Gridinsoft Logo

The Nexure_Valorant_Unlockall.exe File Analysis

Updated 9 days ago
Checked by Malware Check
Nexure_Valorant_Unlockall.exe

Technical Analysis

File Name Nexure_Valorant_Unlockall.exe
File Type
Win32 EXE
Magic Bytes PE32+ executable (console) x86-64, for MS Windows
SSDEEP Hash
196608:zS2LhX+blw5vvFagI7dl+wdTdojyPY6X8B7El:TtEeFablHZtQ6l
Scanner Version 1.0.221.174
Database Version 2025-07-23 10:00:28 UTC

Suspicious File Detected

Detected by 31 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
43%
Detection Rate
9,756,672
File Size (bytes)
31/72
Engines Detected
2025-07-23
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
e8081896f0c366999e15d6c703804bd4
SHA1
9a7a7d1df77212320bd06c3e8f213492d4765cc8
SHA256
b7f0d8192c162157280ae5a865ec18f12ed14d2bb530b415035bad12110f7a75
SHA512
a2838283fcf34af7c0c3cb63c544af74ae8df44a79212cc8986fecb2c0ba844cdbcd6ebcfe3eb508b975959ea1fa9e2dcc12398a6d86c5e921219e431ad0855c
ImpHash
82894595585eb0b963bb71f5046318c4

Security Engines with Detections (31 of 72)

Bkav
W64.AIDetectMalware Malicious
AVG
Win64:MalwareX-gen [Misc] Malicious
Elastic
malicious (high confidence) Malicious
MicroWorld-eScan
Trojan.GenericKD.76291121 Malicious
CTX
exe.trojan.generic Malicious
McAfee
Artemis!E8081896F0C3 Malicious
Sangfor
Suspicious.Win32.Save.a Malicious
CrowdStrike
win/malicious_confidence_90% (W) Malicious
Symantec
ML.Attribute.HighConfidence Malicious
ESET-NOD32
a variant of Generik.HKZJSGU Malicious
Paloalto
generic.ml Malicious
BitDefender
Trojan.GenericKD.76291121 Malicious
Avast
Win64:MalwareX-gen [Misc] Malicious
Emsisoft
Trojan.GenericKD.76291121 (B) Malicious
VIPRE
Trojan.GenericKD.76291121 Malicious
McAfeeD
ti!B7F0D8192C16 Malicious
Sophos
Generic Reputation PUA (PUA) Malicious
Ikarus
Trojan.SuspectCRC Malicious
GData
Win64.Trojan.Agent.R68TBG Malicious
Varist
W64/ABRisk.ODNE-3955 Malicious
Antiy-AVL
GrayWare/Win32.Wacapew Malicious
Arcabit
Trojan.Generic.D48C1C31 Malicious
Microsoft
Program:Win32/Wacapew.C!ml Malicious
Google
Detected Malicious
ALYac
Trojan.GenericKD.76291121 Malicious
Cylance
Unsafe Malicious
Rising
[email protected] (RDML:lc6fQGayP9tXUq9w9anDTA) Malicious
SentinelOne
Static AI - Malicious PE Malicious
MaxSecure
Trojan.Malware.300983.susgen Malicious
Fortinet
W32/PossibleThreat Malicious
DeepInstinct
MALICIOUS Malicious
41 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Image Base 0x140000000
Entry Point 0x140011631
Compilation Time 2025-04-24 14:49:26
Checksum 0x00000000 (Actual: 0x00959a01)
OS Version 6.0
PEiD Signatures PE32+ executable (console) x86-64, for MS Windows
PDB Path C:\Users\WindowSandbox\source\repos\Nexure\x64\Debug\Nexure.pdb
Digital Signature No valid SignedData structure was found.
Imports 6 libraries
KERNEL32, USER32, MSVCP140D, VCRUNTIME140D, VCRUNTIME140_1D, ucrtbased
Exports 0 functions
Resources 1 Resources
Sections 10 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.textbss 0x00001000 65,536 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.text 0x00011000 82,475 bytes 82,944 bytes 4.08 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ B42E966C939871060AB88EFECFE25950
.rdata 0x00026000 24,892 bytes 25,088 bytes 2.92 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ E6086CA7EB8782355D778E30B128445B
.data 0x0002d000 9,622,240 bytes 9,620,480 bytes 7.19 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 98743F399B07C2A82BED8F8ACBD9441C
.pdata 0x0095b000 11,556 bytes 11,776 bytes 2.41 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ B6F76AE9FBE9B550BEB0E7469438EDF5
.idata 0x0095e000 10,115 bytes 10,240 bytes 4.30 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 573E97C05E71DF11EED388C5F749FF4E
.msvcjmc 0x00961000 571 bytes 1,024 bytes 0.82 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 8FD1B1063FD33E5A292B21DBE07FF1C8
.00cfg 0x00962000 373 bytes 512 bytes 0.47 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 8A6E260844E757F04F29BDC6DD4BF1B7
.rsrc 0x00963000 1,094 bytes 1,536 bytes 2.18 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 05C97F6EA1CB517EE182E98F8B886EA9
.reloc 0x00964000 1,910 bytes 2,048 bytes 1.24 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ E02752BEF162D868BBC259394D61798B
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 1 (392 bytes)
Resource Type Count Total Size Percentage
RT_MANIFEST 1 392 bytes
100%

Certificate Chain Analysis

Certificate Information
Certificate Chain Summary
BattlEye Innovations e.K. #1 Primary
Validity Period: 2015-01-01 00:00:00 → 2088-01-01 00:00:00
Signature Algorithm: sha256RSA
Serial Number: 0D 68 3E 6A D0 CD A9 B4 47 5C F8 AE 1D 7D 21 33
DigiCert Timestamp 2024 #2 Chain
Validity Period: 2024-09-26 00:00:00 → 2035-11-25 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0B AE 66 BC 5A BA 7F 95 87 C6 F9 E9 04 E3 33 04
DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA #3 Chain
Validity Period: 2022-03-23 00:00:00 → 2037-03-22 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 07 36 37 B7 24 54 7C D8 47 AC FD 28 66 2A 5E 5B
DigiCert Trusted Root G4 #4 Chain
Validity Period: 2022-08-01 00:00:00 → 2031-11-09 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 0E 9B 18 8E F9 D0 2D E7 EF DB 50 E2 08 40 18 5A

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
31 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware