» odtray.exe
Overview
Analysis
File Details
Behaviors (1)

odtray.exe

OMG Driver Pro Tray

Vast Tech Support

The application odtray.exe by Vast Tech Support has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in.

File name:

odtray.exe

Publisher:

OMG Total Protection, LLC (signed by Vast Tech Support)

Product:

OMG Driver Pro Tray

Version:

3.1.0.5

MD5:

968f4ee420e474e6c9468609484c0434

SHA-1:

c442a501c557ff15e72e1099cb458546473ea9b1

SHA-256:

51a9cf51487b91b57a8ea33514e51c4c74314673476878f430be68338cc35ad3

Scanner detections:

1 / 68

Status:

Potentially unwanted

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

4/23/2024 8:28:48 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.VastTechSupport (M)

16.1.17.8

File size:

733.9 KB (751,528 bytes)

Product version:

3.1

Trademarks:

Original file name:

OMGDriverPro

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\omg driver pro\odtray.exe

Digital Signature

Signed by:

Vast Tech Support

Authority:

Thawte, Inc.

Valid from:

5/23/2013 7:00:00 PM

Valid to:

5/24/2015 6:59:59 PM

Subject:

CN=Vast Tech Support, O=Vast Tech Support, L=Delray Beach, S=Florida, C=US

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

074DFF23E064F33AB5EC78F8BEB7D2F2

File PE Metadata

Compilation timestamp:

6/19/1992 5:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:nSFnHKjoivOQ4V5OoPeVkAqiavdlvGXXarwLCuKn9TvFhS3c+xK86:nSFHKn4V5Oo/5vdl+arJ9T9hZ+M86

Entry address:

0x840B0

Entry point:

55, 8B, EC, 83, C4, EC, 33, C0, 89, 45, EC, B8, 50, 3D, 48, 00, E8, A7, 26, F8, FF, 33, C0, 55, 68, 82, 41, 48, 00, 64, FF, 30, 64, 89, 20, 8D, 55, EC, B8, 01, 00, 00, 00, E8, 48, ED, F7, FF, 8B, 45, EC, BA, 98, 41, 48, 00, E8, 67, 08, F8, FF, 75, 2A, 68, A4, 41, 48, 00, 6A, 00, 68, 01, 00, 1F, 00, E8, 94, 2A, F8, FF, 85, C0, 75, 68, 68, A4, 41, 48, 00, 6A, 00, 6A, 00, E8, 92, 28, F8, FF, E8, 89, F6, FF, FF, EB, 53, 68, B4, 41, 48, 00, 6A, 00, 68, 01, 00, 1F, 00, E8, 6A, 2A, F8, FF, 85, C0, 75, 3E, 68, B4... 
[+]

Entropy:

6.7009

Developed / compiled with:

Microsoft Visual C++

Code size:

524.5 KB (537,088 bytes)

Scheduled Task

Task name:

OMG Driver Pro Schedule

Trigger:

Logon (Runs on logon)

Remove odtray.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.