e1440b1d4e0832a7435042cca191445f0e790bcb3c982310c6a857f2101add4e | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

ZoomInfoCo...exe.7z

windows7-x64

7

ZoomInfoCo...exe.7z

windows10-2004-x64

3

Sharing

General

Target

ZoomInfoContactContributor.exe.7z
Size

144KB
Sample

230724-k6d88acb69
MD5

6007d6d5659cec0fe87a9f2f3f2f82eb
SHA1

af72fc2f17c4a9ffe128d6ea0641853839550233
SHA256

e1440b1d4e0832a7435042cca191445f0e790bcb3c982310c6a857f2101add4e
SHA512

8a26ce55dc280ddeb1b03ca6688d6744e4758b51c7734c51bf50201d539adc1fdf536b91d284a04eb8aaa2216f749676b0b89a4517ed714a2b5186d9cf2420a7
SSDEEP

3072:Z9AvetjiRtIEfsnP1o2u2+86vfB+ZT1NyH6Xq+:wmUIEfsto2u2GZ+ZT1Nyuq+

Score

7^/10

discovery persistence pyinstaller

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ZoomInfoContactContributor.exe.7z

Resource

win7-20230712-en

discovery persistence pyinstaller

windows7-x64

18 signatures

1800 seconds

Behavioral task

behavioral2

Sample

ZoomInfoContactContributor.exe.7z

Resource

win10v2004-20230703-en

windows10-2004-x64

4 signatures

1800 seconds

Malware Config

Targets

- Target
  
  ZoomInfoContactContributor.exe.7z
- Size
  
  144KB
- MD5
  
  6007d6d5659cec0fe87a9f2f3f2f82eb
- SHA1
  
  af72fc2f17c4a9ffe128d6ea0641853839550233
- SHA256
  
  e1440b1d4e0832a7435042cca191445f0e790bcb3c982310c6a857f2101add4e
- SHA512
  
  8a26ce55dc280ddeb1b03ca6688d6744e4758b51c7734c51bf50201d539adc1fdf536b91d284a04eb8aaa2216f749676b0b89a4517ed714a2b5186d9cf2420a7
- SSDEEP
  
  3072:Z9AvetjiRtIEfsnP1o2u2+86vfB+ZT1NyH6Xq+:wmUIEfsto2u2GZ+ZT1Nyuq+
Score

7^/10

discovery persistence pyinstaller
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistencepyinstaller

behavioral2

© 2018-2025

Terms | Privacy