NSudo_8[.]2_All_Components[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

NSudo_8.2_All_Components.zip
Size

10.7MB
MD5

c902eecb0f12f4e72910b810ea587f18
SHA1

c6aed1d4e4d984e0a8f8680c5fdac68c2c03cb54
SHA256

346e38030cc9eeef48223804ba27631db96691d68bfc5d1728140d468f555204
SHA512

d2a49f0d5666e475857055f706bfd5ca4ebb4375cd52613f259d0ed4a1814906795b70d6f0f08eca0c2260f33cf6d975940dd33f60c29ebb01dbb4685894f25b
SSDEEP

196608:eBJ2nhDBD7Z0OAU6x9PzIaa5JkdCiauW1N5xOiUK1NoUO/:er2nvDVlAb9PzZeXuW19OJK1FO/

Score

3^/10

pdf link

Malware Config

Signatures

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 9 IoCs

Checks for missing Authenticode signature.

resource
unpack001/NSudo Devil Mode/Win32/NSudoDM.dll
unpack001/NSudo Devil Mode/x64/NSudoDM.dll
unpack001/NSudo Launcher/Win32/NSudoLC.exe
unpack001/NSudo Launcher/Win32/NSudoLG.exe
unpack001/NSudo Launcher/x64/NSudoLC.exe
unpack001/NSudo Launcher/x64/NSudoLG.exe
unpack001/NSudo Shared Library/M2.NSudo.dll
unpack001/NSudo Shared Library/Win32/NSudoAPI.dll
unpack001/NSudo Shared Library/x64/NSudoAPI.dll

Files

NSudo_8.2_All_Components.zip
.zip
License.txt
NSudo Devil Mode/ARM64/NSudoDM.dll
NSudo Devil Mode/ARM64/NSudoDM.pdb
NSudo Devil Mode/Win32/NSudoDM.dll
.dll windows:6 windows x86 arch:x86

053da52e98b6f21f8418d4bccf9e7633

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\MouriNaruto\NSudoPrivate\Source\Native\Output\Binaries\Release\Win32\NSudoDM.pdb

Imports

ntdll

NtFreeVirtualMemory
NtGetContextThread
NtFlushInstructionCache
RtlAllocateHeap
NtQueryVirtualMemory
NtAllocateVirtualMemory
NtProtectVirtualMemory
NtSetContextThread
RtlFreeHeap
RtlFlushSecureMemoryCache
RtlNtStatusToDosError
NtResumeThread
NtAdjustPrivilegesToken
NtDeleteKey
NtOpenProcessToken
LdrGetProcedureAddress
NtDuplicateToken
NtOpenKey
RtlInitUnicodeString
NtSetInformationThread
NtCreateKeyTransacted
LdrGetDllHandleEx
NtClose
RtlInitAnsiString
NtOpenThreadToken
NtCreateKey
NtCreateFile
NtOpenFile
NtOpenKeyTransacted
memcpy
_aullshr
NtTerminateProcess
RtlUnhandledExceptionFilter
RtlUnwind
memset

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NSudo Devil Mode/Win32/NSudoDM.pdb
NSudo Devil Mode/x64/NSudoDM.dll
.dll windows:6 windows x64 arch:x64

c5ffb43d2e5dcf86c6ab069cbb596f81

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\MouriNaruto\NSudoPrivate\Source\Native\Output\Binaries\Release\x64\NSudoDM.pdb

Imports

ntdll

NtFreeVirtualMemory
NtGetContextThread
NtFlushInstructionCache
RtlAllocateHeap
NtQueryVirtualMemory
NtAllocateVirtualMemory
NtProtectVirtualMemory
NtSetContextThread
RtlFreeHeap
RtlFlushSecureMemoryCache
RtlNtStatusToDosError
NtResumeThread
NtAdjustPrivilegesToken
NtDeleteKey
NtOpenProcessToken
LdrGetProcedureAddress
NtDuplicateToken
NtOpenKey
RtlInitUnicodeString
NtSetInformationThread
NtCreateKeyTransacted
LdrGetDllHandleEx
NtClose
RtlInitAnsiString
NtOpenThreadToken
NtCreateKey
NtCreateFile
NtOpenFile
NtOpenKeyTransacted
memcpy
__C_specific_handler
NtTerminateProcess
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlUnhandledExceptionFilter
memset

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NSudo Devil Mode/x64/NSudoDM.pdb
NSudo Launcher/ARM64/NSudo.json
NSudo Launcher/ARM64/NSudoLC.exe
NSudo Launcher/ARM64/NSudoLC.pdb
NSudo Launcher/ARM64/NSudoLG.exe
NSudo Launcher/ARM64/NSudoLG.pdb
NSudo Launcher/NSudo.bat
NSudo Launcher/Win32/NSudo.json
NSudo Launcher/Win32/NSudoLC.exe
.exe windows:6 windows x86 arch:x86

53d6ef09c6b35874ecf0db6148867fbf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\MouriNaruto\NSudoPrivate\Source\Native\Output\Binaries\Release\Win32\NSudoLC.pdb

Imports

kernel32

GetTickCount64
LockResource
QueryPerformanceFrequency
FindResourceExW
LoadResource
GetOverlappedResult
GetProcAddress
DeleteCriticalSection
FreeLibrary
SleepEx
QueryPerformanceCounter
SetPriorityClass
GetCurrentProcess
GetCurrentThreadId
ResumeThread
WaitForSingleObjectEx
GetLocalTime
GetCurrentProcessId
MultiByteToWideChar
CreateEventW
OpenProcess
InitializeCriticalSection
LeaveCriticalSection
GetModuleFileNameW
ExpandEnvironmentStringsW
EnterCriticalSection
GetFileInformationByHandleEx
SizeofResource
ReadFile
GetModuleHandleW
GetProcessHeap
WriteConsoleW
HeapAlloc
CloseHandle
GetThreadUILanguage
GetLastError
CreateFileW
SetThreadUILanguage
GetStdHandle
GetCommandLineW
SetLastError
HeapFree
GetModuleHandleExW
ExitProcess
Sleep
TerminateProcess
InitializeSListHead
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent

advapi32

LookupPrivilegeValueW
SetThreadToken
CreateProcessAsUserW
AdjustTokenPrivileges
GetAce
CloseServiceHandle
OpenSCManagerW
SetTokenInformation
AllocateAndInitializeSid
IsWellKnownSid
AddAce
OpenProcessToken
CreateRestrictedToken
FreeSid
StartServiceW
InitializeAcl
OpenServiceW
GetLengthSid
DuplicateTokenEx
AddAccessAllowedAce
QueryServiceStatusEx
GetTokenInformation

ole32

CoInitializeEx

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory
WTSEnumerateProcessesW
WTSQueryUserToken

msvcrt

_wcsnicmp
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
__setusermatherr
_initterm
_initterm_e
_set_fmode
__p__commode
__argc
__argv
_environ
_errno
_amsg_exit
_except_handler4_common
__getmainargs
memset
_controlfp_s
__DestructExceptionObject
__set_app_type
abort
___mb_cur_max_func
??3@YAXPAX@Z
?terminate@@YAXXZ
_XcptFilter
realloc
strncmp
?what@exception@@UBEPBDXZ
??2@YAPAXI@Z
_wcsicmp
__CxxFrameHandler3
wcsstr
malloc
free
wcsrchr
_msize
??0exception@@QAE@ABV0@@Z
_CxxThrowException
memcpy
memmove
__pctype_func
tolower
wcstol
_mbtowc_l
wcsnlen
localeconv
strrchr
strcpy_s
_CIlog10
_ftol2_sse
ceil
_clearfp

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NSudo Launcher/Win32/NSudoLC.pdb
NSudo Launcher/Win32/NSudoLG.exe
.exe windows:6 windows x86 arch:x86

26df042bd9a6c1d26d9e14b38449f7f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\MouriNaruto\NSudoPrivate\Source\Native\Output\Binaries\Release\Win32\NSudoLG.pdb

Imports

kernel32

CreateEventW
MultiByteToWideChar
GetTickCount64
LockResource
QueryPerformanceFrequency
FindResourceExW
LoadResource
GetOverlappedResult
GetProcAddress
VerSetConditionMask
FreeLibrary
SleepEx
VerifyVersionInfoW
QueryPerformanceCounter
LoadLibraryExW
SetPriorityClass
GetCurrentProcess
OpenProcess
WaitForSingleObjectEx
GetLocalTime
GetCurrentProcessId
GetModuleHandleExW
ExitProcess
Sleep
TerminateProcess
OutputDebugStringW
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
EncodePointer
InitializeSListHead
GetSystemTimeAsFileTime
GetModuleFileNameW
InitializeCriticalSection
ExpandEnvironmentStringsW
GetFileInformationByHandleEx
SizeofResource
ReadFile
MulDiv
GetModuleHandleW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
CloseHandle
GetThreadUILanguage
GetLastError
GetCurrentThreadId
GetFileAttributesW
CreateFileW
InitializeCriticalSectionEx
LeaveCriticalSection
SetThreadUILanguage
GetCommandLineW
EnterCriticalSection
SetLastError
ResumeThread
HeapFree
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent

user32

SetWindowTextW
EndDialog
SendMessageW
GetWindowTextW
EndPaint
BeginPaint
DialogBoxParamW
GetClientRect
LoadImageW
SetWindowLongW
LoadIconW
ChangeWindowMessageFilter
DestroyIcon
UnregisterClassW
MonitorFromWindow
GetDC
GetDlgItem
DrawIconEx

gdi32

DeleteDC
GetDeviceCaps

comdlg32

GetOpenFileNameW

advapi32

LookupPrivilegeValueW
SetThreadToken
CreateProcessAsUserW
AdjustTokenPrivileges
GetAce
CloseServiceHandle
OpenSCManagerW
SetTokenInformation
AllocateAndInitializeSid
IsWellKnownSid
AddAce
OpenProcessToken
CreateRestrictedToken
FreeSid
StartServiceW
InitializeAcl
OpenServiceW
GetLengthSid
DuplicateTokenEx
AddAccessAllowedAce
QueryServiceStatusEx
GetTokenInformation

shell32

DragFinish
DragQueryFileW

ole32

CoInitializeEx

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

wtsapi32

WTSEnumerateSessionsW
WTSQueryUserToken
WTSFreeMemory
WTSEnumerateProcessesW

msvcrt

_amsg_exit
_except_handler4_common
__wgetmainargs
memset
_controlfp_s
memmove
__DestructExceptionObject
_msize
__set_app_type
_wcmdln
abort
___mb_cur_max_func
_errno
?terminate@@YAXXZ
_XcptFilter
realloc
__p__commode
_CxxThrowException
_set_fmode
_initterm_e
_initterm
??0exception@@QAE@ABQBD@Z
_wcsnicmp
wcsstr
malloc
wcsrchr
free
strncmp
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
??2@YAPAXI@Z
_wcsicmp
__CxxFrameHandler3
??3@YAXPAX@Z
__setusermatherr
memcpy
__pctype_func
tolower
wcstol
_mbtowc_l
wcsnlen
localeconv
strrchr
strcpy_s
_CIlog10
_ftol2_sse
ceil
_clearfp
??0exception@@QAE@ABV0@@Z

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NSudo Launcher/Win32/NSudoLG.pdb
NSudo Launcher/x64/NSudo.json
NSudo Launcher/x64/NSudoLC.exe
.exe windows:6 windows x64 arch:x64

fb7bace90d73db33c8ef9e85f4eab9b0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Projects\MouriNaruto\NSudoPrivate\Source\Native\Output\Binaries\Release\x64\NSudoLC.pdb

Imports

kernel32

GetTickCount64
LockResource
QueryPerformanceFrequency
FindResourceExW
LoadResource
GetOverlappedResult
GetProcAddress
DeleteCriticalSection
FreeLibrary
SleepEx
QueryPerformanceCounter
SetPriorityClass
GetCurrentProcess
GetCurrentThreadId
ResumeThread
WaitForSingleObjectEx
GetLocalTime
GetCurrentProcessId
GetModuleHandleExW
MultiByteToWideChar
CreateEventW
OpenProcess
InitializeCriticalSection
LeaveCriticalSection
GetModuleFileNameW
ExpandEnvironmentStringsW
EnterCriticalSection
GetFileInformationByHandleEx
SizeofResource
ReadFile
GetModuleHandleW
GetProcessHeap
WriteConsoleW
HeapAlloc
CloseHandle
GetThreadUILanguage
GetLastError
CreateFileW
SetThreadUILanguage
GetStdHandle
GetCommandLineW
SetLastError
HeapFree
ExitProcess
Sleep
TerminateProcess
InitializeSListHead
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

advapi32

LookupPrivilegeValueW
SetThreadToken
CreateProcessAsUserW
AdjustTokenPrivileges
GetAce
CloseServiceHandle
OpenSCManagerW
SetTokenInformation
AllocateAndInitializeSid
IsWellKnownSid
AddAce
OpenProcessToken
CreateRestrictedToken
FreeSid
StartServiceW
InitializeAcl
OpenServiceW
GetLengthSid
DuplicateTokenEx
AddAccessAllowedAce
QueryServiceStatusEx
GetTokenInformation

ole32

CoInitializeEx

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory
WTSEnumerateProcessesW
WTSQueryUserToken

msvcrt

_CxxThrowException
__C_specific_handler
__setusermatherr
_initterm
_initterm_e
_set_fmode
__argc
__argv
_environ
_errno
_amsg_exit
__getmainargs
memset
__DestructExceptionObject
_msize
__set_app_type
abort
___mb_cur_max_func
_commode
??3@YAXPEAX@Z
?terminate@@YAXXZ
_XcptFilter
realloc
strncmp
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
??2@YAPEAX_K@Z
_wcsicmp
__CxxFrameHandler3
??0exception@@QEAA@AEBQEBD@Z
_wcsnicmp
wcsstr
wcsrchr
malloc
free
memcpy
memmove
__pctype_func
tolower
wcstol
_mbtowc_l
wcsnlen
localeconv
strrchr
strcpy_s
ceil
log10
_clearfp
memcmp

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NSudo Launcher/x64/NSudoLC.pdb
NSudo Launcher/x64/NSudoLG.exe
.exe windows:6 windows x64 arch:x64

21c5088120f053f6a67b20e86076cca2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Projects\MouriNaruto\NSudoPrivate\Source\Native\Output\Binaries\Release\x64\NSudoLG.pdb

Imports

kernel32

CreateEventW
MultiByteToWideChar
GetTickCount64
LockResource
QueryPerformanceFrequency
FindResourceExW
LoadResource
GetOverlappedResult
GetProcAddress
VerSetConditionMask
FreeLibrary
SleepEx
VerifyVersionInfoW
QueryPerformanceCounter
LoadLibraryExW
SetPriorityClass
GetCurrentProcess
OpenProcess
WaitForSingleObjectEx
GetLocalTime
GetCurrentProcessId
GetModuleHandleExW
ExitProcess
Sleep
TerminateProcess
OutputDebugStringW
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
EncodePointer
InitializeSListHead
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
InitializeCriticalSection
ExpandEnvironmentStringsW
GetFileInformationByHandleEx
SizeofResource
ReadFile
MulDiv
GetModuleHandleW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
CloseHandle
GetThreadUILanguage
GetLastError
GetCurrentThreadId
GetFileAttributesW
CreateFileW
InitializeCriticalSectionEx
LeaveCriticalSection
SetThreadUILanguage
HeapFree
GetCommandLineW
EnterCriticalSection
SetLastError
ResumeThread
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

user32

SendMessageW
GetWindowTextW
EndPaint
BeginPaint
DrawIconEx
LoadImageW
EndDialog
ChangeWindowMessageFilter
DestroyIcon
UnregisterClassW
SetWindowLongPtrW
MonitorFromWindow
GetDC
SetWindowTextW
GetDlgItem
LoadIconW
DialogBoxParamW
GetClientRect

gdi32

DeleteDC
GetDeviceCaps

comdlg32

GetOpenFileNameW

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
SetThreadToken
CreateProcessAsUserW
GetAce
CloseServiceHandle
OpenSCManagerW
SetTokenInformation
AllocateAndInitializeSid
IsWellKnownSid
AddAce
OpenProcessToken
CreateRestrictedToken
FreeSid
StartServiceW
InitializeAcl
OpenServiceW
GetLengthSid
DuplicateTokenEx
AddAccessAllowedAce
QueryServiceStatusEx
GetTokenInformation

shell32

DragQueryFileW
DragFinish

ole32

CoInitializeEx

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

wtsapi32

WTSQueryUserToken
WTSFreeMemory
WTSEnumerateProcessesW
WTSEnumerateSessionsW

msvcrt

memset
memmove
__DestructExceptionObject
_msize
__set_app_type
_wcmdln
abort
_initterm_e
_commode
_XcptFilter
realloc
_initterm
__setusermatherr
__C_specific_handler
_CxxThrowException
??0exception@@QEAA@AEBQEBD@Z
_wcsnicmp
wcsstr
malloc
wcsrchr
free
strncmp
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
??2@YAPEAX_K@Z
_wcsicmp
__CxxFrameHandler3
??3@YAXPEAX@Z
__wgetmainargs
_amsg_exit
_errno
?terminate@@YAXXZ
_set_fmode
___mb_cur_max_func
memcpy
__pctype_func
tolower
wcstol
_mbtowc_l
wcsnlen
localeconv
strrchr
strcpy_s
ceil
log10
_clearfp
memcmp

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NSudo Launcher/x64/NSudoLG.pdb
NSudo Shared Library/ARM64/NSudoAPI.dll
NSudo Shared Library/ARM64/NSudoAPI.lib
NSudo Shared Library/ARM64/NSudoAPI.pdb
NSudo Shared Library/M2.NSudo.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\MouriNaruto\NSudoPrivate\Source\MSIL\Output\Objects\M2.NSudo\Release\net5.0\M2.NSudo.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NSudo Shared Library/M2.NSudo.pdb
NSudo Shared Library/M2.NSudo.xml
.xml
NSudo Shared Library/NSudoAPI.h
NSudo Shared Library/Win32/NSudoAPI.dll
.dll windows:6 windows x86 arch:x86

9ebaa0a10cba53473858a8197aded1a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\MouriNaruto\NSudoPrivate\Source\Native\Output\Binaries\Release\Win32\NSudoAPI.pdb

