General
-
Target
ZoomInstallerFull.msi
-
Size
81.1MB
-
Sample
221124-p9a37ahh7s
-
MD5
3e66cd86de883e31e2007717cc9c0db6
-
SHA1
4a87a059899afccb5c92402fa3d3f94a887e214e
-
SHA256
55141f6a10a7cf9b7fde39ae254bda451467113595467d63be5961f44b918be2
-
SHA512
4d0e86a6464bf4b29433f3dbd11d051819313a15237b71368f54a17a358abd15ac0466a4527599a4dbecb8538e71df6ce2a6d287f17deb0d1c0edd8f1b01725f
-
SSDEEP
1572864:WVVFXktA3Rh1W6h7e4jvsV9+9TsIgE/8nqageayMqI:aAtA3b1W6FeCyseE/8a
Static task
static1
Behavioral task
behavioral1
Sample
ZoomInstallerFull.msi
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
ZoomInstallerFull.msi
-
Size
81.1MB
-
MD5
3e66cd86de883e31e2007717cc9c0db6
-
SHA1
4a87a059899afccb5c92402fa3d3f94a887e214e
-
SHA256
55141f6a10a7cf9b7fde39ae254bda451467113595467d63be5961f44b918be2
-
SHA512
4d0e86a6464bf4b29433f3dbd11d051819313a15237b71368f54a17a358abd15ac0466a4527599a4dbecb8538e71df6ce2a6d287f17deb0d1c0edd8f1b01725f
-
SSDEEP
1572864:WVVFXktA3Rh1W6h7e4jvsV9+9TsIgE/8nqageayMqI:aAtA3b1W6FeCyseE/8a
Score8/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-