5487cf02db06718bb951da1d7f7e778e28aedba65f207d5af7b58fbc212d5e90 | Triage

Submit
Reports

Overview

overview

5

Static

static

1

ZoomInstaller.exe

windows7-x64

5

ZoomInstaller.exe

windows10-2004-x64

5

Sharing

General

Target

ZoomInstaller.exe
Size

12.2MB
Sample

240915-bqv3csyapa
MD5

03fb80c4cded881a8f6c21a7712643e1
SHA1

8a6d2fe2cb14400c3ca85958e9aca30274c7b84f
SHA256

5487cf02db06718bb951da1d7f7e778e28aedba65f207d5af7b58fbc212d5e90
SHA512

7dd7b5dcbbb76d2a94481c60902a3b238428f286aa01fac7a1b97756aa76071fa0d0f5718048af8e0cb086435f1916e50176d4dfad779ed597d7b3b17562df76
SSDEEP

393216:Qch2kBJTdPk1SDnezY7ucsuS3fEYueEAIDvV6zD:PlzTgSD7ucsuYueEAwsX

Score

5^/10

defense_evasion discovery privilege_escalation

Static task

static1

Behavioral task

behavioral1

Sample

ZoomInstaller.exe

Resource

win7-20240708-en

defense_evasion discovery privilege_escalation

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

ZoomInstaller.exe

Resource

win10v2004-20240802-en

defense_evasion discovery privilege_escalation

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  ZoomInstaller.exe
- Size
  
  12.2MB
- MD5
  
  03fb80c4cded881a8f6c21a7712643e1
- SHA1
  
  8a6d2fe2cb14400c3ca85958e9aca30274c7b84f
- SHA256
  
  5487cf02db06718bb951da1d7f7e778e28aedba65f207d5af7b58fbc212d5e90
- SHA512
  
  7dd7b5dcbbb76d2a94481c60902a3b238428f286aa01fac7a1b97756aa76071fa0d0f5718048af8e0cb086435f1916e50176d4dfad779ed597d7b3b17562df76
- SSDEEP
  
  393216:Qch2kBJTdPk1SDnezY7ucsuS3fEYueEAIDvV6zD:PlzTgSD7ucsuYueEAwsX
Score

5^/10

defense_evasion discovery privilege_escalation
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Access Token Manipulation

Create Process with Token

Defense Evasion

Access Token Manipulation

Create Process with Token

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryprivilege_escalation

behavioral2

defense_evasiondiscoveryprivilege_escalation

© 2018-2025

Terms | Privacy