Zoom.exe

  • File Path: C:\Program Files (x86)\Zoom\bin\Zoom.exe
  • Description: Zoom Meetings
  • Comments: Zoom

Screenshot

Zoom.exe

Hashes

Type Hash
MD5 59A1CFFFD1A4736E6C7C31840D6DF90C
SHA1 E4FCCA9481786B71674682E25D023F52CDF4410F
SHA256 60D256603D7A099062443E6403B78BA98430A5F44817588E7DAA1F166B618D60
SHA384 F864F042CFC3CDDE70E5DDB645A89924D2667764B67ECEFFF38C94D0D9E6D7C5DC7C866B42AB0702BAEB1A31669BD7D8
SHA512 CBD85F6A4D735BCDB11E4E0FDD961A2858FC8B9A971B72758B2CCDB851005F437198A6CD84FA576F875559055DD91437EA0A477D4F0C7FBB286A6F5D706BD2BE
SSDEEP 3072:q8E24yoAhVh4YW850p5R4bN1OsXKRgXhq3737OVgfOEnsmlp3vKpRBKWkh:L4yoAhVh4YW850p5R4bjMvCpRBKWkh
IMP 367BD4A2C74BD1770DB9A3851ACB3EF0
PESHA1 DCD535EEB30A89709F7856B56D79E4563927551F
PE256 0295798A804183B97356C2CC24E7326625E791980670D7942D5A9327F2EFA93D

Runtime Data

Window Title:

Zoom Cloud Meetings

Open Handles:

Path Type
(R-D) C:\Windows\Fonts\StaticCache.dat File
(R-D) C:\Windows\System32\en-US\crypt32.dll.mui File
(R-D) C:\Windows\System32\en-US\KernelBase.dll.mui File
(R-D) C:\Windows\WinSxS\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.19041.1_en-us_130e63d987a738df\comctl32.dll.mui File
(RW-) C:\Users\user\AppData\Roaming\Zoom\appsafecheck.txt File
(RW-) C:\Users\user\AppData\Roaming\Zoom\data\zoomus.enc.db File
(RW-) C:\Users\user\AppData\Roaming\Zoom\data\zoomus.tmp.enc.db File
(RW-) C:\Windows File
(RW-) C:\Windows\WinSxS\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.19041.1_en-us_130e63d987a738df File
(RW-) C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627 File
(RW-) C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.508_none_429cdbca8a8ffa94 File
(RW-) C:\xCyclopedia File
\BaseNamedObjects__ComCatalogCache__ Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000003.db Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 Section
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0 Section
\BaseNamedObjects\windows_shell_global_counters Section
\Sessions\1\BaseNamedObjects\5f244827-a2d3-40fe-8088-15b10f1c28bd Section
\Sessions\1\BaseNamedObjects\windows_shell_global_counters Section
\Sessions\1\BaseNamedObjects\windows_webcache_counters_{9B6AB5B3-91BC-4097-835C-EA2DEC95E9CC}_S-1-5-21-2047949552-857980807-821054962-504 Section
\Sessions\1\Windows\Theme2547664911 Section
\Windows\Theme3854699184 Section

Loaded Modules:

Path
C:\Program Files (x86)\Zoom\bin\Zoom.exe
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\wow64.dll
C:\Windows\System32\wow64cpu.dll
C:\Windows\System32\wow64win.dll

Signature

  • Status: Signature verified.
  • Serial: 0510C6B2FF7AB71C786EF572239B1243
  • Thumbprint: 0F9ADA46756C17EFFFD467D10654E2A766566CB3
  • Issuer: CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US
  • Subject: CN=”Zoom Video Communications, Inc.”, O=”Zoom Video Communications, Inc.”, L=San Jose, S=California, C=US, SERIALNUMBER=4969967, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US

File Metadata

  • Original Filename: Zoom
  • Product Name: Zoom
  • Company Name: Zoom Video Communications, Inc.
  • File Version: 5,3,52670,0921
  • Product Version: 5,3,52670,0921
  • Language: English (United States)
  • Legal Copyright: Zoom Video Communications, Inc. All rights reserved.
  • Machine Type: 32-bit

File Scan

  • VirusTotal Detections: 0/71
  • VirusTotal Link: https://www.virustotal.com/gui/file/60d256603d7a099062443e6403b78ba98430a5f44817588e7daa1f166b618d60/detection/

File Similarity (ssdeep match)

File Score
C:\Program Files (x86)\Zoom\bin\Zoom.exe 41
C:\program files (x86)\Zoom\bin\Zoom.exe 41
C:\Program Files (x86)\Zoom\bin\Zoom.exe 32
C:\Program Files (x86)\Zoom\bin\ZoomDocConverter.exe 40
C:\Program Files (x86)\Zoom\bin\ZoomDocConverter.exe 32
C:\program files (x86)\Zoom\bin\ZoomDocConverter.exe 32
C:\Program Files (x86)\Zoom\bin\ZoomDocConverter.exe 32
C:\Program Files (x86)\Zoom\bin\zTscoder.exe 33
C:\Program Files (x86)\Zoom\bin\zTscoder.exe 38
C:\program files (x86)\Zoom\bin\zTscoder.exe 36
C:\Program Files (x86)\Zoom\bin\zTscoder.exe 35

MIT License. Copyright (c) 2020-2021 Strontic.