Overview

overview

10

Static

static

ZoomInstallerFull.exe

windows7-x64

8

ZoomInstallerFull.exe

windows10-1703-x64

8

ZoomInstallerFull.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    54s
  • max time network
    60s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    08-09-2022 22:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ZoomInstallerFull.exe

  • Size

    49.5MB

  • MD5

    6babc6ddef111479db5fc82be92c6b0d

  • SHA1

    3d88263ea9f8dd19c2d0f9a72246ee1a33449050

  • SHA256

    2f73fb170e0ee9d1e0ea8788d0548a710a76a234fb5425898b07f496ac29e38d

  • SHA512

    7152beb75d6818165abb8497ef2625cbea6673319d04af7543c234eb8db551e48203dbfeed199561e1a9d27b5ef2ca30f968a3aa3c3cf8c031fb0acca04234da

  • SSDEEP

    1572864:AhgxAMoVxMtPKIPWD7AIlIoeGNjkpHQuAq7GdGB:AhqAPVOtkgwvkpHQuAvs

Score
8/10
discovery

Malware Config

Signatures

  • Executes dropped EXE 4 IoCs
  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL 64 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Modifies Internet Explorer settings 1 TTPs 12 IoCs
    adwarespyware
  • Modifies registry class 52 IoCs
  • Modifies system certificate store 2 TTPs 8 IoCs
    evasionspywaretrojan
  • Suspicious behavior: EnumeratesProcesses 22 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 9 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ZoomInstallerFull.exe
    "C:\Users\Admin\AppData\Local\Temp\ZoomInstallerFull.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1784
    • C:\Users\Admin\AppData\Local\Temp\7zS8F63DB1C\Installer.exe
      .\Installer.exe
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Modifies system certificate store
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of WriteProcessMemory
      PID:1284
      • C:\Users\Admin\AppData\Local\Temp\7zS8F63DB1C\Installer.exe
        "C:\Users\Admin\AppData\Local\Temp\7zS8F63DB1C\Installer.exe" /addfwexception --bin_home="C:\Users\Admin\AppData\Roaming\Zoom\bin"
        3⤵
        • Executes dropped EXE
        • Suspicious behavior: EnumeratesProcesses
        PID:1156
      • C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe
        C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe Zoom.exe --promptupdateaction=installed
        3⤵
        • Executes dropped EXE
        • Checks computer location settings
        • Loads dropped DLL
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:316
        • C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe
          "C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe" --action=preload --runaszvideo=TRUE
          4⤵
          • Executes dropped EXE
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of SetWindowsHookEx
          PID:1576

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7zS8F63DB1C\Installer.exe
    Filesize

    915KB

    MD5

    4662fadc7cfb710d3a79f135ea48f926

    SHA1

    95f89add173943b3f82e732f9af687489c26cf74

    SHA256

    6ce2a7a42241808ade591a951aa947d61a967caa51483b7d2865b4a28ecb7985

    SHA512

    cbdbf773a03f7820022464f23d2b2f3df2f65fdc601914102294ac356d485cff094e8d84caad943df3b33c10191b164cc00f2b5ccab0051d682c9a85ffdfeedb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\7zS8F63DB1C\Installer.exe
    Filesize

    915KB

    MD5

    4662fadc7cfb710d3a79f135ea48f926

    SHA1

    95f89add173943b3f82e732f9af687489c26cf74

    SHA256

    6ce2a7a42241808ade591a951aa947d61a967caa51483b7d2865b4a28ecb7985

    SHA512

    cbdbf773a03f7820022464f23d2b2f3df2f65fdc601914102294ac356d485cff094e8d84caad943df3b33c10191b164cc00f2b5ccab0051d682c9a85ffdfeedb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\7zS8F63DB1C\Installer.exe
    Filesize

    915KB

    MD5

    4662fadc7cfb710d3a79f135ea48f926

    SHA1

    95f89add173943b3f82e732f9af687489c26cf74

    SHA256

    6ce2a7a42241808ade591a951aa947d61a967caa51483b7d2865b4a28ecb7985

    SHA512

    cbdbf773a03f7820022464f23d2b2f3df2f65fdc601914102294ac356d485cff094e8d84caad943df3b33c10191b164cc00f2b5ccab0051d682c9a85ffdfeedb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\7zS8F63DB1C\ZoomFull_Sip.CAB
    Filesize

    48.8MB

    MD5

    d39b32fad227056fc8304c3626a7b6aa

    SHA1

    1bd21b0cb0604d9289b1c3a38df786c83c59ad77

    SHA256

    8680ea73dc93a0d0c2eb7761d8c5d2729957ba50598f53a2ef9b13468a58c470

    SHA512

    10d8e11d811cbdaa15fb7bc8d3d8567cf191c1985654c2da4a5a9b595e55dd56cb0e7d92b54e4b91f78349f6a0696d027f193c32723ec77cc9652b8f14038d9a

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Zoom\bin\Cmmlib.dll
    Filesize

    1.9MB

    MD5

    60d84d4d20b753dfcc56eabceca21c7f

    SHA1

    53cc756fc0308b8d44132e98eafec516665f2d43

    SHA256

    a5f2b94c03b27c528289baa49516baa3ccf7061d2e55c1df4190ca198fdf9377

    SHA512

    56d516626b3fbf770341a1f091d1d39beafa7db0525069db8ef590c3ae6cceb4b16066f89c00960316345c5591e0b834bfd7a7a2d47d1e74f6e126ec0a4ff123

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Zoom\bin\VCRUNTIME140.dll
    Filesize

    91KB

    MD5

    7942be5474a095f673582997ae3054f1

    SHA1

    e982f6ebc74d31153ba9738741a7eec03a9fa5e8

    SHA256

    8ee6b49830436ff3bec9ba89213395427b5535813930489f118721fd3d2d942c

    SHA512

    49fbc9d441362b65a8d78b73d4fdcf988f22d38a35a36a233fcd54e99e95e29b804be7eabe2b174188c7860ebb34f701e13ed216f954886a285bed7127619039

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe
    Filesize

    313KB

    MD5

    8704baa28f205f50d83a0677b731392a

    SHA1

    dbc993caf9a031efd5f3c6c97218d200c4fd2359

    SHA256

    cac7ff12231be98bd9a056bc5151c7ae2a3089712a83381f509a6f34f734f886

    SHA512

    1166862d6a4285961c5f9e5b6766770156ee74a6ae28d3a515ff8acfe2f973d222417ae191e9e8bb70ea8dfb54cf5f4f26d91d0b751b63029e1eddfb80bd1d3b

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-core-file-l1-2-0.dll
    Filesize

    11KB

    MD5

    35bc1f1c6fbccec7eb8819178ef67664

    SHA1

    bbcad0148ff008e984a75937aaddf1ef6fda5e0c

    SHA256

    7a3c5167731238cf262f749aa46ab3bfb2ae1b22191b76e28e1d7499d28c24b7

    SHA512

    9ab9b5b12215e57af5b3c588ed5003d978071dc591ed18c78c4563381a132edb7b2c508a8b75b4f1ed8823118d23c88eda453cd4b42b9020463416f8f6832a3d

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-core-file-l2-1-0.dll
    Filesize

    11KB

    MD5

    3bf4406de02aa148f460e5d709f4f67d

    SHA1

    89b28107c39bb216da00507ffd8adb7838d883f6

    SHA256

    349a79fa1572e3538dfbb942610d8c47d03e8a41b98897bc02ec7e897d05237e

    SHA512

    5ff6e8ad602d9e31ac88e06a6fbb54303c57d011c388f46d957aee8cd3b7d7cced8b6bfa821ff347ade62f7359acb1fba9ee181527f349c03d295bdb74efbace

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-core-localization-l1-2-0.dll
    Filesize

    13KB

    MD5

    8acb83d102dabd9a5017a94239a2b0c6

    SHA1

    9b43a40a7b498e02f96107e1524fe2f4112d36ae

    SHA256

    059cb23fdcf4d80b92e3da29e9ef4c322edf6fba9a1837978fd983e9bdfc7413

    SHA512

    b7ecf60e20098ea509b76b1cc308a954a6ede8d836bf709790ce7d4bd1b85b84cf5f3aedf55af225d2d21fbd3065d01aa201dae6c131b8e1e3aa80ed6fc910a4

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-core-processthreads-l1-1-1.dll
    Filesize

    11KB

    MD5

    9c9b50b204fcb84265810ef1f3c5d70a

    SHA1

    0913ab720bd692abcdb18a2609df6a7f85d96db3

    SHA256

    25a99bdf8bf4d16077dc30dd9ffef7bb5a2ceaf9afcee7cf52ad408355239d40

    SHA512

    ea2d22234e587ad9fa255d9f57907cc14327ead917fdede8b0a38516e7c7a08c4172349c8a7479ec55d1976a37e520628006f5c362f6a3ec76ec87978c4469cd

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-core-synch-l1-2-0.dll
    Filesize

    11KB

    MD5

    d175430eff058838cee2e334951f6c9c

    SHA1

    7f17fbdcef12042d215828c1d6675e483a4c62b1

    SHA256

    1c72ac404781a9986d8edeb0ee5dd39d2c27ce505683ca3324c0eccd6193610a

    SHA512

    6076086082e3e824309ba2c178e95570a34ece6f2339be500b8b0a51f0f316b39a4c8d70898c4d50f89f3f43d65c5ebbec3094a47d91677399802f327287d43b

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-core-timezone-l1-1-0.dll
    Filesize

    11KB

    MD5

    43e1ae2e432eb99aa4427bb68f8826bb

    SHA1

    eee1747b3ade5a9b985467512215caf7e0d4cb9b

    SHA256

    3d798b9c345a507e142e8dacd7fb6c17528cc1453abfef2ffa9710d2fa9e032c

    SHA512

    40ec0482f668bde71aeb4520a0709d3e84f093062bfbd05285e2cc09b19b7492cb96cdd6056281c213ab0560f87bd485ee4d2aeefa0b285d2d005634c1f3af0b

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-heap-l1-1-0.dll
    Filesize

    12KB

    MD5

    212d58cefb2347bd694b214a27828c83

    SHA1

    f0e98e2d594054e8a836bd9c6f68c3fe5048f870

    SHA256

    8166321f14d5804ce76f172f290a6f39ce81373257887d9897a6cf3925d47989

    SHA512

    637c215ed3e781f824ae93a0e04a7b6c0a6b1694d489e9058203630dcfc0b8152f2eb452177ea9fd2872a8a1f29c539f85a2f2824cf50b1d7496fa3febe27dfe

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-runtime-l1-1-0.dll
    Filesize

    15KB

    MD5

    883120f9c25633b6c688577d024efd12

    SHA1

    e4fa6254623a2b4cdea61712cdfa9c91aa905f18

    SHA256

    4390c389bbbf9ec7215d12d22723efd77beb4cd83311c75ffe215725ecfd55dc

    SHA512

    f17d3b667cc8002f4b6e6b96b630913fa1cb4083d855db5b7269518f6ff6eebf835544fa3b737f4fc0eb46ccb368778c4ae8b11ebcf9274ce1e5a0ba331a0e2f

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-stdio-l1-1-0.dll
    Filesize

    17KB

    MD5

    29680d7b1105171116a137450c8bb452

    SHA1

    492bb8c231aae9d5f5af565abb208a706fb2b130

    SHA256

    6f6f6e857b347f70ecc669b4df73c32e42199b834fe009641d7b41a0b1c210af

    SHA512

    87dcf131e21041b06ed84c3a510fe360048de46f1975155b4b12e4bbf120f2dd0cb74ccd2e8691a39eee0da7f82ad39bc65c81f530fc0572a726f0a6661524f5

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-string-l1-1-0.dll
    Filesize

    17KB

    MD5

    f816666e3fc087cd24828943cb15f260

    SHA1

    eae814c9c41e3d333f43890ed7dafa3575e4c50e

    SHA256

    45e0835b1d3b446fe2c347bd87922c53cfb6dd826499e19a1d977bf4c11b0e4a

    SHA512

    6860abe8ab5220efb88f68b80e6c6e95fe35b4029f46b59bc467e3850fe671bda1c7c1c7b035b287bdfed5daeac879ee481d35330b153ea7ef2532970f62c581

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Zoom\bin\libcrypto-1_1.dll
    Filesize

    3.4MB

    MD5

    07b5bcbbf87041ca9e07379c7d7f1392

    SHA1

    b9978c7f0acc7f4d6af907293881f6fd19fba65e

    SHA256

    b709f7a3876d8cfaa06ea0f810314948946cbeea72d9c7ef11e4d36261e59efe

    SHA512

    d4f08c3e65cb6b852f665edd115c6bd23c118d289a8ce03eca1334c5f8e426be1dc25bf3f49afc2799d28b4d0eaafb0c711a01ab3d4163af539e1df2cd1879f2

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Zoom\bin\ucrtbase.DLL
    Filesize

    987KB

    MD5

    61eb0ad4c285b60732353a0cb5c9b2ab

    SHA1

    21a1bea01f6ca7e9828a522c696853706d0a457b

    SHA256

    10521fe73fe05f2ba95d40757d9f676f2091e2ed578da9d5cdef352f986f3bcd

    SHA512

    44cd871f48b5193abb3b9664dbea8cdad19e72c47b6967c685cf1cc803bc9abb48a8a93009c972ef4936e7f78e3c92110828790aa0a9d26b80e6a523bbcd830d

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Zoom\bin\zCrashReport64.dll
    Filesize

    242KB

    MD5

    87152c09dbb2d800b7eaa9e209ff259d

    SHA1

    9c7a0eee0976e2b2155e084682511132723ece4a

    SHA256

    157142b07e183bb0ff26bd5484d0562389e8155b1e1726bd1c7fb80c13d0b713

    SHA512

    e8d6289864bda31b527e669b0886dfe103435cd6945b1b590ae8c64335b2a522bc213ffeaac392041c321b1d9cd65970ff343304d20cbb3fcdd458c2a76869a2

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Zoom\installer.txt
    Filesize

    4KB

    MD5

    22c90fa166888a79175275c38a77d83e

    SHA1

    79a85606b637493d7e261874e28ad0c36518f286

    SHA256

    6653cb955d42eb6c0bb62724aecc2c15909bc75ea62a642c0828cc8e059b3a6f

    SHA512

    35f2b40462f4255472612e8cf5418640981e8c1d71cd112689a66a133ed51165c81b59fd49a76bec9ea6464f1de46605c436b1cf2acb5accc48c5b6d329a4f5e

    Download Submit

  • \Users\Admin\AppData\Local\Temp\7zS8F63DB1C\Installer.exe
    Filesize

    915KB

    MD5

    4662fadc7cfb710d3a79f135ea48f926

    SHA1

    95f89add173943b3f82e732f9af687489c26cf74

    SHA256

    6ce2a7a42241808ade591a951aa947d61a967caa51483b7d2865b4a28ecb7985

    SHA512

    cbdbf773a03f7820022464f23d2b2f3df2f65fdc601914102294ac356d485cff094e8d84caad943df3b33c10191b164cc00f2b5ccab0051d682c9a85ffdfeedb

    Download Submit

  • \Users\Admin\AppData\Local\Temp\7zS8F63DB1C\Installer.exe
    Filesize

    915KB

    MD5

    4662fadc7cfb710d3a79f135ea48f926

    SHA1

    95f89add173943b3f82e732f9af687489c26cf74

    SHA256

    6ce2a7a42241808ade591a951aa947d61a967caa51483b7d2865b4a28ecb7985

    SHA512

    cbdbf773a03f7820022464f23d2b2f3df2f65fdc601914102294ac356d485cff094e8d84caad943df3b33c10191b164cc00f2b5ccab0051d682c9a85ffdfeedb

    Download Submit

  • \Users\Admin\AppData\Local\Temp\7zS8F63DB1C\Installer.exe
    Filesize

    915KB

    MD5

    4662fadc7cfb710d3a79f135ea48f926

    SHA1

    95f89add173943b3f82e732f9af687489c26cf74

    SHA256

    6ce2a7a42241808ade591a951aa947d61a967caa51483b7d2865b4a28ecb7985

    SHA512

    cbdbf773a03f7820022464f23d2b2f3df2f65fdc601914102294ac356d485cff094e8d84caad943df3b33c10191b164cc00f2b5ccab0051d682c9a85ffdfeedb

    Download Submit

  • \Users\Admin\AppData\Local\Temp\7zS8F63DB1C\Installer.exe
    Filesize

    915KB

    MD5

    4662fadc7cfb710d3a79f135ea48f926

    SHA1

    95f89add173943b3f82e732f9af687489c26cf74

    SHA256

    6ce2a7a42241808ade591a951aa947d61a967caa51483b7d2865b4a28ecb7985

    SHA512

    cbdbf773a03f7820022464f23d2b2f3df2f65fdc601914102294ac356d485cff094e8d84caad943df3b33c10191b164cc00f2b5ccab0051d682c9a85ffdfeedb

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\Cmmlib.dll
    Filesize

    1.9MB

    MD5

    60d84d4d20b753dfcc56eabceca21c7f

    SHA1

    53cc756fc0308b8d44132e98eafec516665f2d43

    SHA256

    a5f2b94c03b27c528289baa49516baa3ccf7061d2e55c1df4190ca198fdf9377

    SHA512

    56d516626b3fbf770341a1f091d1d39beafa7db0525069db8ef590c3ae6cceb4b16066f89c00960316345c5591e0b834bfd7a7a2d47d1e74f6e126ec0a4ff123

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\CptShare.dll
    Filesize

    313KB

    MD5

    419ac8e03ac66b9a311d32b3cb786518

    SHA1

    4c693482b21239e7b5ec303a60a58cfc3cb0296e

    SHA256

    b063c66276e0276a891f85028e3d415ac1dbcb575b3adf89d8b4ee00a1a7b223

    SHA512

    68fe986f54ba8720151bf155f688210b224c4fea54fb0ef55b07f9408f7d4638543e2399cdbf95bbc0b0453d361c44ee5d567eb40978c1d217cb05eb8443d9aa

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe
    Filesize

    313KB

    MD5

    8704baa28f205f50d83a0677b731392a

    SHA1

    dbc993caf9a031efd5f3c6c97218d200c4fd2359

    SHA256

    cac7ff12231be98bd9a056bc5151c7ae2a3089712a83381f509a6f34f734f886

    SHA512

    1166862d6a4285961c5f9e5b6766770156ee74a6ae28d3a515ff8acfe2f973d222417ae191e9e8bb70ea8dfb54cf5f4f26d91d0b751b63029e1eddfb80bd1d3b

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-core-file-l1-2-0.dll
    Filesize

    11KB

    MD5

    35bc1f1c6fbccec7eb8819178ef67664

    SHA1

    bbcad0148ff008e984a75937aaddf1ef6fda5e0c

    SHA256

    7a3c5167731238cf262f749aa46ab3bfb2ae1b22191b76e28e1d7499d28c24b7

    SHA512

    9ab9b5b12215e57af5b3c588ed5003d978071dc591ed18c78c4563381a132edb7b2c508a8b75b4f1ed8823118d23c88eda453cd4b42b9020463416f8f6832a3d

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-core-file-l1-2-0.dll
    Filesize

    11KB

    MD5

    35bc1f1c6fbccec7eb8819178ef67664

    SHA1

    bbcad0148ff008e984a75937aaddf1ef6fda5e0c

    SHA256

    7a3c5167731238cf262f749aa46ab3bfb2ae1b22191b76e28e1d7499d28c24b7

    SHA512

    9ab9b5b12215e57af5b3c588ed5003d978071dc591ed18c78c4563381a132edb7b2c508a8b75b4f1ed8823118d23c88eda453cd4b42b9020463416f8f6832a3d

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-core-file-l2-1-0.dll
    Filesize

    11KB

    MD5

    3bf4406de02aa148f460e5d709f4f67d

    SHA1

    89b28107c39bb216da00507ffd8adb7838d883f6

    SHA256

    349a79fa1572e3538dfbb942610d8c47d03e8a41b98897bc02ec7e897d05237e

    SHA512

    5ff6e8ad602d9e31ac88e06a6fbb54303c57d011c388f46d957aee8cd3b7d7cced8b6bfa821ff347ade62f7359acb1fba9ee181527f349c03d295bdb74efbace

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-core-file-l2-1-0.dll
    Filesize

    11KB

    MD5

    3bf4406de02aa148f460e5d709f4f67d

    SHA1

    89b28107c39bb216da00507ffd8adb7838d883f6

    SHA256

    349a79fa1572e3538dfbb942610d8c47d03e8a41b98897bc02ec7e897d05237e

    SHA512

    5ff6e8ad602d9e31ac88e06a6fbb54303c57d011c388f46d957aee8cd3b7d7cced8b6bfa821ff347ade62f7359acb1fba9ee181527f349c03d295bdb74efbace

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-core-localization-l1-2-0.dll
    Filesize

    13KB

    MD5

    8acb83d102dabd9a5017a94239a2b0c6

    SHA1

    9b43a40a7b498e02f96107e1524fe2f4112d36ae

    SHA256

    059cb23fdcf4d80b92e3da29e9ef4c322edf6fba9a1837978fd983e9bdfc7413

    SHA512

    b7ecf60e20098ea509b76b1cc308a954a6ede8d836bf709790ce7d4bd1b85b84cf5f3aedf55af225d2d21fbd3065d01aa201dae6c131b8e1e3aa80ed6fc910a4

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-core-localization-l1-2-0.dll
    Filesize

    13KB

    MD5

    8acb83d102dabd9a5017a94239a2b0c6

    SHA1

    9b43a40a7b498e02f96107e1524fe2f4112d36ae

    SHA256

    059cb23fdcf4d80b92e3da29e9ef4c322edf6fba9a1837978fd983e9bdfc7413

    SHA512

    b7ecf60e20098ea509b76b1cc308a954a6ede8d836bf709790ce7d4bd1b85b84cf5f3aedf55af225d2d21fbd3065d01aa201dae6c131b8e1e3aa80ed6fc910a4

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-core-processthreads-l1-1-1.dll
    Filesize

    11KB

    MD5

    9c9b50b204fcb84265810ef1f3c5d70a

    SHA1

    0913ab720bd692abcdb18a2609df6a7f85d96db3

    SHA256

    25a99bdf8bf4d16077dc30dd9ffef7bb5a2ceaf9afcee7cf52ad408355239d40

    SHA512

    ea2d22234e587ad9fa255d9f57907cc14327ead917fdede8b0a38516e7c7a08c4172349c8a7479ec55d1976a37e520628006f5c362f6a3ec76ec87978c4469cd

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-core-processthreads-l1-1-1.dll
    Filesize

    11KB

    MD5

    9c9b50b204fcb84265810ef1f3c5d70a

    SHA1

    0913ab720bd692abcdb18a2609df6a7f85d96db3

    SHA256

    25a99bdf8bf4d16077dc30dd9ffef7bb5a2ceaf9afcee7cf52ad408355239d40

    SHA512

    ea2d22234e587ad9fa255d9f57907cc14327ead917fdede8b0a38516e7c7a08c4172349c8a7479ec55d1976a37e520628006f5c362f6a3ec76ec87978c4469cd

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-core-synch-l1-2-0.dll
    Filesize

    11KB

    MD5

    d175430eff058838cee2e334951f6c9c

    SHA1

    7f17fbdcef12042d215828c1d6675e483a4c62b1

    SHA256

    1c72ac404781a9986d8edeb0ee5dd39d2c27ce505683ca3324c0eccd6193610a

    SHA512

    6076086082e3e824309ba2c178e95570a34ece6f2339be500b8b0a51f0f316b39a4c8d70898c4d50f89f3f43d65c5ebbec3094a47d91677399802f327287d43b

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-core-timezone-l1-1-0.dll
    Filesize

    11KB

    MD5

    43e1ae2e432eb99aa4427bb68f8826bb

    SHA1

    eee1747b3ade5a9b985467512215caf7e0d4cb9b

    SHA256

    3d798b9c345a507e142e8dacd7fb6c17528cc1453abfef2ffa9710d2fa9e032c

    SHA512

    40ec0482f668bde71aeb4520a0709d3e84f093062bfbd05285e2cc09b19b7492cb96cdd6056281c213ab0560f87bd485ee4d2aeefa0b285d2d005634c1f3af0b

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-core-timezone-l1-1-0.dll
    Filesize

    11KB

    MD5

    43e1ae2e432eb99aa4427bb68f8826bb

    SHA1

    eee1747b3ade5a9b985467512215caf7e0d4cb9b

    SHA256

    3d798b9c345a507e142e8dacd7fb6c17528cc1453abfef2ffa9710d2fa9e032c

    SHA512

    40ec0482f668bde71aeb4520a0709d3e84f093062bfbd05285e2cc09b19b7492cb96cdd6056281c213ab0560f87bd485ee4d2aeefa0b285d2d005634c1f3af0b

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-convert-l1-1-0.dll
    Filesize

    15KB

    MD5

    285dcd72d73559678cfd3ed39f81ddad

    SHA1

    df22928e43ea6a9a41c1b2b5bfcab5ba58d2a83a

    SHA256

    6c008be766c44bf968c9e91cddc5b472110beffee3106a99532e68c605c78d44

    SHA512

    84ef0a843798fd6bd6246e1d40924be42550d3ef239dab6db4d423b142fa8f691c6f0603687901f1c52898554bf4f48d18d3aebd47de935560cde4906798c39a

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-environment-l1-1-0.dll
    Filesize

    11KB

    MD5

    5cce7a5ed4c2ebaf9243b324f6618c0e

    SHA1

    fdb5954ee91583a5a4cbb0054fb8b3bf6235eed3

    SHA256

    aa3e3e99964d7f9b89f288dbe30ff18cbc960ee5add533ec1b8326fe63787aa3

    SHA512

    fc85a3be23621145b8dc067290bd66416b6b1566001a799975bf99f0f526935e41a2c8861625e7cfb8539ca0621ed9f46343c04b6c41db812f58412be9c8a0de

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-filesystem-l1-1-0.dll
    Filesize

    13KB

    MD5

    41fbbb054af69f0141e8fc7480d7f122

    SHA1

    3613a572b462845d6478a92a94769885da0843af

    SHA256

    974af1f1a38c02869073b4e7ec4b2a47a6ce8339fa62c549da6b20668de6798c

    SHA512

    97fb0a19227887d55905c2d622fbf5451921567f145be7855f72909eb3027f48a57d8c4d76e98305121b1b0cc1f5f2667ef6109c59a83ea1b3e266934b2eb33c

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-heap-l1-1-0.dll
    Filesize

    12KB

    MD5

    212d58cefb2347bd694b214a27828c83

    SHA1

    f0e98e2d594054e8a836bd9c6f68c3fe5048f870

    SHA256

    8166321f14d5804ce76f172f290a6f39ce81373257887d9897a6cf3925d47989

    SHA512

    637c215ed3e781f824ae93a0e04a7b6c0a6b1694d489e9058203630dcfc0b8152f2eb452177ea9fd2872a8a1f29c539f85a2f2824cf50b1d7496fa3febe27dfe

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-heap-l1-1-0.dll
    Filesize

    12KB

    MD5

    212d58cefb2347bd694b214a27828c83

    SHA1

    f0e98e2d594054e8a836bd9c6f68c3fe5048f870

    SHA256

    8166321f14d5804ce76f172f290a6f39ce81373257887d9897a6cf3925d47989

    SHA512

    637c215ed3e781f824ae93a0e04a7b6c0a6b1694d489e9058203630dcfc0b8152f2eb452177ea9fd2872a8a1f29c539f85a2f2824cf50b1d7496fa3febe27dfe

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-locale-l1-1-0.dll
    Filesize

    11KB

    MD5

    242829c7be4190564becee51c7a43a7e

    SHA1

    663154c1437acf66480518068fbc756f5cabb72f

    SHA256

    edc1699e9995f98826df06d2c45beb9e02aa7817bae3e61373096ae7f6fa06e0

    SHA512

    3529fde428affc3663c5c69baee60367a083841b49583080f0c4c7e72eaa63cabbf8b9da8ccfc473b3c552a0453405a4a68fcd7888d143529d53e5eec9a91a34

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-math-l1-1-0.dll
    Filesize

    20KB

    MD5

    fb79420ec05aa715fe76d9b89111f3e2

    SHA1

    15c6d65837c9979af7ec143e034923884c3b0dbd

    SHA256

    f6a93fe6b57a54aac46229f2ed14a0a979bf60416adb2b2cfc672386ccb2b42e

    SHA512

    c40884c80f7921addced37b1bf282bb5cb47608e53d4f4127ef1c6ce7e6bb9a4adc7401389bc8504bf24751c402342693b11cef8d06862677a63159a04da544e

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-runtime-l1-1-0.dll
    Filesize

    15KB

    MD5

    883120f9c25633b6c688577d024efd12

    SHA1

    e4fa6254623a2b4cdea61712cdfa9c91aa905f18

    SHA256

    4390c389bbbf9ec7215d12d22723efd77beb4cd83311c75ffe215725ecfd55dc

    SHA512

    f17d3b667cc8002f4b6e6b96b630913fa1cb4083d855db5b7269518f6ff6eebf835544fa3b737f4fc0eb46ccb368778c4ae8b11ebcf9274ce1e5a0ba331a0e2f

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-runtime-l1-1-0.dll
    Filesize

    15KB

    MD5

    883120f9c25633b6c688577d024efd12

    SHA1

    e4fa6254623a2b4cdea61712cdfa9c91aa905f18

    SHA256

    4390c389bbbf9ec7215d12d22723efd77beb4cd83311c75ffe215725ecfd55dc

    SHA512

    f17d3b667cc8002f4b6e6b96b630913fa1cb4083d855db5b7269518f6ff6eebf835544fa3b737f4fc0eb46ccb368778c4ae8b11ebcf9274ce1e5a0ba331a0e2f

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-stdio-l1-1-0.dll
    Filesize

