Analysis Overview
Threat Level: Likely malicious
The file https://thrivecap.zoom.us/j/82899019123?pwd=zQbw8L0lubICMiQu8EAhDi9WCvFT4a.1 was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Checks computer location settings
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Checks system information in the registry
Browser Information Discovery
System Location Discovery: System Language Discovery
Access Token Manipulation: Create Process with Token
Enumerates physical storage devices
Modifies data under HKEY_USERS
Suspicious use of FindShellTrayWindow
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Modifies Internet Explorer settings
Modifies system certificate store
Suspicious behavior: EnumeratesProcesses
Modifies registry class
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-10-30 13:49
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-30 13:49
Reported
2024-10-30 13:53
Platform
win10v2004-20241007-en
Max time kernel
242s
Max time network
245s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\Zoom_cm_fwzu5ykiseZ9vvrZo4_mlOrKfUvQVPu3cU5pA5KPFpDgbG45S+4Vhcne@B7JHVJ-1NZTT+9pR_kdbe2e2edc1b04016_.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
Access Token Manipulation: Create Process with Token
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Zoom_cm_fwzu5ykiseZ9vvrZo4_mlOrKfUvQVPu3cU5pA5KPFpDgbG45S+4Vhcne@B7JHVJ-1NZTT+9pR_kdbe2e2edc1b04016_.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\zm61E2.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Zoom_cm_fwzu5ykiseZ9vvrZo4_mlOrKfUvQVPu3cU5pA5KPFpDgbG45S+4Vhcne@B7JHVJ-1NZTT+9pR_kdbe2e2edc1b04016_.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFDA28A5-1B5F-4635-9877-73DF0D710C9A}\Policy = "3" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\Zoom.exe = "11000" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000\Software\Microsoft\Internet Explorer\ProtocolExecute\zoommtg | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000\Software\Microsoft\Internet Explorer\ProtocolExecute\zoomus | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFDA28A5-1B5F-4635-9877-73DF0D710C9A} | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFDA28A5-1B5F-4635-9877-73DF0D710C9A}\AppName = "Zoom.exe" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\zoommtg\WarnOnOpen = "0" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\zoomus\WarnOnOpen = "0" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFDA28A5-1B5F-4635-9877-73DF0D710C9A} | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFDA28A5-1B5F-4635-9877-73DF0D710C9A}\AppPath = "C:\\Users\\Admin\\AppData\\Roaming\\Zoom\\bin" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133747697884108476" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\.zoom\ = "ZoomRecording" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomPhoneCall\ = "URL:ZoomPhoneCall Protocol" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomPhoneCall\URL Protocol | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomPbx.zoomphonecall\URL Protocol | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomLauncher\ = "Zoom Launcher - 3.0.1" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomLauncher\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Roaming\\Zoom\\bin\\Zoom.exe\" \"--url=%1\"" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoommtg\shell | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoomus\shell\open\command | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\.zoommtg\Content Type = "application/x-zoommtg-launcher" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\MIME\Database\Content Type\application/x-zoommtg-launcher\Extension = ".zoommtg" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoomus\shell\open | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoommtg\shell\open\command | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomRecording\DefaultIcon | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomPbx.zoomphonecall\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Roaming\\Zoom\\bin\\Zoom.exe\",1" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoomus\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Roaming\\Zoom\\bin\\Zoom.exe\",1" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomPhoneCall\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Roaming\\Zoom\\bin\\Zoom.exe\" --url=\"%l\"" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomRecording\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Roaming\\Zoom\\bin\\Zoom.exe\",0" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomPhoneCall\shell\open\command | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomPbx.zoomphonecall\DefaultIcon | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoommtg | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoomus\URL Protocol | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomRecording | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomPhoneCall\shell | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomPbx.zoomphonecall | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\.zoommtg\ = "ZoomLauncher" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoommtg\DefaultIcon | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoomus\DefaultIcon | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomRecording\ = "Zoom Recording File" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomPhoneCall\shell\open | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomPbx.zoomphonecall\shell\open\command | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomPbx.zoomphonecall\shell | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoomus\shell | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomPhoneCall\DefaultIcon | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomPbx.zoomphonecall\shell\open | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\.zoom | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomPbx.zoomphonecall\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Roaming\\Zoom\\bin\\Zoom.exe\" --url=\"%l\"" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1045960512-3948844814-3059691613-1000\{6F723D08-3F61-400E-9695-724BE04CA75C} | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\.zoommtg | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomLauncher | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoomus\UseOriginalUrlEncoding = "1" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoommtg\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Roaming\\Zoom\\bin\\Zoom.exe\",1" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomLauncher\shell\open | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomLauncher\shell\open\command | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\MIME\Database\Content Type\application/x-zoommtg-launcher | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoommtg\ = "URL:Zoom Launcher" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoommtg\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Roaming\\Zoom\\bin\\Zoom.exe\" \"--url=%1\"" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomPbx.zoomphonecall\ = "URL:ZoomPhoneCall Protocol" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoommtg\URL Protocol | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoomus | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoomus\ = "URL:Zoom Launcher" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoomus\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Roaming\\Zoom\\bin\\Zoom.exe\" \"--url=%1\"" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomRecording\shell\open\command | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomRecording\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Roaming\\Zoom\\bin\\zTscoder.exe\" \"%1\"" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomLauncher\shell | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoommtg\UseOriginalUrlEncoding = "1" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\zoommtg\shell\open | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomPhoneCall\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Roaming\\Zoom\\bin\\Zoom.exe\",1" | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomRecording\shell | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomRecording\shell\open | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\ZoomPhoneCall | C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 5c000000010000000400000000080000190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc36200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8040000000100000010000000d474de575c39b2d39c8583c5c065498a2000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Users\Admin\Downloads\Zoom_cm_fwzu5ykiseZ9vvrZo4_mlOrKfUvQVPu3cU5pA5KPFpDgbG45S+4Vhcne@B7JHVJ-1NZTT+9pR_kdbe2e2edc1b04016_.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25 | C:\Users\Admin\Downloads\Zoom_cm_fwzu5ykiseZ9vvrZo4_mlOrKfUvQVPu3cU5pA5KPFpDgbG45S+4Vhcne@B7JHVJ-1NZTT+9pR_kdbe2e2edc1b04016_.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Users\Admin\Downloads\Zoom_cm_fwzu5ykiseZ9vvrZo4_mlOrKfUvQVPu3cU5pA5KPFpDgbG45S+4Vhcne@B7JHVJ-1NZTT+9pR_kdbe2e2edc1b04016_.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://thrivecap.zoom.us/j/82899019123?pwd=zQbw8L0lubICMiQu8EAhDi9WCvFT4a.1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd769ccc40,0x7ffd769ccc4c,0x7ffd769ccc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1932,i,11194820032914293974,2831244856339606712,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1924 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1796,i,11194820032914293974,2831244856339606712,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2160 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2220,i,11194820032914293974,2831244856339606712,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2368 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,11194820032914293974,2831244856339606712,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3128 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3100,i,11194820032914293974,2831244856339606712,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3160 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3676,i,11194820032914293974,2831244856339606712,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4544 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4800,i,11194820032914293974,2831244856339606712,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4844 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4812,i,11194820032914293974,2831244856339606712,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4524 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4784,i,11194820032914293974,2831244856339606712,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5128 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4824,i,11194820032914293974,2831244856339606712,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5272 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4832,i,11194820032914293974,2831244856339606712,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4976 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4852,i,11194820032914293974,2831244856339606712,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5384 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4816,i,11194820032914293974,2831244856339606712,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4932 /prefetch:8
C:\Users\Admin\Downloads\Zoom_cm_fwzu5ykiseZ9vvrZo4_mlOrKfUvQVPu3cU5pA5KPFpDgbG45S+4Vhcne@B7JHVJ-1NZTT+9pR_kdbe2e2edc1b04016_.exe
"C:\Users\Admin\Downloads\Zoom_cm_fwzu5ykiseZ9vvrZo4_mlOrKfUvQVPu3cU5pA5KPFpDgbG45S+4Vhcne@B7JHVJ-1NZTT+9pR_kdbe2e2edc1b04016_.exe"
C:\Users\Admin\Downloads\Zoom_cm_fwzu5ykiseZ9vvrZo4_mlOrKfUvQVPu3cU5pA5KPFpDgbG45S+4Vhcne@B7JHVJ-1NZTT+9pR_kdbe2e2edc1b04016_.exe
"C:\Users\Admin\Downloads\Zoom_cm_fwzu5ykiseZ9vvrZo4_mlOrKfUvQVPu3cU5pA5KPFpDgbG45S+4Vhcne@B7JHVJ-1NZTT+9pR_kdbe2e2edc1b04016_.exe" /normal.priviledge
C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe
"C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe" ZInstaller --conf.mode=silent --ipc_wnd=327724
C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe
"C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe" /addfwexception --bin_home="C:\Users\Admin\AppData\Roaming\Zoom\bin"
