Static analysis of Goldenhelper Malware (Golden Tax malware)

“GoldenHelper” was discovered on July 14, 2020 embedded in Golden Tax Invoicing Software, an invoice issuing software used by Chinese banks. This malware variant seems to have been active between January 2018 and July 2019.

Fig 1.0: First bytes of malware sample