zldixu[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

zldixu.exe
Size

97KB
MD5

52ca16ca9369405c9a36bdeb98ff450f
SHA1

2ca2d42fd50ac83a870ca17656b959316efff335
SHA256

5dc182406f22df80c5743539165fb3b81900f612cf72aed099dcf4a21aa6cd71
SHA512

b79b9f24e95ef2cf5ce05b979465b80f66131bc2ef65d5ff5548c9df80537a63a0aa053493a14490e7df96fe256c8eb32dfd212f5bc4b2a350d8d11f60f63de1
SSDEEP

3072:kFvI/QWJpWIXaX42vByg4POfafNTRrEQ52o6:JdJCygpfafR9ENb

Score

1^/10

Malware Config

Signatures

Files

zldixu.exe
.exe windows x86

d52c9907f71dfe871fef798ce49b0a7d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

GetCurrentProcessId
CloseHandle
VirtualProtect
CreateEventW
EnterCriticalSection
GetLastError
lstrcmpW
TerminateProcess
LeaveCriticalSection
GetVersionExW
OpenProcess
InitializeCriticalSection
GetProcessHeap
GetModuleHandleW
SetEvent
HeapFree
GetCurrentProcess
HeapAlloc
SetEndOfFile
CreateProcessW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
HeapSize
FlushFileBuffers
SetStdHandle
CreateFileA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsSetValue
TlsAlloc
TlsGetValue
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileType
SetHandleCount
ReadFile
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
GetModuleHandleA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetProcAddress
Sleep
HeapCreate
HeapReAlloc
VirtualAlloc
VirtualFree
DeleteCriticalSection
GetStartupInfoA
GetCommandLineA
SetPriorityClass
WriteFileEx
DeleteFiber
RequestWakeupLatency
SetFilePointer
MultiByteToWideChar
SetConsoleWindowInfo
TlsFree

gdi32

SetBkColor
ExtTextOutW
GetGlyphOutline
GetTextExtentPointW
GdiEndDocEMF
GetCharABCWidthsA
ExtFloodFill
GdiGetBatchLimit
SetWindowOrgEx

comdlg32

GetFileTitleA
PrintDlgA
ReplaceTextW
PrintDlgW
PageSetupDlgW

rpcrt4

NdrXmitOrRepAsFree
RpcMgmtSetComTimeout
NdrClientInitializeNew
NdrCorrelationPass
RpcBindingSetAuthInfoA

mapi32

ord20
ord184
ord23
ord140
ord190
ord179
ord143
ord73
ord157

winmm

timeGetSystemTime
waveInReset
waveInGetID
DriverCallback
auxGetVolume
mixerClose

ws2_32

WSASocketA
WSAHtons
WSAEnumProtocolsA
WSASetLastError
setsockopt

ole32

CreateStreamOnHGlobal
StgCreateDocfile
OleRegEnumVerbs
HBITMAP_UserMarshal
OleRegEnumFormatEtc
StgOpenStorageOnILockBytes
CreateDataCache

user32

wsprintfW
BeginPaint
GetClientRect
GetDC
GetMenu
LoadIconW
GetWindowPlacement
TrackPopupMenuEx
SetRect
CheckMenuRadioItem
LoadMenuW
CascadeWindows
BringWindowToTop
GetWindowLongW
TileWindows
ReleaseDC
DialogBoxParamW
GetMenuState
SetWindowLongW
EndDialog
GetSysColor
SetWindowPos
GetCursorPos
LoadStringW
ShowWindow
SetMenuDefaultItem
MessageBoxW
IsWindowVisible
SendMessageW
DestroyMenu
DestroyIcon
WinHelpW
DefWindowProcW
CheckMenuItem
GetWindowThreadProcessId
DeleteMenu
LoadStringA
SetForegroundWindow
GetSubMenu
IsZoomed
EndPaint
SetTimer
OpenIcon
IsIconic
PostMessageW
KillTimer
GetDlgItem

advapi32

OpenProcessToken
RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
LookupPrivilegeValueW
RegOpenKeyExW
AdjustTokenPrivileges

shell32

Shell_NotifyIconW

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d52c9907f71dfe871fef798ce49b0a7d

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

gdi32

comdlg32

rpcrt4

mapi32

winmm

ws2_32

ole32

user32

advapi32

shell32

Sections

.text Size: 73KB - Virtual size: 72KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 5KB - Virtual size: 27KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 73KB - Virtual size: 72KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 5KB - Virtual size: 27KB

.reloc
Size: 6KB - Virtual size: 6KB