C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe
"C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe" "--url=zoommtg://win.launch?h.domain=thrivecap.zoom.us&h.path=join&confid=dXNzPWk0b1MwS0VQNTRGUC1ubC1XUk5fWDQyZnYzelkwVUQxU1dqQzFSbnAweDhvV3M3enJMTVBhUzZ4YjJLVlVKMzQ2Um9pemZxVFR4UHFJMWdjemN4YlZ6aU5KTW1haDYzZlJ3WEtIemxUN2FMU1puTy14bktaMDhlbllNRW5ZaVhESnBDcE5LamJhdFV2UG9mVUhaNkVPSGo0N2tFTFVubERxUGg4R3c5WC12WHNYMUpSbndlTV9tbDY4Zy5XaTd4TW1OcnFIM3k5SVkwJnRpZD01NmJjOTUyMWYwMTk0NmMzOWViMGU4M2JhNWY4Y2Q5NA%3D%3D&mcv=0.92.11227.0929&stype=0&zc=0&browser=chrome&action=join&confno=82899019123&pwd=zQbw8L0lubICMiQu8EAhDi9WCvFT4a.1"
C:\Users\Admin\AppData\Local\Temp\zm61E2.tmp
"C:\Users\Admin\AppData\Local\Temp\zm61E2.tmp" -DAF8C715436E44649F1312698287E6A5=C:\Users\Admin\Downloads\Zoom_cm_fwzu5ykiseZ9vvrZo4_mlOrKfUvQVPu3cU5pA5KPFpDgbG45S+4Vhcne@B7JHVJ-1NZTT+9pR_kdbe2e2edc1b04016_.exe
C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe
"C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe" --action=join --runaszvideo=TRUE
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x324 0x50c
C:\Users\Admin\AppData\Roaming\Zoom\bin\cpthost.exe
-event 00000000000010E0 -pid 184 -evtname cpthost.exe184-41-000001DE9555FF70 -exitevent 0000000000001020 -exitevtname cpthost.exe184_rpcexit-41-000001DE9555FF70 -user_path "C:\Users\Admin\AppData\Roaming\Zoom"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1472,i,11194820032914293974,2831244856339606712,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5488 /prefetch:8
C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe
"C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe" --action=preload --runaszvideo=TRUE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | thrivecap.zoom.us | udp |
| US | 170.114.52.6:443 | thrivecap.zoom.us | tcp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.52.114.170.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | st1.zoom.us | udp |
| US | 8.8.8.8:53 | us01ccistatic.zoom.us | udp |
| US | 170.114.45.1:443 | st1.zoom.us | tcp |
| US | 52.84.151.54:443 | us01ccistatic.zoom.us | tcp |
| US | 8.8.8.8:53 | log-gateway.zoom.us | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 170.114.65.138:443 | log-gateway.zoom.us | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | us06st3.zoom.us | udp |
| US | 52.84.151.54:443 | us01ccistatic.zoom.us | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | 1.45.114.170.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.151.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.86.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.65.114.170.in-addr.arpa | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 170.114.52.6:443 | thrivecap.zoom.us | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | zoom-privacy.my.onetrust.com | udp |
| US | 172.64.155.119:443 | zoom-privacy.my.onetrust.com | tcp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.163.202.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | thrivecap.zoom.us | udp |
| US | 170.114.52.6:443 | thrivecap.zoom.us | tcp |
| US | 170.114.52.6:443 | thrivecap.zoom.us | tcp |
| US | 8.8.8.8:53 | cdn.zoom.us | udp |
| US | 170.114.46.1:443 | cdn.zoom.us | tcp |
| US | 170.114.52.6:443 | thrivecap.zoom.us | tcp |
| US | 8.8.8.8:53 | 1.46.114.170.in-addr.arpa | udp |
| US | 8.8.8.8:53 | zoom.us | udp |
| US | 170.114.52.2:443 | zoom.us | tcp |
| US | 170.114.52.2:443 | zoom.us | tcp |
| US | 170.114.52.2:443 | zoom.us | tcp |
| US | 170.114.52.2:443 | zoom.us | tcp |
| US | 170.114.52.2:443 | zoom.us | tcp |
| US | 170.114.52.2:443 | zoom.us | tcp |
| US | 170.114.46.1:443 | cdn.zoom.us | tcp |
| US | 170.114.46.1:443 | cdn.zoom.us | tcp |
| US | 170.114.46.1:443 | cdn.zoom.us | tcp |
| US | 8.8.8.8:53 | 2.52.114.170.in-addr.arpa | udp |
| US | 144.195.33.213:3478 | udp | |
| US | 144.195.29.213:3478 | udp | |
| US | 144.195.29.213:3479 | udp | |
| US | 8.8.8.8:53 | 213.33.195.144.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.29.195.144.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www3.zoom.us | udp |
| US | 170.114.52.2:443 | www3.zoom.us | tcp |
| US | 144.195.29.213:3478 | udp | |
| US | 144.195.28.213:3478 | udp | |
| US | 144.195.28.213:3479 | udp | |
| US | 8.8.8.8:53 | 213.28.195.144.in-addr.arpa | udp |
| US | 8.8.8.8:53 | st1.zoom.us | udp |
| US | 8.8.8.8:53 | us06st1.zoom.us | udp |
| US | 8.8.8.8:53 | us06st2.zoom.us | udp |
| US | 8.8.8.8:53 | us06st3.zoom.us | udp |
| US | 170.114.45.1:443 | us06st3.zoom.us | tcp |
| US | 170.114.45.1:443 | us06st3.zoom.us | tcp |
| US | 170.114.45.1:443 | us06st3.zoom.us | tcp |
| US | 170.114.45.1:443 | us06st3.zoom.us | tcp |
| US | 170.114.45.1:443 | us06st3.zoom.us | tcp |
| US | 170.114.45.1:443 | us06st3.zoom.us | tcp |
| US | 170.114.45.1:443 | us06st3.zoom.us | tcp |
| US | 170.114.45.1:443 | us06st3.zoom.us | tcp |
| US | 170.114.45.1:443 | us06st3.zoom.us | tcp |
| US | 170.114.45.1:443 | us06st3.zoom.us | tcp |
| US | 170.114.45.1:443 | us06st3.zoom.us | tcp |
| US | 170.114.46.1:443 | us06st3.zoom.us | tcp |
| US | 170.114.45.1:443 | us06st3.zoom.us | tcp |
| US | 170.114.46.1:443 | us06st3.zoom.us | tcp |
| US | 170.114.45.1:443 | us06st3.zoom.us | tcp |
| US | 170.114.45.1:443 | us06st3.zoom.us | tcp |
| US | 170.114.45.1:443 | us06st3.zoom.us | tcp |
| US | 170.114.52.2:443 | www3.zoom.us | tcp |
| US | 170.114.52.2:443 | www3.zoom.us | tcp |
| US | 170.114.52.2:443 | www3.zoom.us | tcp |
| US | 8.8.8.8:53 | zoomfrarr213zc.fra.zoom.us | udp |
| US | 8.8.8.8:53 | zoomamp30zc.am.zoom.us | udp |
| US | 8.8.8.8:53 | zoomfrarq213zc.fra.zoom.us | udp |
| US | 8.8.8.8:53 | zoomamq245zc.am.zoom.us | udp |
| US | 8.8.8.8:53 | zoomfrarr213zc.fra.zoom.us | udp |
| US | 8.8.8.8:53 | zoomamp30zc.am.zoom.us | udp |
| US | 8.8.8.8:53 | zoomfrarq213zc.fra.zoom.us | udp |
| US | 8.8.8.8:53 | zoomamq245zc.am.zoom.us | udp |
| DE | 159.124.42.213:443 | zoomfrarr213zc.fra.zoom.us | tcp |
| US | 149.137.4.30:443 | zoomamp30zc.am.zoom.us | tcp |
| DE | 159.124.40.213:443 | zoomfrarq213zc.fra.zoom.us | tcp |
| US | 149.137.3.245:443 | zoomamq245zc.am.zoom.us | tcp |
| US | 8.8.8.8:53 | zoomamp46mmr.am.zoom.us | udp |
| US | 8.8.8.8:53 | zoomamp46mmr.am.zoom.us | udp |
| US | 149.137.4.46:443 | zoomamp46mmr.am.zoom.us | tcp |
| US | 8.8.8.8:53 | 213.42.124.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.3.137.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.4.137.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.40.124.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.4.137.149.in-addr.arpa | udp |
| N/A | 127.0.0.1:59755 | tcp | |
| US | 149.137.4.46:443 | zoomamp46mmr.am.zoom.us | tcp |
| US | 149.137.4.46:8801 | zoomamp46mmr.am.zoom.us | udp |
| US | 149.137.4.46:8801 | zoomamp46mmr.am.zoom.us | udp |
| US | 149.137.4.46:8801 | zoomamp46mmr.am.zoom.us | udp |
| US | 149.137.4.46:8801 | zoomamp46mmr.am.zoom.us | udp |
| US | 149.137.4.46:8801 | zoomamp46mmr.am.zoom.us | udp |
| US | 149.137.4.46:8801 | zoomamp46mmr.am.zoom.us | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.99.105.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
Files
\??\pipe\crashpad_1028_CDEQWPJAVGVQSWVT
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\Downloads\Unconfirmed 32048.crdownload
| MD5 | bc48cb98d8f2dacca97a2eb72f4275cb |
| SHA1 | cd3dd263fc37c8c7beb1393a654b400f2f531f1c |
| SHA256 | c18fb46afa17ad8578d1edd4aa6a89b42f381ca7998a4e5a096643e0f2721c49 |
| SHA512 | 7db6992278ca008e7aafa07eb198b046a125d23ca524f15d5302b137385dd4e40a4a54ce4dabb28710b71fbcfdd2d3315fb36e591edc2b3e1737b11b9ee45a5c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | bc14f544c3d168113e2d3fb222ef70e6 |
| SHA1 | 6ad296557b4de72e53c03d97f8cacbbf90491e54 |
| SHA256 | f2c6dd57b7245e6fc4a0498a7d3d644377f99b0bfdb0cb9d81548fac6eff14d3 |
| SHA512 | 8dbd41b3c2a59969c62cee1f98d6de61a8bbe5a0d2920240126fa03b2dfb3914a374e4f2e9d51b8b3399cf5bbd7d057f7677ac402a2eb93db245d009a050dd5a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 06ed750e5190c9826f8e0f4a444d788a |
| SHA1 | 9d480551f2996a20b9ea78eb8edb18b05db22185 |
| SHA256 | 6fc91cd0924541a89af188c9e272c250de2ea33c664f1952e4a6c85f92132851 |
| SHA512 | c77043f2f0b8a2b0168e29f7c0f7e03b8c81a678508bb8e9e4aa5c2d77319806a6e55f8a2f01c510588b099fb1b7d5de7be5c71f76883b3be6df1929bf57f911 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7261271ebb27157512d3e1da42bc0394 |
| SHA1 | 241908c0f083dbbccede761f5c2ce91a2b59e540 |
| SHA256 | bf0e0136dfa5e4f8b42648451d17d3c6fedc1cd77385558b19f5f6b1cfa63fa5 |
| SHA512 | 6b3536e83f055757348bf785ad2111bf3e7767ae0634db8e171a7ea758de7e50f070a986a4c575af878cc83708cf13c286a7ea741f8ce564c0413dfe95f99fba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 88c398a8d4d1defceb043afa54f6b90c |
| SHA1 | e391151d5e282a11c79fe1970fe9ecf2ada97e8b |
| SHA256 | 553cd0853629cb5a4117979dadef36114f6fa0a0aaada21f8fed68747f8d97f1 |
| SHA512 | bcfe7b12b595569f056a79de7fc0841f8e191fd9dc31e8e95696b5c10114edeb831ad3798b09971dbcf2d13d1b077654511cf85aae875b4d95e5ea2803514a03 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 10ee5aa13f4ff6ffe2f1920065ceb648 |
| SHA1 | b1d64dbd563ceb21823f85308a53a004077fcc11 |
| SHA256 | 50cdbd76cfa572fb18e9bcee4c4897510bc51926e32e7cb213daffd0a7c62ec0 |
| SHA512 | 1bae85b0f94bb7df34eca229d290cf4a87ecf219e508cfb4d25c6cf7c7e93b0dcd63d9240bedc9e7e69ae8d9add84ac10f3c87d8f39d317a2f64c86952bc6d98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b407d894ca5c70237682fbd01e5cd0e9 |
| SHA1 | 2e621d1732baf6b2e91e343efcc094ea2fa417ea |
| SHA256 | 1bf1aecee84454b8783c57855687de876b28cb9697639042749be1ecc154e1cb |
| SHA512 | 83bf96de6e614654ec917c73129753cbac9e0b228e4f675a70910a3ba640c7f0ffb1d125e065b3289bd1513862252c08a969d9895b4c90d6a4f07493f00f97b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7369fe5b9fa785977545c7c25d9f22c6 |
| SHA1 | b2ac0b13a69a0ba03e615dd09b41c3956ea41aeb |
| SHA256 | 0937b45955a457bb2ca5f27463a585643c7dd9ff18a97d12830bdcebea4d1576 |
| SHA512 | daf32436110756c45f1316d6fa030b733c0ce8ba781d8ac67407b9b66f40798fd3dba8a484a51a2428c971675c4407dfb89e44cbcef4924cae3773973b755ef7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cd60fefab4ec7892cf0fdcdb9bb2fecf |
| SHA1 | 3bdd0d270df7d9d1c1d1512023a6581adbba15da |
| SHA256 | b6c429f3cba162c7acbd7dc5f7711269ff63eca58aafcc95e59b90dd8439e2ab |
| SHA512 | 6e0c16004c1e545508ad315f74881ef9aa2fc206c2b6b7a1e7aec9eb8ecbda25701c6f1f828c949b7ca61f3862d1617e1aa526a624f3bde84c24113d7eb1323f |
C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Installer.exe
| MD5 | 0e2b19c5e6c1316a253af47e9c078791 |
| SHA1 | 971ba1a9e8407eff09321f67b9a3c179e8d6c1e0 |
| SHA256 | bfed400ef36b0680c45237f51d9f0c69a2320a93567f9ecd39105d57e063465f |
| SHA512 | bd534f2f19df8ed584114cbc83c0eb8d3adfd90b82560201a85f3349b0c3e098718e5d1c0c406eba4c3aa3b588cbb1ecd10b343e0db60ff2f6c698e28e58583d |
C:\Users\Admin\AppData\Roaming\Zoom\ZoomDownload\Zoom.msi
| MD5 | f89483d43b7a0d56989f0184f6938bcb |
| SHA1 | d53c0d4e9742472f6e43187e93072f788975e1ab |
| SHA256 | 0f5beee62968b2eddbe2413b30abcdc045290e974da06a6ab4836029c51288aa |
| SHA512 | 1a058da2aadaf7bb2d2521f36b9ae55239218a01b2dc841e42dec13fe1a244c8c8e07a0fe6d0e3801c4b9b9c71911011adc1ad374c380022295508999335a119 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\msaalib.dll
| MD5 | 607ff37ba6d62c0a1f8b16a2c5d76df1 |
| SHA1 | 6547ca203a2bb71dc1106490349ab01aee14ffd8 |
| SHA256 | 36110afa90d56ea5402dd8e2b77255e9fcb8c2ffa4da862932ccc45d49caa1ce |
| SHA512 | 2a41f668b32bb943b64cf916ea3c7a946c7eeffd49cf11245fd42dba82a379c0ef074ea94d1662286d659b0f7ff9ea64258c1c4103de88ad89e455cc8b8f592b |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\cmmbiz.dll
| MD5 | 45a60d9a5eb2b899060fee14997ba029 |
| SHA1 | 9b8354c48c54bf66c7375d4d96483928f28fc1eb |
| SHA256 | 913f74b112f80443d84db39b33419272aa9f83ec444444f125f4de9823a3a3cc |
| SHA512 | 30e47f7ee0fc1055fbed7519b8bff9edc42edfc0dcd09eacf81034469b07fd3a7833c8ddb44fb7b771f4bc1421d2b474a300c2345958efdb4cd03e4fd8dde1b9 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\Cmmlib.dll
| MD5 | ace3328a5a0f87459e36592450299e53 |
| SHA1 | 2fd94a42ba908465f1a4f021ecd25b7382d5587f |
| SHA256 | 3a63daacccfb214ce0cc2beedf8d8ae535bb71de7d5d17391209f69c18ce111b |
| SHA512 | 80a82150982223add1d409e744c4c606941e595d82b93b4061ca66ffe9c245a3fca0f298c5f7760a36a98427bbec5f90b2e23b4fb66ac4c2af4a456a31d7bb39 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\CmmBrowserEngine.dll
| MD5 | 793bb2beb57a01806284991ab2774634 |
| SHA1 | a3a83197324a5be14e63743349e11f8121b6b3ea |
| SHA256 | 41166b4cef0815d0f968b18e613708a97ae230d6b3f3131a729e712057ee4a22 |
| SHA512 | 6718a47ea29f842fc6efe3ebd9ae577f3fbe146ae80567e25f0264fc8922a2e5ae46bd04526bd299c15402f2f4c08a6d6a4ae8b9e813387e9e879cf5344f92b1 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zUnifyWebView.dll
| MD5 | 1bb1c5799d0ff0b7d3dc9634018c31de |
| SHA1 | cab6e7956a6cfa5cdf7079002d499a19ff81daac |
| SHA256 | 9169f12ada74c4aab2c37c3f71423e9755d0dd6c6cdf2147c9f286d1a84a2730 |
| SHA512 | 9e6b6a789cb3c47df25c89a13fe453d124a01b3c842038e8d191d5417f02c2b4357bf72943c9e60a2888beedcd65a9dec18061c7f2495d3e40018694c3143522 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\CptHost.exe
| MD5 | b4568ee3c44468b2624277dd28b1acf7 |
| SHA1 | e7a98d556872cfe0fae5d9aed849ffbb75033c55 |
| SHA256 | 4153c54195afc48597ec0329aea1e5971944e40d0315e4df91a58330733a5184 |
| SHA512 | ae0b1b7ae930a5f3de7e0e19453867ece8965a05299cde777913d4a5b3685b3523062fff93ae9c49fb20b1829fc8c92fff0a8acbacbc082b6ccca00897c8e860 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\crashrpt_lang.ini
| MD5 | fcf61aed8f093bfcf571cdd8f8162a05 |
| SHA1 | 8de8177798aae82d5bcc0870c1ca5365f5d9966d |
| SHA256 | 1f5b45a5411f7fc71b9da789d6d1ead8ad30551fbea7bbb40fc7ea576d581abb |
| SHA512 | 8a5d252d115f868a4e20fce10f9f9ec5f3948f0ad5680d656e0eba1fd167d36889e54c6e59bcde756945f93685401b825ba9dd7243d907d74b58a1d826609d72 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\CptShare.dll
| MD5 | 0c5ec54de95e1a320e5ff90d3057d964 |
| SHA1 | 803397b2c3d65451748f0c04a7bd7a97de9307cc |
| SHA256 | 07b27be2d029aa4478c77e1747fd7ce2c082abe10c04db9529563643984db9ac |
| SHA512 | f082eb8e50531a69227322b8891dc7c9f8fa40d5716f5df0c73cbefffd0c6763a785fd05328ee48331d3a5730959b21831c590c4ede37a17c3529f1132643687 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\libcrypto-3-zm.dll
| MD5 | e3f798f96dab17a9e31796339ae77067 |
| SHA1 | 50c34e1fbe6298f86dd0545c0f6383604e15fd94 |
| SHA256 | a628dff07fc4a58c5fbbb6132875729d7e73c340e8ab5dc84012bdbdb4a6030b |
| SHA512 | b412322d69390d00bd4b61e13833d02ac45d1d03d3430d64101a77f5daa9ca5afca17681d260420c017ebbf2668ffd3ad9e53120abd77da255614da686c23820 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\mcm.dll
| MD5 | 7a0f481c49d03d20cb30b2a492e7d923 |
| SHA1 | 55f6ae9bd38c827d7217a14e28120c61f9904279 |
| SHA256 | d20fc2bd35939fdf34e4a33b8df5c1b27ae64bd7ccad8ed7269b45c91c37b505 |
| SHA512 | 101db7a6fb6ce0e745da4b2ac35212e09a3674fb993d04000f9910442889bfaff46ae3717bbcd2e85c2d3763b1e445fe0fc831c59364fb00f313641026ad118b |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\ring_spatial.pcm
| MD5 | d60d149441ac263dcb477cc17f29cf35 |
| SHA1 | a5f8bb83e31164070b9b904a1af694f87be96a33 |
| SHA256 | 5358f9d08ca9c8f97c66109cc804d90d2d61c3d18a7c0da230299cbaab239b17 |
| SHA512 | af3ccdf19b7088e491ad98f0e23e448253c87fecaac9f9434fc49ff201750dfa22e1941a6bafc0faa4930e9bd9e2c3a8db38b4d10edc999b7034fa760e8d3758 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\ring.pcm
| MD5 | 15f886cbaee088418b6ffcc29115c64d |
| SHA1 | 9147beae4e9138ba609f67e75f9cbea7651ca307 |
| SHA256 | 29792a0893ed2457c3872c4418bdd71f5e6c1b8e5894c2c921f8a8f8d797d4dc |
| SHA512 | e5228897cffb5e05a7a66471c52089ddb682d544ac3b4ac312804883a2d335b60edb6236286dbfb6934ed12715709f8ffa09dc7014844acb89bb1b0e205a2daa |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\nydus.dll
| MD5 | e986fdf64606a83d95683daf8b4e2e10 |
| SHA1 | 02575fadccebdd5b9015183e2ba43c854dceecb0 |
| SHA256 | 89e2da17fb98d8f6f47b31ecc378e141425ca6342ff9a94881e3ca852a02cfc5 |
| SHA512 | f05d4b2b0f36cb7315f2ef3c08ab2ae0645115e3f8fb5a6b1876bdf0655e61dacb329dab98e668f9fe4564f06bde0414c7b421640bc7f133fab40f724f10ea2a |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\wr_ding.pcm
| MD5 | c9318cc2306bf6b1ee74a5987a8d371a |
| SHA1 | f482d3de9e8dd7c04344fab37d067a08233b64dd |
| SHA256 | 58cbaef9b7177a4e4427ceb303b852463964a5ac4e979055021eed1901ff164c |
| SHA512 | 04ccca6ed6c13872e8d967a9eceb7b485c5f0f7442259395773a1ef168fcf317e60e22ad2840579e4d8b849d1606190cf5dca0e00c2f88cd1891b8206e9a5ec6 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\record_stop.pcm
| MD5 | 0001fecb6b6e044d221fbc6a7e22e313 |
| SHA1 | c73a6506c92d9a1188aaa793afbfc1951cd5340a |
| SHA256 | 8cd8b4d3e8447d82dd045c7a3a8f175b97376c3db5895506cab0af6a0075226f |
| SHA512 | 1588169348727306e9c4ab444a7857924bcb88e4dca2be8e3526a2227cf117702c47431325df1c83f71da34bb35c28d1589eb3f59cffddbb3dbbe1d00d8d76de |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\record_start.pcm
| MD5 | ab8a5f2981e225d3edaacb520083835a |
| SHA1 | c60c383fdb6850cb5013065576de87610270fba7 |
| SHA256 | 193c4ffea3de04802e97e9e62fcd8533d8ca53e7306ba113a2234959b5262eb4 |
| SHA512 | 4381f709c5e9d0172027fd2fe65ce37b0444087d3e9d7864cd54651cdae6e8429653c02ebb7a55a5de194ccf0d674f376961b012b088e131a11b7352f1ba69dd |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\dingdong1.pcm
| MD5 | 8fe86d9e8aa5c709bb0563243172e580 |
| SHA1 | c22bb02d82516a66f8473dbb4209bf22bb60fa14 |
| SHA256 | 2fbbb9ae6a463b360e1459bee558dafa8d864db2423f0fe4d2c56d22c3f3a5a2 |
| SHA512 | 6c47e964421ebab2c0c6199b97fb9c61b0a228fc654abf2e4d2bbaeec9640be2a5acca92474dfdd0b43facc71c60a9c9ba727d300cadb6128ef1f3dcd9a6c10f |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\dingdong.pcm
| MD5 | 54511224e61e71d2915ff67e57dcb268 |
| SHA1 | ba45f16f12d2e29480952367c0c6bd34fcd16827 |
| SHA256 | 7aadf0e317831d287b51e41992b43f0f381ae48a312cb77a426eeb3b6129d6d7 |
| SHA512 | 46b4ea771328a25c6384d5cdff7643ced94dd446830b165f80fb69df2dd2754062dca0636604602a7ebad4ce29b3f8ef62a81f59cf5502bfc78468c8c67a41ff |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\unmute.pcm
| MD5 | 8cb1d13a418a60762bf3a3ee1aab96dd |
| SHA1 | f3670aa2effd3ae73d67468ec3766181b1c27789 |
| SHA256 | 8f045407724db8ec0e6bb8457cfe09856e80492a47b3ab4a03cd80f3a5f088db |
| SHA512 | 00657ce557ba08af58a7f45b14ebfe76ce067eeac07ad28f2a086cabf48bd78570f9894ba4f8f5bb1af66ec3867819630aa3550ba73eecb7232c4eab71b1ab85 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\mute.pcm
| MD5 | 0c36d3ee8b0780bf848bff08fcce51f4 |
| SHA1 | bc009e83d4416044d660f3b7266e4035616014ec |
| SHA256 | b778592a0d29fc31875474a84adcbb9a5bad1fc095e7cd2d408b3da219424a1e |
| SHA512 | 8cde508b52dd45b68bf796cb0fb8995a94ddb1d76ae2827416b8d1122ebc9afb9ac20c42605fcb4ca94263a1cd5a2a3828f5a97075220127ec87cc6c9c3133f3 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ssb_sdk.dll
| MD5 | 434046d361c4cfb11e236878a5b517d8 |
| SHA1 | 3d97e453ae2735941176cc8c747f3cbd00508fc6 |
| SHA256 | 5e670419382d79bed8af171e94edb8eb7aa1146fe555939a45170d1dc939cf49 |
| SHA512 | 08a66b96b6dc52cc0457396c43cedf83d5cc84e701e2dbed2d814a68b0d4b09231c38c3beccc55dddff6e1b5069156c51f35c6f407f91d6f8009e2978bfb99e4 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\libssl-3-zm.dll
| MD5 | dad5b09f18256f4750ae4b09ab2a9248 |
| SHA1 | efe20971f2ea11b5f5972a58a3290eacea4edb79 |
| SHA256 | 425e38e21350f8841a7d61b5555504245742b3a58752c73edf4d44d5428a17de |
| SHA512 | b8919c03fe0c4cdcf07cb418c634158f7a522e75256a1042a1a8138e0a1fba54709ddaa7799aeeb1b4e8e684627d5de330cd4728b3678f279cf01078130068fd |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\util.dll
| MD5 | 15ca6ba6f87f2a8ccec431ffae4dfa99 |
| SHA1 | 7918f7fae5cf1610174f61adcb8f2103e845ec42 |
| SHA256 | 927e2d8084381bf6778c46f7d03ab97f7804117f980bfdc14430c37c08775b28 |
| SHA512 | c6181854a8b22c8e479674eeb15bd248432f25d8b61899716cf60e9f47df24a5fe9d4e969f94f4b08dcdd43987473bcb3ee793952c053237093c79dda6495219 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\turbojpeg.dll
| MD5 | 65b71096b98d91452e4ac057304c42dc |
| SHA1 | 8e3b62066b62a39351db364d078738ab16ca7dac |
| SHA256 | 5f99df58d647998bcf2dcd1cd5e63e43cca90dd31d328412af381f4fc915e4f2 |
| SHA512 | 664c10af9a29cf80c242ae1c03e6ff09d8a6431d0ffca9d14b1777b82971d31f4cf36e4688671a08120647ba1a8f19782194644cb751b680282655db30f11615 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\tp.dll
| MD5 | 0dd7a5f5c3c2fddaad602563d881fe11 |
| SHA1 | 9917612865b43c3d12b5319e760efe42b294b540 |
| SHA256 | 42a7961256a842015291d0d2d0a5523a2dd3515e0671fd348f7dca0e1fa0df37 |
| SHA512 | 7b5a30e3b478e74fe4baaf828953e4512f73ab75d6a41b15ea74fd1763481e5424d4e8aa2a12b7beaef6efe2268850a847144e3beeaf8903260c2bae92386f0f |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\viper.dll
| MD5 | 7e301c4e3d6194ed3eef3166b2893fa5 |
| SHA1 | 67710a0d0324c9931bbab4b5182d19d2b98a5fd7 |
| SHA256 | 8f33f9ab36e3882a4bb5563742a41be489456c31dbcf2816b2a2872b2246998d |
| SHA512 | b799b6d3ac01889afac3d362b57b9b4cca0beecfb163e57b709bd125a78cd5a7d441408430c6d27ff3339b2f5dcbb5d439bffa2f47d9ccd4ed6994d53f55d707 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zAutoUpdate.dll
| MD5 | b293bf2006c1963c51f3b54aa7f82439 |
| SHA1 | 20c210d6a352c5edb82b5ea840ebb82b8488bab0 |
| SHA256 | 14c172b9979fbab92bca53a35b7e88d27adcabc7dfc56689d159d3df1f0d54f4 |
| SHA512 | 880cbeb66e2dce77e4a7ff7fac43fb00e9ce21d008d014a6354c6e835684337f8256902045967f4f91e3f4baff04ae57086531969f1de3e34659130d5ab80fd9 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zPTApp.dll
| MD5 | 310c843b29ad36cedc8a5226725f4fcd |
| SHA1 | 8fdf8da0cb66ca276c6f32263e95e9035ae8b3d6 |
| SHA256 | 579edc0838af4182f1887f842b4d691c1dedbd79ebeb3684f24c4558d7f1c230 |
| SHA512 | bdd757f42f2745774160c18e21f64f6ceaf6f74759f6f67c944ae40ebce9d0e9a69a5a46491484a1a3b48400b2ec9726bcfbc3e4697e56b8397363791690f5b3 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zChatApp.dll
| MD5 | 0d04141efe63bbf7ba8b55e84cb6208e |
| SHA1 | 556e54859cf26f4436c05434b0adff720f5301d4 |
| SHA256 | cb62a093507571ba8517cd80c7a89c6376dfc94f8cb47acfc6abcaed5c2bc21a |
| SHA512 | 0d5496d41eac38d4491040c034cc5e897d985b300643f3fa892bf43bc0362dbd7c0cd3f5ef4fb299bc0c37d18f49db814b93f530467a903aa679c933ab97d8ed |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zCommonChat.dll
| MD5 | b222dc98f89c85f0e21f600481f2f81f |
| SHA1 | 6b37cef920ac1027429c73b1b2f709b2334b55b7 |
| SHA256 | f2fa6d0d84c4d0ed42c8ef75b5db09c776998042785fe968ede07706e5c7ddc0 |
| SHA512 | eab57393b87daabef413a6551ab2d53215cb6bfe143fc517951926cce8bdc99865f1519a1526204c3f56f663883bc04b7dc843ea9bd52318df8cf465f6ea8255 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zMsgAppCommon.dll
| MD5 | 6bbb72a0d64aeb69dcb62678e48fc31f |
| SHA1 | 0e08ae00351940f8d0cfbcb868654dcb1fa7c112 |
| SHA256 | 4ebf94d46792a4ea7b07f0eec097b72e122d0aa61b2be2b4b0b76c3bb552db0d |
| SHA512 | 16e302c32cfe3bfcb75bd95284f43b83aa6339f76d343b0ddeb8bccb1a3a9ee80cf6f3c106389f46f42049de8272db89a671e5056336ef3c6cdb9d6491d39e46 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zMsgApp.dll
| MD5 | 9254f297a117cfb8c57338d154f9c1e4 |
| SHA1 | cc473ce82931efc523136b9c478ee6e61042a3ac |
| SHA256 | bfdf7a805f8e9759c36da2f7f69b2b0d704a3fbeedb2f3b3e7f5b9f202388579 |
| SHA512 | ff9323af7dd50d36ed456e971c708b9aab6a143964f6030fd83a63607f66690eb6cc562c4f9189d61aa7a8df4900136d25a3e2e98f3c175f5df5151c43d8bb8b |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zChatUI.dll
| MD5 | 60407ca74075d605856fbdeafcb5fc40 |
| SHA1 | ddb7e62c739577c26c0338d4152e83d6e5ed5770 |
| SHA256 | 6d3dd39c441de5dccceb43f24995758ccf87e3428dfb12014af77a4d2bdb3191 |
| SHA512 | a50825057e1aa00ecaf09d044ce7ea67dc9d300ec348c7034c06b98fd1995219737462237d71233d9053943686eb11b51b87fbf68f5128f00dba7b2fd7f06916 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zCrashReport64.exe
| MD5 | a006cb8ba2775164c95b5f16cfc8a573 |
| SHA1 | c5793c9316b8cafc0f5c2b786b381ee42f8b211d |
| SHA256 | a2c0789285b280c403823c4dbf751a6579892c2f8a37d21a3561b0ba1a63cde3 |
| SHA512 | 5d41e9f40d7e96ebd801a34abc77f7a31238dcfac02d3af9ae5efb5c19c12ec29618457041009267d15d07794fc48d4347eb56eb504027e7d2b184c886b204cd |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zData.dll
| MD5 | 5417c834f264f4e0deec49736d6598d6 |
| SHA1 | 6765ded2da68fddba704097b6bb2ae04e40e232d |
| SHA256 | cd34c65b1fc6120e7b3fa349347b521dfd75d62adbb47ecc6e8569c14ad86eb2 |
| SHA512 | 82b9aaec48942cb7dd65812e6f2800bc2ff6a3f6bd97f7846cd38179e97cb2ae478d68936d08edb647c2b46f2bbe88745caf5d45f67a8c9eb210955551e13b02 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zCrashReport64.dll
