Overview

overview

10

Static

static

10

ZoomInstallerFull.exe

windows7-x64

7

ZoomInstallerFull.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ZoomInstallerFull.exe

  • Size

    68.4MB

  • Sample

    230325-zky4tsgd6v

  • MD5

    425d6675bb7c2d30b979388ecbeeb957

  • SHA1

    920e8421a883b4f636b42affc0be0426abd2a63b

  • SHA256

    f349d03e10fb84b20b9b8d35b717cc37ae1c8673a9bc48db452586d7e485debc

  • SHA512

    5b8fe3f0dd50f76b2020d1fbf90149f4869b57a7d4a0e3f2036924340c618b101bb103b4a49cf019ccfc1ecff3355dfb04767d44c7e4e2e86b2834939344daec

  • SSDEEP

    1572864:i6PnNv5zRIwDrcyhXCbCorKC8w41gcy+4dwl2bwHlGNB1lYeGh/:i6PnNDrcy9CHmDwwtEdwywe9YT

Score
10/10
bazarbackdoordiscovery

Malware Config

Targets

    • Target

      ZoomInstallerFull.exe

    • Size

      68.4MB

    • MD5

      425d6675bb7c2d30b979388ecbeeb957

    • SHA1

      920e8421a883b4f636b42affc0be0426abd2a63b

    • SHA256

      f349d03e10fb84b20b9b8d35b717cc37ae1c8673a9bc48db452586d7e485debc

    • SHA512

      5b8fe3f0dd50f76b2020d1fbf90149f4869b57a7d4a0e3f2036924340c618b101bb103b4a49cf019ccfc1ecff3355dfb04767d44c7e4e2e86b2834939344daec

    • SSDEEP

      1572864:i6PnNv5zRIwDrcyhXCbCorKC8w41gcy+4dwl2bwHlGNB1lYeGh/:i6PnNDrcy9CHmDwwtEdwywe9YT

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks