| File Name | Nocturnals.exe |
| File Type |
PE32+ executable (GUI) x86-64, for MS Windows
|
| Scanner Version | 1.0.229.174 |
| Database Version | 2025-11-21 02:00:32 UTC |
No threats detected by our scanner
| Hash Type | Value | Action |
|---|---|---|
| MD5 |
b65630001b8f423edc7b7483413661c0
|
|
| SHA1 |
b0f60d30a50b77c9180e3b52aac409d213fcab00
|
|
| SHA256 |
c2a089969729f5ef3373aa6b37e81cbd9f83f43a839640a4808c1bae79bd745e
|
|
| SHA512 |
cd17a91b41406eb7b9721094a4f20ade3ac3aeaeac11f4174f43b84a70bd36e8657946b5888d9afc07a6e782857c31e378c456fe3e0e2ff3ce9db89961e46852
|
|
| ImpHash |
f18952a1b4265d767ec0bab410377559
|
| Icon |
Hash: e3a99649c341c7d09ea12d7074fe8420
Fuzzy: ed4eeb6bd33fd812d650d125ee90d9a7 dHash: d7cd48d8e5ec4c11 |
| Image Base | 0x140000000 |
| Entry Point | 0x140161d40 |
| Compilation Time | 2024-06-02 05:00:00 |
| Checksum | 0x00000000 (Actual: 0x0021ea3b) |
| OS Version | 10.0 |
| PEiD Signatures |
PE32+ executable (GUI) x86-64, for MS Windows
|
| PDB Path | E:\nw89_sdk_win64\node-webkit\src\outst\nw\initialexe\nw.exe.pdb |
| Digital Signature | No valid SignedData structure was found. |
| Imports |
4 libraries
nw_elf, KERNEL32, VERSION, ntdll |
| Exports | 3 functions |
| Resources | 60 Resources |
| Sections | 14 Sections |
| CompanyName | The NW.js Community |
| FileDescription | nwjs |
| FileVersion | 0.89.0 |
| InternalName | nw_exe |
| LegalCopyright | Copyright 2023, The NW.js community and The Chromium Authors. All rights reserved. |
| OriginalFilename | nw.exe |
| ProductName | nwjs |
| ProductVersion | 0.89.0 |
| CompanyShortName | nwjs.io |
| ProductShortName | nwjs |
| LastChange | 0000000000000000000000000000000000000000-0000000000000000000000000000000000000000 |
| Translation | 0x0409 0x04b0 |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | Characteristics | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
1,685,124 bytes | 1,685,504 bytes | 6.51 (Compressed) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
102057C5358C1C2D4D3C6C83D235D4F0 |
.rdata |
0x0019d000 |
278,972 bytes | 279,040 bytes | 5.66 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
AE68C9C075A5F1851DBD94927554B798 |
.data |
0x001e2000 |
37,504 bytes | 13,824 bytes | 3.21 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
DDE58362101B0610D57C7A6CB08E8C05 |
.pdata |
0x001ec000 |
55,944 bytes | 56,320 bytes | 6.00 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
35314512E0AC03D3D8CB2FF0E0171D53 |
.gxfg |
0x001fa000 |
11,856 bytes | 12,288 bytes | 5.11 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
4EC578B1EC89E882AFA14560783DD61B |
.retplne |
0x001fd000 |
168 bytes | 512 bytes | 1.32 (Normal) |
0x00000000
|
5ECCA2C6EA1D296F112E2A3940D7AF4A |
.tls |
0x001fe000 |
538 bytes | 1,024 bytes | 0.21 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
E9AD5582537B327998FF97667BD7D385 |
.voltbl |
0x001ff000 |
68 bytes | 512 bytes | 1.14 (Normal) |
0x00000000
|
3E0C0EC85F664161CF947E236F80C926 |
CPADinfo |
0x00200000 |
56 bytes | 512 bytes | 0.12 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
60D3EA61D541C9BE2E845D2787FB9574 |
_RDATA |
0x00201000 |
244 bytes | 512 bytes | 2.44 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
D0670515549DEB3A3530DCC27BD08463 |
malloc_h |
0x00202000 |
304 bytes | 512 bytes | 4.46 (Normal) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
A9C86B7B9C75F846C8F8AE782BE1C4F4 |
prot |
0x00203000 |
116 bytes | 512 bytes | 0.00 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
BF619EAC0CDF3F68D496EA9344137E8B |
.rsrc |
0x00204000 |
144,928 bytes | 145,408 bytes | 5.09 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
2E3ED02057790D6558444467DA7965DD |
.reloc |
0x00228000 |
8,072 bytes | 8,192 bytes | 5.44 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
90F8AC7190A9E74FA29072216689A384 |
1 section(s) with elevated entropy (≥6.5) - possible compression
| Resource Type | Count | Total Size | Percentage |
|---|---|---|---|
| GOOGLEUPDATEAPPLICATIONCOMMANDS | 1 | 4 bytes | |
| RT_CURSOR | 23 | 56,516 bytes | |
| RT_ICON | 12 | 82,647 bytes | |
| RT_GROUP_CURSOR | 21 | 448 bytes | |
| RT_GROUP_ICON | 1 | 76 bytes | |
| RT_VERSION | 1 | 1,096 bytes | |
| RT_MANIFEST | 1 | 978 bytes |
| Product | nwjs |
| Description | nwjs |
| File Version | 0.89.0 |
| Original Name | nw.exe |
| Internal Name | nw_exe |
| Copyright | Copyright 2023, The NW.js community and The Chromium Authors. All rights reserved. |
✓ This file has been digitally signed and the certificate chain has been verified
No valid SignedData structure was found.
Recommendation: Verify the file source and ensure it comes from a trusted publisher.
Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:
Download Anti-MalwareThis file appears clean, but regular security maintenance is important
Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware
Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!