| MD5 | c31aed02c0622ecb53ce35dfe8fc3ea1 |
| SHA1 | 1497f7a19bc8d4a6a2775f5593545a65341fcf93 |
| SHA256 | de44780545345bbe2c230e019f73df0d3fb2163d5ce4c2eaf5d7add7e480c5fe |
| SHA512 | f1c0dac26e2b1210cf15e7f554e48ee61cfd57ec54be1291347c96ad6a09070820d7bdaab495e8f58198bffa29c47b91c00ec68af45ff0cbb5dcbf387942c78c |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zWinRes.dll
| MD5 | bda4e17450deca039ea7ab2ebd14d22b |
| SHA1 | dbcd423b54511319510407f6875a143de15cf512 |
| SHA256 | 31faf123f35739467522c8899f61537c69f822a4211f690c729f1cf8e71a1cf7 |
| SHA512 | 90ea23099f5348af36ed70ce7879bea68310813c0a05c4a69ceba284b0f5b5b70d58c1c8b9db831d1278c213f493b4683bd3641ba9e6fbe10ae1a332ce23617e |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zlt.dll
| MD5 | 38c26160e812ed99f71e72ef91b03c32 |
| SHA1 | a27b00966c3a797116c8cca9d8406f2d52a92722 |
| SHA256 | 6d09d0690f2685724ea6d7a74307a1073a14cb178686c792e83e1d18428b20bf |
| SHA512 | 1b7c1d9b983bda8b5038d7204c3c95ea6d3735f9c472021c340b75c6aedf5158754fb6d77e6cf6cb292a3601866aeee28da550a7ac4f0d79ac14b43e59372f5c |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\Zoom.exe
| MD5 | afcb8d6a5e29e76d1e2d27be9b3ae783 |
| SHA1 | 4a7220b55dfee2c2027a31cd3af7a9960b2cabee |
| SHA256 | 3ea5e09de323d4dc44d1a906e36d2c16146a07a42687972f55cedd16facd8c62 |
| SHA512 | bf02602fac0b566e6f157cb63ff9570ea7b90efe8cd55c187855bb7ffde8aa758afea1371ecb4855522455df3527c372c31a0ed911f1739896cc834c07836597 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zmb.dll
| MD5 | 4b07c1532b53fef28f89486a127dfb9e |
| SHA1 | 80ac10a4c5084cd4a4983c69c11e4d2851efd8aa |
| SHA256 | f70fba07d5ea665ee0f6a47363ccd40653a6b53c809cf5babced28df6706ba5d |
| SHA512 | 9c8940a14cf30fa772c8048790d92f0c0f6635c94088d78c6c56bfe014c9565352c9ffaec10f375436d648f046b35f38f969b7dc40d69fc17234ebc1d4de5d9c |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Zoom_launcher.exe
| MD5 | f6d0797086e297869bd586cc9f2e44c7 |
| SHA1 | 19d1f73ffb1ada038ad025ed8d2f27ee4ed4cb57 |
| SHA256 | 7f52e6512e98921a9c7422906575dc4d44ec5b1e04860ea935ce7901c48a7460 |
| SHA512 | 7e0bf9ac61ee1b56dc211576e0b47be69b220ef45c4f5cd47416a6d6aa268642c12bb5374c543f4314b65f6765ea9f1521354eece30abdfb2de9b6a16f837686 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zTscoder.exe
| MD5 | eed4fb1f553f587d339746b6e4a1153e |
| SHA1 | c72ea4c6623d8ea61ee6435b18c8b5def78eb858 |
| SHA256 | 2c0cd95e3ab774fb072a51a46b0b8f011baab06895953516b20dfcd8027ea093 |
| SHA512 | 23520d8dbce26a160d8b1deea26add90e2fdc37a96dbfea60c011570c3bf80cb26a60b9c6c3fbf7344f817033858fd907ecac739aba6928690b0073136f4850a |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ZoomInstall.xml
| MD5 | 3b91a8f3cdbc704f44fefa65effd05a1 |
| SHA1 | 88182302b6262f887736cd12986b1485b4eac932 |
| SHA256 | 5ebafddd3d59573d67252988e719a0e75a087d7d9178223a8a77764cece645c9 |
| SHA512 | 1d2944b4518aa2fe36487cbee98338b4ccbe62765f8b3f8981dd914929c75b34af63009f0e6799744aa274aa5aff4df91db37619f71385dd79dc71f4d83a9911 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zVideoApp.dll
| MD5 | 4205a48ab21bb616bdda0cf310099bd5 |
| SHA1 | e7b63b54316adea39aafbc5135ba1e58b2e5a635 |
| SHA256 | 260c9a0dca96b6f40b552696a288677100506808a84bbd5a50f305ad78f2b59e |
| SHA512 | 109249285b9e538ddab97ce223ea3af8f0f6910f5615c1e0f428b44ba42f254e5a6fb8b102735d90ba4565900b1dc4e69ba3155ebbd34915c0700b3e14b5891e |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zVideoUI.dll
| MD5 | 838c7151e5996a91dbad1c780150fe9b |
| SHA1 | 76eecf240625d6f6304213540644eb7eb5c4e664 |
| SHA256 | c2613796af88e0318b35c51ed7d76aa601833c1e920242d0c4e2b2ab1ebac643 |
| SHA512 | 4a544e2065f224378502fe23482b21f1795dec1e9eb36179ffe27613f45434573a4783c2c06592f0d15525b82cef0a53dacb93e3ed00ede365460698fd06d480 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zWebService.dll
| MD5 | 2a6def65f88f08b15af36bcad23f581e |
| SHA1 | 1307dea12a99a2bb70be60f639b4c35f1b316a51 |
| SHA256 | dbefad618fbf6699898f8ad7aa5cb2d14fe31a6cacf06262dbe82bf414e0a8f1 |
| SHA512 | c5c110fbf2a01ebc242e97c7978a03baee6fa459f29d33ddaf04ab63cc944ce1be4b3933453678febf8ad48b5999230c85141bbd25fec3461dc20a4f9088b824 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ZoomTelemetry.dll
| MD5 | f802ce125f1a36d2d69e8722c0393f17 |
| SHA1 | 469fcfbf048d85eb705734c719033c430af68cc6 |
| SHA256 | 16c681442af1c9c8d269252f08ef09c62eafefcbe9d49320bc30d497fbc80ac8 |
| SHA512 | 2492096de9a55b13baea2adb792cd2a981b52bd6c52ba093735c9b9681e2961cea6f80dbd9ea28a4c5afc8652dd9619f7e16e17ce0162312a023dbb94baa9b14 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zNet.dll
| MD5 | f2e12d0af0136ebb50eef351dc08b65f |
| SHA1 | 549bae8c86d1d62ee615a93a199d53e50b83fcbc |
| SHA256 | 1b78c15814fd0b68d683ed7bdafc02c5b202e086a2667b39cd299587d5f32ad1 |
| SHA512 | 72c6784c96fd833b78ec69c1124bde2fba8a9854da05648fffb686d7d2a4ce580ef5e034b444e8ca07c8648b3c9e04612a491d524f148e16bf6b4277b03ce8f9 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zNetUtils.dll
| MD5 | 43f4f001c311acd6e6cca77a2f7e836b |
| SHA1 | 32a91eec2875805a80afddf19783d903e7911f70 |
| SHA256 | 955d80603227791ca28af81ddd5dbb678e2c4e3bbcddb5567e991f3a2eb13adc |
| SHA512 | 8d3f13e49396bebcbb16be6d9cebb03dfff8dab2ac27f2fccb7a10b7fe795a4c4d0d9359c0500d1289ac3969c78fad6da565d2a8dee48cc444df47e92aebb49a |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zWBUI.dll
| MD5 | e52281aa53ace2e3f1d55d991d23a2f1 |
| SHA1 | 2b5c3d88b1b57df040b5cfc0f9f0e98037d2ff75 |
| SHA256 | 1f08b02625b66e61c09a0adb2d7cf97bc13c77476cb5a83d2569c15f30918903 |
| SHA512 | 6c626d4c4c15d42630a87318e3333869963fe10d3834e6c2d17487abc24a57a189f52bb00ad2c64a8ebcd4d26939aa6193266525b858afabed4ddc960a8ff8c1 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\clap-medium.pcm
| MD5 | aa93ab138ec89cf7cfb8b4b0ea8990a6 |
| SHA1 | d13b139d666c76cb12e1c0280c1343770adc8aac |
| SHA256 | d754fc9d9378772b7a17a53e6598c9cfe4a0f3ec492f0ed30241020562f58509 |
| SHA512 | f91c59cf1b1645b24997a1201bddb52953c0904f855b78add275d71401e4f9e6bcef59fe1d7205e222470689dacf2d55ae752cc2be66bbee5258db284b42e6c6 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\clap-high.pcm
| MD5 | c32f95839557340b4b4197a68847ca1d |
| SHA1 | 0feed637c4766b9b30ab6732259670f8c12c5538 |
| SHA256 | 0a16435cb3f7b8b1787476575ad646361e6fb4c07587df874940413de004dd08 |
| SHA512 | f5f0dd4a313ff6686bed5090aaa64885d319b8fba51fb2722b764668b26f06ce95164444652661b027e35f3c6928d3919422e4816bbb81bbd0f7914869004700 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ZRCSdk.dll
| MD5 | 098f2594f0e3f5a290634896cc1b4319 |
| SHA1 | 93b2c297b803fb6c62a7453dbc1660e6c44692da |
| SHA256 | a5daa8b24bcc9b84d2352cd0814ec0845a30b542f7304e3daaf4df759e0a7235 |
| SHA512 | 748aed64f5c9efdad395288c2752cc77843def672c19bb9f3545104f64421ec7a977d4614a28c252d3eba8cf4d4a5902d4e3f35e2d5e10e4dc57c1140498a1ea |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zWBUIRes.dll
| MD5 | f4f964ba3d0e88b7cdaf8b8f978646b6 |
| SHA1 | cdc5c1eae6d7336b995ef670ceafe6e5a1b8bfad |
| SHA256 | bc5f20783773b1bcf8b3f236ae8e2fb35f9539fe8e7bf9562e9f7445e098bb34 |
| SHA512 | cc631b0f18eb0c3db41857ce71329cb59a0e62682fa670c1d7f238a3aad99362c6b1b61ca6d5a0d69bab2af29db55c21bcf20191dd58037837c71d2f0fbbb398 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\annoter.dll
| MD5 | 25f7b63cf99af8e8cbd21e3d4dc9cc44 |
| SHA1 | dc508b44e43530b63bd953a627caa91dc9b408a7 |
| SHA256 | 193d82eb41e5a76532f3cc44bb146f30b9ff713da2f8e3df44fc5754802f186b |
| SHA512 | 68ef52173d7eb3f2c81f6a76923267a239787234dc9518262b743912477a90d5dfa09e4e57349a038a1b4f04111f1e67cdc7e18d78a5c5f298785ccdd89c9167 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\cares.dll
| MD5 | d652208049b3b74c6208b5b687e17b25 |
| SHA1 | d78a1c3b67944c9aa80247a66aa66cd177d52505 |
| SHA256 | b4b570f176cfb6302066d24cd3ab7c6b321a06a0b7f8ae75e3f50e21b3107981 |
| SHA512 | 8668da59834d3dcd68632d742a62fb03ffe883df75ca0e0ca47042000a7d2aa7f7cb99d7b533cd772fb7ab001962a657eabd18a77d3f6b1ad9c8d931a5a76c0b |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zPSApp.dll
| MD5 | 96712d0d372a44f31083569d5c2ffd28 |
| SHA1 | bc158594225586db1398f82e3e7e5fea2991eba8 |
| SHA256 | 2a370bb0e73c5843eefc245ed0e8ece45c623c09ac3e2af5a20ce48745c5e886 |
| SHA512 | 87e521a1efb6aaf0b4d506e5d3fbbce36683e38b21ff62c1f099ade6b068b670e5c5cb13d2df164f4277f709d8fca2f30d7294ead28c34bf737972e1c38cf0d5 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ZUI.dll
| MD5 | 8faea8ba370c6a1aa857040ab9a258d4 |
| SHA1 | be16aa904ee4157909dfe99322238d0c6b708183 |
| SHA256 | 021cfa739e5c3fdc4201dad53553d632fc1d47108f105059baea7e40134e9d58 |
| SHA512 | 5c1540b2c0040decdbbd7bbe6ce0780b02e14e496ad676836bf9fc15e3e3e61b8dfaeca8cc86667cfb9e14645d67f88e8d1ced7179dafbe659b1ed6da79d042f |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zUIRes.dll
| MD5 | 3040975bfc776cba27b953b15568ac86 |
| SHA1 | 404842f38f08dbe67057d6da072bdb3c1caa9b7e |
| SHA256 | 47f42ad5c28d98c4a35d59f2b00a6e961623b3bf68f7913242ea03b34c6bc825 |
| SHA512 | 7dae23e1d216da897449a28029fb8625c6b50cf248f521915db45ed04007b23636482971b74b7ce29db41a3690861ac3dfa146bf6883428aab19aacdb2097320 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\DuiLib.dll
| MD5 | 60dead0eb47e0207e0c1bcf2d5bf10d7 |
| SHA1 | d492cce9bd6023a20ed6effb618bdc8a48aa8def |
| SHA256 | 7d3ebf9652c2e09c3afa8a1ab8c3a5c450746df3a50f4954c6f93e98de33c0bf |
| SHA512 | 17af84e699818f718c06e3613bdf678fe80c61965582ee600d3ae1493b6fe67f3b5a008ed037e9af64418d017f514e4bdd9b8b4443838e7e6087356889581550 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\reslib.dll
| MD5 | c2977da1448d6c7cd695aad2a126f10c |
| SHA1 | 65a5a3dff5f4e4fd1b5f2d836750e967336bdfe4 |
| SHA256 | 80402b7da4c01459a71c05fdca84e0d0b47f283dd5a55a50694a0166f5c53b9a |
| SHA512 | f38b39c645faeb10a28250b23e4e49f34079d7fc90e1a4b863ae83ec960b3dc9711792501f05e404e04ba6d1bf219e04b0230911c66f16eaf7edc777fa9d0ffa |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\duilib_license.txt
| MD5 | 7faec2006bb231d14b794a9f31769448 |
| SHA1 | c2b5a34fe521502f6fca3031201b47074f30f258 |
| SHA256 | 7ed2acca31a243ba107d8c12fddecd52462fd326d3d2c73b04d4cf10c76765ff |
| SHA512 | 777e0ec5d6b599fb0eabb8180fb6f302012ff12245e3de6a3dc568798cb057858eff18b08dacd28a72250236c4767abc2583670d92a946f684b45cb5144bd7e2 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\directui_license.txt
| MD5 | ab54b14548a4cc76dd7c27414d971111 |
| SHA1 | 68a3888b33ee1c5d5efb913846867c9a8788cadb |
| SHA256 | 6033476be3d1d41166b65984e2be94c87ac98dce55bfec887e932b696e859295 |
| SHA512 | cc8c4d90efedf4aeb3ba3b64ebd0e938576867618a334bccf3cb6790338c6a1da239393a618f6e6a1186cb363cb514ac9528ada51f0090fe2fc709e5c666d971 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\XmppDll.dll
| MD5 | 2b7136a220551b7d3609ab4a35680156 |
| SHA1 | 74ae0ee8f409510989bb39a295deb7a2bf74836f |
| SHA256 | 7b42bb00ab8c6d74e391add815d78b20ed53f30657ef065997b6643b37d5c73d |
| SHA512 | 30b697eb385c7d0073bb522c60f65ec37a5058b3e2ad911c600b039ee914cd638401438bfc21e1e515d19e1c63fdde3b3767ce39ca65883619da771633d640cb |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\CptInstall.exe
| MD5 | 00f083d9bfe05cb711e257da07e5e536 |
| SHA1 | b3d942958eb09fe55d0f91d124db30bff1839390 |
| SHA256 | d9e2ba68197bc56bb974cda83712c6fb52f0857d1809a6dc32896ed648319765 |
| SHA512 | c7f9499f70319f0c57d8da1589593e8f3751999a54423c14d757d96ab4b640f67ac001410f56bb2a611a28f582b533139515562a5ae3344726de70dcc6049c63 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\CptService.exe
| MD5 | 8d2cfecc1d07764c68fa1053a591274c |
| SHA1 | 610ff4ce7074e5a6e8b5e848e1f993cd0a325399 |
| SHA256 | c517bb5fde32a5d72890938125699689a1f8d2169b9614e84a9ae8c46cb34591 |
| SHA512 | f04883646a472589adbea47f997b4ed14b3a6f88d5e01785bf284b79ac983b1df06ed0dea2b512c31e04d8bdb621dd6257ea94e9a2409622f0b603125cd3cc10 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\leave.pcm
| MD5 | 3fcc19f6a199e97646a0ab32423c9332 |
| SHA1 | 05613b14d6c7336b24e9779963d245098e73b40c |
| SHA256 | efbd514b0ea241a560f1333cdbb90a9885d5c70c01ed032d11b8a672b1096a04 |
| SHA512 | b370ad863badd0d86d982eada1fd98306b686ef1cca4cc522558cbde40257effa96afd7327141beb08d9927a6b190e0047ad7978e87a41bf299f030c1cee121c |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\asproxy.dll
| MD5 | 525c9c85d361833af2d86e5e62d52115 |
| SHA1 | e3534033ac844624362c234624301deb582cdbfa |
