mphost.exe
- File Path:
C:\Program Files (x86)\Zoom\bin\aomhost\mphost.exe
- Description: Zoom
- Comments: Zoom
Hashes
| Type |
Hash |
| MD5 |
6E1532A000E1E9158263D424130C65E1 |
| SHA1 |
DB03B0BB774338428C7FF0C4F947BDD5A648EA12 |
| SHA256 |
D1346CE3F20D8DA74A82E4EAF4594095F6ADA0AE37B183F7FD07CE7C56441D9F |
| SHA384 |
FB5002F16C744032FF7A26950AAF614E53BC5C4DBE03C218E172026B01709D9D5473EC46FA7C43919C768F6CCABDC014 |
| SHA512 |
A5BD9C7E8A5E62BDFCBE3E6CDBE191A1905E33789A83C4EE2D05B5B4675DBC1B36AD46C6B4A88DF33F2F039E61A220DE5E0B1E94F96697BF041BFA888BB1721C |
| SSDEEP |
3072:iosqlgWsfefRBEwkjbyM16JHVQrR6KdId:iLqlFsfefzEwkjbyM18Vg6Hd |
| IMP |
906BD1B4390BD87C0554271D6D0AE541 |
| PESHA1 |
ACF9D93BB58ACE3BBDC966DC867100BA53FEA128 |
| PE256 |
5FB0982B6DD5B7C2894FDE1CBCF820D8B4C3C2E3E9120B41AFC7F4B260C917BD |
Runtime Data
Child Processes:
mphost.exe WerFault.exe
Open Handles:
| Path |
Type |
| (R-D) C:\Windows\System32\en-US\crypt32.dll.mui |
File |
| (RW-) C:\Users\user\AppData\Roaming\Zoom\appsafecheck.txt |
File |
| (RW-) C:\Windows |
File |
| (RW-) C:\xCyclopedia |
File |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
| \Sessions\1\BaseNamedObjects\windows_shell_global_counters |
Section |
Loaded Modules:
| Path |
| C:\Program Files (x86)\Zoom\bin\aomhost\mphost.exe |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
Signature
- Status: Signature verified.
- Serial:
0510C6B2FF7AB71C786EF572239B1243
- Thumbprint:
0F9ADA46756C17EFFFD467D10654E2A766566CB3
- Issuer: CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US
- Subject: CN=”Zoom Video Communications, Inc.”, O=”Zoom Video Communications, Inc.”, L=San Jose, S=California, C=US, SERIALNUMBER=4969967, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US
- Original Filename: Zoom
- Product Name: Zoom
- Company Name: Zoom Video Communications, Inc.
- File Version: 5,3,52670,0921
- Product Version: 5,3,52670,0921
- Language: English (United States)
- Legal Copyright: Zoom Video Communications, Inc. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/71
- VirusTotal Link: https://www.virustotal.com/gui/file/d1346ce3f20d8da74a82e4eaf4594095f6ada0ae37b183f7fd07ce7c56441d9f/detection/
MIT License. Copyright (c) 2020-2021 Strontic.