ZoomInfoContactContributor.exe

General
Target

ZoomInfoContactContributor.exe

Size

259KB

Sample

201119-1e1ky8mt2j

Score
8 /10
MD5

0b5719e9fd40b85d4d95e475e9431cd0

SHA1

132151d26e61d2fda4e4b31eb376a41ea0d56e6d

SHA256

2aa9f15810e2c55dbc8522e386d76d1a8fb3a63a712b33e17bd2139a7b45c76b

SHA512

ed17497df8e53eb9a49ff3d6ed5bf8d84f17a045947a4b474204a8bf06254f8a801be1243599e526123ccc5e88af389f718021409567ac86ed28d988afd3d1cf

Malware Config
Targets
Target

ZoomInfoContactContributor.exe

MD5

0b5719e9fd40b85d4d95e475e9431cd0

Filesize

259KB

Score
7 /10
SHA1

132151d26e61d2fda4e4b31eb376a41ea0d56e6d

SHA256

2aa9f15810e2c55dbc8522e386d76d1a8fb3a63a712b33e17bd2139a7b45c76b

SHA512

ed17497df8e53eb9a49ff3d6ed5bf8d84f17a045947a4b474204a8bf06254f8a801be1243599e526123ccc5e88af389f718021409567ac86ed28d988afd3d1cf

Tags

Signatures

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup Folder Modify Registry
  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry
  • Checks computer location settings

    Description

    Looks up country code configured in the registry, likely geofence.

    TTPs

    Query Registry System Information Discovery

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks

                    static1

                    1/10

                    behavioral2

                    7/10