| SHA256 | 75b37e0835a4270b17afeed794dfa51b4fb7ec6ebdc68d13d6f866dbbc7d5209 |
| SHA512 | 677139c0b501a51590265d9efc7c35c0f14db621a8a6c1e385deae509050f7b76b02031fcc9f1e94de970991c5bad1e09200cef1abce55148b0cb6808e5fe5ff |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zzhost.dll
| MD5 | 5ea79049448880ab675f44f40ad978f7 |
| SHA1 | 6fa1abe6dbfdb8c3237271133eb435eb23ff76f0 |
| SHA256 | d44c3cadcd7ccd0728c21d61ff9ef70b4959362b9f5e8ac2841feec444b8055f |
| SHA512 | a48db061c2469ea534d74c6051830cd45f07a90ad7f30a50d8ad7708921e1ffc5506e799cefb34f296c0f77de8c37746816ca625835c5f4ecca7067e671e995f |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\CptControl.exe
| MD5 | 06a9649b6a3ece0608f4ad0b758cc0ea |
| SHA1 | 64c93b6c8135394a6cf552733e09a260042502bd |
| SHA256 | fa44c549fa1651fb6577af998a73eed697606174be3eb6c7ce1cda2593d1f699 |
| SHA512 | d4988093e3cbf9a7511e25b530d17cdf9b5028264118e8f6e691eba3a3cb174a149ca510a79591a887ebe9836f7a13421a321e97e6fe26469df7a20429ba0d46 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\nanosvg_LICENSE.txt
| MD5 | 078690812af4ba8567fcc2af2ca1d307 |
| SHA1 | f4f94babc436555d2f5992e29aacc47433fbadb4 |
| SHA256 | e82bc3dd03400aecabe12201219ba14750dbc4b36faab58663a7a6068548d372 |
| SHA512 | f4e1f1092ab90f380a63ed1954023722d265e32f7f3d9b86100fbfa7d6ecd8c584a7dc22b4e3cc4182957136e2d765d0d6a293694b739377c09b076e5fe448fb |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\libmpg123.dll
| MD5 | 873e1ed46184a3f845490144dfa50bf0 |
| SHA1 | 471d0f6aa282d440c3abffe960a6b3fe4a12a2f2 |
| SHA256 | 4f75291ea9ae323b2f81930cdff8a27a9a75e68d640061493f017e20513ee634 |
| SHA512 | afb94f4f8b6d19920f2e136671f3b331d7f9a653dd63ccf8ad24f2e21c1bd262f2ba6dcddc946dea76ebdd143b72148fbfbc50b70b3a886bfd5a57cba62f8f70 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\meeting_raisehand_chime.pcm
| MD5 | cd7d41d5204013ce176c99c225016d6d |
| SHA1 | 996ea48981e81ecb107cd77fd0d6e35edc4d4214 |
| SHA256 | cd9b81d47633fe9aa3f1020d895161de8c31797b365f93dfb22a60d920cc2eb3 |
| SHA512 | 44afe616a2596abc76cf9f862837b26c00e6214a08b61c6569e7ee07ab4331f4968d718889863cffc74ceed55ff377932432c7191dba4efdb638ea3b96badebc |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\meeting_chat_chime.pcm
| MD5 | b30a997b4a9df68d8796eef6f457f4aa |
| SHA1 | 23890fbc1f66c1061c60b8287659566c69b297d1 |
| SHA256 | f2ff5d73ee2a89135094ecb5165b30e351bb24ee4eeee95508f311eecdc9811f |
| SHA512 | 8cfc3b13d7c2ffa0438ab12669aef756bac76063cbf317e449e5ba4127c0604bab6fba793866857f4a68806e9ed779c0c521fc46c5ae3aab42de7c72d98613f4 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ZoomDocConverter.exe
| MD5 | 8a880ca07c700b778c8451d4f168fafe |
| SHA1 | 4961c7c9d1ed78f6e603cb43ac658dc36ccfdfb2 |
| SHA256 | 1005deba097843969616abf94fee9b33d7a8e15b02f48f14316ed65d01ce0d25 |
| SHA512 | 1870ce3f29876b8fa8ae0929fb3290e3638575731e301298007a284b5e8f824af9a297b3d0b89d31900e01c9cd0094b18f7469b07533a494129a432e9b7058e9 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Droplet.pcm
| MD5 | 923d4747324854f50ecf69324741c8ca |
| SHA1 | 4c19f847fa8fdf55e27b2847bfe09789adfb9e59 |
| SHA256 | 3568dba00a55d25b736737a48163c13c1348afc5d4022a29ca0d3724d29ffe9f |
| SHA512 | 4ae265a89f693304fbeeb661d46d0cd96304083af75b5c245db63a632f40e08ca280a68f20115c6c38f5202801b29084633ffed4da16304689c4379f77693a0d |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zUpdater.exe
| MD5 | 5dd40f3770a551153c17abf079825470 |
| SHA1 | 70e30e3eed9f218d46c3d042bf120430df4844e9 |
| SHA256 | 823af74da153794d38db996f38ae0140e6760dddae9904aa2685710465a42a54 |
| SHA512 | 4639ed8d7c6e1d9afe37a0daeb981e5ed0a79a0e27f6e058059eb81e6d212a5e732509b47f3ba08657135dd8a9410852b1ec9b15b3254366796ff32e62278418 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ZoomOutlookIMPlugin.exe
| MD5 | dd4dd9d6a2d43863c34236005ef84bef |
| SHA1 | a0744fb1935394b1882fdb8db007bea0c0cd431d |
| SHA256 | 90c36a8e42bf63611fc474bf8bfeef4229bbac8cffd2ed39ed06e8e5662f5ce0 |
| SHA512 | 0a63beaff0898249ac8eb2c80721e8f01024c4fef641f582c40bcdc85ef49c7fdf9a9e8113a84b8f01b4f8c50651768040ed84dbf7bceb62b6667ef5002a382c |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zKBCrypto.dll
| MD5 | cba2701267a7db4e288f58096c0d5b26 |
| SHA1 | ea9275867ebfc80c0131af57f21cd8df4d75a62e |
| SHA256 | 3daf50e5a76afb31eaf3874718f917d80299e15c53043b632f6cc8dbb4e2b672 |
| SHA512 | eb7e7aa4e4f0e7fed3f5073d0f3cfe160762ab121a6001811c2cfd463a1ee1864d957020b43c8afe762f81faea8b97ae8d49c63fa46cf502f35449fb07a2033a |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\UIBase.dll
| MD5 | 35682faf8cf5761bf4d756e7c07aba54 |
| SHA1 | 1cdf3f46f91a6da58c308422008d4289daadbd48 |
| SHA256 | 31b3fae83fef7f552c0911148a91ef66fd67bef4b0e4115cac03ac946cb34162 |
| SHA512 | b5f5b9b23d807668aaae2a10172342801c65d5cb720d55497fa20ddfd4cce8abb6704d3f1e85568c4e007a5ec7d049d84fbc55951ebbb81e08e1e46c3c780fa6 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ZZHostIPCSDK.dll
| MD5 | 5dcc546a949c756589ec38ec953ae109 |
| SHA1 | dddfd5a1a4d290b6099017b971908a7abae0d2cc |
| SHA256 | 1a912aa6ffd947887d93f5c926e1868c9b9fecfff96f682eac43357114f9e7a6 |
| SHA512 | 7f6deeed22dc98bf80784800c507fe2883f1b4088bcc4bf161d1a19f0a6e9e0739223158102fb303a178bd64446b6842425d65d9c1393df6ceef758010a7a75f |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zOutlookIMUtil.dll
| MD5 | 1eae5e70761ae2b8bfbf48e5914d53d6 |
| SHA1 | c5ea5f99ec00b4a85ccd20a7bf5d819b7ff98552 |
| SHA256 | cc72a8fc97bd01c4e9d5d5d4365a830d6a094abb5f7c2c8c0101824280d9cef2 |
| SHA512 | 47d51465a9fd3b58a1d0fc72a3986f951d112357b32fc24a20eb6def1aba6b0ba31299efa93ba6f48558ac0a08617f6d2cf7bbd7f8ff5678d54e863504991c9d |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zoombase_crypto_shared.dll
| MD5 | 668bcd195982608cad2182800462632a |
| SHA1 | d2e1861a9ca78c6cdf54fe893e7cfbf264c35a37 |
| SHA256 | 6c0ebe4696c79b73e408e72655a777d4c0158c444acb79b05c3795a24c77bb48 |
| SHA512 | f29db4ce8648f5ac59d6b25ed9f9485ae7010550e3888a2731ebf7559c67b34cbac31c18f1b1e8de95863611ef98c8d139e5a576b63f289066faa7330490a2e3 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\mfAdapter.dll
| MD5 | 52f36653d084095e4fcc86d31d7c506a |
| SHA1 | 28cf5da52975452833e801759f548bfee976ed70 |
| SHA256 | 4721a9d12900224ff7ed19b9ae977dbcc4eec7e5b3dad7e551e961b6bd6bc7c8 |
| SHA512 | 529de1e2c7878c1c1125d7ad3039cfa8031de9bbdac93a3420720ca1a14ddb689cce1c32a5fc38003292ea0ed61ae408d46fb166fb113c4398342c4317d7d5d4 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\viper_async_device.dll
| MD5 | 2235b94dc1b2202cfa4cac06d4016914 |
| SHA1 | c1bc41ea1616fe3e20307019c63f7e100ecd6c5c |
| SHA256 | ab1e6a58ead455b42d95578a1146dfa496d5e41b7d4bae24acd7d29edf8f6e3d |
| SHA512 | 4cd89d4c68f8263bf908365db9d8dd3807373d6698284f2a3d39987bd87283b5819ba7e958776428e5c7eb9e2c987d977435c25624533db7837e67115e3a6b40 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zWebview2Agent.exe
| MD5 | 8f89efb9169ae55471fdb05ef469343d |
| SHA1 | fd797e4071afe131104c1d29cd0cb606da62f3d5 |
| SHA256 | c507b460343920dc0d5860ff93df5b003b96d4543d85bcfc216cd5cc3490af15 |
| SHA512 | 24bceed2b14580cd0ffafe82252fa4ea599d2f397dd813a8e47eb609abfc269123f00eb198023d38ea9bcaab815e61aabfdeab8936f0ab019c8b8255135c93d7 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\WebView2Loader.dll
| MD5 | aee20ef43cf692c9080c5973b1b79855 |
| SHA1 | b3885791b0e122f8360d6fb7c0e0ac7fe4fa14fb |
| SHA256 | 31423e905e29c8a40a483e81dae1491990805fa066634d218b35bb96692bef0d |
| SHA512 | eab6684095c0a7555d921fb1a2e136fa1d761c5766c48571000a97403e6d437a3a4833c571f86c039aa8307fb2fc3fae1acffd63085ae9d2ea0d9e7f9ec1ace6 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\percussion.pcm
| MD5 | 388728657dd2d77d2257a90b9c935650 |
| SHA1 | 17c15f9be8b263c52dc165b3395d8d92e72ec313 |
| SHA256 | dafa23315ef2893d200a88b65b8f455e788acd616d0634c35385d460f07c6a61 |
| SHA512 | 5b4b298df61c4bafa4f2b4ffe2193ed331460ed922a17f2abedcd20f6f1b1af8719694299e367af0ba757ec3496d99fc67ff1963e27195ed30a95e5dbe97a2b5 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\percussion_pause.pcm
| MD5 | fddc411010d812fb444d70781e253ed7 |
| SHA1 | 70f75fbb27a50f80e78c1c08485928ed0f05b3d9 |
| SHA256 | e8c8ae4267e1a14352d631418b4fb16d767e3d42aa9528adb5cf378a219b96f1 |
| SHA512 | 155176a313b5534963f1166139403301cdebc5ffc082d48058975da4f60e083ef25e21dc262e20f0414aed049b746d630bf668961ca486200c327ebc554c6488 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\archival.pcm
| MD5 | 2da32e501e9720b40d438ff7352a5573 |
| SHA1 | e59fdecd75b2c8cb4b26bb4a2b3c622dca8a2e3b |
| SHA256 | 5e7d1491e7d6969eb67646f87ab2dbf0ff1d1cb4f5cf631128a305e2b67d4a1b |
| SHA512 | 5da2c201bfd01fc1ef1724acb0f6fddd7be39f83b6fff5c80aef71c96f14d30c694da82b1c41183b2b9ab9ef99d45faa657c4f6a984f87a97aef08d9e824ccee |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_3.pcm
| MD5 | 3913cdfca0b0dfad1c11ab3cdb81dcbb |
| SHA1 | 92e17b1f78788d5b98bb539aaed018fd72244411 |
| SHA256 | f8902a24f7dd5f4355e684ac1cb0029992581c610ad011ed2c900f8957c104ad |
| SHA512 | 43d22a611b65e10b9bb4b8405a993a77618c24d8866032672d43911707ac9f6497826cb6c975ae422c7d61412d6bb2d2df0412fc7fadc0e5e5f84ea09c7475ff |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_2.pcm
| MD5 | d30328c7ec556e0fc8537d1a2316c418 |
| SHA1 | bbd09bfd865686297bc06ff35fbd5f56374e3dc3 |
| SHA256 | 37db0a7b3ab878fcdc1da65dc21c006daba8791c87ae37d000d516cdea9d4804 |
| SHA512 | 913c7f778f1a954c43c275e544689a528fc4a59d30f1d315359191de60f9bc9544bd322fc6842b63e8931e8f0ee8579f63a3e810f165d92a2f702ad3d8e5b6e2 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_1.pcm
| MD5 | 842932d135c62a4866c698cf415a13d1 |
| SHA1 | 7977e8280576cdfe14449e0522a824342899e21b |
| SHA256 | 1a5eb409a8dd747b37e24b3a7a0c3c8aa7c55778a9bf4a71f4bdf3b5ad298c5d |
| SHA512 | a34ae285e13cf25beb93153f1de77c6bb61941fd4d8f91b9689cb84d37204072ed4ddcf17a7f2319393db6383a949d4d0a8722245116f6aee8ef62524a403e29 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_0.pcm
| MD5 | 285974390c5114e6a8e91a2d63266a38 |
| SHA1 | f5b5b5ce959380d0358c463e2dcb9cafbe709843 |
| SHA256 | 394c441e19f6d34b46baeb7820726f279bc71d21e6911070dbb58e67568ecb9c |
| SHA512 | de85e1fc198fa235bc233cfd45747c30a8247af71b83e8ca30800cd754e6c45ae2d9754e4de0d51e3f2aed26ff8cc829d29374960f3b434e48acbbdf530ebe43 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zNetDiagnostic.dll
| MD5 | 18a134f2e015e4d03115973da7900b43 |
| SHA1 | fc5fbd54a9d4992683bdde15278bd56e906c9f93 |
| SHA256 | 435cfaa48b3b651555f28de512a5104bc7035a7cc467f8ae6c7c1a3dfcd89518 |
| SHA512 | 69f3b5199bedbf94abeb7d6152b61b74c3cea41c89f718758e88dc2e3be4f9418f34f3643c479775cd797649d186036d73b95e1a064ea21ff985189ccfcb39a9 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zMeshNetAgent.dll
| MD5 | 758d540f6331036d5b3bbd42464c6482 |
| SHA1 | 358cc73aff6b775f4d1c85c643aadeb48a679caa |
| SHA256 | c2ad38693998e7e79a3dbaa5875b4a6f3af817108df6210b75ecde6720abde3b |
| SHA512 | 93a9f09976bdc6bd3b32a7a24026481106997e2f7afc2844213249887d389f1208f9f857ed64b0d37a15043eeefad95c75baf000acdf87d49bf6800e6a0e9bea |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_5.pcm
| MD5 | 532231d1e36ea53a168830033cc0aec5 |
| SHA1 | 4407c14ffe5b12b7100db43fb011564269f702a0 |
| SHA256 | 83ef758561576bbaa981e976510b74eeeacc181834064ba7412eaf876cc25290 |
| SHA512 | 05bb2d8ae7cf3ead9dfbf05fef4983ebfd4f5a8991ba43a92191a1a97b485dcf17e315b9a8d39300c71be7114f15f0113a75c6648fcdfc46b46e6cfd2b3ca0fe |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_4.pcm
| MD5 | 065ce5dc0d49c48589a3eb19603510fc |
| SHA1 | d0852569e60486c2d9206c35be826ac4d23f79be |
| SHA256 | c50e689f830fea83f82c6cb2e5472b3827c5635490f0d2b0e56c346bad616a64 |
| SHA512 | c4661a30868376a7ed681d4d984efcbb8af4a7449059f31225c63ce1cc88a3b4a7fba3e3047f2b29a0e0e437e8b4832e888f65ef86ea40c2063aa0f736c61307 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_6.pcm
| MD5 | a8e1e6ab27026fcc27307250e40dc64a |
| SHA1 | a3d1bcd57edd4aa3f52c259a5b72c120f040d583 |
| SHA256 | ffc6da3e558a9b25cc03249f675aff3bd3ac21d54435fa8b23f37cbaf54dded8 |
| SHA512 | c82fb729e9aa1fb56efae9b76f42567b871b2626c29945d0e6b51e4f876f43b97b8bc5f0bbaefa56cd8b881def405c6b8a44f331500f169de80aba120c98f766 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_7.pcm
| MD5 | 4f9cb5dbacddb4099469ff30fb61490f |
| SHA1 | 0a338b3aaa04309584af7ee0f14f1767afbe1da7 |
| SHA256 | 79f7a132b33c6525ee483231a53b8298620700ab21343cfa70d716e96fd12b8f |
