Manalyze report for f6cda0354a0ddd9dfc260dd652c6d4060402eb2e069d2900802e76a7f4035d65

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2026-Mar-04 21:39:00
Debug artifacts	C:\dvs\p4\build\sw\rel\gpu_drv\r595\r595_00\drivers\nvcamera\redist\_out\wddm2_amd64_release\SphericalEquirect64.pdb

Plugin Output

Info	Interesting strings found in the binary:	`Contains domain names: adobe.com google.com http://ns.adobe.com http://ns.adobe.com/xap/1.0/ http://ns.google.com http://ns.google.com/photos/1.0/panorama/ http://www.w3.org http://www.w3.org/1999/02/22-rdf-syntax-ns# ns.adobe.com ns.google.com www.w3.org`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32`
Suspicious	The PE is possibly packed.	`Unusual section name found: .msvcjmc`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExW` `Functions which can be used for anti-debugging purposes: SwitchToThread`
Info	The PE is digitally signed.	`Signer: NVIDIA Corporation` `Issuer: DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`61677de1041f4a68675f0f1e0a29f535`
SHA1	`57197f009b7bab0527424d509b8a8cfafb190933`
SHA256	`f6cda0354a0ddd9dfc260dd652c6d4060402eb2e069d2900802e76a7f4035d65`
SHA3	`be014107d72f8ad6f6d6e3fa2a5e44d654f323ef72bb1e9dda7cf83869d9ea7e`
SSDeep	`24576:rTmKyCQ+DQ3ZaudtfEL7ndypeP3CBH/v0jfHdkkkkkkkkkkJmR5qdKgRI9R1jrML:rTmK23AudBWzdseP3CB/c5KgGR+L`
Imports Hash	`ffc00902007e9a2b59cddcacc99c2ec9`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x120`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`6`
TimeDateStamp	2026-Mar-04 21:39:00
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x117600`
SizeOfInitializedData	`0x28ca00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000000000004FB3C (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x3a8000`
SizeOfHeaders	`0x400`
Checksum	`0x3b0eaa`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`dae08eeb2eb9eee0d22f777cbcd01938`
SHA1	`3738b3d88a242059b8be7c61aa908e2972e0fb24`
SHA256	`1d5c36959220a66334f15d05c4670794f0609e3e6612618e9f13979a058554f7`
SHA3	`3f3aed21b57afcddc247d42890a4fb0b7ecde2ce58b4a7834838980c53dfc162`
VirtualSize	`0x1174dc`
VirtualAddress	`0x1000`
SizeOfRawData	`0x117600`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.52842`

.rdata

MD5	`eac3a81253fe60f5780c2a3ac46b3f42`
SHA1	`195c1f28bca036638c3dbdd4198643e8dee31abd`
SHA256	`8a82bbde22a134a9dac772b52fee876ed44c6e22aef28f1601b70c85cf195d83`
SHA3	`818823d1fbff7041a4fcb58d86a23d313f8b85dc7d316ea549e9f313bf668b51`
VirtualSize	`0x277782`
VirtualAddress	`0x119000`
SizeOfRawData	`0x277800`
PointerToRawData	`0x117a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.04234`

.data

MD5	`7f753e662b149f2da2ea8b1cd8ce39e6`
SHA1	`a441c5841ca5eedaeeb9aba98961205ef2261d09`
SHA256	`e9ea65eb02e860c0e55410d7842f62f2a22ce74887b258c204f4b42df6e5e6ef`
SHA3	`c2b9da7d5f3537324c42b42e0b4595532d5bdbc0ece1e3c006560e4297ae8406`
VirtualSize	`0x7b3c`
VirtualAddress	`0x391000`
SizeOfRawData	`0x5000`
PointerToRawData	`0x38f200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.19382`

.pdata

MD5	`5b3f3b36a7d54b8b4b4ca781a92672f0`
SHA1	`f9ab66e70854bc94952b07628abec1272323cba6`
SHA256	`4742f66724b322ad104fcd1af2f8541c7f752ec0bacd719de4cc6e128ac1b43b`
SHA3	`11be9ec529c80f58b96444583a83febce99fa08c786bd72efc736da071e62a88`
VirtualSize	`0xbb44`
VirtualAddress	`0x399000`
SizeOfRawData	`0xbc00`
PointerToRawData	`0x394200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.10144`

.msvcjmc

MD5	`2cf45acff91fb21806355a0f57723d45`
SHA1	`ac7bcffe6cd2b5645417410be94eee98fa5cb4be`
SHA256	`ef1ba839caf077401a3760dcd55e71b1dad7ba1530d688971e03738fb4141135`
SHA3	`9ac6b23346494e70a62a6b025a2ea90e26c1c0e2ae470c7fa20be711d8a05093`
VirtualSize	`0x11e`
VirtualAddress	`0x3a5000`
SizeOfRawData	`0x200`
PointerToRawData	`0x39fe00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.990071`

