C:\Users\Stein\source\repos\Cidia FiveM Base\x64\Release\Cidia FiveM Base.pdb
Static task
static1
1 signatures
General
-
Target
nvidia.dll
-
Size
1.7MB
-
MD5
e12ec2732f03cca9d5999f10041307fb
-
SHA1
7951100cc1f951d88e92e3c853abf808e2d3f7ea
-
SHA256
f10f589a7e35cba693142e41e7b430a82e4ce28efbd09e155ad96a20bfb3b85a
-
SHA512
bb2e725637ffb04fe18d7a335a845bed5dcef96df2826bdb6b887e997d1a016030fd03d8ff502ce3ae06abe1c09366a1434eeadd9558d329294288fd5d9d354a
-
SSDEEP
24576:R3mJiQd7FZe9Wn5Vfmm7rTDrBOkFTSpkPruGKFCPxNxG89rXA3pzNJ8TDQOKNwT:oJVFE9sVFrBTFTFTxNxP9OdX8T
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource nvidia.dll
Files
-
nvidia.dll.dll windows:6 windows x64 arch:x64
a5cef8310b7bf3143fa9cfc83fc03d20
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
GetProcAddress
VerSetConditionMask
FreeLibrary
QueryPerformanceCounter
OpenProcess
K32GetModuleFileNameExA
GetCurrentProcessId
GetLogicalDrives
GetDriveTypeA
HeapFree
GetCurrentProcess
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
HeapAlloc
HeapDestroy
DeleteCriticalSection
GetProcessHeap
CreateThread
VirtualProtect
CreateDirectoryW
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetFileInformationByHandleEx
LoadLibraryA
AreFileApisANSI
FindFirstFileExW
GetCurrentDirectoryW
InitOnceBeginInitialize
InitOnceComplete
GetLocaleInfoEx
FormatMessageA
SetLastError
VirtualQuery
VirtualFree
VirtualAlloc
FlushInstructionCache
SetThreadContext
GetThreadContext
ResumeThread
GlobalUnlock
WideCharToMultiByte
GlobalLock
GlobalFree
GlobalAlloc
MultiByteToWideChar
Sleep
DisableThreadLibraryCalls
LocalFree
FormatMessageW
FindClose
FindNextFileW
FindFirstFileW
CreateDirectoryExW
GetModuleHandleW
CloseHandle
GetFileAttributesExW
GetLastError
SuspendThread
GetCurrentThreadId
QueryPerformanceFrequency
CreateFileW
GetFullPathNameW
GetModuleHandleA
DeviceIoControl
GetCurrentThread
user32
IsIconic
UnregisterClassW
SetForegroundWindow
ReleaseCapture
MonitorFromWindow
GetWindowThreadProcessId
DefWindowProcW
GetWindowRect
DestroyWindow
IsWindowVisible
SetWindowPos
ScreenToClient
GetCapture
CreateWindowExW
GetClassNameA
PostQuitMessage
SetWindowLongW
ClientToScreen
LoadIconW
TranslateMessage
SetLayeredWindowAttributes
EnumWindows
IsChild
TrackMouseEvent
LoadCursorW
SetCapture
SetCursor
SetProcessDPIAware
SetCursorPos
GetCursorPos
OpenClipboard
GetWindowLongPtrW
RegisterClassExW
ShowWindow
IsWindow
DispatchMessageW
UpdateWindow
CloseClipboard
SendInput
GetClientRect
GetForegroundWindow
GetAsyncKeyState
GetSystemMetrics
GetMonitorInfoW
PeekMessageW
SetClipboardData
GetClipboardData
EmptyClipboard
gdi32
CreateSolidBrush
advapi32
GetTokenInformation
GetLengthSid
ConvertSidToStringSidW
OpenProcessToken
IsValidSid
CopySid
d3dx9_43
D3DXMatrixTranspose
D3DXVec3Transform
d3d11
D3D11CreateDeviceAndSwapChain
msvcp140
_Query_perf_frequency
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Winerror_map@std@@YAHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Syserror_map@std@@YAPEBDH@Z
_Thrd_sleep
_Query_perf_counter
_Xtime_get_ticks
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??Bios_base@std@@QEBA_NXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?_Xbad_function_call@std@@YAXXZ
_Strxfrm
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$collate@D@std@@2V0locale@2@A
_Strcoll
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?tolower@?$ctype@D@std@@QEBADD@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
wininet
InternetOpenA
InternetCloseHandle
InternetReadFile
InternetOpenUrlA
imm32
ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow
d3dcompiler_47
D3DCompile
dwmapi
DwmExtendFrameIntoClientArea
DwmGetWindowAttribute
userenv
UnloadUserProfile
vcruntime140_1
__CxxFrameHandler4
vcruntime140
__std_type_info_destroy_list
memmove
memchr
_CxxThrowException
__current_exception_context
__current_exception
memset
memcpy
__C_specific_handler
strchr
strstr
__std_terminate
__std_exception_copy
__std_exception_destroy
memcmp
api-ms-win-crt-heap-l1-1-0
free
_recalloc
realloc
_callnewh
calloc
malloc
api-ms-win-crt-string-l1-1-0
_wcsicmp
toupper
isblank
strncpy
strcpy_s
isspace
strncmp
isprint
isalnum
strcmp
tolower
api-ms-win-crt-convert-l1-1-0
strtod
atof
strtoul
strtol
strtoull
strtoll
api-ms-win-crt-utility-l1-1-0
qsort
srand
rand
api-ms-win-crt-runtime-l1-1-0
abort
_invalid_parameter_noinfo_noreturn
_errno
_seh_filter_dll
_resetstkoflw
_invalid_parameter_noinfo
_initterm_e
_initterm
terminate
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
system
api-ms-win-crt-stdio-l1-1-0
fread
fputc
fflush
fclose
fgetc
fwrite
fgetpos
setvbuf
feof
ferror
ungetc
__stdio_common_vsscanf
_wfopen
fsetpos
__acrt_iob_func
_fseeki64
_get_stream_buffer_pointers
ftell
fseek
__stdio_common_vsprintf
__stdio_common_vsprintf_s
fread_s
fopen_s
api-ms-win-crt-filesystem-l1-1-0
_lock_file
_unlock_file
api-ms-win-crt-math-l1-1-0
atan2f
_dsign
ceilf
cosf
_dclass
fmodf
pow
powf
sinf
sqrtf
floorf
ldexp
acosf
api-ms-win-crt-locale-l1-1-0
localeconv
___lc_codepage_func
api-ms-win-crt-time-l1-1-0
_time64
Sections
.text Size: 843KB - Virtual size: 843KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 859KB - Virtual size: 858KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 407KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 34KB - Virtual size: 33KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourd Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 248B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