| SHA512 | 488fba0f24d2382dddd25c05531a5f61683f774dd86d41b652ce9473224607de9744a5a4463907930eb3b010e6f97f7b7d1ac5a9daba8453525735d338399a5a |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_star.pcm
| MD5 | 814b4f610592e7d68725f87b04dd5691 |
| SHA1 | 9e3f0489d1889b3201753730211fb14ea1fc1e21 |
| SHA256 | 719f8aa3842eef2b413eb8dff026c2b442acf051af040b295af595ef207dc32c |
| SHA512 | 929f10fc51e71759d375d82681f6b9106932b27e0cd39fcd0fbacc2359d1907631a912d34958628c651c37617bd4d5d9db93d321f0592c30d0294428890abbd0 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_a.pcm
| MD5 | 6a95093e7fe3117bb1e614fa9727bfdf |
| SHA1 | 1df81e069ed43aeaedd8dce9d1c8bf56fa6b96a7 |
| SHA256 | d705d27155e39da52d84034389fbc3953d98f2e7a6007c44cf0ea1bdda4b3bb5 |
| SHA512 | 925d6b17cec73d8ea98ddc3b55d17c6e014a5d4504251563c5d5d55a9b7f8caa43dcc6d7989bbce72a62e1708a54ab7b09bdd84f79da9010bfebf6cff7534c99 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_9.pcm
| MD5 | cedbfc417b6ea8e076c99471e4d746ad |
| SHA1 | 11d95a6490613c3d7f350f5525ae47ddf244a5f0 |
| SHA256 | c5e274011991477635400e5a2c81d3b6cc12c50a61267b0ecc70077cb92a9aa7 |
| SHA512 | 358120f75fb51a89979cbec3c1dd0227e286019025be9308e81f5e2f4c02cd9bb0022bed4db357d42990c5f0503aadb88963d7062382d9cd832440e12a338cd7 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_8.pcm
| MD5 | a9293ed20c46e09ebb87caf37e92f3be |
| SHA1 | dd6e3ca3ef79d26f71fe432a2d928e9177f13205 |
| SHA256 | 4c682a59d37c32715d7e82c1592fcfd51ceaaca7fc4464817f74d0c005a02372 |
| SHA512 | ae2572da5274f686ab5b2ca05c273e103e037f1b2d21775f86e780a6a4e97f61059387a063e86f276253011bdaf188b2ca20cb29ffca5803fce5cdd9a69f38a6 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\beep_intercom.pcm
| MD5 | 618a307ef3efad70399a6107cb1ce9e3 |
| SHA1 | 8b42e7fc116a27a3fa868db49b3d0204f42cd913 |
| SHA256 | 32567197286cbb2dffc282f7cae8d46d13af9d5e83bc98773a836904d244326f |
| SHA512 | 3181f538cf34e09de3ced6b702eb55654888b3b533a339eaff97f6f6da9014900f076c76ddd407c0c3736156a896fd23a07952c04c06664103cc74f317b8ea74 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\double_beep.pcm
| MD5 | a2243b1ddd8cca6c40030020b57c606e |
| SHA1 | 9d0084832970caaf750335d5b27a3104623e2275 |
| SHA256 | e00dbb2ed88cd107bf384102e1353bb8d3a777dd9624a680579e4267080888d7 |
| SHA512 | 04ba003ef55787f3d19006e8a3489b861ab86834acec445ec463172f5530fe72472c0bb39f62ff8d0222f388b63a6b2e28f5919fbbccea416654d7cc13f68b49 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\ring_pstn.pcm
| MD5 | f199df8ed884c5af8fd07aa0e046d19b |
| SHA1 | 507ca087de97053c4e65f4576f78157813e6c174 |
| SHA256 | 0a23d9800db639dd5f40ff0e1ca3df5729df7ab81affd1a02db445b4b0ab235b |
| SHA512 | 176a88eb7df30c78442c435f102f865e1f8c8a6d0fa03f1af823cf6b7a3c290e50df229b8775c9234f09a0ab5643410f5e00bb4eae550c13cb59ee3d4147d5f9 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zBusinessUIComponent.dll
| MD5 | 0f5b0fd5912e1409db2bf3da52b32016 |
| SHA1 | d78762f88877c68a9da345555fc00371cb3fa852 |
| SHA256 | 70236f16a957583060719fdd11140b1ecb64a095a51ebc00a23472cf66e3a560 |
| SHA512 | c6d53698611795bd8d8fa3c64f97503043e815f890091c408bf59b14c80a575a8cf30d651bc60965082630fa116484416c523178abf1089450658cd2485943ac |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_hash.pcm
| MD5 | 569480b0dfe8b64b44f72e5740a58230 |
| SHA1 | 6f4ed602780fdb7c3eda983bcb29007bcd8fbf77 |
| SHA256 | 1a256021a62abb1386eabe58974db5bac91c622f9fecddc9f87216c102c23628 |
| SHA512 | 89f6452afa3aee5265de3eac9ce0a5830163187abe6c5415141133a0b9c7ea091dfc198cad0b4662588b8f3785c93e310feccca3200b13af0c15caff7ab45d1a |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ZoomTask.dll
| MD5 | 59bc25b2116f83ab0667e73e5889f06d |
| SHA1 | c462e67d56d864d191dbf7db5597e6956e9df9bd |
| SHA256 | e68174b8509389c9322d09dbf815c187959820a4014eb73343a927ee14d9a7c5 |
| SHA512 | 5608ac2f0d87a61f5f6a0297aaeac98c17a5ba49f46b19814331981c9053bb36b2d8fb45c89262bc46fdb3d0b91cd33b18f171de247e937630cb280c1a7b70f9 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ZMDB.dll
| MD5 | 1141a26bb3d5d4d08a71a4dc59140956 |
| SHA1 | bc8bef5650ec8d699aa01eceae626226d9048cde |
| SHA256 | 7c7ee6aba7f6f2bd0f288e66fa0b6a2177b68dc3fd88c807ffddba114bb8b6dc |
| SHA512 | dd6193f86796cb13715424849f793744b885fb50506e785f815b23efbb9e84ffde23bdab108540d49b97c71d963f36aa9aff0e7e9c216e6fa27152f909aa6f7f |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zm_conf_universal_ui.dll
| MD5 | a56e2d6259263efddd4bb2ba0da1b60f |
| SHA1 | 5afc9398ccdc3826bfc3eede97220ba3eab01c09 |
| SHA256 | f938a6d3db86452c797b124bfc90f81ad6f7e67c3e57017eb86a2f70a40abcca |
| SHA512 | 3f0189c2a55e615c2ed81cabb86928bd3ff1a2d921bd7c523b3d60e371fd71b8124f4c0ac30837f070aa0dfed3df32e54f119bfde16ccf21456073f25cd3dac0 |
C:\Users\Admin\AppData\Roaming\Zoom\installer.txt
| MD5 | 1b97bab2d898d02c72762fb346e2cb83 |
| SHA1 | ee0d4d401438e615009cb4ac592774a8232f80f6 |
| SHA256 | 71373ad10778617d6d978a59f5a0bcb608235e215677ce9fa94a0af6a35613f9 |
| SHA512 | 53ada78dd0dd284085b583d42373f11fc3d3f75e6bb1098d6e3c888d5957f2719b45ef2d81be6586f49e2da615fe26f7966deca13535683ca3cc105788bf50c5 |
C:\Users\Admin\AppData\Roaming\Zoom\bin\ucrtbase.dll
| MD5 | 61eb0ad4c285b60732353a0cb5c9b2ab |
| SHA1 | 21a1bea01f6ca7e9828a522c696853706d0a457b |
| SHA256 | 10521fe73fe05f2ba95d40757d9f676f2091e2ed578da9d5cdef352f986f3bcd |
| SHA512 | 44cd871f48b5193abb3b9664dbea8cdad19e72c47b6967c685cf1cc803bc9abb48a8a93009c972ef4936e7f78e3c92110828790aa0a9d26b80e6a523bbcd830d |
C:\Users\Admin\AppData\Roaming\Zoom\bin\vcruntime140_1.dll
| MD5 | ab03551e4ef279abed2d8c4b25f35bb8 |
| SHA1 | 09bc7e4e1a8d79ee23c0c9c26b1ea39de12a550e |
| SHA256 | f8bc270449ca6bb6345e88be3632d465c0a7595197c7954357dc5066ed50ae44 |
| SHA512 | 0e7533b8d7e5019ffd1e73937c1627213711725e88c6d7321588f7fffe9e1b4ef5c38311548adbd2c0ee9b407135646593bf1498cbee92275f4e0a22ace78909 |
C:\Users\Admin\AppData\Roaming\Zoom\bin\vcruntime140.dll
| MD5 | 7942be5474a095f673582997ae3054f1 |
| SHA1 | e982f6ebc74d31153ba9738741a7eec03a9fa5e8 |
| SHA256 | 8ee6b49830436ff3bec9ba89213395427b5535813930489f118721fd3d2d942c |
| SHA512 | 49fbc9d441362b65a8d78b73d4fdcf988f22d38a35a36a233fcd54e99e95e29b804be7eabe2b174188c7860ebb34f701e13ed216f954886a285bed7127619039 |
C:\Users\Admin\AppData\Roaming\Zoom\bin\msvcp140.dll
| MD5 | 5cde3aed10412762e83b7fe43694a22b |
| SHA1 | 4ffcdf063eafc901105836c27a634530ea614755 |
| SHA256 | 10ddff48d704c6007e4c2d53fb4856b5e5e79479503366236246a323aaa76e9d |
| SHA512 | fcd7bc262e7bbcbbac9258e31b8d62efb2e601ac1fffac4c86819c8f2aed26fc19403d992a57d48ec92752b2a0a8b04e8204423d6077c7800ea4015f016faa23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2c57fa4752fb986df0994b11dd0c0bcf |
| SHA1 | 5a14a8d2f3137a98c10a6773f966980054ce1d0c |
| SHA256 | b60b04ddcc200024aa22330cdca966dc24c4cad8d85b4ecde70bd6fc6a04e6aa |
| SHA512 | 25e2fb13e89a0f9974c12308d5b69dc805889406d036a21e55e8a8494736ae89402205a2b497e2e6b2bc2236ef641e7d20735218577a634cfd91572255b9d37c |
memory/1036-1204-0x00007FFD616F0000-0x00007FFD61C67000-memory.dmp
memory/1036-1206-0x00007FFD5CB20000-0x00007FFD5D5B5000-memory.dmp
memory/1036-1205-0x00007FFD5D5C0000-0x00007FFD5E022000-memory.dmp
C:\Users\Admin\AppData\Roaming\Zoom\data\Zoom.us.ini
| MD5 | 2abb0d78cec99ee57eef119462fb073c |
| SHA1 | b53c64fa5ba36d9ffeb33962b7735e9829dfbfc2 |
| SHA256 | 11dc5efe18828338563e3a4038440369483247242740dc1da980c0b36b744902 |
| SHA512 | dc5413981bcd69fb169d0c9210bec8de0a5141ff1ca2d9af988123a386d1188a17a6d40b8950ac17ebb50b4f7e1175a9f54f88f2bd3cddfe764bb1fbf674d4bf |
C:\Users\Admin\AppData\Roaming\Zoom\data\Zoom.us.ini
| MD5 | f86e65b96707f1398598fdb5be29702b |
| SHA1 | 06bec11a4cdbc8bc0a0584a8d8e7b7c27ebb1b0d |
| SHA256 | 06316dc7bb60170c36f69382d8ef4f08f3ba933fbcc25870a6da2bcfe4e18b0e |
| SHA512 | 9df9b4d2f9aa6e96885c79e33289cc320a2308d2c7c1b5e9a432c6843f929ee4d8536c55575ff0900158f19dfe7467d235a1033ae8ccb7352298a1533e2338e7 |
memory/184-1461-0x00007FFD5CB20000-0x00007FFD5D5B5000-memory.dmp
memory/184-1462-0x00007FFD58350000-0x00007FFD5905C000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\ZLANG~1.7Z{.zmdownload
| MD5 | db33381b3af5bc18889dea5423257257 |
| SHA1 | 448db4e634275948ca1917852523f5f88ea1b932 |
| SHA256 | f9ae6a6f4ae3475470e432f4e2dca592ecc811881fe4e68d6c5eca575e46c28c |
| SHA512 | 7d9761722821e5433130026cc3e1ff9f81ef4990dd1c8f256184a54be08038afdc7d7c5ac96101ef97a6128936e6498ffd394a729086c575a1fa328434a094bc |
C:\Users\Admin\AppData\Local\Temp\ZCLIPS~1
| MD5 | 4274ac354b2ee0b4cb538d81f5e72135 |
| SHA1 | 4b81cecaa9456c1eeeba55b5c9bdaf3d3aa9b89a |
| SHA256 | db6e46e6d3fa49d60e9e555e0580e5d9b44e194ab4cd9130ee0b830f42e8acf3 |
| SHA512 | c4fd40e29699a0dee121485d52dd66f4138206fba5f420ec19abbb135fb3c0719b510dbeded9be6cf78a999f7d0208c3c7902add96484d4ad3bb88d01d2ab34b |
C:\Users\Admin\AppData\Roaming\Zoom\bin\zPSUI.dll
| MD5 | a47aa5db4cc3cdf799b86e2ed08c0719 |
| SHA1 | bf7e687f0e33547a3ed73d78ac66dd43050f988c |
| SHA256 | 9ea5d7f5afd3db12440871544310dcbb26e56bf0de85deefa9bb56c955ee60ed |
| SHA512 | eab45d03613060887aa7f58a73aafef8001a4aca649d789a92ca6926fdb61856785395aca3fe8f7219307fdfe412197a90f2fd271d6a3306df3fe83b8758ae9a |
C:\Users\Admin\AppData\Roaming\Zoom\bin\swscale_zm-6.dll
| MD5 | 4d199499920b80bc1f8433532620e9cd |
| SHA1 | db7a43aad718953dabf585c07e8e5b84799ed3f7 |
| SHA256 | 9f55bddb1d9faccbfef2cbff2912373ba8eb790f150f4cbe0e3740201b47ec5d |
| SHA512 | af11bba084150fe05c9498c8a1db487aca8ccc97d3b07fe7ccc509f66cfeea38356c817960b2b36d628c52fffc62c42d5f64b6d1d6cd820f1edd332aeb0a1286 |
C:\Users\Admin\AppData\Roaming\Zoom\bin\swresample_zm-4.dll
| MD5 | 452fd68eb9f7eb7e3e1043082eb6f27a |
| SHA1 | 0e5583f216e21706c1c5482794276d2f79a1e03e |
| SHA256 | 8b9baa966efc331442e7e2045fb0096f90a6f7ae94bcd6598812f237bf651039 |
| SHA512 | fd078d3983d9cdf0eebe1e189d07a7d775cab9e71f5695667e5e1a98f3bca116d7090f80e68ae7be92cf3176fef74a04dada6791891e7f45d73c4afef1e400b8 |
C:\Users\Admin\AppData\Roaming\Zoom\bin\avutil_zm-57.dll
| MD5 | a919210cf377080c5e123d92e3b35022 |
| SHA1 | 5713c8a467205fba19ecab99f7a1c38708b9265c |
| SHA256 | e489844cab59b271105cb46523cae5ba464ba12d868f01604b12ea224452de54 |
| SHA512 | 744ea38ae987d3c0cc8c1791916dca77c9efea43b082d60df7bd42038d4d6317f19911846e9e0bd094e7df561f136b60122e12e252c9cbae5636da3ba54a9a83 |
C:\Users\Admin\AppData\Roaming\Zoom\bin\avformat_zm-59.dll
| MD5 | c3518f98db98bb29737f96d398a82a5d |
| SHA1 | b8ec56ac4eaf8c4edac0a39364a33d0ad3d02eb9 |
| SHA256 | 56ba4d6236f763cc1b25ffb163ee1cb38452e970f9ebc4d50ee0c70064574e86 |
| SHA512 | 0b9965f26f495099288d7301704d3721c3850082f0adc9d60f3264ab5d8d10860f58f1385c24de08b36dd42d61ecbf7639d6fcc12c19c541bf6b9dbfa53383fa |
C:\Users\Admin\AppData\Roaming\Zoom\bin\avcodec_zm-59.dll
| MD5 | 57a9b5aace4b0179a80f2822146dbafc |
| SHA1 | bddef1b82832546d0fb38e11c1947cf537fcd073 |
| SHA256 | 16c44522acf4016ffce2defbf3aa28a9df6905179c3a1c117c80df741dbdc43c |
| SHA512 | f07d0b3c98487459e1979d0e00d5a8fb9f86500b84355f123a7500ab48cebf4447a73b3b37715fcbe32689ed543d3f10935afd244ee267305bec785161c81a3b |
C:\Users\Admin\AppData\Local\Temp\ZCOMPT~1.CAB
| MD5 | 8e4ba552b0a6d148baae7651356ac7f8 |
| SHA1 | b7ac331c3f7604eb58d20923e605ba60fa598135 |
| SHA256 | e6446bc7330d42dcaf0fca2d85afe2de6981574db36d9dc68121a2351b6f848e |
| SHA512 | a6af6011ceab63d65f4c0888fed842295d1a64a7830c47e0ac4d37ab4c50ce55c49461a71419a63643fd03582553a7ed11e1f5aed11e5955c946e4ffea050274 |
C:\Users\Admin\AppData\Roaming\Zoom\bin\zPreMeetingApp.dll
| MD5 | 7fee9b1c4a1f6c8745ab6a48dcf8cbd6 |
| SHA1 | 1585ba72d3f811ce13e0b305e8a4d468be2e3af3 |
| SHA256 | f7791d62e004d5515a7b3c041162e3d3959ed80b52130067776bbd9067ddfe14 |
| SHA512 | 34f59901fe0fe65b2664cb01dc87f7259f7f72969e5e9328a29b875e87b94789109a41f62232c2e8318132c2af842d2f3bec39695e8967aadc299488a54aa552 |
C:\Users\Admin\AppData\Roaming\Zoom\bin\zAppUISdk.dll
| MD5 | 947b124aaa3197cbf0edb63922614e27 |
| SHA1 | 786bc30e70e838c045182706e3c4eb9624ae0920 |
| SHA256 | acfa8a63019d4e83ee5894cd1659ad33d6fe027a80c39e0fefffa17d5145917b |
| SHA512 | d2675454500b6694e673c2767898dfcd0b574b85af84c781d0ed70b6126409cd20a98113e7caf62c8fb772ee55ac8a6e108328f0bc2e5421f22e15a61a81ee12 |
C:\Users\Admin\AppData\Roaming\Zoom\bin\zDiagnostic.dll
| MD5 | 18ceedc7102720dea88133eb5a9d27f3 |
| SHA1 | 5c80226afbd637f85c256442ea4b5160ee43cf1f |
| SHA256 | 148f6b189eef9cef589d2384c15cb2e238e0fe4c41a880f4a4d33566899cfa42 |
