Overview

overview

8

Static

static

ZoomInstaller.exe

windows7_x64

8

ZoomInstaller.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ZoomInstaller.exe

  • Size

    18.7MB

  • Sample

    210122-7c9v8fwds2

  • MD5

    2880073f86a4b5144b57fce296e46345

  • SHA1

    c7d271855c08231209d0e2194ba1120aaac1e387

  • SHA256

    d65e8a784c2ba0d9f7a029e1817b78b31324fb8c988e0467fd693b0efd890756

  • SHA512

    692af220e2498d1f14ace9c36b5815e4841848cc3eef8925919ab553f9e984aa7931713501cfa23a08c44d9fd2114320c821cb6692b9e5c49d131bb5065e02fd

Score
8/10

Malware Config

Targets

    • Target

      ZoomInstaller.exe

    • Size

      18.7MB

    • MD5

      2880073f86a4b5144b57fce296e46345

    • SHA1

      c7d271855c08231209d0e2194ba1120aaac1e387

    • SHA256

      d65e8a784c2ba0d9f7a029e1817b78b31324fb8c988e0467fd693b0efd890756

    • SHA512

      692af220e2498d1f14ace9c36b5815e4841848cc3eef8925919ab553f9e984aa7931713501cfa23a08c44d9fd2114320c821cb6692b9e5c49d131bb5065e02fd

    Score
    8/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks