GetHidGuid
HidD_FreePreparsedData
HidD_GetPreparsedData

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

kernel32

InterlockedCompareExchange
SetEnvironmentVariableA
GetProcessHeap
CreateFileW
WriteConsoleW
IsValidLocale
EnumSystemLocalesA
GetTimeZoneInformation
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetLocaleInfoW
LCMapStringW
GetConsoleMode
GetConsoleCP
SetHandleCount
HeapCreate
GetStdHandle
GetStringTypeW
IsProcessorFeaturePresent
CompareStringW
IsValidCodePage
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetFileType
SetStdHandle
HeapSize
HeapQueryInformation
ExitProcess
HeapReAlloc
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualAlloc
GetTickCount
FlushFileBuffers
ReadFile
CancelIo
WriteFile
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
FindClose
FindFirstFileA
SetEvent
GetExitCodeThread
WaitForSingleObject
ResumeThread
SuspendThread
Thread32Next
Thread32First
CreateToolhelp32Snapshot
CloseHandle
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileA
GetLocalTime
SetUnhandledExceptionFilter
GetModuleFileNameA
TerminateThread
InterlockedDecrement
InterlockedIncrement
RaiseException
RtlUnwind
Sleep
FreeLibrary
GetWindowsDirectoryA
lstrcpyA
MultiByteToWideChar
lstrlenA
MulDiv
lstrcatA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
ActivateActCtx
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetLastError
GetStartupInfoW
HeapSetInformation
GetCommandLineA
CreateThread
DeactivateActCtx
SetLastError
GetTimeFormatA
DecodePointer
ExitThread
GetDateFormatA
EncodePointer
HeapFree
HeapAlloc
FindResourceExW
GetNumberFormatA
SetErrorMode
VirtualProtect
GetTempPathA
GetShortPathNameA
GetVolumeInformationA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
MoveFileA
DeleteFileA
lstrcmpiA
GetStringTypeExA
GetProfileIntA
SearchPathA
GetACP
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
TlsGetValue
GlobalFlags
LocalAlloc
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExA
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
GlobalAddAtomA
GlobalGetAtomNameA
GlobalUnlock
GlobalLock
lstrcmpW
LoadLibraryW
CompareStringA
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomA
FreeResource
FindResourceA
GlobalSize
GlobalFree
GlobalReAlloc
GlobalAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetFileAttributesA
GetFileSize
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
SetThreadPriority
GetCurrentDirectoryA
lstrlenW
LocalFree
FormatMessageA
CopyFileA
GetThreadLocale
FileTimeToSystemTime
SystemTimeToFileTime
lstrcmpA
FileTimeToLocalFileTime
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetUserDefaultLCID
ReplaceFileA
SetFileTime
GetFileTime
GetTempFileNameA
GetFullPathNameA
GetDiskFreeSpaceA

