Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
Zoom_cm_fvfa5wZ9vvrZo4_mc+3wBgZvT2HNLVrn-cZBdXgDegk2-iSa9G2v@3sGpm1WNnSh2AMxT_k7d6430483b5a2104_.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
Zoom_cm_fvfa5wZ9vvrZo4_mc+3wBgZvT2HNLVrn-cZBdXgDegk2-iSa9G2v@3sGpm1WNnSh2AMxT_k7d6430483b5a2104_.exe
Resource
win10v2004-en-20220113
Target
Zoom_cm_fvfa5wZ9vvrZo4_mc+3wBgZvT2HNLVrn-cZBdXgDegk2-iSa9G2v@3sGpm1WNnSh2AMxT_k7d6430483b5a2104_.exe
Size
127KB
MD5
b66601f980729387a0b71c3203d58a16
SHA1
0cbe635694844b844d0819585c4957ef86395f68
SHA256
48abce626c6ac9b357677257b9aadfa987adb2c237d4ccdd9a8b98a60bae45c8
SHA512
1a94e5b86dc71b4e26866a9c596bdeb3b95fe7f523349a5cdc407258bc50f33afe4939ef3474557c81006fe3a8425dd5693be52eb5bda538e095a113da2ebccb
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
SERIALNUMBER=4969967,CN=Zoom Video Communications\, Inc.,O=Zoom Video Communications\, Inc.,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e
CN=DigiCert Trusted G4 Code Signing RSA4096 SHA256 2021 CA1,O=DigiCert\, Inc.,C=US
CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US
SERIALNUMBER=4969967,CN=Zoom Video Communications\, Inc.,O=Zoom Video Communications\, Inc.,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e
CN=DigiCert Trusted G4 Code Signing RSA4096 SHA256 2021 CA1,O=DigiCert\, Inc.,C=US
CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US
CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
SERIALNUMBER=4969967,CN=Zoom Video Communications\, Inc.,O=Zoom Video Communications\, Inc.,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e
CN=DigiCert Trusted G4 Code Signing RSA4096 SHA256 2021 CA1,O=DigiCert\, Inc.,C=US
CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US
SERIALNUMBER=4969967,CN=Zoom Video Communications\, Inc.,O=Zoom Video Communications\, Inc.,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e
CN=DigiCert Trusted G4 Code Signing RSA4096 SHA256 2021 CA1,O=DigiCert\, Inc.,C=US
CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US
CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
CryptDecodeObjectEx
CryptStringToBinaryA
CryptImportPublicKeyInfo
CertGetNameStringA
WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain
WTHelperGetProvSignerFromChain
WinVerifyTrust
PathIsRelativeA
StrCmpNIA
ord155
StrStrA
PathAppendA
GetLastError
GetFileAttributesA
CreateFileA
LoadLibraryA
HeapAlloc
VerSetConditionMask
GetProcessHeap
RaiseException
LocalFree
GetModuleFileNameA
FindFirstFileA
SetLastError
FindClose
CreateMutexA
WaitForSingleObject
GetCurrentThreadId
Sleep
GetTempPathA
CopyFileA
OpenMutexA
MoveFileExA
DeleteFileA
FreeLibrary
CreateProcessA
GetTempFileNameA
FileTimeToSystemTime
GetSystemTime
GetFileTime
ExpandEnvironmentStringsA
CreateDirectoryA
SetUnhandledExceptionFilter
GetTickCount
ExitProcess
HeapLock
HeapWalk
HeapUnlock
ReleaseSemaphore
CreateSemaphoreA
GetCommandLineA
GetStartupInfoA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
ExitThread
TerminateThread
CreateThread
DeleteCriticalSection
CompareFileTime
WriteFile
SetFilePointer
SetEndOfFile
SystemTimeToFileTime
FlushFileBuffers
ReleaseMutex
GetLocalTime
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualQuery
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
TlsGetValue
TlsSetValue
GetSystemTimeAsFileTime
LoadLibraryExW
LCMapStringW
WideCharToMultiByte
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetModuleHandleW
GetModuleHandleExW
QueryPerformanceCounter
RtlUnwind
LoadLibraryExA
HeapFree
VerifyVersionInfoA
GetProcessTimes
GetCurrentProcessId
GetProcAddress
GetWindowsDirectoryA
CloseHandle
Process32Next
MultiByteToWideChar
CreateToolhelp32Snapshot
OpenProcess
GetModuleHandleA
QueryDosDeviceA
K32GetProcessImageFileNameA
GetCurrentProcess
Process32First
GetVersion
LoadStringA
IsIconic
SetForegroundWindow
RegisterClassExA
LoadIconA
SetFocus
GetForegroundWindow
AttachThreadInput
FrameRect
GetWindowLongA
MapWindowPoints
DrawTextA
GetSystemMetrics
SetActiveWindow
SetWindowPos
InflateRect
LoadCursorA
SetPropA
GetClassInfoA
GetWindowRect
GetClientRect
UpdateWindow
InvalidateRect
BeginPaint
EndPaint
PostThreadMessageA
GetMessageA
DispatchMessageA
SetTimer
TranslateMessage
PeekMessageA
KillTimer
SendMessageA
PostQuitMessage
PostMessageA
GetWindowThreadProcessId
FindWindowA
DestroyWindow
RegisterClassA
UnregisterClassA
IsWindowVisible
FillRect
IntersectRect
GetDesktopWindow
ShowWindow
IsWindow
SetWindowLongA
MoveWindow
ShowWindowAsync
GetPropA
DefWindowProcA
CreateWindowExA
DeleteObject
SelectObject
GetStockObject
SetTextColor
SetBkMode
CreateFontIndirectA
GetObjectA
CreateSolidBrush
CryptVerifySignatureA
CryptHashData
CryptDestroyHash
CryptReleaseContext
AllocateAndInitializeSid
FreeSid
CheckTokenMembership
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
GetUserNameA
CryptDestroyKey
CryptCreateHash
CryptAcquireContextA
OpenProcessToken
DuplicateTokenEx
SHGetFolderPathA
ShellExecuteA
CoUninitialize
CoInitialize
CoCreateInstance
SysAllocStringLen
SysFreeString
VariantClear
VariantInit
SysAllocString
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