airhost.exe
- File Path:
C:\Program Files (x86)\Zoom\bin\airhost.exe
- Description: AirHost
Hashes
| Type |
Hash |
| MD5 |
E5A5B15981EC10738C66B9F8B0CF004B |
| SHA1 |
FE5D9271DAF80B29AF80AC99A36534A01446384F |
| SHA256 |
7A0A4ECE3FD24071CA59CC3AC788158CB49A99DF47FE6E095E450AA3B2AC3D7A |
| SHA384 |
A06DC40B6726747CF6AC437265D6EF2B6AE49685C1A80F8A7691F4D072F42A90A0F91DB3D6C49F720E1D9448B2441872 |
| SHA512 |
C5F33FCB103676F96733C7E4D9202461263F157AD924FC546540E10613C278D3B9CED9EB63BF19FF9DB2BB8B37A8C636A9AC01C535C9044BFEF36064EE0E4B2B |
| SSDEEP |
196608:cBxF2CKwG31kv+KAvUrMcA8ngxz+yo/AzSizGfqZ99Ml+Ec:sHG3uIUYc3ngxauz+09REc |
| IMP |
0B2322C7CF79372FEE6B37FB36E88766 |
| PESHA1 |
4423F11C53B306EFE0866C48A340177ECAD2A408 |
| PE256 |
F7A9BE11F4816DCD90B446D29F165A0DD7579A0943766F42932C9F1604C7B9BB |
Runtime Data
Open Handles:
| Path |
Type |
| (R-D) C:\Windows\System32\en-US\crypt32.dll.mui |
File |
| (RW-) C:\Users\user\AppData\Roaming\Zoom\appsafecheck.txt |
File |
| (RW-) C:\Windows |
File |
| (RW-) C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.508_none_429cdbca8a8ffa94 |
File |
| (RW-) C:\xCyclopedia |
File |
| \BaseNamedObjects__ComCatalogCache__ |
Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
| \Sessions\1\BaseNamedObjects\83aa23f6-5dd9-470e-b726-29138a4a343d |
Section |
| \Sessions\1\BaseNamedObjects\windows_shell_global_counters |
Section |
Loaded Modules:
| Path |
| C:\Program Files (x86)\Zoom\bin\airhost.exe |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
Signature
- Status: Signature verified.
- Serial:
0510C6B2FF7AB71C786EF572239B1243
- Thumbprint:
0F9ADA46756C17EFFFD467D10654E2A766566CB3
- Issuer: CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US
- Subject: CN=”Zoom Video Communications, Inc.”, O=”Zoom Video Communications, Inc.”, L=San Jose, S=California, C=US, SERIALNUMBER=4969967, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US
- Original Filename: airhost.exe
- Product Name: AirHost
- Company Name: Zoom Video Communications, Inc.
- File Version: 5.3.52670.0921
- Product Version: 5.3.52670.0921
- Language: English (United States)
- Legal Copyright: Zoom Video Communications, Inc. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/71
- VirusTotal Link: https://www.virustotal.com/gui/file/7a0a4ece3fd24071ca59cc3ac788158cb49a99df47fe6e095e450aa3b2ac3d7a/detection/
MIT License. Copyright (c) 2020-2021 Strontic.