    17KB

    MD5

    29680d7b1105171116a137450c8bb452

    SHA1

    492bb8c231aae9d5f5af565abb208a706fb2b130

    SHA256

    6f6f6e857b347f70ecc669b4df73c32e42199b834fe009641d7b41a0b1c210af

    SHA512

    87dcf131e21041b06ed84c3a510fe360048de46f1975155b4b12e4bbf120f2dd0cb74ccd2e8691a39eee0da7f82ad39bc65c81f530fc0572a726f0a6661524f5

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-stdio-l1-1-0.dll
    Filesize

    17KB

    MD5

    29680d7b1105171116a137450c8bb452

    SHA1

    492bb8c231aae9d5f5af565abb208a706fb2b130

    SHA256

    6f6f6e857b347f70ecc669b4df73c32e42199b834fe009641d7b41a0b1c210af

    SHA512

    87dcf131e21041b06ed84c3a510fe360048de46f1975155b4b12e4bbf120f2dd0cb74ccd2e8691a39eee0da7f82ad39bc65c81f530fc0572a726f0a6661524f5

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-string-l1-1-0.dll
    Filesize

    17KB

    MD5

    f816666e3fc087cd24828943cb15f260

    SHA1

    eae814c9c41e3d333f43890ed7dafa3575e4c50e

    SHA256

    45e0835b1d3b446fe2c347bd87922c53cfb6dd826499e19a1d977bf4c11b0e4a

    SHA512

    6860abe8ab5220efb88f68b80e6c6e95fe35b4029f46b59bc467e3850fe671bda1c7c1c7b035b287bdfed5daeac879ee481d35330b153ea7ef2532970f62c581

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-string-l1-1-0.dll
    Filesize

    17KB

    MD5

    f816666e3fc087cd24828943cb15f260

    SHA1

    eae814c9c41e3d333f43890ed7dafa3575e4c50e

    SHA256

    45e0835b1d3b446fe2c347bd87922c53cfb6dd826499e19a1d977bf4c11b0e4a

    SHA512

    6860abe8ab5220efb88f68b80e6c6e95fe35b4029f46b59bc467e3850fe671bda1c7c1c7b035b287bdfed5daeac879ee481d35330b153ea7ef2532970f62c581

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-time-l1-1-0.dll
    Filesize

    13KB

    MD5

    143a735134cd8c889ec7d7b85298705b

    SHA1

    906ac1f3a933dd57798ae826bbefa3096c20d424

    SHA256

    b48310b0837027f756d62c37ea91af988baa403cbcbd01cb26b6fdae21ea96a2

    SHA512

    c9abe209508afae2d1776391f73b658c9a25628876724344023e0fc8a790ecb7dbce75fddae267158d08a8237f83336b1d2bd5b5ce0a8eed7dd41cbe0c031d48

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\api-ms-win-crt-utility-l1-1-0.dll
    Filesize

    11KB

    MD5

    6f1a1dfb2761228ccc7d07b8b190054c

    SHA1

    117d66360c84a0088626e22d8b3b4b685cb70d56

    SHA256

    c81c4bba4e5f205359ad145963f6fbd074879047c66569f52b6d66711108e1ed

    SHA512

    480b4f9179d5da56010fa90e1937fe3a232f2f8682596c16eeaed08f57cf8cffeaa506060429501764f695cb6c5b3e56b0037de948c4d0e3933f022a0b4103d2

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\libcrypto-1_1.dll
    Filesize

    3.4MB

    MD5

    07b5bcbbf87041ca9e07379c7d7f1392

    SHA1

    b9978c7f0acc7f4d6af907293881f6fd19fba65e

    SHA256

    b709f7a3876d8cfaa06ea0f810314948946cbeea72d9c7ef11e4d36261e59efe

    SHA512

    d4f08c3e65cb6b852f665edd115c6bd23c118d289a8ce03eca1334c5f8e426be1dc25bf3f49afc2799d28b4d0eaafb0c711a01ab3d4163af539e1df2cd1879f2

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\msvcp140.dll
    Filesize

    571KB

    MD5

    5cde3aed10412762e83b7fe43694a22b

    SHA1

    4ffcdf063eafc901105836c27a634530ea614755

    SHA256

    10ddff48d704c6007e4c2d53fb4856b5e5e79479503366236246a323aaa76e9d

    SHA512

    fcd7bc262e7bbcbbac9258e31b8d62efb2e601ac1fffac4c86819c8f2aed26fc19403d992a57d48ec92752b2a0a8b04e8204423d6077c7800ea4015f016faa23

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\ucrtbase.dll
    Filesize

    987KB

    MD5

    61eb0ad4c285b60732353a0cb5c9b2ab

    SHA1

    21a1bea01f6ca7e9828a522c696853706d0a457b

    SHA256

    10521fe73fe05f2ba95d40757d9f676f2091e2ed578da9d5cdef352f986f3bcd

    SHA512

    44cd871f48b5193abb3b9664dbea8cdad19e72c47b6967c685cf1cc803bc9abb48a8a93009c972ef4936e7f78e3c92110828790aa0a9d26b80e6a523bbcd830d

