Manalyze report for 486a7013f15308af6623d7ab9b558002

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2019-May-22 20:42:02
Detected languages	English - United States
Debug artifacts	C:\dvs\p4\build\sw\rel\gpu_drv\r421\r430_81\drivers\ui\NvSmartMax\NvSmartMaxApp\bin\Release64\NvSmartMaxapp64.pdb
Company	NVIDIA Corporation
FileDescription	NVIDIA Smart Maximise Helper Host
FileVersion	`6.14.10.100.03`
InternalName	NvSmartMaxapp64
LegalCopyright	(C) NVIDIA Corporation. All rights reserved.
OriginalFilename	NvSmartMaxapp64.dll
ProductName	NVIDIA Smart Maximise Helper Host version 100.03
ProductVersion	`6.14.10.100.03`

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains obfuscated function names: e7 c4 ca cf e7 c2 c9 d9 ca d9 d2`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExA LoadLibraryExW` `Functions which can be used for anti-debugging purposes: FindWindowW` `Can take screenshots: GetDC FindWindowW`
Suspicious	The PE header may have been manually modified.	`The resource timestamps differ from the PE header: 2028-Aug-01 12:06:08`
Malicious	The PE's digital signature is invalid.	`Signer: NVIDIA Corporation` `Issuer: VeriSign Class 3 Code Signing 2010 CA` `The file was modified after it was signed.`
Malicious	VirusTotal score: 5/68 (Scanned on 2021-07-28 16:57:55)	`ClamAV: Win.Downloader.Upatre-9880459-0` `Kaspersky: VHO:Trojan-Downloader.Win32.Upatre.izez` `Microsoft: Trojan:Win32/Wacatac.B!ml` `GData: Win64.Trojan.Agent.BBG` `eGambit: PE.Heur.InvalidSig`

Hashes

MD5	`486a7013f15308af6623d7ab9b558002`
SHA1	`7348eec34e1ce51dca83965657d6db4ece50a2e0`
SHA256	`2e11c0fee3c9df36052fd654193e6f5f935d66619c12e5b7ffabf926c20f3389`
SHA3	`c83b546ca07198060ba2f8f08d021435a720d3cbc471650f1a1c87261d1102f0`
SSDeep	`3072:W5uNO+8s6V5WQZV08YLmqa/Qh10UNtGOWmF3hLKKKKKU8AAFTbp8ELQHsoOJNuYG:W5W8sscuVVYLOoh1MlfJXnIZRBv`
Imports Hash	`de054d507dd64f89616238ce4b1e1cca`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x110`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`7`
TimeDateStamp	2019-May-22 20:42:02
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0xae00`
SizeOfInitializedData	`0x31400`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000002278 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x3f000`
SizeOfHeaders	`0x400`
Checksum	`0x41a99`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`d8a200b35df7e4bb874b25692970df45`
SHA1	`3c197a11d355e01939cc9ada32aad855ebc554e6`
SHA256	`f8db9c4350bbd4b2658534625b5ca48ca330292d9841a71ff68348554106ecc8`
SHA3	`f12aa5f507bdd2fb0992877d0231d51bd134c09f56a1eb9697d4f98820ea6cff`
VirtualSize	`0xac70`
VirtualAddress	`0x1000`
SizeOfRawData	`0xae00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.38774`

.rdata

MD5	`fc3d629394e5e636bad834eff8466c72`
SHA1	`53a43efa86263b3a339c386ab97eefaa88d8567b`
SHA256	`d1a9ffb086ec35e3801286a2b169010cc0e1b214ae71f5548ecc202134f2a812`
SHA3	`cd2b628b7f53a3b00ef1efb5cdc671a5e60b5aa3ab0dc457b85bf55a54b96a28`
VirtualSize	`0x8fea`
VirtualAddress	`0xc000`
SizeOfRawData	`0x9000`
PointerToRawData	`0xb200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.79687`

