× Cookies被禁用! 本网站需要启用Cookie才能正常工作
SHA256: 1af50bd9f99d27e5f3270cb299e7be27933c7195e7aa1743a61f8144fe01aebe
文件名: 9e40b9d57e32ca6342e129c485277c40475afae1
检出率: 35 / 68
分析日期: 2018-08-14 16:32:54 UTC ( 9 月, 2 周 前 ) 查看最新
反病毒软件 结果 病毒库日期
Ad-Aware Gen:Variant.Barys.2592 20180814
ALYac Gen:Variant.Barys.2592 20180814
Arcabit Trojan.Barys.DA20 20180814
Avast Win32:Malware-gen 20180814
AVG Win32:Malware-gen 20180814
Avira (no cloud) HEUR/AGEN.1000730 20180814
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9857 20180814
BitDefender Gen:Variant.Barys.2592 20180814
CrowdStrike Falcon (ML) malicious_confidence_70% (D) 20180723
Cybereason malicious.330248 20180225
Cylance Unsafe 20180814
Emsisoft Gen:Variant.Barys.2592 (B) 20180814
Endgame malicious (moderate confidence) 20180730
ESET-NOD32 Win32/Spy.Zbot.ADC 20180814
F-Secure Gen:Variant.Barys.2592 20180814
Fortinet W32/Zbot.ADC!tr 20180814
GData Gen:Variant.Barys.2592 20180814
Ikarus Trojan-Spy.Agent 20180814
Sophos ML heuristic 20180717
Kaspersky UDS:DangerousObject.Multi.Generic 20180814
MAX malware (ai score=80) 20180814
McAfee GenericRXFM-NX!EDD2CAEF31A9 20180814
McAfee-GW-Edition GenericRXFM-NX!EDD2CAEF31A9 20180814
Microsoft PWS:Win32/Zbot 20180814
eScan Gen:Variant.Barys.2592 20180814
NANO-Antivirus Trojan.Win32.Panda.fatxro 20180814
Palo Alto Networks (Known Signatures) generic.ml 20180814
Qihoo-360 Win32/Trojan.183 20180814
Rising Malware.Heuristic!ET#91% (RDM+:cmRtazp7uhnXIJwComL4xSzBQGFF) 20180814
SentinelOne (Static ML) static engine - malicious 20180701
Symantec Packed.Generic.530 20180814
Tencent Win32.Trojan.Barys.Dvzq 20180814
TrendMicro TROJ_GEN.R014C0OHE18 20180814
TrendMicro-HouseCall TROJ_GEN.R014C0OHE18 20180814
ZoneAlarm by Check Point Trojan-Spy.Win32.Panda.btc 20180814
AegisLab 20180814
AhnLab-V3 20180814
Alibaba 20180713
Antiy-AVL 20180814
Avast-Mobile 20180814
AVware 20180814
Babable 20180725
Bkav 20180814
CAT-QuickHeal 20180814
ClamAV 20180814
CMC 20180812
Comodo 20180814
Cyren 20180814
DrWeb 20180814
eGambit 20180814
F-Prot 20180814
Jiangmin 20180814
K7AntiVirus 20180814
K7GW 20180814
Kingsoft 20180814
Malwarebytes 20180814
Panda 20180814
Sophos AV 20180814
SUPERAntiSpyware 20180814
Symantec Mobile Insight 20180814
TACHYON 20180814
TheHacker 20180813
TotalDefense 20180814
Trustlook 20180814
VBA32 20180814
VIPRE 20180814
ViRobot 20180814
Webroot 20180814
Yandex 20180814
Zillya 20180812
Zoner 20180813
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2008 NVIDIA Corporation

Product NxCharacter Dynamic Link Library
Original name NxCharacter.dll
Internal name NxCharacter_FC6_GPU
File version 2, 8, 4, 6
Description NxCharacter Dynamic Link Library
Packers identified
F-PROT UPX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-01-19 14:43:13
Entry Point 0x00030930
Number of sections 3
PE sections
PE imports
VirtualProtect
LoadLibraryA
ExitProcess
GetProcAddress
Number of PE resources by type
RT_STRING 14
RT_BITMAP 12
RT_GROUP_CURSOR 7
RT_CURSOR 7
RT_RCDATA 3
RT_DIALOG 2
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 27
NEUTRAL 20
PE resources
ExifTool file metadata
UninitializedDataSize
61440

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.8.4.6

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

FileDescription
NxCharacter Dynamic Link Library

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
24576

EntryPoint
0x30930

OriginalFileName
NxCharacter.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2008 NVIDIA Corporation

FileVersion
2, 8, 4, 6

TimeStamp
2018:01:19 15:43:13+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
NxCharacter_FC6_GPU

ProductVersion
2, 8, 4, 6

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
NVIDIA Corporation

CodeSize
135168

ProductName
NxCharacter Dynamic Link Library

ProductVersionNumber
2.8.4.6

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 1176431330248cc9fec2adcbb3d85f7b
SHA1 9e40b9d57e32ca6342e129c485277c40475afae1
SHA256 1af50bd9f99d27e5f3270cb299e7be27933c7195e7aa1743a61f8144fe01aebe
ssdeep
3072:anDZZuFhsdvDsAIYdAXPcalkqFoxqPvKIBC:uuHao9cPxqPv

authentihash de86148acc7b48b13c20f3a28ffab3f9023f1756ce371c4f1a5cb66e694b63ed
imphash 6ed4f5f04d62b18d96b26d6db7c18840
File size 154.5 KB ( 158208 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (61.2%)
Win32 Dynamic Link Library (generic) (14.8%)
Win32 Executable (generic) (10.2%)
OS/2 Executable (generic) (4.5%)
Generic Win/DOS Executable (4.5%)
Tags
peexe upx

VirusTotal metadata
First submission 2018-08-14 16:32:54 UTC ( 9 月, 2 周 前 )
Last submission 2018-10-23 20:51:01 UTC ( 7 月 前 )
文件名 NxCharacter_FC6_GPU
Samp(12)M01234.vir.rename
NxCharacter.dll
1176431330248CC9FEC2ADCBB3D85F7B.EXE
没有评论. 没有VirusTotal社区成员评论该项目,抢沙发!

发表评论

?
发表评论

您没有登录。只有注册用户可以发表评论,请登录后发表评论!

没有投票. 目前没有用户投票。
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Created mutexes
Opened mutexes
Runtime DLLs