cuda_10.1.243_win10_network.exe
This report is generated from a file or URL submitted to this webservice on May 11th 2020 13:17:16 (UTC)
Guest System: Windows 7 64 bit, Professional, 6.1 (build 7601), Service Pack 1
Report generated by
Falcon Sandbox v8.30 © Hybrid Analysis
Incident Response
Risk Assessment
- Spyware
- Found a string that may be used as part of an injection method
- Fingerprint
-
Queries kernel debugger information
Reads the active computer name
Reads the cryptographic machine GUID
MITRE ATT&CK™ Techniques Detection
Additional Context
Related Sandbox Artifacts
- Associated URLs
- hxxp://developer.download.nvidia.com/compute/cuda/10.1/Prod/network_installers/cuda_10.1.243_win10_network.exe
Indicators
Not all malicious and suspicious indicators are displayed. Get your own cloud service or the full version to view all details.
-
Suspicious Indicators 17
-
Anti-Detection/Stealthyness
-
Queries kernel debugger information
- details
- "setup.exe" at 00175761-00003324-00000033-90772981985
- source
- API Call
- relevance
- 6/10
-
Queries kernel debugger information
-
Anti-Reverse Engineering
-
PE file has unusual entropy sections
- details
- .rsrc with unusual entropies 7.02462035103
- source
- Static Parser
- relevance
- 10/10
-
PE file has unusual entropy sections
-
Environment Awareness
-
Reads the active computer name
- details
-
"cuda_10.1.243_win10_network.exe" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\COMPUTERNAME\ACTIVECOMPUTERNAME"; Key: "COMPUTERNAME")
"setup.exe" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\COMPUTERNAME\ACTIVECOMPUTERNAME"; Key: "COMPUTERNAME") - source
- Registry Access
- relevance
- 5/10
- ATT&CK ID
- T1012 (Show technique in the MITRE ATT&CK™ matrix)
-
Reads the cryptographic machine GUID
- details
- "setup.exe" (Path: "HKLM\SOFTWARE\MICROSOFT\CRYPTOGRAPHY"; Key: "MACHINEGUID")
- source
- Registry Access
- relevance
- 10/10
- ATT&CK ID
- T1012 (Show technique in the MITRE ATT&CK™ matrix)
-
Reads the active computer name
-
General
-
Reads configuration files
- details
-
"cuda_10.1.243_win10_network.exe" read file "%USERPROFILE%\Desktop\desktop.ini"
"cuda_10.1.243_win10_network.exe" read file "%USERPROFILE%\Users\%OSUSER%\Searches\desktop.ini"
"cuda_10.1.243_win10_network.exe" read file "%USERPROFILE%\Videos\desktop.ini"
"cuda_10.1.243_win10_network.exe" read file "%USERPROFILE%\Pictures\desktop.ini"
"cuda_10.1.243_win10_network.exe" read file "%USERPROFILE%\Contacts\desktop.ini"
"cuda_10.1.243_win10_network.exe" read file "%USERPROFILE%\Favorites\desktop.ini"
"cuda_10.1.243_win10_network.exe" read file "%USERPROFILE%\Music\desktop.ini"
"cuda_10.1.243_win10_network.exe" read file "%USERPROFILE%\Downloads\desktop.ini"
"cuda_10.1.243_win10_network.exe" read file "%USERPROFILE%\Documents\desktop.ini"
"cuda_10.1.243_win10_network.exe" read file "%USERPROFILE%\Links\desktop.ini"
"cuda_10.1.243_win10_network.exe" read file "%USERPROFILE%\Saved Games\desktop.ini" - source
- API Call
- relevance
- 4/10
-
Reads configuration files
-
Installation/Persistance
-
Drops executable files
- details
-
"NVPrxy64.dll" has type "PE32+ executable (DLL) (GUI) x86-64 for MS Windows"
"NVI2UI.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"NvContainerInternal.exe" has type "PE32+ executable (GUI) x86-64 for MS Windows"
"NvTelemetryBridge32.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"NVNetworkService.exe" has type "PE32 executable (console) Intel 80386 for MS Windows"
"MessageBus.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"NvTelemetryStatusReporter.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"NVIRUSBExt.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"NvTelemetryStatusReporter64.dll" has type "PE32+ executable (DLL) (GUI) x86-64 for MS Windows"
"NvTelemetry64.dll" has type "PE32+ executable (DLL) (GUI) x86-64 for MS Windows"
"PocoInitializer.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"MessageBus.dll" has type "PE32+ executable (DLL) (GUI) x86-64 for MS Windows"
"NvContainerTelemetryApi.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"NGXCoreExt.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"NvPluginWatchdog.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"NVNetworkServiceAPI.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"CUDASamplesExt.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"DisplayDriverExt.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"CUDAVisualStudioIntegrationExt.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" - source
- Binary File
- relevance
- 10/10
-
Drops executable files
-
Unusual Characteristics
-
CRC value set in PE header does not match actual value
- details
-
"NVPrxy64.dll" claimed CRC 1417216 while the actual is CRC 20376151
"NVI2UI.dll" claimed CRC 1842967 while the actual is CRC 1417216
"NvContainerInternal.exe" claimed CRC 819045 while the actual is CRC 1842967
"NvTelemetryBridge32.dll" claimed CRC 492357 while the actual is CRC 819045
"NVNetworkService.exe" claimed CRC 1897999 while the actual is CRC 492357
"MessageBus.dll" claimed CRC 317951 while the actual is CRC 1897999
"NvTelemetryStatusReporter.dll" claimed CRC 351358 while the actual is CRC 317951
"NVIRUSBExt.dll" claimed CRC 975845 while the actual is CRC 351358
"NvTelemetryStatusReporter64.dll" claimed CRC 430964 while the actual is CRC 975845
"NvTelemetry64.dll" claimed CRC 4640046 while the actual is CRC 430964
"PocoInitializer.dll" claimed CRC 97561 while the actual is CRC 4640046
"MessageBus.dll" claimed CRC 416423 while the actual is CRC 97561
"NvContainerTelemetryApi.dll" claimed CRC 688109 while the actual is CRC 416423
"NGXCoreExt.dll" claimed CRC 1083174 while the actual is CRC 688109
"NvPluginWatchdog.dll" claimed CRC 524495 while the actual is CRC 1083174
"NVNetworkServiceAPI.dll" claimed CRC 812217 while the actual is CRC 524495
"CUDASamplesExt.dll" claimed CRC 883831 while the actual is CRC 812217
"DisplayDriverExt.dll" claimed CRC 1591453 while the actual is CRC 883831
"CUDAVisualStudioIntegrationExt.dll" claimed CRC 1061535 while the actual is CRC 1591453
"DocExt.dll" claimed CRC 909324 while the actual is CRC 1061535 - source
- Static Parser
- relevance
- 10/10
-
Imports suspicious APIs
- details
-
RegCreateKeyExW
SetSecurityDescriptorDacl
RegCloseKey
RegOpenKeyExW
GetDriveTypeW
GetFileAttributesW
UnhandledExceptionFilter
FindResourceExA
GetTempPathW
OutputDebugStringW
GetModuleFileNameW
IsDebuggerPresent
GetModuleFileNameA
CreateThread
ExitThread
TerminateProcess
GetVersionExW
GetTickCount
LoadLibraryA
GetStartupInfoA
GetFileSize
CreateDirectoryW
DeleteFileW
GetFileSizeEx
FindNextFileW
FindFirstFileW
GetProcAddress
CreateFileW
CreateFileA
LockResource
GetCommandLineW
GetCommandLineA
GetModuleHandleA
GetModuleHandleW
WriteFile
Sleep
VirtualAlloc
ShellExecuteW
ShellExecuteExW
RegDeleteValueW
RegDeleteKeyW
OpenProcessToken
RegEnumKeyExW
FindResourceExW
DeviceIoControl
LoadLibraryExW
GetModuleHandleExW
CreateToolhelp32Snapshot
LoadLibraryW
OpenProcess
GetStartupInfoW
CreateFileMappingW
FindFirstFileExA
FindNextFileA
FindResourceW
Process32NextW
Process32FirstW
MapViewOfFile
CreateProcessW
OutputDebugStringA
LoadLibraryExA
GetUserNameW
StartServiceCtrlDispatcherW
FindFirstFileExW
CreateProcessA
VirtualProtect
IcmpSendEcho
SleepEx
GetTempFileNameW
GetFileAttributesExW
WSAStartup
WSASocketW
WSASend
listen
closesocket
socket
bind
connect
ConnectNamedPipe
CopyFileW
GetFileAttributesA
DisconnectNamedPipe
GetTempPathA
DeleteFileA
send
recv
LookupAccountNameW
CreateProcessAsUserW
StartServiceW
OpenFileMappingW
CopyFileExW - source
- Static Parser
- relevance
- 1/10
-
Installs hooks/patches the running process
- details
-
"cuda_10.1.243_win10_network.exe" wrote bytes "b88011b472ffe0" to virtual address "0x775E1368" (part of module "WS2_32.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "b4360200" to virtual address "0x753F4D68" (part of module "SSPICLI.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "b4363f75" to virtual address "0x75400200" (part of module "SSPICLI.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "b89012b472ffe0" to virtual address "0x753F3AD8" (part of module "SSPICLI.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "d83a0200" to virtual address "0x753F4E38" (part of module "SSPICLI.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "a011b472" to virtual address "0x7703E324" (part of module "WININET.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "7111b0007a3baf00ab8b02007f950200fc8c0200729602006cc805001ecdac007d26ac00" to virtual address "0x770B07E4" (part of module "USER32.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "d83a3f75" to virtual address "0x754001FC" (part of module "SSPICLI.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "c0dfb5771cf9b477ccf8b4770d64b67700000000c011aa7500000000fc3eaa7500000000e013aa750000000094572b7725e0b577c6e0b57700000000bc6a2a7700000000cf31aa750000000093192b77000000002c32aa7500000000" to virtual address "0x75681000" (part of module "NSI.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "d83a3f75" to virtual address "0x75400274" (part of module "SSPICLI.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "b81015b472ffe0" to virtual address "0x753F36B4" (part of module "SSPICLI.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "d83a0200" to virtual address "0x753F4D78" (part of module "SSPICLI.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "a011b472" to virtual address "0x72BC4028" (part of module "WEBIO.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "b4360200" to virtual address "0x753F4EA4" (part of module "SSPICLI.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "d83a3f75" to virtual address "0x754001E0" (part of module "SSPICLI.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "b4363f75" to virtual address "0x7540025C" (part of module "SSPICLI.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "b4363f75" to virtual address "0x75400278" (part of module "SSPICLI.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "68130000" to virtual address "0x775E1680" (part of module "WS2_32.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "b4363f75" to virtual address "0x754001E4" (part of module "SSPICLI.DLL")
"cuda_10.1.243_win10_network.exe" wrote bytes "d83a3f75" to virtual address "0x75400258" (part of module "SSPICLI.DLL") - source
- Hook Detection
- relevance
- 10/10
- ATT&CK ID
- T1179 (Show technique in the MITRE ATT&CK™ matrix)
-
Reads information about supported languages
- details
- "cuda_10.1.243_win10_network.exe" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\LOCALE"; Key: "00000409")
- source
- Registry Access
- relevance
- 3/10
- ATT&CK ID
- T1012 (Show technique in the MITRE ATT&CK™ matrix)
-
CRC value set in PE header does not match actual value
-
Hiding 7 Suspicious Indicators
- All indicators are available only in the private webservice or standalone version
-
Informative 18
-
Environment Awareness
-
Reads the registry for installed applications
- details
- "setup.exe" (Path: "HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_INSTALLER")
- source
- Registry Access
- relevance
- 10/10
- ATT&CK ID
- T1012 (Show technique in the MITRE ATT&CK™ matrix)
-
Reads the registry for installed applications
-
External Systems
-
Sample was identified as clean by Antivirus engines
- details
- 0/71 Antivirus vendors marked sample as malicious (0% detection rate)
- source
- External System
- relevance
- 10/10
-
Sample was identified as clean by Antivirus engines
-
General
-
Creates a writable file in a temporary directory
- details
-
"cuda_10.1.243_win10_network.exe" created file "%TEMP%\CUDA\cublas\cublas.nvi"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\legacy\Display.Driver\nvaoui.inf"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\legacy\Display.Driver\nvblui.inf"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\legacy\Display.Driver\nvclui.inf"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\legacy\Display.Driver\nvddui.inf"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\legacy\Display.Driver\nvemui.inf"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\legacy\Display.Driver\nvfmui.inf"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\legacy\Display.Driver\nvgeui.inf"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\legacy\Display.Driver\nvhdcui.inf"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\legacy\Display.Driver\nvhmui.inf"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\legacy\Display.Driver\nvleui.inf"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\legacy\Display.Driver\nvlgui.inf"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\legacy\Display.Driver\nvmiui.inf"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\legacy\Display.Driver\nvmmui.inf"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\legacy\Display.Driver\nvpnui.inf"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\Setup.cfg"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\universal\Display.Driver\nvakui.inf"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\universal\Display.Driver\nvmiui.inf"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\universal\Display.Driver\nvmoui.inf"
"cuda_10.1.243_win10_network.exe" created file "C:\Users\%USERNAME%\AppData\Local\Temp\CUDA\CUDASamples\CUDASamplesExt.dll" - source
- API Call
- relevance
- 1/10
-
Creates mutants
- details
-
"\Sessions\1\BaseNamedObjects\Global\c:*users*%OSUSER%*appdata*local*temp*cuda"
"\Sessions\1\BaseNamedObjects\Local\ZonesCacheCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\ZonesLockedCacheCounterMutex"
"Global\c:*users*%OSUSER%*appdata*local*temp*cuda"
"\Sessions\1\BaseNamedObjects\Global\Log.3324setup.exe.log{C40CFCD4-C757-4139-A4DA-7CB51A8DBF80}"
"\Sessions\1\BaseNamedObjects\DBWinMutex"
"Global\Log.3324setup.exe.log{C40CFCD4-C757-4139-A4DA-7CB51A8DBF80}"
"DBWinMutex"
"\Sessions\1\BaseNamedObjects\Global\WindowsUpdateTracingMutex"
"\Sessions\1\BaseNamedObjects\Global\_MSISETUP_{2956EBA1-9B5A-4679-8618-357136DA66CA}" - source
- Created Mutant
- relevance
- 3/10
-
Drops files marked as clean
- details
- Antivirus vendors marked dropped file "NVPrxy64.dll" as clean (type is "PE32+ executable (DLL) (GUI) x86-64 for MS Windows"), Antivirus vendors marked dropped file "nvaoui.inf" as clean (type is "Windows setup INFormation ASCII text with very long lines with CRLF line terminators"), Antivirus vendors marked dropped file "NVI2UI.dll" as clean (type is "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"), Antivirus vendors marked dropped file "NvContainerInternal.exe" as clean (type is "PE32+ executable (GUI) x86-64 for MS Windows"), Antivirus vendors marked dropped file "NvTelemetryBridge32.dll" as clean (type is "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"), Antivirus vendors marked dropped file "nvacui.inf" as clean (type is "Windows setup INFormation ASCII text with CRLF line terminators"), Antivirus vendors marked dropped file "nvrfui.inf" as clean (type is "Windows setup INFormation ASCII text with very long lines with CRLF line terminators"), Antivirus vendors marked dropped file "nvmtcui.inf" as clean (type is "Windows setup INFormation ASCII text with very long lines with CRLF line terminators"), Antivirus vendors marked dropped file "nvvhci.inf" as clean (type is "Windows setup INFormation ASCII text with CRLF line terminators"), Antivirus vendors marked dropped file "NVNetworkService.exe" as clean (type is "PE32 executable (console) Intel 80386 for MS Windows"), Antivirus vendors marked dropped file "nvddui.inf" as clean (type is "Windows setup INFormation ASCII text with CRLF line terminators"), Antivirus vendors marked dropped file "nvsmui.inf" as clean (type is "Windows setup INFormation ASCII text with CRLF line terminators"), Antivirus vendors marked dropped file "MessageBus.dll" as clean (type is "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"), Antivirus vendors marked dropped file "NvTelemetryStatusReporter.dll" as clean (type is "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"), Antivirus vendors marked dropped file "NVIRUSBExt.dll" as clean (type is "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"), Antivirus vendors marked dropped file "NvTelemetryStatusReporter64.dll" as clean (type is "PE32+ executable (DLL) (GUI) x86-64 for MS Windows"), Antivirus vendors marked dropped file "NvTelemetry64.dll" as clean (type is "PE32+ executable (DLL) (GUI) x86-64 for MS Windows"), Antivirus vendors marked dropped file "nvsaui.inf" as clean (type is "Windows setup INFormation ASCII text with very long lines with CRLF line terminators"), Antivirus vendors marked dropped file "PocoInitializer.dll" as clean (type is "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"), Antivirus vendors marked dropped file "nvaeui.inf" as clean (type is "Windows setup INFormation ASCII text with very long lines with CRLF line terminators")