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\ucrtbase.dll
    Filesize

    987KB

    MD5

    61eb0ad4c285b60732353a0cb5c9b2ab

    SHA1

    21a1bea01f6ca7e9828a522c696853706d0a457b

    SHA256

    10521fe73fe05f2ba95d40757d9f676f2091e2ed578da9d5cdef352f986f3bcd

    SHA512

    44cd871f48b5193abb3b9664dbea8cdad19e72c47b6967c685cf1cc803bc9abb48a8a93009c972ef4936e7f78e3c92110828790aa0a9d26b80e6a523bbcd830d

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\vcruntime140.dll
    Filesize

    91KB

    MD5

    7942be5474a095f673582997ae3054f1

    SHA1

    e982f6ebc74d31153ba9738741a7eec03a9fa5e8

    SHA256

    8ee6b49830436ff3bec9ba89213395427b5535813930489f118721fd3d2d942c

    SHA512

    49fbc9d441362b65a8d78b73d4fdcf988f22d38a35a36a233fcd54e99e95e29b804be7eabe2b174188c7860ebb34f701e13ed216f954886a285bed7127619039

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\vcruntime140.dll
    Filesize

    91KB

    MD5

    7942be5474a095f673582997ae3054f1

    SHA1

    e982f6ebc74d31153ba9738741a7eec03a9fa5e8

    SHA256

    8ee6b49830436ff3bec9ba89213395427b5535813930489f118721fd3d2d942c

    SHA512

    49fbc9d441362b65a8d78b73d4fdcf988f22d38a35a36a233fcd54e99e95e29b804be7eabe2b174188c7860ebb34f701e13ed216f954886a285bed7127619039

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\vcruntime140_1.dll
    Filesize

    35KB

    MD5

    ab03551e4ef279abed2d8c4b25f35bb8

    SHA1

    09bc7e4e1a8d79ee23c0c9c26b1ea39de12a550e

    SHA256

    f8bc270449ca6bb6345e88be3632d465c0a7595197c7954357dc5066ed50ae44

    SHA512

    0e7533b8d7e5019ffd1e73937c1627213711725e88c6d7321588f7fffe9e1b4ef5c38311548adbd2c0ee9b407135646593bf1498cbee92275f4e0a22ace78909

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\zCrashReport64.dll
    Filesize

    242KB

    MD5

    87152c09dbb2d800b7eaa9e209ff259d

    SHA1

    9c7a0eee0976e2b2155e084682511132723ece4a

    SHA256

    157142b07e183bb0ff26bd5484d0562389e8155b1e1726bd1c7fb80c13d0b713

    SHA512

    e8d6289864bda31b527e669b0886dfe103435cd6945b1b590ae8c64335b2a522bc213ffeaac392041c321b1d9cd65970ff343304d20cbb3fcdd458c2a76869a2

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\bin\zCrashReport64.dll
    Filesize

    242KB

    MD5

    87152c09dbb2d800b7eaa9e209ff259d

    SHA1

    9c7a0eee0976e2b2155e084682511132723ece4a

    SHA256

    157142b07e183bb0ff26bd5484d0562389e8155b1e1726bd1c7fb80c13d0b713

    SHA512

    e8d6289864bda31b527e669b0886dfe103435cd6945b1b590ae8c64335b2a522bc213ffeaac392041c321b1d9cd65970ff343304d20cbb3fcdd458c2a76869a2

    Download Submit

  • \Users\Admin\AppData\Roaming\Zoom\uninstall\Installer.exe
    Filesize

    915KB

    MD5

    4662fadc7cfb710d3a79f135ea48f926

    SHA1

    95f89add173943b3f82e732f9af687489c26cf74

    SHA256

    6ce2a7a42241808ade591a951aa947d61a967caa51483b7d2865b4a28ecb7985

    SHA512

    cbdbf773a03f7820022464f23d2b2f3df2f65fdc601914102294ac356d485cff094e8d84caad943df3b33c10191b164cc00f2b5ccab0051d682c9a85ffdfeedb

    Download Submit

  • memory/316-129-0x0000000002A90000-0x0000000002A9A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/316-130-0x0000000002A90000-0x0000000002A9A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/316-125-0x0000000002A90000-0x0000000002A9A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/316-123-0x000007FEF38F0000-0x000007FEF43A8000-memory.dmp

    Filesize

    10.7MB

    Download

  • memory/316-124-0x0000000002A90000-0x0000000002A9A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1576-135-0x000000000E2C0000-0x000000000E2CA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1576-128-0x000007FEEDD70000-0x000007FEEE4FB000-memory.dmp

    Filesize

    7.5MB

    Download

  • memory/1576-131-0x00000000021E0000-0x00000000021EA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1576-132-0x000000000CF00000-0x000000000CF0A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1576-133-0x000000000CF00000-0x000000000CF0A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1576-134-0x000000000E2A0000-0x000000000E2AA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1576-136-0x000000000E2C0000-0x000000000E2CA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1576-137-0x000000000E2C0000-0x000000000E2CA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1576-138-0x000000000E2C0000-0x000000000E2CA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1784-54-0x000007FEFC421000-0x000007FEFC423000-memory.dmp

    Filesize

    8KB

    Download