mphost.exe
- File Path:
C:\program files (x86)\Zoom\bin\aomhost\mphost.exe
- Description: Zoom
- Comments: Zoom
Hashes
| Type |
Hash |
| MD5 |
61D7CF278756ECC47F6ECF6DE0402E48 |
| SHA1 |
C74A7FABB35D03E8F7761286EF527F60CDF911A9 |
| SHA256 |
9C56DE0ECF2B24E29E963EA1C7FCD48B04378B50808125DADDA301DFFA83ED77 |
| SHA384 |
40A5D1A02259CED9518C165768ECB19E1AF21777FFA0FCFD6DDD19F9DACB30AAB8B6C5A10C8B4273074E16007A17A4E7 |
| SHA512 |
9D3BB03D9B2DC7EA29CE2BD2661CE35B100D3B3E6E80AF69F5C18CC880FB84E26A981CCB4D171A31B1BFE07F2E268B96C049AF506325D80CA618308F7D869F8B |
| SSDEEP |
3072:YQER2Hc8Z71QWwYLpqssBF/ZlYq/eTrQOXm9mW:bC2HXZ71QPYLpqssBFIqWYOWz |
Runtime Data
Child Processes:
mphost.exe WerFault.exe
Open Handles:
| Path |
Type |
| (R-D) C:\Windows\System32\en-US\crypt32.dll.mui |
File |
| (RW-) C:\Users\user\AppData\Roaming\Zoom\appsafecheck.txt |
File |
| (RW-) C:\Users\user\Documents |
File |
| (RW-) C:\Windows |
File |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
| \Sessions\1\BaseNamedObjects\windows_shell_global_counters |
Section |
Loaded Modules:
| Path |
| C:\program files (x86)\Zoom\bin\aomhost\mphost.exe |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
Signature
- Status: Signature verified.
- Serial:
0510C6B2FF7AB71C786EF572239B1243
- Thumbprint:
0F9ADA46756C17EFFFD467D10654E2A766566CB3
- Issuer: CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US
- Subject: CN=”Zoom Video Communications, Inc.”, O=”Zoom Video Communications, Inc.”, L=San Jose, S=California, C=US, SERIALNUMBER=4969967, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US
- Original Filename: Zoom
- Product Name: Zoom
- Company Name: Zoom Video Communications, Inc.
- File Version: 5,2,44052,0816
- Product Version: 5,2,44052,0816
- Language: English (United States)
- Legal Copyright: Zoom Video Communications, Inc. All rights reserved.
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.