- source
- Binary File
- relevance
- 10/10
-
Loads rich edit control libraries
- details
- "setup.exe" loaded module "%WINDIR%\SysWOW64\riched20.dll" at 71B70000
- source
- Loaded Module
- ATT&CK ID
- T1179 (Show technique in the MITRE ATT&CK™ matrix)
-
Overview of unique CLSIDs touched in registry
- details
-
"cuda_10.1.243_win10_network.exe" touched "Computer" (Path: "HKCU\WOW6432NODE\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\SHELLFOLDER")
"cuda_10.1.243_win10_network.exe" touched "Memory Mapped Cache Mgr" (Path: "HKCU\WOW6432NODE\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}")
"cuda_10.1.243_win10_network.exe" touched "Enhanced Storage Icon Overlay Handler Class" (Path: "HKCU\WOW6432NODE\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\INPROCSERVER32")
"cuda_10.1.243_win10_network.exe" touched "Sharing Overlay (Private)" (Path: "HKCU\WOW6432NODE\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\INPROCSERVER32")
"cuda_10.1.243_win10_network.exe" touched "Task Bar Communication" (Path: "HKCU\WOW6432NODE\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090}\TREATAS")
"cuda_10.1.243_win10_network.exe" touched "Network" (Path: "HKCU\WOW6432NODE\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\SHELLFOLDER")
"cuda_10.1.243_win10_network.exe" touched "Recycle Bin" (Path: "HKCU\WOW6432NODE\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\SHELLFOLDER")
"cuda_10.1.243_win10_network.exe" touched "Control Panel" (Path: "HKCU\WOW6432NODE\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\SHELLFOLDER")
"cuda_10.1.243_win10_network.exe" touched "UsersFiles" (Path: "HKCU\WOW6432NODE\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\SHELLFOLDER")
"cuda_10.1.243_win10_network.exe" touched "UsersLibraries" (Path: "HKCU\WOW6432NODE\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\SHELLFOLDER")
"cuda_10.1.243_win10_network.exe" touched "CLSID_SearchFolder" (Path: "HKCU\WOW6432NODE\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\SHELLFOLDER")
"cuda_10.1.243_win10_network.exe" touched "IE History and Feeds Shell Data Source for Windows Search" (Path: "HKCU\WOW6432NODE\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\SHELLFOLDER")
"cuda_10.1.243_win10_network.exe" touched "Public Folder" (Path: "HKCU\WOW6432NODE\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\SHELLFOLDER")
"cuda_10.1.243_win10_network.exe" touched "Control Panel command object for Start menu and desktop" (Path: "HKCU\WOW6432NODE\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\SHELLFOLDER")
"cuda_10.1.243_win10_network.exe" touched "@%systemroot%\system32\mssvp.dll,-110" (Path: "HKCU\WOW6432NODE\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\SHELLFOLDER")
"cuda_10.1.243_win10_network.exe" touched "CLSID_SearchHome" (Path: "HKCU\WOW6432NODE\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\SHELLFOLDER")
"cuda_10.1.243_win10_network.exe" touched "Other Users Folder" (Path: "HKCU\WOW6432NODE\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\SHELLFOLDER")
"cuda_10.1.243_win10_network.exe" touched "@%systemroot%\system32\mssvp.dll,-112" (Path: "HKCU\WOW6432NODE\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\SHELLFOLDER")
"cuda_10.1.243_win10_network.exe" touched "CLSID_StartMenuProviderFolder" (Path: "HKCU\WOW6432NODE\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\SHELLFOLDER")
"cuda_10.1.243_win10_network.exe" touched "CLSID_StartMenuPathCompleteProviderFolder" (Path: "HKCU\WOW6432NODE\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\SHELLFOLDER") - source
- Registry Access
- relevance
- 3/10
-
Process launched with changed environment
- details
-
Process "setup.exe" (Show Process) was launched with new environment variables: "7zSfxString13="Could not delete file or folder "%s".", 7zSfxString15="Could not find "setup.exe".", 7zSfxString12="Could not create folder "%s".", 7zSfxFolder05="C:\Users\%USERNAME%\Documents", 7zSfxFolder28="C:\Users\%USERNAME%\AppData\Local", 7zSfxString7="Could not open archive file "%s".", 7zSfxFolder00="C:\Users\%USERNAME%\Desktop", 7zSfxString31="Could not overwrite file "%s".", 7zSfxFolder42="C:\Program Files (x86)", CommonDocuments="C:\Users\%USERNAME%\Documents", 7zSfxFolder56="C:\Windows\resources", 7zSfxString43="Insufficient physical memory.", 7zSfxString14="Could not find command for "%s".", 7zSfxFolder08="C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Recent", 7zSfxString33="7-Zip: Internal error
code 0x%08X.", 7zSfxString26="Cancel", 7zSfxFolder40="C:\Users\%USERNAME%\Users\HAPUBWS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup", 7zSfxFolder34="C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\History", CommonDesktop="C:\Users\%USERNAME%\Desktop", 7zSfxString11="Error in line %d of configuration data:", 7zSfxFolder20="C:\Windows\Fonts", 7zSfxFolder22="%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu", 7zSfxFolder54="C:\Users\%USERNAME%\Pictures", MyDocuments="C:\Users\%USERNAME%\Documents", 7zSfxString21="Extraction path", 7zSfxString19="7-Zip: Data error.", 7zSfxFolder37="C:\Windows\system32", 7zSfxFolder32="C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Temporary Internet Files", 7zSfxFolder02="C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs", 7zSfxFolder59="C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Burn\Burn", 7zSfxFolder41="C:\Windows\SysWOW64", 7zSfxString1="SFX module version:", 7zSfxFolder27="C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts", UserDesktop="C:\Users\%USERNAME%\Desktop", 7zSfxString36="Next", 