.data

MD5	`2b112512dc5d4605e300f90ae9a55655`
SHA1	`2131bbf61af98da53e881978ec415995c7d043af`
SHA256	`2bf2c6a9d19df2e626a51e40e47f4cbca087972657a67c93bcb4114530c0f809`
SHA3	`fd40386843376c5df74e51849c5d3fd67e6cd50b2a597d8eb5de77da755b4ebc`
VirtualSize	`0x1f30`
VirtualAddress	`0x15000`
SizeOfRawData	`0xe00`
PointerToRawData	`0x14200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`1.95643`

.pdata

MD5	`2d6cd828992639996f455052424b709c`
SHA1	`78cf45797f29232a880f33ea61bca7c9bebeaa5b`
SHA256	`7804d036f60df21cea10a926d7f3111dd24c4a74282765a354a365f5afa27534`
SHA3	`fd4c92c048c9ea141cf9dfb9f8537c99f1e596584ac5364700eabaec06693f6f`
VirtualSize	`0xcb4`
VirtualAddress	`0x17000`
SizeOfRawData	`0xe00`
PointerToRawData	`0x15000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.51984`

.gfids

MD5	`724d1d442cf4a46468acd839045f833b`
SHA1	`bf55468a7755d549219e0c64821aeefb6e4b9e2f`
SHA256	`cf68c90d639275ccc8e12c77c1f01f1a768ebde2c65803146312478bae8b780a`
SHA3	`955bee74b484ff197dbfac1d5d8fea7cb384ae2ae991ac687e139e60c3350a3f`
VirtualSize	`0xa0`
VirtualAddress	`0x18000`
SizeOfRawData	`0x200`
PointerToRawData	`0x15e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0.811098`

.rsrc

MD5	`3a4855880cdef9eccf2641f7db874c50`
SHA1	`6ab49db1e53133b79e1728a595d9905c4bbb0be5`
SHA256	`ac74cb5e747b834c79fcd7da03c6296850da38ab807786b6bf92c1a4aca8e6a9`
SHA3	`b02e977a86704745841fabe4e68b7f507b5c2535b7438ac3b1a8deadd184a038`
VirtualSize	`0x25000`
VirtualAddress	`0x19000`
SizeOfRawData	`0x24c00`
PointerToRawData	`0x16000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.45203`

.reloc

MD5	`26454cb8fabea8a1d964b341e1e196f4`
SHA1	`ca266c2f635dbb1352e582cf4514151faddb9c3f`
SHA256	`d75d7d452520ab078ce01d9288b56f69a805b66c1e748dcdb33014b0b57b5875`
SHA3	`7ca7d591a23a62ca53f9a7231d33a67db58c5e513a95078a541712b4e3a9d891`
VirtualSize	`0x614`
VirtualAddress	`0x3e000`
SizeOfRawData	`0x800`
PointerToRawData	`0x3ac00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.68461`

Imports

KERNEL32.dll	`GetCurrentProcess` `Wow64DisableWow64FsRedirection` `GetEnvironmentVariableW` `CreateMutexW` `WaitForSingleObject` `GetCurrentThreadId` `OpenEventW` `GetLastError` `CloseHandle` `CreateThread` `SetCurrentDirectoryW` `SetDllDirectoryW` `IsWow64Process` `CreateFileW` `FlushFileBuffers` `SetFilePointerEx` `GetConsoleMode` `GetConsoleCP` `HeapReAlloc` `HeapSize` `GetProcessHeap` `LCMapStringW` `GetStringTypeW` `SetStdHandle` `FreeEnvironmentStringsW` `GetEnvironmentStringsW` `GetCommandLineW` `GetCommandLineA` `GetCPInfo` `GetOEMCP` `IsValidCodePage` `FindNextFileA` `FindFirstFileExA` `FindClose` `GetFileType` `RaiseException` `GetSystemInfo` `VirtualProtect` `VirtualQuery` `FreeLibrary` `GetModuleHandleW` `GetProcAddress` `LoadLibraryExA` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `TerminateProcess` `IsProcessorFeaturePresent` `QueryPerformanceCounter` `GetCurrentProcessId` `GetSystemTimeAsFileTime` `InitializeSListHead` `IsDebuggerPresent` `GetStartupInfoW` `RtlUnwindEx` `SetLastError` `EnterCriticalSection` `LeaveCriticalSection` `DeleteCriticalSection` `InitializeCriticalSectionAndSpinCount` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `LoadLibraryExW` `GetStdHandle` `WriteFile` `GetModuleFileNameA` `MultiByteToWideChar` `WideCharToMultiByte` `ExitProcess` `GetModuleHandleExW` `GetACP` `HeapFree` `HeapAlloc` `WriteConsoleW`
USER32.dll	`GetMessageW` `DefWindowProcW` `SubtractRect` `GetWindowRect` `GetDC` `SetWindowPos` `EqualRect` `MonitorFromRect` `EnumDisplayMonitors` `CreateWindowExW` `SendMessageW` `RegisterClassExW` `ShowWindow` `OffsetRect` `DispatchMessageW` `GetMonitorInfoW` `IsRectEmpty` `TranslateMessage` `FindWindowW` `LoadCursorW` `PostQuitMessage` `SystemParametersInfoW` `UpdateWindow` `InvalidateRect` `ReleaseDC`
NvSmartMax64.dll (delay-loaded)	`NvSmartMaxShutdown` `NVUnHook` `NvSmartMaxNotifyAppHWND`

Delayed Imports

Attributes	`0x1`
Name	`NvSmartMax64.dll`
ModuleHandle	`0x15d00`
DelayImportAddressTable	`0x15cd8`
DelayImportNameTable	`0x14470`
BoundDelayImportTable	`0x144d0`
UnloadDelayImportTable	`0`
TimeStamp	`1970-Jan-01 00:00:00`

10

Type	`TXT`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xf`
TimeDateStamp	2028-Aug-01 12:06:08
Entropy	`3.05656`
MD5	`2f9f9d2423b0aa7f6bd6fcb5129e0544`
SHA1	`9c27879effa88e864c7505edb6d05ab3d382aac1`
SHA256	`0ad642cd887c0e2da7aaa90fc1918e3edaa24a93175b438f6e6a12b7d522fbe1`
SHA3	`4181c852196846ec155e976b8d4a18aef4762b8a3ae216dce622f10367f29bcb`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2868`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.96844`
MD5	`0fc4949d10261e5901dbc4863f7c5b50`
SHA1	`2b488bd0a578b8281d558f0550920f34925a4c24`
SHA256	`d99358413d5a9f1404efbd1013dcafb4b305361ee7301c71bf1c6c63e0c633d0`
SHA3	`01f4c9d9f8c4845fc4fac1a67a51fe2f4831ba20fc19e96618ca518f46524cda`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.6635`
MD5	`cef0fb8c84589dfa8fff4f97e48c8517`
SHA1	`1f03810340633e084ce7a215a76e7dc551d42eff`
SHA256	`56b526d3279eb0cefc48fa2c9ad5f5a903a89d30cd3460ee3ce2774d4d979e0b`
SHA3	`a7a28c9f56583debeb75f14a91c9dd2a9a3269517ec313d862f4e353cca84c86`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.792`
MD5	`ecc6d0b44637b8038e024cc92289bf55`
SHA1	`f348463da23477fd7571ddd454fa6c8603ca6754`
SHA256	`03bb8dce6f33f469619915f66489856fe84965519b1c3bda9165e3f51c6c6560`
SHA3	`6b9ee0f9b64ae645ea73259d3d8792b798313c80f6580824d3304800a958f848`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.54056`
MD5	`3d6b04eb94ea8f2dede7f58ca240d07b`
SHA1	`82ed5a788df9f086fd72069b400b0defcbb2ea89`
SHA256	`b708f8ea3e82c58f12229e651c1661044804577e683fd22e79c0b2956a463e21`
SHA3	`937ea92437b13a06099448a68085080105cfc897b154fc53f36cb2ec812d0b68`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.54549`
MD5	`0e87ef9813146dc6a3c40b0cd9d64fc7`
SHA1	`9b2382b568ee55a4290c10a003576e19541f0d11`
SHA256	`ea9dd36a21d5ae8e3bf682bbe3111cc63b66a598191012edaa1e0f1afba4cdb8`
SHA3	`71e8028eea8b8e7d26ea78a9e7f2ed0e784e5f5b379973615d22baeebd855dde`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4c28`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.16678`
MD5	`b4c610681e63d61dbdad58cb567d1795`
SHA1	`9a7e30fc1b006e610f0e417c5c2e2457ecc3cd0c`
SHA256	`b347d56be837e2353115a9d4011ea97a76d997853379f501cf551bdb7bbb2d33`
SHA3	`78cc4f535afbcc4d7c153104887dd7377a8c22715fe3a62a63dfcd5eddb6a1b3`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.52779`
MD5	`0f4dd108aabec19438a1206a7fd28a45`
SHA1	`5c189cb0ea65b4b3b2b32ec1edc223fbd9d42ed3`
SHA256	`6a47ddb72d69e19563ce6d69328b7f425ad035a5d09e869d3a4faf0b13d84904`
SHA3	`eb3941cbe247002de4d69208e8c456470f13ccea96f80e2415c9295f59ef834e`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.74597`
MD5	`c1b1c12d26f09554909a6b668c296681`
SHA1	`52acbe49e3b5765a7c12e5744770e6c74eb7926a`
SHA256	`dc2c5c7b43fa834cd8fc39713fd003f086768bee333bac35890b4676a220abbc`
SHA3	`d3a0d3268f51d6bc353ce966fa5c578f843911a32a98118db62eea755f9fa9e9`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.09212`
MD5	`414ff39611294386d4dac5ce5ddc3a16`
SHA1	`596575404434c311bc5a5247e91e1268f1e472e2`
SHA256	`6896bab53102061d75e4255f281e04ba41d733150892529d7bc2137493cca809`
SHA3	`6b1ee47aa0d9fd635cf8c991618ddefb3330afce33365d8d3ac6358b4f611fea`

