Zoom_cm_feoukisfsb5sfxsr5fxZ9vvrZo4_mKwSYZmmiNT3U0lwNMjaDSPUI6GIHiLpD3mM@YQxWqDWI-AUmnhZw_kef834f7ff6527d6d_[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

Zoom_cm_feoukisfsb5sfxsr5fxZ9vvrZo4_mKwSYZmmiNT3U0lwNMjaDSPUI6GIHiLpD3mM@YQxWqDWI-AUmnhZw_kef834f7ff6527d6d_.exe
Size

133KB
MD5

0e525f27ba5a4c4d0ebca64a61174da0
SHA1

c98cb1a9b04c685dafd486c2f51023653f4e763c
SHA256

d7a06ef8fdaaafedea3b522b7411bede856bb1d0f18d8b7216c20255947ee517
SHA512

108bc37bb02e2a347aadb81ada4985f34fe96cf7a8c61885418a6601867289494ce4d986982fbc4752b12ee018cdb24b11d090cf38b6f34e51e72493da46ff81
SSDEEP

3072:j/Mi8bgXxbzsAQmxtM792e3lHV6N6/bSLmW3u5mW3uDn:jUDbmbzsAQmgvlbBb5mbr

Score

1^/10

Malware Config

Signatures

Files

Zoom_cm_feoukisfsb5sfxsr5fxZ9vvrZo4_mKwSYZmmiNT3U0lwNMjaDSPUI6GIHiLpD3mM@YQxWqDWI-AUmnhZw_kef834f7ff6527d6d_.exe
.exe windows:5 windows x86 arch:x86

ddee04b0a3ba762c58f681beb41c8d33

Code Sign

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13-01-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:4d:67:f6:43:16:c9:2a:3b:7a:17:cc:46:97:6a:8f
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

28-07-2021 00:00

Not After

27-07-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA256 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:bf:28:a0:90:8d:8c:e8:8b:ee:ed:bb:50:f1:e6:85
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA256 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

08-11-2023 00:00

Not After

18-04-2024 23:59

Subject

SERIALNUMBER=4969967,CN=Zoom Video Communications\, Inc.,O=Zoom Video Communications\, Inc.,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13-01-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:4d:67:f6:43:16:c9:2a:3b:7a:17:cc:46:97:6a:8f
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

28-07-2021 00:00

Not After

27-07-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA256 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:bf:28:a0:90:8d:8c:e8:8b:ee:ed:bb:50:f1:e6:85
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA256 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

08-11-2023 00:00

Not After

18-04-2024 23:59

Subject

SERIALNUMBER=4969967,CN=Zoom Video Communications\, Inc.,O=Zoom Video Communications\, Inc.,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

25:0d:66:a9:33:14:91:4d:f5:f9:55:91:f6:b9:6c:82:e3:5f:9c:00
Signer

Actual PE Digest

25:0d:66:a9:33:14:91:4d:f5:f9:55:91:f6:b9:6c:82:e3:5f:9c:00

Digest Algorithm

sha1

PE Digest Matches

true

40:1a:66:24:3a:4d:11:de:9b:0e:3a:2b:16:00:a8:df:80:47:4b:0c:41:b6:b8:4f:70:05:47:9b:d9:3d:15:02
Signer

Actual PE Digest

40:1a:66:24:3a:4d:11:de:9b:0e:3a:2b:16:00:a8:df:80:47:4b:0c:41:b6:b8:4f:70:05:47:9b:d9:3d:15:02

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

ord155
StrCmpNIW
StrStrA
PathAppendW
PathIsRelativeW

kernel32

GetSystemTime
GetFileTime
ExpandEnvironmentStringsA
GetFileAttributesA
CreateDirectoryA
SetUnhandledExceptionFilter
GetTickCount
GetSystemDirectoryW
LoadLibraryW
ExitProcess
LoadLibraryExW
HeapLock
HeapWalk
GetVersion
HeapUnlock
ReleaseSemaphore
CreateSemaphoreA
VerifyVersionInfoA
GetCommandLineA
GetWindowsDirectoryA
GetStartupInfoA
VerSetConditionMask
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
ExitThread
TerminateThread
CreateThread
DeleteCriticalSection
CompareFileTime
WriteFile
SetFilePointer
SetEndOfFile
SystemTimeToFileTime
FlushFileBuffers
ReleaseMutex
GetLocalTime
QueryPerformanceCounter
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
UnhandledExceptionFilter
TerminateProcess
GetTempFileNameA
VerifyVersionInfoW
GetFileAttributesW
OpenProcess
QueryDosDeviceW
K32GetProcessImageFileNameW
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
GetWindowsDirectoryW
GetModuleHandleW
GetProcessTimes
MultiByteToWideChar
RaiseException
CreateProcessA
WideCharToMultiByte
GetModuleHandleExW
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
LCMapStringW
TlsSetValue
FreeLibrary
TlsGetValue
IsDebuggerPresent
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
GetProcessHeap
GetCurrentProcessId
GetProcAddress
HeapAlloc
CloseHandle
FileTimeToSystemTime
DeleteFileA
CreateFileA
MoveFileExA
OpenMutexA
GetLastError
CopyFileA
GetTempPathA
Sleep
GetModuleHandleA
GetCurrentThreadId
WaitForSingleObject
CreateMutexA
FindClose
GetCurrentProcess
SetLastError
HeapFree
FindFirstFileA
GetModuleFileNameA
LocalFree
CreateFileW
RtlUnwind

user32

FindWindowW
GetDesktopWindow
GetWindowThreadProcessId
LoadCursorA
InflateRect
SetWindowPos
SetActiveWindow
GetSystemMetrics
DrawTextA
MapWindowPoints
GetWindowLongA
FrameRect
AttachThreadInput
GetForegroundWindow
SetFocus
FillRect
PostMessageA
FindWindowA
PostQuitMessage
LoadIconA
RegisterClassExA
SetForegroundWindow
IsIconic
LoadStringA
RegisterClassA
GetClassInfoA
UnregisterClassA
IsWindowVisible
SetWindowLongA
IntersectRect
ShowWindowAsync
SetPropA
GetWindowRect
DestroyWindow
ShowWindow
IsWindow
MoveWindow
GetPropA
DefWindowProcA
CreateWindowExA
GetClientRect
UpdateWindow
InvalidateRect
BeginPaint
EndPaint
PostThreadMessageA
GetMessageA
DispatchMessageA
SetTimer
TranslateMessage
PeekMessageA
KillTimer
SendMessageA

gdi32

SetBkMode
CreateFontIndirectA
DeleteObject
SetTextColor
SelectObject
CreateSolidBrush
GetStockObject
GetObjectA

advapi32

CryptVerifySignatureA
OpenProcessToken
GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
DuplicateTokenEx
CheckTokenMembership
FreeSid
AllocateAndInitializeSid
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptReleaseContext
CryptDestroyKey

shell32

ShellExecuteW
SHGetFolderPathA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

VariantInit
VariantClear
SysAllocString
SysFreeString

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddee04b0a3ba762c58f681beb41c8d33

Code Sign

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31Certificate

Extended Key Usages

Key Usages

0e:4d:67:f6:43:16:c9:2a:3b:7a:17:cc:46:97:6a:8fCertificate

Extended Key Usages

Key Usages

02:bf:28:a0:90:8d:8c:e8:8b:ee:ed:bb:50:f1:e6:85Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31Certificate

Extended Key Usages

Key Usages

0e:4d:67:f6:43:16:c9:2a:3b:7a:17:cc:46:97:6a:8fCertificate

Extended Key Usages

Key Usages

02:bf:28:a0:90:8d:8c:e8:8b:ee:ed:bb:50:f1:e6:85Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

25:0d:66:a9:33:14:91:4d:f5:f9:55:91:f6:b9:6c:82:e3:5f:9c:00Signer

40:1a:66:24:3a:4d:11:de:9b:0e:3a:2b:16:00:a8:df:80:47:4b:0c:41:b6:b8:4f:70:05:47:9b:d9:3d:15:02Signer

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 2KB - Virtual size: 3KB

.didat Size: 512B - Virtual size: 40B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 5KB - Virtual size: 5KB

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

0e:4d:67:f6:43:16:c9:2a:3b:7a:17:cc:46:97:6a:8f
Certificate

02:bf:28:a0:90:8d:8c:e8:8b:ee:ed:bb:50:f1:e6:85
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

0e:4d:67:f6:43:16:c9:2a:3b:7a:17:cc:46:97:6a:8f
Certificate

02:bf:28:a0:90:8d:8c:e8:8b:ee:ed:bb:50:f1:e6:85
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

25:0d:66:a9:33:14:91:4d:f5:f9:55:91:f6:b9:6c:82:e3:5f:9c:00
Signer

40:1a:66:24:3a:4d:11:de:9b:0e:3a:2b:16:00:a8:df:80:47:4b:0c:41:b6:b8:4f:70:05:47:9b:d9:3d:15:02
Signer

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 2KB - Virtual size: 3KB

.didat
Size: 512B - Virtual size: 40B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 5KB - Virtual size: 5KB