user32

GetMenu
IsRectEmpty
BeginPaint
EndPaint
GetSysColorBrush
DrawFrameControl
SetCapture
GetCapture
IsIconic
IsZoomed
SetWindowRgn
IsWindowVisible
GetTopWindow
SetParent
SetForegroundWindow
GetClassLongA
DestroyWindow
DefFrameProcA
DefMDIChildProcA
GetMenuItemID
GetMenuItemCount
CreateWindowExA
DrawMenuBar
GetActiveWindow
BringWindowToTop
TranslateMDISysAccel
TranslateAcceleratorA
SetWindowPos
AdjustWindowRectEx
ShowWindow
SetMenu
GetLastActivePopup
IntersectRect
GetClassInfoA
InsertMenuItemA
SetActiveWindow
LoadAcceleratorsA
GetDlgCtrlID
GetDlgItem
EqualRect
IsWindowEnabled
GetWindowThreadProcessId
SetFocus
WinHelpA
DestroyMenu
LoadMenuA
ReuseDDElParam
UnpackDDElParam
GetClassNameA
CallWindowProcA
DefWindowProcA
GetWindowPlacement
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
RegisterClassA
GetClassInfoExA
MessageBoxA
ShowScrollBar
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
TrackPopupMenu
ScrollWindow
MapWindowPoints
InflateRect
MonitorFromWindow
GetMessageTime
UnhookWindowsHookEx
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageA
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
RemovePropA
GetPropA
SetPropA
CallNextHookEx
SetWindowsHookExA
SendDlgItemMessageA
LoadIconA
RegisterWindowMessageA
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckDlgButton
IsDialogMessageA
MoveWindow
PtInRect
GetMenuDefaultItem
IsMenu
SetMenuDefaultItem
DeleteMenu
GetSystemMenu
WindowFromPoint
LoadCursorW
MessageBeep
NotifyWinEvent
GetAsyncKeyState
CharUpperA
OpenClipboard
CopyImage
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
UnionRect
GetUpdateRect
LockWindowUpdate
ReleaseDC
GetKeyNameTextA
MapVirtualKeyA
GetMenuItemInfoA
GetMenuStringA
RegisterClipboardFormatA
SetClassLongA
ValidateRect
TranslateMessage
GetMessageA
DestroyAcceleratorTable
EnableScrollBar
UpdateLayeredWindow
MonitorFromPoint
GetWindowDC
RemoveMenu
EnumDisplayMonitors
SetLayeredWindowAttributes
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
PostQuitMessage
WaitMessage
MapDialogRect
SetWindowContextHelpId
LoadAcceleratorsW
PostThreadMessageA
ShowOwnedPopups
CharUpperBuffA
InvertRect
HideCaret
SetCursorPos
RealChildWindowFromPoint
CopyAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableA
SubtractRect
UnregisterClassA
GetDoubleClickTime
EnumChildWindows
CharNextA
InvalidateRgn
GetNextDlgGroupItem
DrawIcon
IsCharLowerA
MapVirtualKeyExA
LoadImageA
GetWindowRgn
DrawEdge
GetMessagePos
SetRect
GetSystemMetrics
ReleaseCapture
RedrawWindow
CopyRect
DrawFocusRect
FrameRect
wsprintfA
FillRect
GetCursorPos
DestroyCursor
CopyIcon
KillTimer
OffsetRect
SystemParametersInfoA
IsWindow
LoadCursorA
GetFocus
IsChild
GetParent
EnableWindow
LoadBitmapW
GetWindowRect
UpdateWindow
InvalidateRect
GetClientRect
ScreenToClient
SendMessageA
GetSubMenu
LoadMenuW
SetRectEmpty
DestroyIcon
DrawStateA
AppendMenuA
GetSysColor
SetCursor
GetMonitorInfoA
CreateMenu
GrayStringA
DrawTextExA
TabbedTextOutA
DrawTextA
PeekMessageA
MsgWaitForMultipleObjects
SetWindowTextA
LoadIconW
ClientToScreen
SetWindowLongA
GetWindowLongA
PostMessageA
IsClipboardFormatAvailable
InsertMenuA
CreatePopupMenu
GetKeyState
GetWindow
GetDesktopWindow
GetDC
GetIconInfo
DrawIconEx
SetTimer

gdi32

SetMapMode
SetTextAlign
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
StretchBlt
CombineRgn
SelectPalette
GetDIBits
SetPixelV
GetTextFaceA
EnumFontFamiliesExA
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetSystemPaletteEntries
SetDIBColorTable
GetViewportOrgEx
GetWindowOrgEx
IntersectClipRect
SetPaletteEntries
GetPaletteEntries
ExtFloodFill
GetRgnBox
OffsetRgn
RoundRect
CreateDIBitmap
Ellipse
Polyline
GetBkColor
CreatePolygonRgn
CreateEllipticRgn
CopyMetaFileA
DPtoLP
GetMapMode
SetRectRgn
CreateHatchBrush
GetObjectType
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
GetObjectA
GetTextCharsetInfo
EnumFontFamiliesA
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
PatBlt
BitBlt
CreatePalette
GetTextExtentPoint32A
SetBkColor
SetTextColor
SetBrushOrgEx
Rectangle
GetDeviceCaps
RealizePalette
CreatePen
GetTextMetricsA
ExtTextOutA
CreateDCA
GetStockObject
Polygon
CreateBitmap
GetPixel
CreateSolidBrush
CreateRoundRectRgn
SelectClipRgn
DeleteObject
MoveToEx
LineTo
SetPixel
DeleteDC
CreatePatternBrush
PtVisible
RectVisible
TextOutA
Escape
ExcludeClipRect
LPtoDP
GetClipBox
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
SetLayout
GetLayout
GetTextColor
CreateRectRgnIndirect
CreateDIBSection
GetNearestPaletteIndex
CreateRectRgn

comdlg32

GetFileTitleA

shell32

SHAppBarMessage
SHGetFileInfoA
DragFinish
DragQueryFileA
SHGetDesktopFolder
DragAcceptFiles
ShellExecuteA
SHGetSpecialFolderLocation
SHAddToRecentDocs
ExtractIconA
SHGetPathFromIDListA
SHGetMalloc
SHBrowseForFolderA

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VarBstrFromDate
VariantCopy
SysStringLen
SysAllocStringByteLen
SysFreeString
SysAllocStringLen
OleCreateFontIndirect
VariantInit
SysAllocString
VariantClear
VariantChangeType

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetImageCount
InitCommonControlsEx
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_Create
ImageList_GetIcon
ImageList_Destroy
ImageList_DrawEx

shlwapi

PathRemoveFileSpecW
PathFileExistsA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oledlg

ord8

gdiplus

GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageHeight
GdipDrawImageI
GdipCloneImage
GdipDrawImageRectI
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipSetInterpolationMode
GdipFree

ws2_32

shutdown
gethostname
gethostbyname
WSASetLastError
WSACleanup
inet_addr
recv
accept
listen
send
WSAGetLastError
bind
htons
socket
WSAStartup
inet_ntoa
closesocket

gddap

?GDDAP_RISCV013_Step@@YAHXZ
?GDDAP_ReadAP@@YAHEPAK@Z
?GDDAP_WriteAP@@YAHEK@Z
?GDDAP_WriteDP@@YAHEK@Z
?GDDAP_ReadD32@@YAHKPAK@Z
?GDDAP_WriteMem@@YAHPAKPAEK@Z
?GDDAP_SetARMRegs@@YAHPAK0_K@Z
?GDDAP_GetARMRegs@@YAHPAK0_K@Z
?GDDAP_ReadD16@@YAHKPAG@Z
?GDDAP_DebugDeInit@@YAHXZ
?HIDDev_ConnectMCU@@YAHHJPAKPAH@Z
?HIDDev_Open@@YAHXZ
?HIDDev_Product@@YAHHPADH@Z
?GDDAP_DLL_DeInit@@YAHXZ
?GDDAP_DLL_Init@@YAHXZ
?HIDDev_Close@@YAHXZ
?HIDDev_GetUSBType@@YAHXZ
?GDDAP_Commands@@YAHHPAPAEPAH01@Z
?GDDAP_WriteD16@@YAHKG@Z
?GDDAP_RISCV013_Reset@@YAHXZ
?GDDAP_RISCV013_Run@@YAHXZ
?GDDAP_RISCV013_WriteRegister@@YAHPAKK@Z
?GDDAP_RISCV013_ReadRegister@@YAHPAKK@Z
?GDDAP_RISCV013_IsHalted@@YAHXZ
?GDDAP_RISCV013_Halt@@YAHXZ
?GDDAP_DebugInit@@YAHH@Z
?GDDAP_WriteD8@@YAHKE@Z
?GDDAP_ReadD8@@YAHKPAE@Z
?GDDAP_ReadMem@@YAHPAKPAEK@Z
?GDDAP_WriteD32@@YAHKK@Z

dbghelp

MiniDumpWriteDump

gd_mcu_dll

GD32MCU_InitParaByMCUID
GD32MCU_GetMCUPartNo
GD32MCU_DLL_Init
GD32MCU_DLL_UnInit
GD32MCU_GetMCUMapSize
GD32MCU_GetPartNoList
GD32MCU_InitParaByPartNo
GD32MCU_GetFlashSize
GD32MCU_GetMCUSeries
GD32MCU_GetMCUCore
GD32MCU_GetMCUID
GD32MCU_GetPagePerSector
GD32MCU_GetPageSize
GD32MCU_GetPageNumber
GD32MCU_GetSRAMSize
GD32MCU_GetBank1PageNumber
GD32MCU_GetBank2PageNumber
GD32MCU_GetOnePageInfo

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyExW
RegDeleteKeyA
RegEnumValueA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueA
RegQueryValueExA
RegEnumKeyA
RegEnumKeyExA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA

ole32

OleLockRunning
CoGetClassObject
CoRevokeClassObject
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
OleGetClipboard
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoInitializeEx
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoCreateGuid
CLSIDFromString
CoInitialize
CoCreateInstance
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
StringFromCLSID
CoTaskMemFree
CreateStreamOnHGlobal

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 418KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 604KB - Virtual size: 635KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcf7f5d1f889e885a7bd8286cf05b147

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

hid

setupapi

kernel32

user32

gdi32

comdlg32

shell32

oleaut32

msimg32

comctl32

shlwapi

oledlg

gdiplus

ws2_32

gddap

dbghelp

gd_mcu_dll

oleacc

imm32

winmm

winspool.drv

advapi32

ole32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 418KB - Virtual size: 418KB

.data Size: 604KB - Virtual size: 635KB

.rsrc Size: 1.9MB - Virtual size: 1.9MB

.reloc Size: 220KB - Virtual size: 220KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 418KB - Virtual size: 418KB

.data
Size: 604KB - Virtual size: 635KB

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

.reloc
Size: 220KB - Virtual size: 220KB