7zSfxString30="Could not create file "%s".", 7zSfxString27="Yes", 7zSfxFolder26="C:\Users\%USERNAME%\AppData\Roaming", 7zSfxString41=": warning", 7zSfxFolder44="C:\Program Files (x86)\Common Files", 7zSfxString4=": error", 7zSfxString6="Could not get SFX filename.", 7zSfxFolder06="C:\Users\%USERNAME%\Favorites", 7zSfxFolder46="C:\Users\%USERNAME%\Documents", 7zSfxString16="Error during execution "%s".", 7zSfxString2="7z SFX", 7zSfxString40="7z SFX: warning", 7zSfxString24="No "HelpText" in the configuration file.", 7zSfxFolder21="C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Templates", 7zSfxFolder35="C:\ProgramData", 7zSfxString18="7-Zip: CRC error.", 7zSfxString29=" s", 7zSfxString46="Other installations are running. Finish the other installations then try again.", 7zSfxFolder55="C:\Users\%USERNAME%\Videos", 7zSfxFolder47="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools", 7zSfxString3="7z SFX: error", 7zSfxFolder43="C:\Program Files (x86)\Common Files", 7zSfxString44="Copyright (c) 2005-2010 Oleg Scherbakov", 7zSfxFolder16="C:\Users\%USERNAME%\Desktop", 7zSfxFolder09="C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\SendTo", 7zSfxString25="OK", 7zSfxFolder31="C:\Users\%USERNAME%\Favorites", 7zSfxString23="Really cancel the installation?", 7zSfxString47="Error", 7zSfxFolder48="C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools", 7zSfxString22="Extraction path:", 7zSfxFolder07="C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup", 7zSfxString45=""%s" already exists.", 7zSfxString39="Application error:", 7zSfxString34="7-Zip: Extraction error.", 7zSfxFolder53="C:\Users\%USERNAME%\Music", 7zSfxString17="7-Zip: Unsupported method.", 7zSfxString20="7-Zip: Internal error
code %u.", 7zSfxFolder23="C:\ProgramData\Microsoft\Windows\Start Menu\Programs", 7zSfxString38="Cancel", MyDocs="C:\Users\%USERNAME%\Documents", 7zSfxString35="Back", 7zSfxFolder38="C:\Program Files (x86)", 7zSfxFolder30="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup", 7zSfxFolder33="C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Cookies", 7zSfxFolder14="C:\Users\%USERNAME%\Videos", 7zSfxFolder24="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup", 7zSfxString5="Extracting", 7zSfxString8="Non 7z archive.", 7zSfxString28="No", 7zSfxFolder13="C:\Users\%USERNAME%\Music", 7zSfxString32="Error in command line:", 7zSfxFolder39="C:\Users\%USERNAME%\Pictures", 7zSfxString37="Finish", 7zSfxFolder25="C:\Users\%USERNAME%\Desktop", 7zSfxFolder11="C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Start Menu", 7zSfxString42="Not enough free space for extracting.", 7zSfxFolder36="C:\Windows", 7zSfxString10="Could not write SFX configuration.", 7zSfxFolder19="C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Network Shortcuts", 7zSfxFolder45="C:\ProgramData\Microsoft\Windows\Templates", 7zSfxString9="Could not read SFX configuration or configuration not found."" - source
- Monitored Target
- relevance
- 10/10
-
Scanning for window names
- details
- "cuda_10.1.243_win10_network.exe" searching for class "Shell_TrayWnd"
- source
- API Call
- relevance
- 10/10
- ATT&CK ID
- T1010 (Show technique in the MITRE ATT&CK™ matrix)
-
Spawns new processes
- details
- Spawned process "setup.exe" (Show Process)
- source
- Monitored Target
- relevance
- 3/10
-
Spawns new processes that are not known child processes
- details
- Spawned process "setup.exe" (Show Process)
- source
- Monitored Target
- relevance
- 3/10
-
The input sample is signed with a certificate
- details
-
The input sample is signed with a certificate issued by "CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE" (SHA1: C0:E4:9D:2D:7D:90:A5:CD:42:7F:02:D9:12:56:94:D5:D6:EC:5B:71; see report for more information)
The input sample is signed with a certificate issued by "CN=GlobalSign Timestamping CA - G2, O=GlobalSign nv-sa, C=BE" (SHA1: 63:B8:2F:AB:61:F5:83:90:96:95:05:0B:00:24:9C:50:29:33:EC:79; see report for more information)
The input sample is signed with a certificate issued by "CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa c10, OU=VeriSign Trust Network, O="VeriSign
Inc.", C=US" (SHA1: 77:BA:1B:D2:D7:51:DD:22:E9:26:35:CC:E8:56:8A:A9:CC:BB:F4:6E; see report for more information)
The input sample is signed with a certificate issued by "CN=Microsoft Code Verification Root, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US" (SHA1: 57:53:4C:CC:33:91:4C:41:F7:0E:2C:BB:21:03:A1:DB:18:81:7D:8B; see report for more information)
The input sample is signed with a certificate issued by "CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="c 2006 VeriSign
Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign
Inc.", C=US" (SHA1: 49:58:47:A9:31:87:CF:B8:C7:1F:84:0C:B7:B4:14:97:AD:95:C6:4F; see report for more information) - source
- Certificate Data
- relevance
- 10/10
- ATT&CK ID
- T1116 (Show technique in the MITRE ATT&CK™ matrix)
-
Creates a writable file in a temporary directory
-
Installation/Persistance
-
Connects to LPC ports
- details
-
"cuda_10.1.243_win10_network.exe" connecting to "\ThemeApiPort"
"setup.exe" connecting to "\ThemeApiPort" - source
- API Call
- relevance
- 1/10
-
Dropped files
- details
-
"NVPrxy64.dll" has type "PE32+ executable (DLL) (GUI) x86-64 for MS Windows"
"nvaoui.inf" has type "Windows setup INFormation ASCII text with very long lines with CRLF line terminators"
"NVI2UI.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"NvContainerInternal.exe" has type "PE32+ executable (GUI) x86-64 for MS Windows"
"NvTelemetryBridge32.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"nvacui.inf" has type "Windows setup INFormation ASCII text with CRLF line terminators"
"nvrfui.inf" has type "Windows setup INFormation ASCII text with very long lines with CRLF line terminators"
"nvmtcui.inf" has type "Windows setup INFormation ASCII text with very long lines with CRLF line terminators"
"nvvhci.inf" has type "Windows setup INFormation ASCII text with CRLF line terminators"
"NVNetworkService.exe" has type "PE32 executable (console) Intel 80386 for MS Windows"
"nvddui.inf" has type "Windows setup INFormation ASCII text with CRLF line terminators"
"nvsmui.inf" has type "Windows setup INFormation ASCII text with CRLF line terminators"
"MessageBus.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"NvTelemetryStatusReporter.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"NVIRUSBExt.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"NvTelemetryStatusReporter64.dll" has type "PE32+ executable (DLL) (GUI) x86-64 for MS Windows"
"NvTelemetry64.dll" has type "PE32+ executable (DLL) (GUI) x86-64 for MS Windows"
"nvsaui.inf" has type "Windows setup INFormation ASCII text with very long lines with CRLF line terminators"
"PocoInitializer.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"nvaeui.inf" has type "Windows setup INFormation ASCII text with very long lines with CRLF line terminators" - source
- Binary File
- relevance
- 3/10
-
Touches files in the Windows directory
- details
-
"cuda_10.1.243_win10_network.exe" touched file "C:\Windows\SysWOW64\tzres.dll"
"cuda_10.1.243_win10_network.exe" touched file "C:\Windows\Globalization\Sorting\SortDefault.nls"
"cuda_10.1.243_win10_network.exe" touched file "C:\Windows\SysWOW64\en-US\msctf.dll.mui"
"cuda_10.1.243_win10_network.exe" touched file "C:\Windows\Fonts\StaticCache.dat"
"cuda_10.1.243_win10_network.exe" touched file "%LOCALAPPDATA%\Microsoft\Windows\Caches"
"cuda_10.1.243_win10_network.exe" touched file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Caches\cversions.1.db"
"cuda_10.1.243_win10_network.exe" touched file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000001b.db"
"cuda_10.1.243_win10_network.exe" touched file "C:\Windows\AppPatch\sysmain.sdb"
"cuda_10.1.243_win10_network.exe" touched file "C:\Windows\SysWOW64\EhStorShell.dll"
"cuda_10.1.243_win10_network.exe" touched file "C:\Windows\SysWOW64\en-US\EhStorShell.dll.mui"
"cuda_10.1.243_win10_network.exe" touched file "C:\Windows\SysWOW64\ntshrui.dll"
"cuda_10.1.243_win10_network.exe" touched file "C:\Windows\SysWOW64\en-US\ntshrui.dll.mui" - source
- API Call
- relevance
- 7/10
-
Connects to LPC ports
-
Network Related
-
Found potential URL in binary/memory
- details
-
Pattern match: "http://www.w3.org/1999/02/22-rdf-syntax-ns#"
Heuristic match: "$Nckp
.Dk"
Heuristic match: ":Rz4 ~k.AL"
Heuristic match: "%fiic=.bN"
Heuristic match: "ytlrL{.Bm"
Heuristic match: "|Uqu.GW"
Heuristic match: "kZA7G%.wS"
Pattern match: "https://www.globalsign.com/repository/03"
Pattern match: "http://crl.globalsign.net/root.crl0"
Pattern match: "https://www.globalsign.com/repository/0"
Pattern match: "crl.globalsign.com/gs/gstimestampingg2.crl0T"
Pattern match: "secure.globalsign.com/cacert/gstimestampingg2.crt0"
Pattern match: "https://www.verisign.com/rpa"
Pattern match: "https://d.symcb.com/cps0%"
Pattern match: "https://d.symcb.com/rpa0+"
Pattern match: "http://sf.symcb.com/sf.crl0"
Pattern match: "http://sf.symcd.com0&"
Pattern match: "http://sf.symcb.com/sf.crt0"
Pattern match: "crl.microsoft.com/pki/crl/products/MicrosoftCodeVerifRoot.crl0"
Pattern match: "https://www.verisign.com/cps0*"
Pattern match: "https://www.verisign.com/rpa0"
Pattern match: "http://logo.verisign.com/vslogo.gif04"
Pattern match: "http://crl.verisign.com/pca3-g5.crl04"
Pattern match: "http://ocsp.verisign.com0"
Pattern match: "https://d.symcb.com/rpa0"
Pattern match: "http://rb.symcb.com/rb.crl0W"
Pattern match: "http://rb.symcd.com0&"
Pattern match: "http://rb.symcb.com/rb.crt0"
Pattern match: "http://s.symcd.com0"
Pattern match: "https://d.symcb.com/rpa06"
Pattern match: "http://s.symcb.com/universal-root.crl0"
Pattern match: "http://s.symcd.com06"
Pattern match: "https://d.symcb.com/rpa0@"
Pattern match: "http://ts-crl.ws.symantec.com/sha256-tss-ca.crl0"
Pattern match: "http://ts-ocsp.ws.symantec.com0"
Pattern match: "http://ts-aia.ws.symantec.com/sha256-tss-ca.cer0"
Pattern match: "http://schemas.microsoft.com/win/2004/08/events"
Heuristic match: "CatalogFile = NV_DISP.CAT"
Heuristic match: "CatalogFile=nvvhci.cat" - source
- File/Memory
- relevance
- 10/10
-
Found potential URL in binary/memory
-
System Security
-
Opens the Kernel Security Device Driver (KsecDD) of Windows
- details
-
"cuda_10.1.243_win10_network.exe" opened "\Device\KsecDD"
"setup.exe" opened "\Device\KsecDD" - source
- API Call
- relevance
- 10/10
- ATT&CK ID
- T1215 (Show technique in the MITRE ATT&CK™ matrix)
-
Opens the Kernel Security Device Driver (KsecDD) of Windows
-
Unusual Characteristics
-
Matched Compiler/Packer signature
- details
-
"9eee3c596aae4c001376a0e793f28f88d438cefe50af0c727d6fe9d80db19df2.bin" was detected as "VC8 -> Microsoft Corporation"
"NVI2UI.dll" was detected as "Borland Delphi 3.0 (???)"
"NvTelemetryBridge32.dll" was detected as "Borland Delphi 3.0 (???)"
"NVNetworkService.exe" was detected as "VC8 -> Microsoft Corporation"
"MessageBus.dll" was detected as "Borland Delphi 3.0 (???)"
"NvTelemetryStatusReporter.dll" was detected as "Borland Delphi 3.0 (???)"
"NVIRUSBExt.dll" was detected as "Visual C++ 2005 DLL -> Microsoft"
"PocoInitializer.dll" was detected as "Borland Delphi 3.0 (???)"
"NvContainerTelemetryApi.dll" was detected as "Borland Delphi 3.0 (???)"
