Zoom.exe
- File Path:
C:\Program Files (x86)\Zoom\bin\Zoom.exe - Description: Zoom Meetings
- Comments: Zoom
Screenshot
Hashes
| Type | Hash |
|---|---|
| MD5 | 0B1A5820D639D1F99EF6BCA5406F69C6 |
| SHA1 | C6E7B89619ECF86BF9926A895EB03C984EAED4F5 |
| SHA256 | C62FC8F76EB083B7DBEF840DB49DBE8E6387363A194F42D59D6E220B052184EC |
| SHA384 | 1D86956CF11DBE4B499EE087F2A835963D0900384FCF059092BAFA88B64C9145E917BD0532B0B71518DCD552209E16EC |
| SHA512 | 9D8BBDBAF0F5AAD1BF4015557A0A7D3AC20B1B64BC8C04517AD80FC070A4F3678C8251037797F38BF4046C51BB3D711FD9352D3B62601CB435E99EF5D8EC4E64 |
| SSDEEP | 3072:t0pEh5Yh4lLevvhs7OR7fniDhYsmlp3vKpRBy:t0GLYh4lSroavCpRBy |
| IMP | 963F24F983D24E189D4B89F86323B468 |
| PESHA1 | C7BF4258BE5DB6AAB699BC58ADB514EDE829F763 |
| PE256 | 15D51DC45CA2CA19122E6F40389D80EE6DD54C93FC4FB3BBFBCCBC6BA5BD503F |
Runtime Data
Window Title:
Zoom Cloud Meetings
Open Handles:
| Path | Type |
|---|---|
| (R-D) C:\Windows\Fonts\StaticCache.dat | File |
| (R-D) C:\Windows\System32\en-US\basecsp.dll.mui | File |
| (R-D) C:\Windows\System32\en-US\crypt32.dll.mui | File |
| (R-D) C:\Windows\System32\en-US\KernelBase.dll.mui | File |
| (RW-) C:\Users\user | File |
| (RW-) C:\Users\user\AppData\Roaming\Zoom\appsafecheck.txt | File |
| (RW-) C:\Users\user\AppData\Roaming\Zoom\data\zoomus.enc.db | File |
| (RW-) C:\Users\user\AppData\Roaming\Zoom\data\zoomus.tmp.enc.db | File |
| (RW-) C:\Windows | File |
| (RW-) C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984 | File |
| (RW-) C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.1320_none_d94e4effe1070d4b | File |
| \BaseNamedObjects__ComCatalogCache__ | Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db | Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db | Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 | Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 | Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 | Section |
| \BaseNamedObjects\windows_shell_global_counters | Section |
| \Sessions\1\BaseNamedObjects\596558e9-c61e-4e27-8405-56e502cf57c2 | Section |
| \Sessions\1\BaseNamedObjects\windows_shell_global_counters | Section |
| \Sessions\1\BaseNamedObjects\windows_webcache_counters_{9B6AB5B3-91BC-4097-835C-EA2DEC95E9CC}_S-1-5-21-2047949552-857980807-821054962-504 | Section |
| \Sessions\1\Windows\Theme449731986 | Section |
| \Windows\Theme1396518710 | Section |
Loaded Modules:
| Path |
|---|
| C:\Program Files (x86)\Zoom\bin\Zoom.exe |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
Signature
- Status: Signature verified.
- Serial:
03B4BC5EE79D842C03930B8619EDEAE4 - Thumbprint:
6BA9EF6EB60103B1912B9E79F3EEF4C6F662C4F7 - Issuer: CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US
- Subject: CN=”Zoom Video Communications, Inc.”, O=”Zoom Video Communications, Inc.”, L=San Jose, S=California, C=US, SERIALNUMBER=4969967, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization
File Metadata
- Original Filename: Zoom
- Product Name: Zoom
- Company Name: Zoom Video Communications, Inc.
- File Version: 5,8,3,1581
- Product Version: 5,8,3,1581
- Language: English (United States)
- Legal Copyright: Zoom Video Communications, Inc. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/73
- VirusTotal Link: https://www.virustotal.com/gui/file/c62fc8f76eb083b7dbef840db49dbe8e6387363a194f42d59d6e220b052184ec/detection
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.