Imports

msvcrt

_initterm_e
realloc
?terminate@@YAXXZ
__CppXcptFilter
malloc
_msize
__CxxFrameHandler3
??3@YAXPAX@Z
free
__getmainargs
memset
_errno
_amsg_exit
_except_handler4_common
??0exception@@QAE@ABQBD@Z
_CxxThrowException
_wcsicmp
??2@YAPAXI@Z
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
__DestructExceptionObject
memcpy
memmove
__pctype_func
tolower
___mb_cur_max_func
wcstol
_mbtowc_l
wcsnlen
localeconv
strrchr
strcpy_s
_CIlog10
_ftol2_sse
ceil
_clearfp
_initterm

kernel32

GetSystemTimeAsFileTime
GetTickCount64
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentThreadId
IsProcessorFeaturePresent
GetModuleHandleW
InterlockedFlushSList
Sleep
GetCurrentProcess
ExitProcess
TerminateProcess
FreeLibrary
GetModuleHandleExW
GetProcAddress
GetCurrentProcessId
SetPriorityClass
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
ResumeThread
GetLastError
WaitForSingleObjectEx
CloseHandle
GetLocalTime
DeleteCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
SleepEx
GetProcessHeap
HeapFree
SetLastError
ExpandEnvironmentStringsW
OpenProcess
QueryPerformanceFrequency
HeapAlloc

advapi32

LookupPrivilegeValueW
SetTokenInformation
OpenProcessToken
SetThreadToken
CreateProcessAsUserW
DuplicateTokenEx
AdjustTokenPrivileges
GetAce
CloseServiceHandle
OpenSCManagerW
AllocateAndInitializeSid
IsWellKnownSid
AddAce
CreateRestrictedToken
FreeSid
StartServiceW
InitializeAcl
OpenServiceW
GetLengthSid
AddAccessAllowedAce
QueryServiceStatusEx
GetTokenInformation

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

wtsapi32

WTSEnumerateSessionsW
WTSQueryUserToken
WTSFreeMemory
WTSEnumerateProcessesW

Exports

Exports

NSudoCreateProcess
NSudoReadLog
NSudoWriteLog

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NSudo Shared Library/Win32/NSudoAPI.lib
NSudo Shared Library/Win32/NSudoAPI.pdb
NSudo Shared Library/x64/NSudoAPI.dll
.dll windows:6 windows x64 arch:x64

4320aa11908c0da29341a4f109f2a29b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\MouriNaruto\NSudoPrivate\Source\Native\Output\Binaries\Release\x64\NSudoAPI.pdb

Imports

msvcrt

_initterm_e
realloc
?terminate@@YAXXZ
__CppXcptFilter
malloc
_msize
__CxxFrameHandler3
??3@YAXPEAX@Z
free
__getmainargs
__C_specific_handler
memset
_errno
??0exception@@QEAA@AEBQEBD@Z
_CxxThrowException
_wcsicmp
??2@YAPEAX_K@Z
?what@exception@@UEBAPEBDXZ
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
__DestructExceptionObject
memcpy
memmove
__pctype_func
tolower
___mb_cur_max_func
wcstol
_mbtowc_l
wcsnlen
localeconv
strrchr
strcpy_s
ceil
log10
_clearfp
_initterm

kernel32

GetSystemTimeAsFileTime
GetTickCount64
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
GetCurrentThreadId
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetModuleHandleW
InterlockedFlushSList
Sleep
GetCurrentProcess
ExitProcess
TerminateProcess
FreeLibrary
GetModuleHandleExW
GetProcAddress
GetCurrentProcessId
SetPriorityClass
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
ResumeThread
GetLastError
WaitForSingleObjectEx
CloseHandle
GetLocalTime
DeleteCriticalSection
QueryPerformanceCounter
UnhandledExceptionFilter
SleepEx
GetProcessHeap
HeapFree
SetLastError
ExpandEnvironmentStringsW
OpenProcess
QueryPerformanceFrequency
HeapAlloc

advapi32

LookupPrivilegeValueW
SetTokenInformation
OpenProcessToken
SetThreadToken
CreateProcessAsUserW
DuplicateTokenEx
AdjustTokenPrivileges
GetAce
CloseServiceHandle
OpenSCManagerW
AllocateAndInitializeSid
IsWellKnownSid
AddAce
CreateRestrictedToken
FreeSid
StartServiceW
InitializeAcl
OpenServiceW
GetLengthSid
AddAccessAllowedAce
QueryServiceStatusEx
GetTokenInformation

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

wtsapi32

WTSEnumerateSessionsW
WTSQueryUserToken
WTSFreeMemory
WTSEnumerateProcessesW

Exports

Exports

NSudoCreateProcess
NSudoReadLog
NSudoWriteLog

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NSudo Shared Library/x64/NSudoAPI.lib
NSudo Shared Library/x64/NSudoAPI.pdb
NSudo Source Code/.editorconfig
NSudo Source Code/.github/workflows/CI.yml
NSudo Source Code/.github/workflows/DeployWebsite.yml
NSudo Source Code/.gitignore
NSudo Source Code/CODE_OF_CONDUCT.md
NSudo Source Code/CONTRIBUTING.md
NSudo Source Code/License.md
NSudo Source Code/Logo.png
.png
NSudo Source Code/Manual/Screenshot.png
.png
NSudo Source Code/Manual/UserManual.md
NSudo Source Code/Manual/UserManual.pdf
.pdf
- http://bbs.pcbeta.com/viewthread-1508863-1-1.html
- https://afdian.net/@MouriNaruto
- https://ci.appveyor.com/project/MouriNaruto/nsudo
- https://forums.mydigitallife.net/threads/59268
- https://gitee.com/M2-Team/NSudo
- https://github.com/M2Team/NSudo
- https://github.com/M2Team/NSudo/issues
- https://github.com/M2Team/NSudo/releases
- https://github.com/M2Team/NSudo/releases/latest
- https://github.com/M2Team/NSudo/tree/master/NSudoSDK
- https://github.com/Project-Nagisa/Nagisa/blob/master/Changelog.md
- https://github.com/Thdub/NSudo_Installer
- https://github.com/Thdub/NSudo_Installer/releases/latest
- https://howtodoninja.com/how-to/nsudo-run-programs-with-full-admin-privileges-windows/
- https://shang.qq.com/wpa/qunwpa?idkey=ac879ff5e88f85115597a9ec5f3dbbf28a6b84d7352e2fe03b7cbacf58bb6d53
- https://www.majorgeeks.com/files/details/nsudo.html
- https://www.patreon.com/MouriNaruto
- https://www.softpedia.com/get/Tweak/System-Tweak/NSudo.shtml
- https://www.trishtech.com/2018/11/nsudo-run-programs-with-full-privileges-in-windows/
- https://www.wilderssecurity.com/threads/396818
- Show all
NSudo Source Code/Manual/��Ļ��ͼ.png
.png
NSudo Source Code/Manual/ΞĻ�Xȡ��.png
.png
NSudo Source Code/Manual/�Ñ��փ�.md
NSudo Source Code/Manual/�Ñ��փ�.pdf
.pdf
- http://bbs.pcbeta.com/viewthread-1508863-1-1.html
- https://afdian.net/@MouriNaruto
- https://ci.appveyor.com/project/MouriNaruto/nsudo
- https://forums.mydigitallife.net/threads/59268
- https://gitee.com/M2-Team/NSudo
- https://github.com/M2Team/NSudo
- https://github.com/M2Team/NSudo/issues
- https://github.com/M2Team/NSudo/releases
- https://github.com/M2Team/NSudo/releases/latest
- https://github.com/M2Team/NSudo/tree/master/NSudoSDK
- https://github.com/Project-Nagisa/Nagisa/blob/master/Changelog.md
- https://github.com/Thdub/NSudo_Installer
- https://github.com/Thdub/NSudo_Installer/releases/latest
- https://howtodoninja.com/how-to/nsudo-run-programs-with-full-admin-privileges-windows/
- https://shang.qq.com/wpa/qunwpa?idkey=ac879ff5e88f85115597a9ec5f3dbbf28a6b84d7352e2fe03b7cbacf58bb6d53
- https://www.majorgeeks.com/files/details/nsudo.html
- https://www.patreon.com/MouriNaruto
- https://www.softpedia.com/get/Tweak/System-Tweak/NSudo.shtml
- https://www.trishtech.com/2018/11/nsudo-run-programs-with-full-privileges-in-windows/
- https://www.wilderssecurity.com/threads/396818
- Show all
NSudo Source Code/Manual/�û��ֲ�.md
NSudo Source Code/Manual/�û��ֲ�.pdf
.pdf
- http://bbs.pcbeta.com/viewthread-1508863-1-1.html
- https://afdian.net/@MouriNaruto
- https://ci.appveyor.com/project/MouriNaruto/nsudo
- https://forums.mydigitallife.net/threads/59268
- https://gitee.com/M2-Team/NSudo
- https://github.com/M2Team/NSudo
- https://github.com/M2Team/NSudo/issues
- https://github.com/M2Team/NSudo/releases
- https://github.com/M2Team/NSudo/releases/latest
- https://github.com/M2Team/NSudo/tree/master/NSudoSDK
- https://github.com/Project-Nagisa/Nagisa/blob/master/Changelog.md
- https://github.com/Thdub/NSudo_Installer
- https://github.com/Thdub/NSudo_Installer/releases/latest
- https://howtodoninja.com/how-to/nsudo-run-programs-with-full-admin-privileges-windows/
- https://shang.qq.com/wpa/qunwpa?idkey=ac879ff5e88f85115597a9ec5f3dbbf28a6b84d7352e2fe03b7cbacf58bb6d53
- https://www.majorgeeks.com/files/details/nsudo.html
- https://www.patreon.com/MouriNaruto
- https://www.softpedia.com/get/Tweak/System-Tweak/NSudo.shtml
- https://www.trishtech.com/2018/11/nsudo-run-programs-with-full-privileges-in-windows/
- https://www.wilderssecurity.com/threads/396818
- Show all
NSudo Source Code/People.md
NSudo Source Code/Readme.md
NSudo Source Code/Readme.zh-CN.md
NSudo Source Code/Source/MSIL/BuildAllTargets.cmd
.cmd .vbs
NSudo Source Code/Source/MSIL/BuildAllTargets.proj
NSudo Source Code/Source/MSIL/Directory.Build.props
NSudo Source Code/Source/MSIL/M2.NSudo.Demo/M2.NSudo.Demo.csproj
NSudo Source Code/Source/MSIL/M2.NSudo.Demo/Program.cs
.js
NSudo Source Code/Source/MSIL/M2.NSudo.sln
NSudo Source Code/Source/MSIL/M2.NSudo/M2.NSudo.csproj
NSudo Source Code/Source/MSIL/M2.NSudo/NSUDO_MANDATORY_LABEL_TYPE.cs
NSudo Source Code/Source/MSIL/M2.NSudo/NSUDO_PRIVILEGES_MODE_TYPE.cs
NSudo Source Code/Source/MSIL/M2.NSudo/NSUDO_PROCESS_PRIORITY_CLASS_TYPE.cs
NSudo Source Code/Source/MSIL/M2.NSudo/NSUDO_SHOW_WINDOW_MODE_TYPE.cs
NSudo Source Code/Source/MSIL/M2.NSudo/NSUDO_USER_MODE_TYPE.cs
NSudo Source Code/Source/MSIL/M2.NSudo/NSudoInstance.cs
NSudo Source Code/Source/MSIL/M2.NSudo/Properties/launchSettings.json
NSudo Source Code/Source/MSIL/M2.NSudo/Win32.cs
NSudo Source Code/Source/Native/BuildAllTargets.cmd
.cmd .vbs
NSudo Source Code/Source/Native/BuildAllTargets.proj
NSudo Source Code/Source/Native/Directory.Build.props
NSudo Source Code/Source/Native/MINT/MINT.h
NSudo Source Code/Source/Native/MINT/MINT.props
NSudo Source Code/Source/Native/Mile.Project.VisualStudio/Mile.Project.Cpp.VC-LTL.props
NSudo Source Code/Source/Native/Mile.Project.VisualStudio/Mile.Project.Cpp.props
NSudo Source Code/Source/Native/Mile.Project.VisualStudio/Mile.Project.Cpp.targets
NSudo Source Code/Source/Native/Mile.Project.VisualStudio/Mile.Project.Manifest.rc
NSudo Source Code/Source/Native/Mile.Project.VisualStudio/Mile.Project.Version.h
NSudo Source Code/Source/Native/Mile.Project.VisualStudio/Mile.Project.Version.rc
NSudo Source Code/Source/Native/Mile/MCC.cppold
.js
NSudo Source Code/Source/Native/Mile/Mile.Portable.cpp
NSudo Source Code/Source/Native/Mile/Mile.Portable.h
NSudo Source Code/Source/Native/Mile/Mile.Windows.cpp
NSudo Source Code/Source/Native/Mile/Mile.Windows.h
NSudo Source Code/Source/Native/Mile/Mile.props
NSudo Source Code/Source/Native/Mile/Mile.vcxproj
.xml
NSudo Source Code/Source/Native/Mile/Mile.vcxproj.filters
NSudo Source Code/Source/Native/NSudo.sln
NSudo Source Code/Source/Native/NSudoAPI/DllMain.cpp
NSudo Source Code/Source/Native/NSudoAPI/Mile.Project.Properties.h
NSudo Source Code/Source/Native/NSudoAPI/NSudoAPI.def
NSudo Source Code/Source/Native/NSudoAPI/NSudoAPI.props
NSudo Source Code/Source/Native/NSudoAPI/NSudoAPI.vcxproj
.xml
NSudo Source Code/Source/Native/NSudoAPI/NSudoAPI.vcxproj.filters
NSudo Source Code/Source/Native/NSudoDevilMode/Mile.Project.Properties.h
NSudo Source Code/Source/Native/NSudoDevilMode/NSudoDevilMode.cpp
NSudo Source Code/Source/Native/NSudoDevilMode/NSudoDevilMode.vcxproj
.xml
NSudo Source Code/Source/Native/NSudoDevilMode/NSudoDevilMode.vcxproj.filters
NSudo Source Code/Source/Native/NSudoDevilMode/detours.cpp
NSudo Source Code/Source/Native/NSudoDevilMode/detours.h
NSudo Source Code/Source/Native/NSudoDevilMode/disasm.cpp
NSudo Source Code/Source/Native/NSudoLauncher/M2MessageDialogResource.h
NSudo Source Code/Source/Native/NSudoLauncher/M2MessageDialogResource.rc
NSudo Source Code/Source/Native/NSudoLauncher/M2Win32GUIHelpers.cpp
NSudo Source Code/Source/Native/NSudoLauncher/M2Win32GUIHelpers.h
NSudo Source Code/Source/Native/NSudoLauncher/Mile.Project.Properties.h
NSudo Source Code/Source/Native/NSudoLauncher/NSudoLauncherCUI.cpp
NSudo Source Code/Source/Native/NSudoLauncher/NSudoLauncherCUI.manifest
NSudo Source Code/Source/Native/NSudoLauncher/NSudoLauncherCUI.rc
NSudo Source Code/Source/Native/NSudoLauncher/NSudoLauncherCUI.vcxproj
.xml
NSudo Source Code/Source/Native/NSudoLauncher/NSudoLauncherCUI.vcxproj.filters
NSudo Source Code/Source/Native/NSudoLauncher/NSudoLauncherCUIResource.h
NSudo Source Code/Source/Native/NSudoLauncher/NSudoLauncherGUI.cpp
NSudo Source Code/Source/Native/NSudoLauncher/NSudoLauncherGUI.manifest
NSudo Source Code/Source/Native/NSudoLauncher/NSudoLauncherGUI.rc
NSudo Source Code/Source/Native/NSudoLauncher/NSudoLauncherGUI.vcxproj
.xml
NSudo Source Code/Source/Native/NSudoLauncher/NSudoLauncherGUI.vcxproj.filters
NSudo Source Code/Source/Native/NSudoLauncher/NSudoLauncherGUIResource.h
NSudo Source Code/Source/Native/NSudoLauncher/NSudoLauncherResources.h
NSudo Source Code/Source/Native/NSudoLauncher/NSudoLauncherResources.props
NSudo Source Code/Source/Native/NSudoLauncher/NSudoLauncherResources.rc
NSudo Source Code/Source/Native/NSudoLauncher/NSudoLauncherResources.vcxproj
.xml
NSudo Source Code/Source/Native/NSudoLauncher/NSudoLauncherResources.vcxproj.filters
NSudo Source Code/Source/Native/NSudoLauncher/Resources/NSudo.json
NSudo Source Code/Source/Native/NSudoLauncher/Resources/NSudoLauncher.ico
NSudo Source Code/Source/Native/NSudoLauncher/Resources/NSudoLauncher.xcf
NSudo Source Code/Source/Native/NSudoLauncher/Resources/de/CommandLineHelp.txt
NSudo Source Code/Source/Native/NSudoLauncher/Resources/de/Links.txt
NSudo Source Code/Source/Native/NSudoLauncher/Resources/de/Translations.json
NSudo Source Code/Source/Native/NSudoLauncher/Resources/en/CommandLineHelp.txt
NSudo Source Code/Source/Native/NSudoLauncher/Resources/en/Links.txt
NSudo Source Code/Source/Native/NSudoLauncher/Resources/en/Translations.json
NSudo Source Code/Source/Native/NSudoLauncher/Resources/es/CommandLineHelp.txt
NSudo Source Code/Source/Native/NSudoLauncher/Resources/es/Links.txt
NSudo Source Code/Source/Native/NSudoLauncher/Resources/es/Translations.json
NSudo Source Code/Source/Native/NSudoLauncher/Resources/fr/CommandLineHelp.txt
NSudo Source Code/Source/Native/NSudoLauncher/Resources/fr/Links.txt
NSudo Source Code/Source/Native/NSudoLauncher/Resources/fr/Translations.json
NSudo Source Code/Source/Native/NSudoLauncher/Resources/it/CommandLineHelp.txt
NSudo Source Code/Source/Native/NSudoLauncher/Resources/it/Links.txt
NSudo Source Code/Source/Native/NSudoLauncher/Resources/it/Translations.json
NSudo Source Code/Source/Native/NSudoLauncher/Resources/zh-Hans/CommandLineHelp.txt
NSudo Source Code/Source/Native/NSudoLauncher/Resources/zh-Hans/Links.txt
NSudo Source Code/Source/Native/NSudoLauncher/Resources/zh-Hans/Translations.json
NSudo Source Code/Source/Native/NSudoLauncher/Resources/zh-Hant/CommandLineHelp.txt
NSudo Source Code/Source/Native/NSudoLauncher/Resources/zh-Hant/Links.txt
NSudo Source Code/Source/Native/NSudoLauncher/Resources/zh-Hant/Translations.json
NSudo Source Code/Source/Native/NSudoLauncher/jsmn.h
NSudo Source Code/Source/Native/NSudoLib/M2.Base.cpp
NSudo Source Code/Source/Native/NSudoLib/M2.Base.h
NSudo Source Code/Source/Native/NSudoLib/NSudoAPI.cpp
NSudo Source Code/Source/Native/NSudoLib/NSudoAPI.h
NSudo Source Code/Source/Native/NSudoLib/NSudoLib.props
NSudo Source Code/Source/Native/NSudoLib/NSudoLib.vcxproj
.xml
NSudo Source Code/Source/Native/NSudoLib/NSudoLib.vcxproj.filters
NSudo Source Code/Source/Native/Scripts/NSudo.bat
NSudo Source Code/Source/Native/WTL/WTL.props
NSudo Source Code/Source/Native/WTL/WTL/atlapp.h
NSudo Source Code/Source/Native/WTL/WTL/atlcrack.h
NSudo Source Code/Source/Native/WTL/WTL/atlctrls.h
NSudo Source Code/Source/Native/WTL/WTL/atlctrlw.h
NSudo Source Code/Source/Native/WTL/WTL/atlctrlx.h
.vbs
NSudo Source Code/Source/Native/WTL/WTL/atlddx.h
NSudo Source Code/Source/Native/WTL/WTL/atldlgs.h
NSudo Source Code/Source/Native/WTL/WTL/atldwm.h
NSudo Source Code/Source/Native/WTL/WTL/atlfind.h
NSudo Source Code/Source/Native/WTL/WTL/atlframe.h
NSudo Source Code/Source/Native/WTL/WTL/atlgdi.h
NSudo Source Code/Source/Native/WTL/WTL/atlmisc.h
.vbs
NSudo Source Code/Source/Native/WTL/WTL/atlprint.h
NSudo Source Code/Source/Native/WTL/WTL/atlres.h
NSudo Source Code/Source/Native/WTL/WTL/atlribbon.h
NSudo Source Code/Source/Native/WTL/WTL/atlscrl.h
NSudo Source Code/Source/Native/WTL/WTL/atlsplit.h
NSudo Source Code/Source/Native/WTL/WTL/atltheme.h
NSudo Source Code/Source/Native/WTL/WTL/atluser.h
NSudo Source Code/Source/Native/WTL/WTL/atlwinx.h
NSudo Source Code/Source/Native/libkcrt/.gitignore
NSudo Source Code/Source/Native/libkcrt/arm/libkcrt.lib
NSudo Source Code/Source/Native/libkcrt/arm64/libkcrt.lib
NSudo Source Code/Source/Native/libkcrt/libkcrt.props
NSudo Source Code/Source/Native/libkcrt/x64/libkcrt.lib
NSudo Source Code/Source/Native/libkcrt/x86/libkcrt.lib
NSudo Source Code/Website/.gitignore
NSudo Source Code/Website/.vuepress/config.js
NSudo Source Code/Website/.vuepress/config/themeConfig/locales/en-us.js
NSudo Source Code/Website/.vuepress/config/themeConfig/locales/zh-hans.js
NSudo Source Code/Website/.vuepress/config/themeConfig/locales/zh-hant.js
NSudo Source Code/Website/.vuepress/public/CNAME
NSudo Source Code/Website/.vuepress/public/assets/img/logo.png
.png
NSudo Source Code/Website/.vuepress/public/favicon.ico
NSudo Source Code/Website/.vuepress/public/icons/apple-touch-icon-152x152.png
.png
NSudo Source Code/Website/.vuepress/public/icons/msapplication-icon-144x144.png
.png
NSudo Source Code/Website/.vuepress/public/icons/safari-pinned-tab.svg
.xml
NSudo Source Code/Website/.vuepress/public/index.html
.html
NSudo Source Code/Website/.vuepress/public/manifest.json
NSudo Source Code/Website/.vuepress/styles/index.styl
NSudo Source Code/Website/.vuepress/styles/palette.styl
NSudo Source Code/Website/.vuepress/theme/components/Home.vue
NSudo Source Code/Website/.vuepress/theme/components/Page.vue
NSudo Source Code/Website/.vuepress/theme/components/PageFooter.vue
NSudo Source Code/Website/.vuepress/theme/index.js
NSudo Source Code/Website/.vuepress/theme/styles/wrapper.styl
NSudo Source Code/Website/build.bat
NSudo Source Code/Website/doxygen/Doxyfile
NSudo Source Code/Website/en-us/Download.md
NSudo Source Code/Website/en-us/Readme.md
NSudo Source Code/Website/en-us/Screenshot.png
.png
NSudo Source Code/Website/en-us/Support.md
NSudo Source Code/Website/en-us/docs/Changelog.md
NSudo Source Code/Website/en-us/docs/DevilMode.md
NSudo Source Code/Website/en-us/docs/Readme.md
NSudo Source Code/Website/en-us/docs/SharedLibrary.md
NSudo Source Code/Website/package.json
NSudo Source Code/Website/yarn.lock
NSudo Source Code/Website/zh-hans/Download.md
NSudo Source Code/Website/zh-hans/Readme.md
NSudo Source Code/Website/zh-hans/Screenshot.png
.png
NSudo Source Code/Website/zh-hans/Support.md
NSudo Source Code/Website/zh-hans/docs/Changelog.md
NSudo Source Code/Website/zh-hans/docs/DevilMode.md
NSudo Source Code/Website/zh-hans/docs/Readme.md
NSudo Source Code/Website/zh-hans/docs/SharedLibrary.md
NSudo Source Code/Website/zh-hant/Download.md
NSudo Source Code/Website/zh-hant/Readme.md
NSudo Source Code/Website/zh-hant/Screenshot.png
.png
NSudo Source Code/Website/zh-hant/Support.md
NSudo Source Code/Website/zh-hant/docs/Changelog.md
NSudo Source Code/Website/zh-hant/docs/DevilMode.md
NSudo Source Code/Website/zh-hant/docs/Readme.md
NSudo Source Code/Website/zh-hant/docs/SharedLibrary.md
NSudo Source Code/appveyor.yml
People.txt
UserManual.pdf
.pdf
- http://bbs.pcbeta.com/viewthread-1508863-1-1.html
- https://afdian.net/@MouriNaruto
- https://ci.appveyor.com/project/MouriNaruto/nsudo
- https://forums.mydigitallife.net/threads/59268
- https://gitee.com/M2-Team/NSudo
- https://github.com/M2Team/NSudo
- https://github.com/M2Team/NSudo/issues
- https://github.com/M2Team/NSudo/releases
- https://github.com/M2Team/NSudo/releases/latest
- https://github.com/M2Team/NSudo/tree/master/NSudoSDK
- https://github.com/Project-Nagisa/Nagisa/blob/master/Changelog.md
- https://github.com/Thdub/NSudo_Installer
- https://github.com/Thdub/NSudo_Installer/releases/latest
- https://howtodoninja.com/how-to/nsudo-run-programs-with-full-admin-privileges-windows/
- https://shang.qq.com/wpa/qunwpa?idkey=ac879ff5e88f85115597a9ec5f3dbbf28a6b84d7352e2fe03b7cbacf58bb6d53
- https://www.majorgeeks.com/files/details/nsudo.html
- https://www.patreon.com/MouriNaruto
- https://www.softpedia.com/get/Tweak/System-Tweak/NSudo.shtml
- https://www.trishtech.com/2018/11/nsudo-run-programs-with-full-privileges-in-windows/
- https://www.wilderssecurity.com/threads/396818
- Show all
�Ñ��փ�.pdf
.pdf
- http://bbs.pcbeta.com/viewthread-1508863-1-1.html
- https://afdian.net/@MouriNaruto
- https://ci.appveyor.com/project/MouriNaruto/nsudo
- https://forums.mydigitallife.net/threads/59268
- https://gitee.com/M2-Team/NSudo
- https://github.com/M2Team/NSudo
- https://github.com/M2Team/NSudo/issues
- https://github.com/M2Team/NSudo/releases
- https://github.com/M2Team/NSudo/releases/latest
- https://github.com/M2Team/NSudo/tree/master/NSudoSDK
- https://github.com/Project-Nagisa/Nagisa/blob/master/Changelog.md
- https://github.com/Thdub/NSudo_Installer
- https://github.com/Thdub/NSudo_Installer/releases/latest
- https://howtodoninja.com/how-to/nsudo-run-programs-with-full-admin-privileges-windows/
- https://shang.qq.com/wpa/qunwpa?idkey=ac879ff5e88f85115597a9ec5f3dbbf28a6b84d7352e2fe03b7cbacf58bb6d53
- https://www.majorgeeks.com/files/details/nsudo.html
- https://www.patreon.com/MouriNaruto
- https://www.softpedia.com/get/Tweak/System-Tweak/NSudo.shtml
- https://www.trishtech.com/2018/11/nsudo-run-programs-with-full-privileges-in-windows/
- https://www.wilderssecurity.com/threads/396818
- Show all
�û��ֲ�.pdf
.pdf
- http://bbs.pcbeta.com/viewthread-1508863-1-1.html
- https://afdian.net/@MouriNaruto
- https://ci.appveyor.com/project/MouriNaruto/nsudo
- https://forums.mydigitallife.net/threads/59268
- https://gitee.com/M2-Team/NSudo
- https://github.com/M2Team/NSudo
- https://github.com/M2Team/NSudo/issues
- https://github.com/M2Team/NSudo/releases
- https://github.com/M2Team/NSudo/releases/latest
- https://github.com/M2Team/NSudo/tree/master/NSudoSDK
- https://github.com/Project-Nagisa/Nagisa/blob/master/Changelog.md
- https://github.com/Thdub/NSudo_Installer
- https://github.com/Thdub/NSudo_Installer/releases/latest
- https://howtodoninja.com/how-to/nsudo-run-programs-with-full-admin-privileges-windows/
- https://shang.qq.com/wpa/qunwpa?idkey=ac879ff5e88f85115597a9ec5f3dbbf28a6b84d7352e2fe03b7cbacf58bb6d53
- https://www.majorgeeks.com/files/details/nsudo.html
- https://www.patreon.com/MouriNaruto
- https://www.softpedia.com/get/Tweak/System-Tweak/NSudo.shtml
- https://www.trishtech.com/2018/11/nsudo-run-programs-with-full-privileges-in-windows/
- https://www.wilderssecurity.com/threads/396818
- Show all

Sharing

General

Malware Config

Signatures

Files

053da52e98b6f21f8418d4bccf9e7633

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntdll

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 932B

.rsrc Size: 1024B - Virtual size: 832B

.reloc Size: 2KB - Virtual size: 1KB

c5ffb43d2e5dcf86c6ab069cbb596f81

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntdll

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 588B

.rsrc Size: 1024B - Virtual size: 832B

.reloc Size: 1KB - Virtual size: 1KB

53d6ef09c6b35874ecf0db6148867fbf

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

ole32

userenv

wtsapi32

msvcrt

Sections

.text Size: 61KB - Virtual size: 60KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 42KB - Virtual size: 41KB

.reloc Size: 3KB - Virtual size: 2KB

26df042bd9a6c1d26d9e14b38449f7f0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

userenv

wtsapi32

msvcrt

Sections

.text Size: 69KB - Virtual size: 69KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 43KB - Virtual size: 43KB

.reloc Size: 3KB - Virtual size: 3KB

fb7bace90d73db33c8ef9e85f4eab9b0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 932B

.rsrc
Size: 1024B - Virtual size: 832B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 588B

.rsrc
Size: 1024B - Virtual size: 832B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 61KB - Virtual size: 60KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 42KB - Virtual size: 41KB

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 69KB - Virtual size: 69KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 43KB - Virtual size: 43KB

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 66KB - Virtual size: 65KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 42KB - Virtual size: 41KB

.reloc
Size: 512B - Virtual size: 220B

.text
Size: 79KB - Virtual size: 78KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 1024B - Virtual size: 3KB

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 43KB - Virtual size: 43KB

.reloc
Size: 512B - Virtual size: 252B

.text
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 972B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 37KB - Virtual size: 37KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 848B

.reloc
Size: 2KB - Virtual size: 1KB