"NGXCoreExt.dll" was detected as "Borland Delphi 3.0 (???)"
"NvPluginWatchdog.dll" was detected as "Borland Delphi 3.0 (???)"
"NVNetworkServiceAPI.dll" was detected as "Visual C++ 2005 DLL -> Microsoft"
"CUDASamplesExt.dll" was detected as "Borland Delphi 3.0 (???)"
"DisplayDriverExt.dll" was detected as "Borland Delphi 3.0 (???)"
"CUDAVisualStudioIntegrationExt.dll" was detected as "Borland Delphi 3.0 (???)"
"DocExt.dll" was detected as "Borland Delphi 3.0 (???)"
"NvNodeExt.dll" was detected as "Borland Delphi 3.0 (???)"
"UpdateCoreExt.dll" was detected as "Borland Delphi 3.0 (???)"
"CUDAVisualProfilerExt.dll" was detected as "Borland Delphi 3.0 (???)" - source
- Static Parser
- relevance
- 10/10
- ATT&CK ID
- T1045 (Show technique in the MITRE ATT&CK™ matrix)
-
Matched Compiler/Packer signature
File Details
cuda_10.1.243_win10_network.exe
- Filename
- cuda_10.1.243_win10_network.exe
- Size
- 19MiB (20338560 bytes)
- Type
- peexe executable
- Description
- PE32 executable (GUI) Intel 80386, for MS Windows
- Architecture
- WINDOWS
- SHA256
- 9eee3c596aae4c001376a0e793f28f88d438cefe50af0c727d6fe9d80db19df2
- MD5
- fae0c958440511576691b825d4599e93
- SHA1
- bba54b7a4bc999ee84f06c62581bd653949b24e7
- ssdeep
- 393216:MDH0IsmG4Yy0eMX+mDp4M9L2yFL3VRacivDx1IGaxpQPOQtuNLihfoibgcJuW5x8:cpM4/9Vm4qFyfvlopQmQtM2hfHscJjx8
- imphash
- cc2e0bb921dcf888cfd2031cf5c82bef
- authentihash
- c5d2dc7b82f0c7f11f3fbb83a034fb545bc9698d6871c0c1dd2d98d38dc14cb0
- Compiler/Packer
- VC8 -> Microsoft Corporation
Version Info
- LegalCopyright
- Copyright 2011-2019 NVIDIA Corporation
- InternalName
- PackageLauncher
- FileVersion
- 1.0.10
- CompanyName
- NVIDIA Corporation
- PrivateBuild
- Mar 20, 2019
- ProductName
- NVIDIA Package Launcher
- ProductVersion
- 1.0.10
- FileDescription
- NVIDIA Package Launcher
- OriginalFilename
- PackageLauncher.exe
- Translation
- 0x0000 0x04b0
Classification (TrID)
- 33.6% (.EXE) OS/2 Executable (generic)
- 33.1% (.EXE) Generic Win/DOS Executable
- 33.1% (.EXE) DOS Executable Generic
File Sections
Details | ||||||
---|---|---|---|---|---|---|
File Resources
Details | ||||
---|---|---|---|---|
File Imports
File Certificates
Download Certificate File (16KiB)Owner | Issuer | Validity | Hashes (MD5, SHA1) |
---|---|---|---|
CN=GlobalSign Timestamping CA - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE Serial: 400000000012f4ee152d7 |
04/13/2011 10:00:00 01/28/2028 12:00:00 |
95:C7:FF:05:1A:81:D4:5B:FA:80:B2:CA:4D:92:4F:A0 C0:E4:9D:2D:7D:90:A5:CD:42:7F:02:D9:12:56:94:D5:D6:EC:5B:71 |
CN=GlobalSign TSA for MS Authenticode - G2, O=GMO GlobalSign Pte Ltd, C=SG | CN=GlobalSign Timestamping CA - G2, O=GlobalSign nv-sa, C=BE Serial: 1121d699a764973ef1f8427ee919cc534114 |
05/24/2016 00:00:00 06/24/2027 00:00:00 |
96:A1:A6:67:8C:3C:59:B9:E9:9A:29:7C:3C:65:BC:2B 63:B8:2F:AB:61:F5:83:90:96:95:05:0B:00:24:9C:50:29:33:EC:79 |
CN=NVIDIA Corporation, OU=IT-MIS, O=NVIDIA Corporation, L=Santa Clara, ST=California, C=US | CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa c10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Serial: 71e68684f7a885a24abf921cbbf4e0c3 |
07/03/2019 00:00:00 02/06/2020 23:59:59 |
DB:C2:C3:26:EE:A7:95:01:52:74:46:FD:22:E1:99:18 77:BA:1B:D2:D7:51:DD:22:E9:26:35:CC:E8:56:8A:A9:CC:BB:F4:6E |
CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="c 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US | CN=Microsoft Code Verification Root, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US Serial: 611993e400000000001c |
02/22/2011 19:25:17 02/22/2021 19:35:17 |
8D:91:3B:CB:70:53:0B:AF:CB:EC:15:BB:74:CF:73:D4 57:53:4C:CC:33:91:4C:41:F7:0E:2C:BB:21:03:A1:DB:18:81:7D:8B |
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa c10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US | CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="c 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Serial: 5200e5aa2556fc1a86ed96c9d44b33c7 |
02/08/2010 00:00:00 02/07/2020 23:59:59 |
4D:F6:E0:FC:40:0C:AE:9C:05:2F:AE:98:C6:6D:37:9F 49:58:47:A9:31:87:CF:B8:C7:1F:84:0C:B7:B4:14:97:AD:95:C6:4F |
Screenshots
Loading content, please wait...
Hybrid Analysis
Tip: Click an analysed process below to view more details.
Analysed 2 processes in total (System Resource Monitor).
-
cuda_10.1.243_win10_network.exe
(PID: 2728)
- setup.exe (PID: 3324)
Network Analysis
DNS Requests
No relevant DNS requests were made.
Contacted Hosts
No relevant hosts were contacted.