10 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.44315`
MD5	`d19d0c484dbe6ed35332c960c8b38884`
SHA1	`7cd4252f1887e26025b878535115ffe5fee275a6`
SHA256	`eecde3c92c78b92a614c4cbe04f992fa603e3e65b14181c79e7c30352a475a84`
SHA3	`18b73cee92f388f2013a39f85e7e476ffc9c31f4801b1d0e192697d4c25b7013`

11

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5006`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.96822`
Detected Filetype	PNG graphic file
MD5	`f3da41dea81d96a15a2df69b1402e2c6`
SHA1	`c84b679f91d65e4950889b207281eeedd2877841`
SHA256	`228e80a0718211c12652b8986ba2963ea03e243c5a21cdc7d01d84311340a202`
SHA3	`211faa206447fa7d3b08bfc447605ea381675fcca65e9b3b93fe13d1a4e85d64`

12

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.4129`
MD5	`77b4c22463736ef9d00a1a5e11c06adc`
SHA1	`4a6e4461f662d30767a4279dfd23e870183eacb2`
SHA256	`5d5cce8cc5a9c49894c417aa9e7ae10b6a37086e0a5ee9e87b3581386d98acc2`
SHA3	`97a833f1a0252a0def66c6afa11c0de61bfe2589cc52cc7efbfeac5c2b383c43`

13

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.27683`
MD5	`a94ef1daa2027418dfd2669bf788f6f1`
SHA1	`1bcc7bd976dcbfa17ae32b8e25a83975a3d24c4c`
SHA256	`1f58b10852eac07112e0bea55d6c6e500a42cfb8089231b1aa7215509c05023b`
SHA3	`ea6b4525ba9f1623be40163c694b89be92e7262c69e4f141b3d89f998cb421a5`

14

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.12242`
MD5	`106000d9f5353db1e0a488eeff1fe2b8`
SHA1	`b58b8367a04ec890dc8ccc158f5397aae6c377e0`
SHA256	`03b473e9b6158c7e84e43ecc23deeae454ed0cd4cbd02e82cd0a35fcd1d27006`
SHA3	`2697aeacda9c0d57300397a24fda47d0b66508359c25798d07e1f73189155b07`

15

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.19452`
MD5	`6022175612149528c20cc4fbd4fb41ec`
SHA1	`3fd49ee0162bf2a87ac4fcc2e5dce594ac9ee658`
SHA256	`2bf8eb3e818cc652d44f37634ac8e2d024b3c6c4e40766bef0479ff1bfa53157`
SHA3	`2505051ab40010df64c63a8028366cb07723efcebcec22a1c7f46c04996b9287`

16

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.64617`
MD5	`89428257c39707ac48bacfdccb1e953f`
SHA1	`b0c8378ddf78e357bce6fc99b377585d8ff5770d`
SHA256	`e04d5d1dff5e571d9157d4f901fb6d779b7807ba31591578e58647239615b935`
SHA3	`3c1c98b3e4fca6243d2029b154521c52b94020aecc522ebbf1b1c8c0d68ddcff`

100

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.13607`
Detected Filetype	Icon file
MD5	`4cd71b54535d8bf2ddf6fea5212e0101`
SHA1	`04a7061bfb182bb3714ffdce8d5f173495a59646`
SHA256	`f923c867c730aa6f9cd44d8fe853990f744c3ee8882665beb8f5fc549ec715f1`
SHA3	`d8b2453e817888067d6ecd1894c59aa5ad423a5f8e4708ac8e826008f0d87b42`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3a0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.51463`
MD5	`93e4a1515b64a14c4e0d20c811c57919`
SHA1	`a4874fd1ad25320c951bb57c55e327c26e79c9e7`
SHA256	`68747b3979034fa3ca63e667434e6ca10d43f10c848af55ebbc55d6d686f6dfc`
SHA3	`6e7836573503fd3a257db76547533f48b70a759dba1ebc9a63d4b29cf2d7ba1b`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91161`
MD5	`1e4a89b11eae0fcf8bb5fdd5ec3b6f61`
SHA1	`4260284ce14278c397aaf6f389c1609b0ab0ce51`
SHA256	`4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df`
SHA3	`4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	6.14.10.10003
ProductVersion	6.14.10.10003
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_DLL`
Language	English - United States
Company	NVIDIA Corporation
FileDescription	NVIDIA Smart Maximise Helper Host
FileVersion (#2)	6.14.10.100.03
InternalName	NvSmartMaxapp64
LegalCopyright	(C) NVIDIA Corporation. All rights reserved.
OriginalFilename	NvSmartMaxapp64.dll
ProductName	NVIDIA Smart Maximise Helper Host version 100.03
ProductVersion (#2)	6.14.10.100.03

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2019-May-22 20:42:02
Version	`0.0`
SizeofData	`138`
AddressOfRawData	`0x13570`
PointerToRawData	`0x12770`
Referenced File	C:\dvs\p4\build\sw\rel\gpu_drv\r421\r430_81\drivers\ui\NvSmartMax\NvSmartMaxApp\bin\Release64\NvSmartMaxapp64.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2019-May-22 20:42:02
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x135fc`
PointerToRawData	`0x127fc`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2019-May-22 20:42:02
Version	`0.0`
SizeofData	`820`
AddressOfRawData	`0x13610`
PointerToRawData	`0x12810`

IMAGE_DEBUG_TYPE_ILTCG

Characteristics	`0`
TimeDateStamp	2019-May-22 20:42:02
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

Size	`0x94`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140015000`

RICH Header

XOR Key	`0x8eb276b7`
Unmarked objects	`0`
ASM objects (24610)	`4`
C objects (24610)	`10`
C++ objects (24610)	`125`
ASM objects (VS2015 UPD3 build 24123)	`7`
C objects (VS2015 UPD3 build 24123)	`18`
C++ objects (VS2015 UPD3 build 24123)	`31`
Imports (24610)	`5`
Total imports	`137`
264 (VS2015 UPD3.1 build 24215)	`1`
Resource objects (VS2015 UPD3 build 24210)	`1`
151	`1`
Linker (VS2015 UPD3.1 build 24215)	`1`

486a7013f15308af6623d7ab9b558002

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.pdata

.gfids

.rsrc

.reloc

Imports

Delayed Imports

10

1

2

3

4

5

6

7

8

9

10 (#2)

11

12

13

14

15

16

100

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

IMAGE_DEBUG_TYPE_VC_FEATURE

IMAGE_DEBUG_TYPE_POGO

IMAGE_DEBUG_TYPE_ILTCG

TLS Callbacks

Load Configuration

RICH Header

Errors