.reloc

MD5	`1541f160a01461685af8b539a9b5903b`
SHA1	`d9043e4db40765c023fc7dae51a1e9dd1949db56`
SHA256	`2db5f217e2dffd354d4e319bbc789866bbe441190f7f700d75fa8a4ab30ce895`
SHA3	`83e73fe6284f8cd6b30330877b78db18b8f167bf6f89181424ce165e17024870`
VirtualSize	`0x16a8`
VirtualAddress	`0x3a6000`
SizeOfRawData	`0x1800`
PointerToRawData	`0x3a0000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.35592`

Imports

WindowsCodecs.dll	`WICConvertBitmapSource`
KERNEL32.dll	`ExitThread` `DecodePointer` `GetLastError` `InitializeCriticalSectionAndSpinCount` `DeleteCriticalSection` `QueryPerformanceCounter` `FormatMessageA` `WideCharToMultiByte` `CloseHandle` `WaitForSingleObjectEx` `SwitchToThread` `GetCurrentThreadId` `GetExitCodeThread` `GetNativeSystemInfo` `MultiByteToWideChar` `ReleaseSRWLockExclusive` `AcquireSRWLockExclusive` `TryAcquireSRWLockExclusive` `WakeAllConditionVariable` `SleepConditionVariableSRW` `EnterCriticalSection` `LeaveCriticalSection` `InitializeCriticalSectionEx` `GetSystemTimeAsFileTime` `GetModuleHandleW` `GetProcAddress` `LocalFree` `GetLocaleInfoEx` `EncodePointer` `LCMapStringEx` `GetStringTypeW` `CompareStringEx` `GetCPInfo` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetCurrentProcess` `TerminateProcess` `IsProcessorFeaturePresent` `IsDebuggerPresent` `GetStartupInfoW` `GetCurrentProcessId` `InitializeSListHead` `OutputDebugStringW` `RaiseException` `RtlPcToFileHeader` `RtlUnwindEx` `SetLastError` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `FreeLibrary` `LoadLibraryExW` `ExitProcess` `GetModuleHandleExW` `CreateThread` `RtlUnwind` `FreeLibraryAndExitThread` `GetModuleFileNameW` `GetStdHandle` `WriteFile` `GetCommandLineA` `GetCommandLineW` `HeapAlloc` `HeapFree` `FlsAlloc` `FlsGetValue` `FlsSetValue` `FlsFree` `GetDateFormatW` `GetTimeFormatW` `CompareStringW` `LCMapStringW` `GetLocaleInfoW` `IsValidLocale` `GetUserDefaultLCID` `EnumSystemLocalesW` `GetFileType` `FlushFileBuffers` `GetConsoleOutputCP` `GetConsoleMode` `ReadFile` `GetFileSizeEx` `SetFilePointerEx` `ReadConsoleW` `HeapReAlloc` `GetTimeZoneInformation` `FindClose` `FindFirstFileExW` `FindNextFileW` `IsValidCodePage` `GetACP` `GetOEMCP` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `SetEnvironmentVariableW` `GetProcessHeap` `SetStdHandle` `HeapSize` `CreateFileW` `WriteConsoleW` `SetEndOfFile` `DeleteFileW` `LocalAlloc` `lstrlenA` `ReplaceFileW` `InitializeCriticalSection` `DebugBreak` `ReleaseSemaphore` `WaitForSingleObject` `CreateSemaphoreA`
ole32.dll	`CoCreateInstance` `CoInitializeEx` `CoUninitialize`

Delayed Imports

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2026-Mar-04 21:39:00
Version	`0.0`
SizeofData	`141`
AddressOfRawData	`0x37a044`
PointerToRawData	`0x378a44`
Referenced File	C:\dvs\p4\build\sw\rel\gpu_drv\r595\r595_00\drivers\nvcamera\redist\_out\wddm2_amd64_release\SphericalEquirect64.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2026-Mar-04 21:39:00
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x37a0d4`
PointerToRawData	`0x378ad4`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2026-Mar-04 21:39:00
Version	`0.0`
SizeofData	`1044`
AddressOfRawData	`0x37a0e8`
PointerToRawData	`0x378ae8`

TLS Callbacks

StartAddressOfRawData	`0x14037a550`
EndAddressOfRawData	`0x14037a638`
AddressOfIndex	`0x1403974e0`
AddressOfCallbacks	`0x140119650`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_16BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140391100`

RICH Header

XOR Key	`0x9f683b9`
Unmarked objects	`0`
ASM objects (30795)	`15`
C++ objects (30795)	`183`
C objects (30795)	`22`
C++ objects (33145)	`1`
253 (33731)	`2`
ASM objects (33731)	`10`
C objects (33731)	`17`
C++ objects (33731)	`100`
ASM objects (33145)	`2`
C objects (33145)	`2`
Imports (33145)	`9`
Total imports	`163`
Unmarked objects (#2)	`1`
C objects (33812)	`153`
C++ objects (33812)	`75`
Linker (33812)	`1`

Errors

Leave a comment

No comments yet.