Owo_Trick_Private[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Owo_Trick_Private.exe
Size

2.9MB
MD5

3b4a275fa733ce72cdf3e2e258ea5faa
SHA1

2c3afc959a9a9c100841eb8909a8f37b8579be65
SHA256

c1b33d9ce977f2a7c8577c0b88a45b5bd309f7cc73d5f68151d5d4e5aa10a523
SHA512

98b94b7eb7edeb5d215c02a0f40356098cbd2638e20d3d56e85bed8aecca1ba9ba3b33dc54f29215d3846a01d40e343060fba1a7032563fe25251e72ed19fa7b
SSDEEP

49152:SsmhnqAs9pJc0dnKh+Q0N1rs+vIUSg+6+8ohnRh1Na1OKM6nYAKhFQpSH3Oh5gxN:QqXpy05Q0N1rsYSZ6BoXh1kkypSH3OhW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Owo_Trick_Private.exe

Files

Owo_Trick_Private.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Hp\AppData\Local\Temp\bin_copy\obj\Debug\Obfuscated Name.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