| File Name | nixware.dll |
| File Type |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
| Scanner Version | 1.0.216.174 |
| Database Version | 2025-05-10 13:00:20 UTC |
Malware family: Gen
| Hash Type | Value | Action |
|---|---|---|
| MD5 |
2b8aefbb7a0aa80e2f664b8a4899278f
|
|
| SHA1 |
6f56ec8e0ff6fe0e2fe0780762c3e594c44346c5
|
|
| SHA256 |
f2c18ba4eaa42ec62970819e6a4145ed5b9cb59ac671de91d357c14bdd6a4830
|
|
| SHA512 |
901e43f50d522dd9713c0b9c0c66f7a4fb9377c9f04364c16b6da1b5f3ca8fb86ef99fe73050d778fb40d7462ffb5dc22305db6757fd3ff7adedf5fb072813a3
|
|
| ImpHash |
2f9b99aa2758ed02ad0d48b220ee310f
|
| Image Base | 0x180000000 |
| Entry Point | 0x18019e970 |
| Compilation Time | 2024-06-26 16:14:33 |
| Checksum | 0x00000000 (Actual: 0x0022d467) |
| OS Version | 6.0 |
| PEiD Signatures |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
| PDB Path | D:\Source\nixware_x64\build\release\nixware.pdb |
| Digital Signature | No valid SignedData structure was found. |
| Imports | 17 libraries |
| Exports | 0 functions |
| Resources | 1 Resources |
| Sections | 6 Sections |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | Characteristics | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
1,721,763 bytes | 1,721,856 bytes | 6.02 (Normal) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
F60F247382CCE07DE602BE7FB87B41A0 |
.rdata |
0x001a6000 |
410,912 bytes | 411,136 bytes | 6.49 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
04C9E4C8CC1DB7F344C6FDA6E0E103AE |
.data |
0x0020b000 |
38,880 bytes | 6,144 bytes | 4.63 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
B6C8E02B19AC82D95CCAAEBFF35EC0F0 |
.pdata |
0x00215000 |
78,732 bytes | 78,848 bytes | 6.04 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
BE705ECF0CDE53ABC38B558E3690D5CC |
.rsrc |
0x00229000 |
248 bytes | 512 bytes | 2.53 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
752BC6D906446AD7277D81C64C8FCD14 |
.reloc |
0x0022a000 |
4,288 bytes | 4,608 bytes | 5.28 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
02AEC87CC012233FFAE61DEE28C9C016 |
| Resource Type | Count | Total Size | Percentage |
|---|---|---|---|
| RT_MANIFEST | 1 | 145 bytes |
This file is not digitally signed.
⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources
No valid SignedData structure was found.
Recommendation: Verify the file source and ensure it comes from a trusted publisher.
Gridinsoft has the capability to identify and eliminate Trojan.Win64.Gen.cl without requiring further user intervention.
Download Anti-MalwareFollow these steps to completely remove the threat from your system
