H:\Data\nve\nve-game-extension\bin\Release\SP Final\NVE.pdb
Static task
static1
1 signatures
General
-
Target
NVE.asi
-
Size
1.8MB
-
MD5
06ce2481d725e99120536a01f0fa5123
-
SHA1
f872e88581035c5311b1ae3312902096aed47e10
-
SHA256
af1d7b5df54a9f76c337e7f43c601e6a43ebe09b043cbb13f936ce151ef6a9a7
-
SHA512
d44a8972ff62605d5d12ace7e3126d4e3bdf94ea9d0ff63690a7f79055d61a8fa59d492ad84f7097ffbbc0d0fd9bd58ffc5677fed90494db406876a578990d9d
-
SSDEEP
24576:KzQn6A4V3WXPnO8zU4ifwlimy1yYny7QDh2flgh0lhSMXlxLmHHsfVA:vYV3W/OFYy1yyy7QDUdVZmHHs
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NVE.asi
Files
-
NVE.asi.dll windows:6 windows x64 arch:x64
Password: qe2edqwe2
185981fe8fe7dafe771a77127b2450c4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
version
VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeA
kernel32
Sleep
GetModuleHandleW
DisableThreadLibraryCalls
CreateThread
GetProcAddress
GetCurrentProcess
K32EnumProcessModules
VirtualProtect
GetModuleHandleA
GetModuleFileNameW
GlobalMemoryStatusEx
VirtualQuery
GetSystemInfo
VirtualAlloc
GetModuleFileNameA
RaiseException
GetLastError
FreeLibrary
LoadLibraryExA
SleepConditionVariableSRW
HeapCreate
HeapFree
Thread32Next
Thread32First
GetCurrentThreadId
SuspendThread
ResumeThread
CreateToolhelp32Snapshot
HeapReAlloc
CloseHandle
HeapAlloc
GetThreadContext
GetCurrentProcessId
FlushInstructionCache
SetThreadContext
OpenThread
VirtualFree
WideCharToMultiByte
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
AreFileApisANSI
GetFileInformationByHandleEx
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
FormatMessageA
LocalFree
GetLocaleInfoEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
SetLastError
LoadLibraryExW
RtlUnwind
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
GetSystemTimeAsFileTime
LCMapStringEx
GetStringTypeW
GetCPInfo
WakeAllConditionVariable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
InterlockedFlushSList
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
GetModuleHandleExW
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
ReadFile
GetStdHandle
GetFileType
GetFileSizeEx
ReadConsoleW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
SetStdHandle
HeapSize
WriteConsoleW
SetEndOfFile
Exports
Exports
DESCRIPTION
NAME
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 581KB - Virtual size: 580KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