nvidia-geforce-now-2-0-32-106[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

nvidia-geforce-now-2-0-32-106.exe
Size

134.9MB
MD5

5cfa8ec373406f0590a72ec0b5ec689e
SHA1

3aa561dc0d3c24fe75db3cf642a0194027a58163
SHA256

5660d079942dcc70407173a216125df48230f3b178ac095811e443e84d71c6f2
SHA512

a73850f8fad6ca188290ae6234f439aaf8c33ade7f1d749072a422699c0d00fb4e5831afc38d9fc8276fb23c6a8ad448a2b8b76322b4d621d7f70e43e7b32893
SSDEEP

3145728:MqW7HAjekwS8eiqolRRIRE0sdrxsUOEcHPH6NckPukuLcY:MqeH4X6IRE0sdrxxcfZAufcY

Score

1^/10

Malware Config

Signatures

Files

nvidia-geforce-now-2-0-32-106.exe
.exe windows x86

dc7d11eb5c1e0cc23ab2b2c7a4c3d9d0

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:66:ad:fa:17:63:89:d9:b4:30:1a:c8:7e:fd:6a:96
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

14/04/2021, 00:00

Not After

16/04/2024, 23:59

Subject

CN=Nvidia Corporation,OU=IT-MIS,O=Nvidia Corporation,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

88:e6:a5:cb:af:23:9f:f0:7d:75:08:81:1b:cb:3c:fc:3b:aa:ab:5e:e2:d5:32:ac:4a:8c:dd:f5:39:44:3f:c1
Signer

Actual PE Digest

88:e6:a5:cb:af:23:9f:f0:7d:75:08:81:1b:cb:3c:fc:3b:aa:ab:5e:e2:d5:32:ac:4a:8c:dd:f5:39:44:3f:c1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

shlwapi

PathFindFileNameW
PathIsDirectoryEmptyW

kernel32

WriteFile
GetStdHandle
VirtualFree
GetProcAddress
LoadLibraryA
LockResource
LoadResource
SizeofResource
FindResourceExA
MulDiv
GlobalFree
GlobalAlloc
lstrcmpiA
GetSystemDefaultLCID
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
MultiByteToWideChar
GetLocaleInfoW
lstrlenA
lstrcmpiW
GetEnvironmentVariableW
GetSystemTimeAsFileTime
GetProcessTimes
GetCurrentProcess
WideCharToMultiByte
ExpandEnvironmentStringsW
RemoveDirectoryW
FindClose
FindNextFileW
DeleteFileW
lstrcmpW
FindFirstFileW
GlobalMemoryStatusEx
VirtualAlloc
SetThreadLocale
CompareFileTime
lstrlenW
CreateFileW
GetModuleFileNameW
OutputDebugStringW
CreateMutexW
CreateEventA
ReleaseMutex
GetFileSizeEx
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentThreadId
GetTempPathW
LocalFree
GetWindowsDirectoryW
GetSystemDirectoryW
FreeLibrary
SetEnvironmentVariableW
LoadLibraryW
GetDriveTypeW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetExitCodeProcess
GetVersionExW
GetCommandLineW
InitializeCriticalSection
TerminateThread
SuspendThread
IsBadReadPtr
lstrcpyW
FormatMessageW
CreateDirectoryW
FindResourceW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetFileSize
SetFilePointer
ReadFile
SetFileTime
SetEndOfFile
GetFileInformationByHandle
WaitForMultipleObjects
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetCurrentProcessId
GetTickCount
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetModuleHandleA
GetTimeZoneInformation
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
HeapCreate
CompareStringW
CompareStringA
GetStringTypeW
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
GetDateFormatA
GetTimeFormatA
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
SetEnvironmentVariableA
ExitThread
HeapFree
RtlUnwind
HeapAlloc
FormatMessageA
MoveFileW
GetFileAttributesW
GetLocalTime
SystemTimeToFileTime
GetLastError
CreateThread
GetExitCodeThread
Sleep
SetLastError
SetFileAttributesW
GetDiskFreeSpaceExW
ResumeThread
ExitProcess
WaitForSingleObject
CloseHandle
GetModuleHandleW
CreateEventW
ResetEvent
SetEvent
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
FreeResource
CreateFileA
GetLocaleInfoA
InterlockedExchange
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement

user32

CopyImage
GetParent
GetWindowRect
ScreenToClient
EndDialog
SendMessageW
GetWindowLongW
GetDC
CharUpperW
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
ReleaseDC
ValidateRect
GetMenu
SetWindowPos
wsprintfW
GetWindowDC
GetClassNameA
EnableWindow
LoadCursorW
RegisterClassExW
UpdateWindow
TranslateMessage
BeginPaint
EndPaint
InvalidateRect
wvsprintfW
GetSystemMenu
IsWindow
EnableMenuItem
MessageBeep
LoadIconW
LoadImageW
DefWindowProcW
CallWindowProcW
DrawIconEx
DialogBoxIndirectParamW
GetWindow
ClientToScreen
DrawTextW
ShowWindow
SystemParametersInfoW
SetFocus
SetWindowLongW
GetSystemMetrics
GetClientRect
GetDlgItem
GetKeyState
wsprintfA
MessageBoxA
SetTimer
GetMessageW
DispatchMessageW
KillTimer
CreateWindowExW
DestroyWindow
GetSysColor

gdi32

CreateFontIndirectW
DeleteObject
GetDeviceCaps
GetObjectW
CreateCompatibleDC
SelectObject
CreateCompatibleBitmap
SetStretchBltMode
StretchBlt
GetCurrentObject
DeleteDC
GetStockObject

advapi32

RegOpenKeyExW
RegEnumValueW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey

shell32

SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoCreateInstance
CoInitialize
CreateStreamOnHGlobal

oleaut32

OleLoadPicture
VariantClear
SysAllocStringLen

gdiplus

GdipGetPropertyItemSize
GdipLoadImageFromStreamICM
GdipFree
GdipAlloc
GdipDeleteGraphics
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDrawImageRectI
GdipCreateFromHDC
GdipGetPropertyItem
GdipLoadImageFromStream
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage

Sections

.text
Size: 597KB - Virtual size: 597KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 253KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc7d11eb5c1e0cc23ab2b2c7a4c3d9d0

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

02:66:ad:fa:17:63:89:d9:b4:30:1a:c8:7e:fd:6a:96Certificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

88:e6:a5:cb:af:23:9f:f0:7d:75:08:81:1b:cb:3c:fc:3b:aa:ab:5e:e2:d5:32:ac:4a:8c:dd:f5:39:44:3f:c1Signer

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

gdiplus

Sections

.text Size: 597KB - Virtual size: 597KB

.rdata Size: 117KB - Virtual size: 117KB

.data Size: 36KB - Virtual size: 52KB

.rsrc Size: 253KB - Virtual size: 252KB

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

02:66:ad:fa:17:63:89:d9:b4:30:1a:c8:7e:fd:6a:96
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

88:e6:a5:cb:af:23:9f:f0:7d:75:08:81:1b:cb:3c:fc:3b:aa:ab:5e:e2:d5:32:ac:4a:8c:dd:f5:39:44:3f:c1
Signer

.text
Size: 597KB - Virtual size: 597KB

.rdata
Size: 117KB - Virtual size: 117KB

.data
Size: 36KB - Virtual size: 52KB

.rsrc
Size: 253KB - Virtual size: 252KB