| SHA512 | 0a9b52521e2c6f838db5025f0a192cbb6a5d65f349e490922199e5260443dbb1248402f48ffb5eef369f9dc41a3fd161db9a883a9410783bc51dfe381581f959 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Roaming\Zoom\data\WaitingRoom\02F4A117-4E65-41D4-970C-C8925D733C95_default_image.zmdownload
| MD5 | 2261a7001f0967aec2e8950de1c42d1f |
| SHA1 | 0cbe324d7e3dc091c8b8a72d78ab754207329ba1 |
| SHA256 | 695d9928ecadf0f61266c61863b735d6bf8d0e57c55248543aeb11b6af1c6bf7 |
| SHA512 | cc80a3e82ebb2e3ec9aeff7db959044c33f2c0ce9df08519d17d79718325970daa283ce8847e53db2beab6ef59cb69fdc08d36b78d28d98f7ff68e411709254c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 951197f508bcaed3a2eedac8cb7889f9 |
| SHA1 | f068b09ac0bbf544e6fbc533b20f6f68388ce0ba |
| SHA256 | 938116b2ff4de2360cc982470ff30e88f7583fd33e2c3cf25f9bdd1967e1ae92 |
| SHA512 | 0a22c05700a5aab7d8c5fa7faebae476761b3e4247bea81b6d9d9413b05018617aee264642fb1190a007b4f34f3bbcb70dec716b9aa19b81091360f51f3f5625 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 78902f7939e107dd3fe498a2ae25721b |
| SHA1 | dd52856529a322d7680a288bacaf9463c891d34d |
| SHA256 | 6c9ce79de16b290965cbf56eb8c3a9f2f07ff90661f52f7aede175ff1a9386aa |
| SHA512 | d59a1e5009f0b1179b573ae0d2832f7a9b48002895bfcd654be14c8a217d9b846ab614ab009f0fad309b5c062013a5daecdf13e5e303ee94a00801c26073a74d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 589a21329723f334a36c17b7914e7306 |
| SHA1 | a4f59e85677fc152148fc34b19fdaa048ed3ebdd |
| SHA256 | 5b31dd9a60a00663b7ad14b7f40a7735ceec0123e95cb4105e3b53b82ee0e920 |
| SHA512 | f7bbb50ee76e7b314828ef0358a50c808428ce19323efa7b054aac76aa8d758e303be5056da0fce77dd63d503ed9df6fab9acea4e5204725a4fb5c2053e1d422 |
C:\Users\Admin\AppData\Local\Zoom\data\emojione_low_20240219.zip
| MD5 | ba4ba86b9a0a274aeb08d2381960e475 |
| SHA1 | 2c26ec3d748e96f1adca393090b04a98f17ba4d8 |
| SHA256 | 119a9b978ebbfa3565b483595c82c5243979ddbf9de49b4246a0f88c4d16c8be |
| SHA512 | acf66606e8fff351736ba68ec0b04dc59ca79dfe50f4336972cb0ebad09679c8e8c982e8cfddcf5919623d1b400c5bff578a760818af2be3d0a1cffacbfbd072 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f1f2-1f1eb.svg
| MD5 | f8d3c0bef471e7640b5849b87ba7d56f |
| SHA1 | eacf345d95892bae61555e6c5bc81bcea26028ac |
| SHA256 | 5b27690c0d0ff60589cd44639e0ccadc35c8c0a77353034b5090d46bab89f23a |
| SHA512 | 472ccfa74c68d29ddd92bad21212468cd916d4655c2cc45d9738453f5fe3b3a160d5c0a6662c85e1b5ec7f63ed8fa73806cd62c3a996e8d9b9ba4490e58c3237 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f1f2-1f1eb.png
| MD5 | e24a5922490ea09bced2c44613107ed6 |
| SHA1 | 33b14dd8c226a1826161801a71d537042ce1e402 |
| SHA256 | 9e74533f8c5afa2bbdc06a3972b41bc0181c4c503674156d96f940c2388de7c9 |
| SHA512 | 33430271daed2578fec0a6774a98457a709de2a599b5aeb35110cb73a57753ef4ee8a2683fdd4128b4d58599fb5616b592ff6ca3c4e72976e72182d29e4cad12 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f1f8-1f1ef.png
| MD5 | 7c500d8f8a6b86b737ffaffce72d0e75 |
| SHA1 | dec92c55ac76eeb3a156c937bcaadce2908b73a2 |
| SHA256 | eea25ccd8b456a7d28f8736e7eb48bec9cf58a6168233ad0ed2949be10ae52a5 |
| SHA512 | 94c1950ded281097f35f8d8b164f8f4712eb9b51056680bf3e09a7df804e73b6914e6c7ec16dc320d3354bd5400b3c01ba87b5b362fc83573e0346c35f8350f7 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f1f8-1f1ef.svg
| MD5 | f7fe36fc9582b6f1aec06c3c73db814a |
| SHA1 | a6e0588f908d6c90dc3e1139e84f10e82614378e |
| SHA256 | 60b79284599504b50170ba506dc0198a4b058711058050ecdb1c0c2c617e463e |
| SHA512 | 759bd57e7aec253f22e45bbb78ace2666b256e1b0593231ee5a124ab1bfadac1e29fc080e0f83c28c3dc3b449ef2a432c7ab3ae2e567f3763497c1a3f0372475 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f3c2-1f3fd.png
| MD5 | 1f7c872d3697d3839067abba356349c6 |
| SHA1 | 0a3710417cc88078bc2f6b943a662127cf8e4d08 |
| SHA256 | 644c6ef33b0f10df4480b63d0516c3adc2f6facd92e474a92b36e3545b48e9cd |
| SHA512 | 0d5c2800b68b177c271bae96c6e290cda0b1095fa76e397c8983b2e5caf2598c238849fddcbf04cdd17dc92cbfd998ab0e1a5ee6d08c4cf321f27e404f3c72b0 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f3c2-1f3fd.svg
| MD5 | 78a1987b430e7ed93a0b5e24d775bfbf |
| SHA1 | 25713b0457877a92d59a0163c3b49b26a31e8aa3 |
| SHA256 | 48d68ebb5e24b6a03f8d3de6f219178c78ea5c7075bb00f7cb2909623d38a735 |
| SHA512 | cbd0eece4f6522288f3670c203f5112dde50aae0fce683867a47e8c3d3544c9408b206f84bb123a71a28e15ea3bc936551943baf3742f311eeb3f4887ca4e6d1 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f3c7-1f3fd.svg
| MD5 | 2f2d75ad4844b043de6a9466b2243049 |
| SHA1 | 7d3c79667a3bbf8a1dc6716bebc54a4d1ad8e584 |
| SHA256 | f2a20336a2ff3706b8ad123e0c2d053d4c6cc77a8c9879d9ead1cc1aadc563b6 |
| SHA512 | 1397d5750a7845df9a3e0bc385d518db16beec705684a5905dfcb282ed6a7515ff8dcfc278bb13553f469fa7ad2428aad572974fbfbedf06e2011ce8132d4601 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f468-1f3fd-1f52c.svg
| MD5 | a60e9a7b24ce9ab6d0c0957d7d6a65d9 |
| SHA1 | 9b871da8744c9a798ea4253c51c94a18a77d8aa3 |
| SHA256 | f0ed131631098d4105d7876796827037da16b711688b6fe488451e8dd4013d20 |
| SHA512 | 8ae4d41e5073fdb0fd4104706225b7e734de9d354cf21ee51fb47618bc4215c5ddf0d51c28d5a8279e8c83fd3276cac9ffba6e14950b245e153cad287d256e0b |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f468-1f3fd-1f680.svg
| MD5 | 7e3467e8140070dbb54f3c730f8c3b5e |
| SHA1 | 1d1cb357a9fc85335504cdc1c2629a18fa6113e2 |
| SHA256 | d6a92323fa70b50cb0c0afd30fa9fe5ad6c6a6d698b0dc4350bcbc5ab2c7c031 |
| SHA512 | 29c2a1f28821d97391293f01453f5d96e4c2fd41748b01aaabe56f18a1434aa20aa40ead38d39ad1c09ff7c6d708fad9f773b8f43f3c11b7ba5dec050dbda80b |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f468-1f3fd-1f692.svg
| MD5 | 6ab9ba64e70c4531b2bf14a0f4a9b9ee |
| SHA1 | b03115c46dfdda9e3e3e2df99e010e0445e114f0 |
| SHA256 | b83e0855f895f68b6526d6a5d4625dd58541c7ce45362fef749c076342c8ee23 |
| SHA512 | fb6bb47fdcb13f493b73cb228179af72ad414231532e7c53206710d10a66bb417500acadf6211cbebf604df04bb88877c8808b2c06730db63ad01e2107784c4d |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f468-1f3fd-1f91d-1f468-1f3ff.svg
| MD5 | 735c34515def34f27a7154fed455ea2e |
| SHA1 | 7b01c41ad4f90adcb16aa88f5a14d78b8c1f83e3 |
| SHA256 | 59fae5454e5926bbce5b7c4124021a57b3a02872e2f701bbea9120195fd92e83 |
| SHA512 | a5c4986f9d13c3eca29f1bc336767c7f71d675d08170e20871652290d69740810de0200a5fb1b2b2df448eb3e33b88b5e4be033b23de814c80208d1d0cf3fc1a |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f468-1f3fd-1f9bd.svg
| MD5 | fc7781dbb545d1ed0e0cf7e0fea1e792 |
| SHA1 | 6659d41a8053f815157715a71e5ee866272c3e4f |
| SHA256 | 7c3b276d2abca816fd4e1b9b8d95fc34996fda262a75622ba0d8ff6f7de0e0f9 |
| SHA512 | 3d96d7596d3b856a0069eb47254bd6ee8bbf8689052cb74290a79b622b69988fd4471ac7cd29a335172697be95cdb67114268ca0240a00661c1de300793df107 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f468-1f3fe-1f91d-1f468-1f3fb.svg
| MD5 | 73b97ad95a8461f3f26fd08e18696aa4 |
| SHA1 | a2e4a2f24028cf64e44603a4812d498550d3781a |
| SHA256 | d3b32453dd78d825ff4b5d87a120513a7b9bc5c81c4a35d5179aa3c06fe26b5b |
| SHA512 | c539292ac33bed2769090aba2139f6cc809c1be752dc63590f4061698faf23a13928eda3aa1885e21897e9e5042ba09dba51d29d43884495c44af0eab56ff47f |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f468-1f3fe-1f91d-1f468-1f3fc.svg
| MD5 | 9b40204af1b6a28bb88fc7ffd2ea57f7 |
| SHA1 | 824ee4ba5ef1bd86373f3cf52d5d6bc89ffe6ba1 |
| SHA256 | c144c5d554397a26731f32a9e549cdf334fbc41de2596e084bc65f849beaa4e0 |
| SHA512 | ca5f8ac7bbaa90680cc1522a3fd4f0ef633cb020c5cdc212f5128a2ca09f2bff43d32c36c1fc6452aac81d0363f2d51180a16488b7b094662d7e757524e5e292 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f468-1f3ff-1f91d-1f468-1f3fd.svg
| MD5 | 0efa0e226b7360feca7568589b016d91 |
| SHA1 | 674b86f0672f480ed7475d13589502a0baf2ecd0 |
| SHA256 | 4b8f977152adb5b7d55df1942ee6c7964413e51dd6a3d66ad25b6e661f05d02e |
| SHA512 | 148aec3dc5c273aa7dbd92f1310024621d39bcd39f72020f300bfd857f6652e292ab12219af2201ef23d0f025633944014b79666ff8f72a505e003dd6c05f741 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f468-1f3ff-1f91d-1f468-1f3fe.svg
| MD5 | ef29f154a48c86d08cbdbab7572b3880 |
| SHA1 | 979867f22c49ff27a7aa104b3d96fe4f2dcb1a06 |
| SHA256 | a95e0f316041c2dd52c554ab832b0f1103c720fb19512ec28e8a8347626137eb |
| SHA512 | 5d4b51221019317b30657474b684723fb4562b8b63fa886f4b88bae07fe97e7b8391c54658badb019ac7c630eee606988cfdae6d100d5a5cb20ac47eac0f1d20 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3fb-2764-1f469-1f3fd.svg
| MD5 | d606bb69825d52fa232142bbdb7f985b |
| SHA1 | 1ded24b62be062b9f1c8a5cfa9c848d32339d7cf |
| SHA256 | 8668216cc468d471d6e8b094bf1e9cac324d16adc16813529f7fc3b94b84fab7 |
| SHA512 | 487428414fc0e809660aefdb351da080884fe5061dfb26c692716daabb56e9dd4274ec4ac239094ff847d0393334aad93769eaaa39b66435376b2178667b5bd8 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3fc-2764-1f469-1f3fd.svg
| MD5 | 11c10dff05c7f85872f5271ec9736b83 |
| SHA1 | ab621f1e66514bb91674b94b643d0ba020428178 |
| SHA256 | 5f65cf830f17a777ef12a3389030b8b9681165e46e9e3b78917427297839fad5 |
| SHA512 | 9bba1235cc734c40cb34f3014b28b9b2ebd38e6000d4d624b4220d5358b12f69028217de7db06eeb320a33abcea09bdf9a63bff228c603b2f24df0fa54b9bafa |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3fd-1f680.svg
| MD5 | 8ee07bcac94dcf71e0279de998389346 |
| SHA1 | 817c77b801ca926485663bf7ae600ba162a9eb4d |
| SHA256 | a978d221a399f35ce822a17831140bd52f99b4927b9f10937f4326454a5dd931 |
| SHA512 | 685908420f4e154a10baac33d1515f8baa6d4fdb22d815369e9fcd30b892a961db0fa21c3eb0e138ace0ca61b519f1771c8aca323b565a2668a988f84cb0003d |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3fd-2764-1f469-1f3fd.svg
| MD5 | 2272ac79c299d048406d97dff71d8d36 |
| SHA1 | 5d49db7362686cd9d04fa8a86b19674832121302 |
| SHA256 | 9527f0b04ccf0c6633b1644e6d0c0fe24d730f58cbff1d4f8f51e71611341454 |
| SHA512 | 03ab7e85946062d3a7e6f36fc80836f67a13acfc691fe31e801adf5ef903b296e78456bf03df18861be1254f2265ee283509920748e520d587e142226e19e4f0 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3fe-2764-1f468-1f3fd.svg
| MD5 | 6c51ff1981a4ace8c74a90c23b04dbb9 |
| SHA1 | 7a363f1e8d3e2bd18ebf13aa39e2474569b38a80 |
| SHA256 | 1f4ce13a13158a72aeae70a39582f45370b3c1386ebe69af95a9e1ed3aff9db7 |
| SHA512 | 86f7ecb883a4d23f7592b44f26a1d584ab6635c5d6dac16de166cad1d20f3d5c7837bcd9c573d57f2fec64f4bf130b3a2ff51cc5e1942faa55fc5318ad693afb |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3fe-2764-1f468-1f3fb.svg
| MD5 | 20a407b1a3f9f733c2481bc07a720e02 |
| SHA1 | 776f21c31de2320e76d92512320e179ca2ead555 |
| SHA256 | db667fcf69cfd628d5c2132b84e1baf54df55296bf074903f94c41dcc3b669e5 |
| SHA512 | 01dea1eeb77e91a80a59ba68d1c260ad4f324121fd6207626b0fcb25b4027082a64e83fd0890bdec25e4256efc29357439f47d8383389216c0360eb181634597 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3fe-2764-1f468-1f3ff.svg
| MD5 | 1d6feb3d1dab84ff411803ddc017d242 |
| SHA1 | 9e0dd2de762aaa367a809ce0561d1f7f6dd8f56f |
| SHA256 | ed280f6d103dbc28bfac0b0cab9ebe4e942fed35afeb2da72760aaf49e3dc5d0 |
| SHA512 | 5a2c45bde99b07393702270e6329bba5958c9199895c6c6d6039941058e1f05fb494bd49f3d318282d7b1116364c2a1dc103a5d69b1949ea06c5478dc59e4159 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3fe-2764-1f469-1f3fd.svg
| MD5 | a7da7cef7a6fd12281b1e4449432d0d6 |
| SHA1 | 4830693cc4a35d84e0372c81b99cf2cf3c84bbda |
| SHA256 | 1a9b5d7e925726c1efea278064a3680e7db975e02ae94571ef49244f9965ea40 |
| SHA512 | a4c67899f65ab7241351606747d453c61811e70861cd91fedd9b8dfc1232ba4395dc61f8ce59b4800b7d4596a017af6a8f4a845f7247023e3135a4f37e78b781 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3fe-2764-1f48b-1f468-1f3fb.svg
| MD5 | 568f422c37971b93d0ddc7bae6700654 |
| SHA1 | a7817d0cbab87c58052b69e4f98916efa0ef76c5 |
| SHA256 | ef9fe06c736ba437ad56e3ee0237192fc49aa33df6b740c1e73f0a385d8deace |
| SHA512 | 436b3179dace2232471f18a740e205bf4eefa16d51e17bb38e61e890573c2fbaed39ac79762e5c1960c9a6e21a5d632d79351a4cf79bef87a89edb98d85b4659 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3fe-2764-1f48b-1f468-1f3fc.svg
| MD5 | 5cbade4f5bb1bc7ef2e86602870b7416 |
| SHA1 | 13747f011855f3b13233afabaafe95e3d98b0a15 |
| SHA256 | 80db7ba93c507ad2706a2abc88cea4aa6d3cc2b95a3c28084c66761a36923ff5 |
| SHA512 | d944ef268a0ec5886979193694ab39ae90c6891809960e594d8ec65ba949247d0e9d211464d2e5eba37124531fcae8438352813675b04934da33a4ef4884f85f |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3fe-2764-1f48b-1f468-1f3fd.svg
| MD5 | 6110897ee9a8172c6759a335a7c731cb |
| SHA1 | 664d134854e2559a575436db21bf2d43b916f686 |
| SHA256 | 2b1d3918282eb77ebfdbc7253a0c71cdbdbe2a3cfdd4b4f3da42ca10b6d2f30c |
| SHA512 | 1304265e21e5eac4aad87c83cda67dac345b8bd0d1146c240b686a3524b6e0ae1c35ba360ed318d38f9af474f9e087471b2be38afb5cf9349e847362d3770ac6 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3fe-2764-1f48b-1f468-1f3fe.svg
| MD5 | d2fdf8b5cb9c5971ac4065cb15654ff9 |
| SHA1 | 755f6d74cd650f3b5e7f5c409780fd251d9f16e7 |
| SHA256 | ff727128f23fdb8307a4752a3176068902efdf4842f06dc5ea1f7991da0ff0b1 |
| SHA512 | 4c0c2a5491b8836ee872afda22034ab0a116fdef5d410057288c0f1c9513b1ad094cb3f81d180e9e6534dc8785eb55cb1b9cf4e957a223151fbeb87f6f5a5554 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3fe-2764-1f48b-1f468-1f3ff.svg
| MD5 | 6afb2712780f4552488392ac6ca95d1b |
| SHA1 | 67923ba2ceb5f4621c34e2f460bfa95daf1f6109 |
| SHA256 | cd59ba9c3aaf161a12fa5e863a638f4afe59df3def11eebb7838c1339de3e7b3 |
| SHA512 | 60f40df51776dacfffea813c4e64797944e49f3f1a46caec3ce39bf07b222d3feb1fd903901b86be130c54fedf028f876eb17d7990acc1a4967a86de0d0f5930 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3fe-2764-1f48b-1f469-1f3fc.svg
| MD5 | a3f59b88beb651c150e7de7768709d9f |
| SHA1 | 2d0cff322641da70d78183a82422fac199a67797 |
| SHA256 | 890bfb6808ebbe175580456aecb93e32c9420802b2f5621cdd17fc48acf6c343 |
| SHA512 | c447f6b989f4288c2542d76357daeae726cd218af17487482bccc24f532a4f8378d85881fd429165728d7f352bb4042d31090e5b2f93d5174c23cea6e0dc41a1 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3fe-2764-1f48b-1f469-1f3fd.svg
| MD5 | 522586e57b24029cf40f2510c81f2189 |
| SHA1 | f379229ed47ce65912c915171bfd0ddcd4ba1b86 |
| SHA256 | c4609758c8ceffd10011777b56634e63899ebfd6fb67030d57520ef46c2b057c |
| SHA512 | dc359b1ff7e28b491766782edfca51c8e7282d328788ba3c437a88881996dfa7ef084a08c958b4d2f38745ac4f334e850645ff7e42d0c131a4c75a1ebc8ea639 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3fe-2764-1f48b-1f469-1f3fe.svg
| MD5 | 404086eba8b7cc4b8b5b44ec9df3e07b |
| SHA1 | 481668caf334af1c4a470cb286047d9d062c3eaf |
| SHA256 | 1cfa0c95515f597fe85227dbfc88694acc32bbb14f95149afd8f4f164e6deae6 |
| SHA512 | 09620638e04eadd7271584acce100b833df9bad0f6cd0cdff256516a314e79ee96f1c4738a98a3b418b391eac70c0337e9b3d471183a2a4c9f2802d25aa3f8bb |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3fe-2764-1f48b-1f469-1f3ff.svg
| MD5 | 50f60f979f5b8918df58d0501b4d7487 |
| SHA1 | 42a84fec6a296f3b413b7a744ed3e6992f7fa2e3 |
| SHA256 | b23f3ccb4901679eecd5bf5e9ea5e029b0321a514bba5551aa1afc483f5cf00c |
| SHA512 | f1733430b43924ea1e5ae5646d79c5bd79eb3602f10e45a44168024e65d6c5f7b28eb195799a8f26a8d495025bc73e3cf277109165e3800577cf8c72a8f6ec74 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3ff-2764-1f468-1f3fe.svg
| MD5 | 0f4f1eef680448dc3265335226c70da2 |
| SHA1 | 5c71dded562a410791f65ce456610a7145f0d038 |
| SHA256 | 7c881e18ff73044a0e05d838cb14331c591e874aef47a50828d6d392a0db5f31 |
| SHA512 | 10e2303e0c11cfb5e44002666b9a5bb85edadff592a479792a6c580defbdc56bf6fba4283f21d6e0af1059693f8679f3d2966a2b40b56f6ab0fc52c073b3e1c2 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f469-1f3ff-2764-1f469-1f3fd.svg
| MD5 | 8f868a263f6b4a796f00e95f9d15fbd7 |
| SHA1 | 7d083471defacb2bbdf156f251f75755bb188de7 |
| SHA256 | df1592e5d8be506a05c38df852ce0fd3b09208939920e0ddbb7d5d108f33b30e |
| SHA512 | c3dc960ae8210ca9d9694d0332d8520397030f685d45e745dc3598b9473f557e0d1c96ed7a9e7e9ec7ab1def29c9128e65277c7d830bfac03b9a79449b2b0a6c |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f47c-1f3fd.svg
| MD5 | 31907a7b5abbf66956cce5ad22f4af36 |
| SHA1 | 51d28c4fb0becb6ad4ce8339974f569c9f129d3b |
| SHA256 | 756a3b424199212f63753a1f2672245a7241c9877a9d65dd263c596c9e9e52e4 |
| SHA512 | 6c676ee42bd2cd0cd4f7f0703d1fa16ea937ea6efa595456836f43650bba4dfca52bd85c5d7d48db65efd67cf00fc1c4cbd0928739a8a0d49c3f9fc66bceee7d |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f482-1f3fd.svg
| MD5 | 38fb06613dec33a6351b424cdcf9e798 |
| SHA1 | 84258f41e485bbf36fa16a0f7691aa345c30543f |
| SHA256 | bae702a8a27664f5d7378b7bda228564e8eb87979756800fd8233c7fff7f774a |
| SHA512 | d688ad6e7c87ddf4a5bdec4c21c5be06110c918b6c1a45c88f8781a024ccffb8f17a3ad32224a841879362bd3813d7485fe809e5fe427722b1df93daa6599f7a |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f482-1f3fc-2640.svg
| MD5 | aa8b34acf3940fb01ad81a331966d9d1 |
| SHA1 | 09f4e91e539fccd1a161337a0e2c1aea35e9d33e |
| SHA256 | b382cec8be2da96902d0b13040614767f5068e669a42ebf9b633d210c7c75f52 |
| SHA512 | 17c80f0b1728d7b990988d25ca960cd40adea3be218f8317d7b956501beda4be2014063d6362ff5f2f332d519dbe1b951f6c3eb8e5edaa04375153316e8732a3 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f934-1f3fd.svg
| MD5 | 2c3304dbf27e8b6205b1b315982cad8f |
| SHA1 | a61bb150f6ac5f91ee6003a7f09bbd9c4dd719a2 |
| SHA256 | 1687f8f975770db3bcd7ff60181a0d9350592dea6d247fac0ca050488bb416a8 |
| SHA512 | ad58a0af50afb3833782702a794a23b9257ea71433d7abd79baba186def45a529780614074545c5088c48f3f8a5f9d214df05f07e05224014acfb31487bb6a5e |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f9d1-1f3fc-1f3ed.svg
| MD5 | cda158ec90486e293a00101388fb056e |
| SHA1 | 0896e006d0a755dee3491dc3411fa97d574ad940 |
| SHA256 | 7859e07bb93735b5532862e95b1f4928bc1e7ef186ecf6d8ff7fe354e93cb103 |
| SHA512 | 411b7c52371031271e4bb2f42a6b49233acd8706cab3240a34fe2cc126d4379deae34697f89adca1df4c8752dc85351292f41af1120f854cebe1264978b78dac |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f9d1-1f3fd-1f91d-1f9d1-1f3ff.svg
| MD5 | c4fc238c34048e2343d2f1d333f442a7 |
| SHA1 | d28a3374456d986883a13db2cd6cadf837ad9721 |
| SHA256 | 27a51afdfb403eb26dceb8e93a6cb81f4b27b10feea67b80deee3b7615ea054f |
| SHA512 | 429bae9b278b36fc645839a2edbd8b2cc9ae88ef1403825f8a539b997bc5828b447980ceef5552e4e98f8b12fb3641ec6796b70a7977201e426b57cd6683623e |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f9d1-1f3fd-1f52c.svg
| MD5 | 1ee874650b8f60d065c04c24dda98b36 |
| SHA1 | a9f7e11278178260b22459d9592dcc74e0dd0f68 |
| SHA256 | c208c8c9c35327edcc490a569b768660ad8d363e1a6df57f9ec2d23cf7b3cfa5 |
| SHA512 | 1404ee708959f84f435ec6b933bd8bb8e5f8112759aa5c5e3e36f24947bc29c54130a59b365fc6ba029af3df2af28c94beeaac66aa22cb400e5601ec1827edd9 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f9d1-1f3fe-1f91d-1f9d1-1f3fb.svg
| MD5 | 0be420408cb2e02a9b44994f5531bd54 |
| SHA1 | a06b83bfdc3a7148032a74ce0ec1dfae35e04192 |
| SHA256 | 4c3213d121cd3088cf8011f35febf1da55b0fd12463526c123467c9f66ea0128 |
| SHA512 | 1e584942195bf05e145d1dd418680bd08d669573edb8c4c2e11a57739e0c8167efcad307e6ed7f937affc082399d54d43b25f3ab26f3feeecec7680d0e6e3700 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f9d1-1f3fe-1f91d-1f9d1-1f3fd.svg
| MD5 | e62b4de2a7185945388326c56cb2b684 |
| SHA1 | f1af67ed15c5409bd21550a641f8ee505e02cadd |
| SHA256 | 5f864eb3b33162d211cf6f22c4fa31be34a09bd655a23db510a968b3bf6cbb59 |
| SHA512 | 7ebc4d82fe969be4b4440157f125d130adaf95cfecdf4aa808fa71b0ffc43f3570ffc2ae5b453a4e4211128de80ff08ca5cdc6dfa810ccca2eb9365d6b4559e8 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f9da-1f3fd.svg
| MD5 | b1a6c8f815b476d05e0b208319d946d5 |
| SHA1 | fd604b0eb467422a2c2033112358a8d6da60a7b2 |
| SHA256 | bdb723ab23ac185b0fb42c9979cb72b93d6c3167ed666c4f39d32228492ead23 |
| SHA512 | fbe911dcf98380240b6d52b55b5cddcf714b4df978d94c87dc6c28159ae477a282a5b07b63f9b246e4b1000e79fe5a116684792ba1c9f50fee3eb5065ed186d9 |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f9dc-1f3fd-2640.svg
| MD5 | 38be49d9c762eebbecb9159b93493180 |
| SHA1 | f0034f4ecea3228d316dcd5b2c1aa288529901ff |
| SHA256 | bdfb39589b195ad4e36414bfb8ad249558c55dce74533e9ad8ba87e63371d75c |
| SHA512 | 56da800b3e1e4e321528ae37ff5402c4ac89966e25b9fd5452253bda8e21c3913d989869b824c339ee6df54e348685f65ab692e96b2bf72e0b986eb8844c9c9d |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f9dc-1f3fd-2642.svg
| MD5 | 1766a43198f64bd18de2e07c2a5e3293 |
| SHA1 | 80f361eaa5d358e62a682955ef01e276b0547ac5 |
| SHA256 | 5d9d857ae1f8f5bf207fc53ae02aced36d3956e4935920ccceb86cc7fdee1dfd |
| SHA512 | 50fbc7333b587c2ddb8b72fcec371d77651d9a52c961592e22387d7e6fbf93ad9eac7debb87f4f8be55259e2687db7a5d840e2774de96a3baf7b9b6808032e5a |
C:\Users\Admin\AppData\Local\Zoom\data\Emojis\1f9dc-1f3fd.svg
| MD5 | ae020a92111b11fb3de388bc4b244b1f |
| SHA1 | 8eeb8aa46c23464932e9f952751391a20a1037e7 |
| SHA256 | ac9ef9a5952889dcb438f0eac84fae7c0c8ebf3acceb7b85eb602e14e4e77a60 |
| SHA512 | d5d522e808f6b74ef82918103a2a05d6896f9a550c4a7d89f452f65c647e99fe4a6c5faa46ef7a6bf6951cf5d391c2db0ebca2b14bc9d151cf8a2bc88a13e28f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b0833e4996adafc19913aee4465a8aaf |
| SHA1 | 6ac4e63b4562d26fb5e6ea661ad37580afa3f101 |
| SHA256 | 4a4c4a834d2d3a947c9e13beaab765c21643fe5fc52edaad15f77c2ab86dde8e |
| SHA512 | dfebf7632258804d708feda21eed6bee632fcee0409f93d0c356c7e33fb5e15e7e5986b81aab837376892c60552422d44333aec1fcf805ccb5d331d477ce922f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 92b71fcefcbeafd1f88d6080efd81011 |
| SHA1 | 635d84527d73dfdc3a95ad2afd7d700c86c4211c |
| SHA256 | 54cc57450cdfe82a17045baa261c3fb166878507fd633213ddf8831ce9e14a39 |
| SHA512 | 290ce3ff8274ae94bc908cb58b292aaa4aff25da84f667ec393ea7b17950a22d4b0e7ec4e1041a6e09ff424debe13e6620461886fb6adf82cc897b750ccae198 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 27e7ed3809b2a21c8beac9898a20ef65 |
| SHA1 | 04a928f61d22d85ab75217be516f5ce26fbc689c |
| SHA256 | 4a914cbfc904223fb863a638c7015a48453d84ef29dac9918d9abd27590121e0 |
| SHA512 | a7c75cae8cf1d833c43520faaa79f34777fdbd64a2ade6865578bf5d1f111c29bfc313aafbd3268f39957539a545f2c7801a42b0d0cf5d0c5c36f8032d1a72fc |
memory/5408-16917-0x00007FFD5CB20000-0x00007FFD5D5B5000-memory.dmp
memory/5408-16918-0x00007FFD58350000-0x00007FFD5905C000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\4f5899b2-cd21-4e69-b2d2-374d9d6c3ccb.tmp
| MD5 | 6bbfa062459a1522c7f30eb6a78c89df |
| SHA1 | 808935a71dcf4bd4c6ff0cb643b302e2c44debff |
| SHA256 | d88f2c19196f5cd78b5209ffde011e5e354db3fc4974ecf7a6a7ad45138e8064 |
| SHA512 | 3e388ef8602e486d77a54efe0bed2f7052dc590428ed2cf5f717246533ce25c657efa86e10c97d5cca7ddd35475d9f0f6fffecb09d093a8c45a8a088aee2fe54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 53e0a9b3c0c3449ec3ba74382618d89c |
| SHA1 | d606727576cba69a7f4a55fd428f090ef066650d |
| SHA256 | c5f4f3311d4984c3894239d93446c8fdea3cd7fcabe009a361e21655c2a24c03 |
| SHA512 | 4ca0ed3dcf629f631052911677f8643403e28c1a4949342d145481546e39aeea1f1e0e83382ce8ef39fb63ef4b2448c166df8f0dfa0e33404aa672d1989e5003 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f8f9de521d8721ef96d728f0b6ecbb74 |
| SHA1 | c780de18474aa246c21c045e5888077198492dfe |
| SHA256 | c4d2f08ceb0517321edddafecc5cfa57c29e4de88ad933507856bed46c2e078d |
| SHA512 | 2c468293e9f66ac364db55984a2ec34d682c3165b746ed0978fa33fdeb589689a2fa723323d6d300ef2b1ddf2172151d66c3e0a0d36db740fb9bb9f05edc0483 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7725657f884f5418dd068f9d89feb8a1 |
| SHA1 | 1562166dd5fdaa5462f5a6123c45ab8dfad0f032 |
| SHA256 | ea3e3c1e5a7fd0fc565eeb5308938ad404f69edc24d78c8c8569426b6204d1e2 |
| SHA512 | ab7c669fd8cd54d660fbade227d86ba732e33512c9d8ac555d7d694a342e919eb7160d4af2f023e445b3fc454ce13fe38cd0e43432b58a84a5f48fc51ab5ea87 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d1baa5d1eb7eb2f636d645245229f91d |
| SHA1 | a7ea7fdebd8b89250d43d80bc177186d4332c5b7 |
| SHA256 | d57257468a639a0c7df008f5375c2f9c8a8bdeac042c3890d0b30779a7d018b4 |
| SHA512 | e36f54b4f06102c1955af558175523fe6419a5da0284af9c9eb90d0617af1f107eed3afdcfb9937a4dd7885edb2fb027feef8365195516a2654a23b9b755daa4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 60049255645c83cac5d80634f70727be |
| SHA1 | 796ab08f9547d3f3032cf3f73ee911dfa251dbc9 |
| SHA256 | 09055c7b659781af9b905ed10543a9a16d1f84a9813db2ebfb9234673f4064c6 |
| SHA512 | 27932e414fbcce1e1ed8918e33e386dc2beb980e5966c94617df6780f0dd8d43b2512c6f1de0d5abf2d5d5a72e8e2df1cbae20baf357ec08e271fd927df4add6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\1f09cf71-c714-4fb5-824c-e5f93304dafd.tmp
| MD5 | 4956b54027b3e6ae5cc1ed39e5598ab1 |
| SHA1 | 22fd24db6fbff3d9da8030680fa13cf5cf182b99 |
| SHA256 | 28c4bb11c4021eb2018e1683ba728b72bff2c55d1711e5bf2df2e5fd60c4efbb |
| SHA512 | df2ee118720d9dbb7b6b8aa4e0aa36bd0fe602a6b446920ba5c4a08503df157b774adc957a5a9be3e46629860be7e0264b9aa6ae1f581c17c8fc0d738e59a29f |