Overview

overview

7

Static

static

1

ZoomInfoCo...exe.7z

windows7-x64

7

ZoomInfoCo...exe.7z

windows10-2004-x64

3

Analysis

  • max time kernel
    146s
  • max time network
    202s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-07-2023 09:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ZoomInfoContactContributor.exe.7z

  • Size

    144KB

  • MD5

    6007d6d5659cec0fe87a9f2f3f2f82eb

  • SHA1

    af72fc2f17c4a9ffe128d6ea0641853839550233

  • SHA256

    e1440b1d4e0832a7435042cca191445f0e790bcb3c982310c6a857f2101add4e

  • SHA512

    8a26ce55dc280ddeb1b03ca6688d6744e4758b51c7734c51bf50201d539adc1fdf536b91d284a04eb8aaa2216f749676b0b89a4517ed714a2b5186d9cf2420a7

  • SSDEEP

    3072:Z9AvetjiRtIEfsnP1o2u2+86vfB+ZT1NyH6Xq+:wmUIEfsto2u2GZ+ZT1Nyuq+

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 25 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\ZoomInfoContactContributor.exe.7z
    1⤵
    • Modifies registry class
    PID:2476
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:952

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads