Zoom_cm_fkboM58Z9vvrZo4_mPVBHpe-yO93qkCP4Yscr-RXCKgzoOghHmmzI@R+x2vkjkaFX5SvDh_k5dd115d9731b6a18_[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

Zoom_cm_fkboM58Z9vvrZo4_mPVBHpe-yO93qkCP4Yscr-RXCKgzoOghHmmzI@R+x2vkjkaFX5SvDh_k5dd115d9731b6a18_.exe
Size

133KB
MD5

d4a6db13e0df8ed0a9507f29b6ba12e9
SHA1

488293f2fe421878226c3c9bd969b89cc089e0ec
SHA256

fa90e007bc8534b1f355c464dd379970ab4693858a83c58a1f71b8e6f05aa2be
SHA512

b57d6f4832928bab83ff0060f18f506c9f62b6c15655676f38621ea169883fa5c4e906222ae924474fcbb4c26a42e621889d1e965be7b62c1cd96c81faa5695f
SSDEEP

3072:0GzwOVKlM0BAMQtZ70Ie3lHVKN6UUFWtgxdWtQxz:0IwOKM0BAMeMlr5E6EA

Score

1^/10

Malware Config

Signatures

Files

Zoom_cm_fkboM58Z9vvrZo4_mPVBHpe-yO93qkCP4Yscr-RXCKgzoOghHmmzI@R+x2vkjkaFX5SvDh_k5dd115d9731b6a18_.exe
.exe windows:5 windows x86 arch:x86

ddee04b0a3ba762c58f681beb41c8d33

Code Sign

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13-01-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:4d:67:f6:43:16:c9:2a:3b:7a:17:cc:46:97:6a:8f
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

28-07-2021 00:00

Not After

27-07-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA256 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:9c:cf:ab:33:ea:41:7d:56:bf:97:98:ef:5a:b7:97
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA256 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

10-07-2023 00:00

Not After

18-04-2024 23:59

Subject

SERIALNUMBER=4969967,CN=Zoom Video Communications\, Inc.,O=Zoom Video Communications\, Inc.,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13-01-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:4d:67:f6:43:16:c9:2a:3b:7a:17:cc:46:97:6a:8f
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

28-07-2021 00:00

Not After

27-07-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA256 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:9c:cf:ab:33:ea:41:7d:56:bf:97:98:ef:5a:b7:97
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA256 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

10-07-2023 00:00

Not After

18-04-2024 23:59

Subject

SERIALNUMBER=4969967,CN=Zoom Video Communications\, Inc.,O=Zoom Video Communications\, Inc.,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c5:10:e8:50:36:1a:b8:8a:07:98:1f:71:3d:63:4a:56:b1:a6:19:98
Signer

Actual PE Digest

c5:10:e8:50:36:1a:b8:8a:07:98:1f:71:3d:63:4a:56:b1:a6:19:98

Digest Algorithm

sha1

PE Digest Matches

true

d9:1a:bb:78:a1:55:49:b6:cc:c1:6c:76:92:17:92:27:2c:48:01:d4:1b:20:c9:c0:fb:19:f0:cf:c5:2e:a7:98
Signer

Actual PE Digest

d9:1a:bb:78:a1:55:49:b6:cc:c1:6c:76:92:17:92:27:2c:48:01:d4:1b:20:c9:c0:fb:19:f0:cf:c5:2e:a7:98

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\jenkins\workspace\Client\Client\Windows\launcher\Bin\Release\NewZoomWebLauncher.pdb

Imports

shlwapi

ord155
StrCmpNIW
StrStrA
PathAppendW
PathIsRelativeW

kernel32

GetSystemTime
GetFileTime
ExpandEnvironmentStringsA
GetFileAttributesA
CreateDirectoryA
SetUnhandledExceptionFilter
GetTickCount
GetSystemDirectoryW
LoadLibraryW
ExitProcess
LoadLibraryExW
HeapLock
HeapWalk
GetVersion
HeapUnlock
ReleaseSemaphore
CreateSemaphoreA
VerifyVersionInfoA
GetCommandLineA
GetWindowsDirectoryA
GetStartupInfoA
VerSetConditionMask
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
ExitThread
TerminateThread
CreateThread
DeleteCriticalSection
CompareFileTime
WriteFile
SetFilePointer
SetEndOfFile
SystemTimeToFileTime
FlushFileBuffers
ReleaseMutex
GetLocalTime
QueryPerformanceCounter
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
UnhandledExceptionFilter
TerminateProcess
GetTempFileNameA
VerifyVersionInfoW
GetFileAttributesW
OpenProcess
QueryDosDeviceW
K32GetProcessImageFileNameW
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
GetWindowsDirectoryW
GetModuleHandleW
GetProcessTimes
MultiByteToWideChar
RaiseException
CreateProcessA
WideCharToMultiByte
GetModuleHandleExW
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
LCMapStringW
TlsSetValue
FreeLibrary
TlsGetValue
IsDebuggerPresent
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
GetProcessHeap
GetCurrentProcessId
GetProcAddress
HeapAlloc
CloseHandle
FileTimeToSystemTime
DeleteFileA
CreateFileA
MoveFileExA
OpenMutexA
GetLastError
CopyFileA
GetTempPathA
Sleep
GetModuleHandleA
GetCurrentThreadId
WaitForSingleObject
CreateMutexA
FindClose
GetCurrentProcess
SetLastError
HeapFree
FindFirstFileA
GetModuleFileNameA
LocalFree
CreateFileW
RtlUnwind

user32

FindWindowW
GetDesktopWindow
GetWindowThreadProcessId
LoadCursorA
InflateRect
SetWindowPos
SetActiveWindow
GetSystemMetrics
DrawTextA
MapWindowPoints
GetWindowLongA
FrameRect
AttachThreadInput
GetForegroundWindow
SetFocus
FillRect
PostMessageA
FindWindowA
PostQuitMessage
LoadIconA
RegisterClassExA
SetForegroundWindow
IsIconic
LoadStringA
RegisterClassA
GetClassInfoA
UnregisterClassA
IsWindowVisible
SetWindowLongA
IntersectRect
ShowWindowAsync
SetPropA
GetWindowRect
DestroyWindow
ShowWindow
IsWindow
MoveWindow
GetPropA
DefWindowProcA
CreateWindowExA
GetClientRect
UpdateWindow
InvalidateRect
BeginPaint
EndPaint
PostThreadMessageA
GetMessageA
DispatchMessageA
SetTimer
TranslateMessage
PeekMessageA
KillTimer
SendMessageA

gdi32

SetBkMode
CreateFontIndirectA
DeleteObject
SetTextColor
SelectObject
CreateSolidBrush
GetStockObject
GetObjectA

advapi32

CryptVerifySignatureA
OpenProcessToken
GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
DuplicateTokenEx
CheckTokenMembership
FreeSid
AllocateAndInitializeSid
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptReleaseContext
CryptDestroyKey

shell32

ShellExecuteW
SHGetFolderPathA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

VariantInit
VariantClear
SysAllocString
SysFreeString

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddee04b0a3ba762c58f681beb41c8d33

Code Sign

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31Certificate

Extended Key Usages

Key Usages

0e:4d:67:f6:43:16:c9:2a:3b:7a:17:cc:46:97:6a:8fCertificate

Extended Key Usages

Key Usages

03:9c:cf:ab:33:ea:41:7d:56:bf:97:98:ef:5a:b7:97Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31Certificate

Extended Key Usages

Key Usages

0e:4d:67:f6:43:16:c9:2a:3b:7a:17:cc:46:97:6a:8fCertificate

Extended Key Usages

Key Usages

03:9c:cf:ab:33:ea:41:7d:56:bf:97:98:ef:5a:b7:97Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

c5:10:e8:50:36:1a:b8:8a:07:98:1f:71:3d:63:4a:56:b1:a6:19:98Signer

d9:1a:bb:78:a1:55:49:b6:cc:c1:6c:76:92:17:92:27:2c:48:01:d4:1b:20:c9:c0:fb:19:f0:cf:c5:2e:a7:98Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 2KB - Virtual size: 3KB

.didat Size: 512B - Virtual size: 40B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 5KB - Virtual size: 5KB

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

0e:4d:67:f6:43:16:c9:2a:3b:7a:17:cc:46:97:6a:8f
Certificate

03:9c:cf:ab:33:ea:41:7d:56:bf:97:98:ef:5a:b7:97
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

0e:4d:67:f6:43:16:c9:2a:3b:7a:17:cc:46:97:6a:8f
Certificate

03:9c:cf:ab:33:ea:41:7d:56:bf:97:98:ef:5a:b7:97
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

c5:10:e8:50:36:1a:b8:8a:07:98:1f:71:3d:63:4a:56:b1:a6:19:98
Signer

d9:1a:bb:78:a1:55:49:b6:cc:c1:6c:76:92:17:92:27:2c:48:01:d4:1b:20:c9:c0:fb:19:f0:cf:c5:2e:a7:98
Signer

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 2KB - Virtual size: 3KB

.didat
Size: 512B - Virtual size: 40B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 5KB - Virtual size: 5KB