Zowoh_Launcher[.]exe | Triage

Sharing

General

Target

Zowoh_Launcher.exe
Size

1.1MB
MD5

2ef66774414f078fc5b6f8d968d5aa84
SHA1

07343056cddd4ec8b5c946912719a5e97dff7ccd
SHA256

9e0cd083fd9dc8d644a7b41681376d8404a61b01f6effd23a0e1ea16de709784
SHA512

d13e91f0e119578ffcfff03ae250da4abf849390bc491198ab20b7a5e1c54a992904c88589c92d3065f04f82ec6aedceff673cdd220405c2fcb839207316b90d
SSDEEP

24576:rAgGXiqJcAlkN23v6rTG0b3v6rTG0CXiqJcklkN/g:/p6vLofoJ69N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Zowoh_Launcher.exe

Files

Zowoh_Launcher.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\coles\source\repos\ZowohLauncher\NenyooLaunchpad\obj\x64\Release\Zowoh Launcher.pdb

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