HTTP Traffic
No relevant HTTP requests were made.
Extracted Strings
Extracted Files
Displaying 140 extracted file(s). The remaining 335 file(s) are available in the full version and XML/JSON reports.
-
Clean 17
-
-
NVNetworkService.exe
- Size
- 1.8MiB (1880432 bytes)
- Type
- peexe executable
- Description
- PE32 executable (console) Intel 80386, for MS Windows
- AV Scan Result
- 0/71
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- 43de583a0f82e2064296dff82c3acd25
- SHA1
- 16fa1a19a3dd96f38dca6ce72f1482fc0b0ac2f5
- SHA256
- 4de47b95e0c1f3b016df4ff8772253823bed70b876949cbcf74652f23ed20089
-
CUDASamplesExt.dll
- Size
- 822KiB (841256 bytes)
- Type
- pedll executable
- Description
- PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
- AV Scan Result
- 0/68
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 8264c94cdb28cda0781f470d838364b5
- SHA1
- f434a8c678047be1046560a41e38b8c3f2a14728
- SHA256
- eca897cb2953b87a602608b43ca401ebf5baed0447c3fac9a2b2b8bd719c73b7
-
CUDAVisualProfilerExt.dll
- Size
- 850KiB (870712 bytes)
- Type
- pedll executable
- Description
- PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
- AV Scan Result
- 0/69
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 8783e3f583444f4bc53f960a706fd7ee
- SHA1
- 7f0f37539f882ccb9324ca93060830d26c4e222e
- SHA256
- abeddbb2b3a61463b630f82cb431f92dc45b384bec8042e6265d0202d975c98c
-
DocExt.dll
- Size
- 844KiB (864568 bytes)
- Type
- pedll executable
- Description
- PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
- AV Scan Result
- 0/69
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 2b3a5575c2ea1b344d2b3c5ae5ffd38b
- SHA1
- 237909fd741e0891aa3747d653bb9352f57d6447
- SHA256
- 74aae9f69029201a01b0a345c6d492ffb78774dab8e5c247e49331c1be1bb480
-
NVIRUSBExt.dll
- Size
- 904KiB (925208 bytes)
- Type
- pedll executable
- Description
- PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
- AV Scan Result
- 0/81
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 0946bab44fd2f2640535dc2838c62bb0
- SHA1
- 75f35119dc7e0980a4dc61d47fddad201f2dd9b0
- SHA256
- 6daf4b9ffebb1e473aa038cd5b4b93d9817a76fec7cdff520105b7792a8b4053
-
MessageBus.dll
- Size
- 402KiB (411504 bytes)
- Type
- pedll 64bits executable
- Description
- PE32+ executable (DLL) (GUI) x86-64, for MS Windows
- AV Scan Result
- 0/71
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 6bcb7026ab37fdb931529666b7661ec3
- SHA1
- 146273a24aeb058559667da148514b0ac9ffb547
- SHA256
- 4610b3e792233a57be332aaf24460acbd73d3b88856999fecf7cd70cf45cb7d1
-
NvTelemetry64.dll
- Size
- 4.4MiB (4615536 bytes)
- Type
- pedll 64bits executable
- Description
- PE32+ executable (DLL) (GUI) x86-64, for MS Windows
- AV Scan Result
- 0/70
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 48c050a750cb803cfb1c794c42132085
- SHA1
- 5ae8938f9a1917ed756e2bf112e9d3f4146aee9a
- SHA256
- c0f52508d1f92a571408f1575ab09e4e4997d4cfdf34d278c300d77dda7ad208
-
NvTelemetryBridge32.dll
- Size
- 428KiB (438312 bytes)
- Type
- pedll executable
- Description
- PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
- AV Scan Result
- 0/79
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 14865849828d722a58e41f53aaa4a7d3
- SHA1
- ec78e8e1d58fe2c18622266177ddbb24979e3abe
- SHA256
- f04e1f09c7c174d9a41035a0bbd6366836ed4ab3cf8bb7f486f3503c58cb9a34
-
NvTelemetryContainer.exe
- Size
- 764KiB (782544 bytes)
- Type
- peexe 64bits executable
- Description
- PE32+ executable (GUI) x86-64, for MS Windows
- AV Scan Result
- 0/73
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 4d572176e485623abc9aaad7f5e3bf61
- SHA1
- f2f2bce293f728f34ded7bf1407ed9051cc78291
- SHA256
- 2d6592e464c4df43572f996acfdbaa8278e6712e2ffbb0f4a1ed4e0702e3dced
-
NvTelemetryStatusReporter.dll
- Size
- 316KiB (323624 bytes)
- Type
- pedll executable
- Description
- PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
- AV Scan Result
- 0/70
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 7ef0b9beb13ed595e84842901de547ed
- SHA1
- 74edb677abc383a72863025f98367ab58524606f
- SHA256
- b8e92193c33d84ab744960e5f48c485e7ee717e6e30762f21340a25a80da065a
-
NvTelemetryStatusReporter64.dll
- Size
- 382KiB (391536 bytes)
- Type
- pedll 64bits executable
- Description
- PE32+ executable (DLL) (GUI) x86-64, for MS Windows
- AV Scan Result
- 0/71
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- b05ac651c967a2138c238edafe8935da
- SHA1
- 4f9bf4eca84f1b5cb63a2546cc855d97e5849094
- SHA256
- 602fcc4cc20c9301c3d07ca48361eb819a48e6ad7b9c69f854f5a796addf5ba4
-
nvvhci.inf
- Size
- 1.6KiB (1685 bytes)
- Type
- text
- Description
- Windows setup INFormation, ASCII text, with CRLF line terminators
- AV Scan Result
- 0/64
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 057ccf8177f695a7e07aa2ebe0ae1ec8
- SHA1
- 8980ba12f223eae81cf70d2334894e5fdef0abca
- SHA256
- 771b3d056984848e0044e3d197fbbff72482c363240540a5bc77cd9d7e46d82f
-
NVSWCFilter.inf
- Size
- 3.2KiB (3273 bytes)
- Type
- text
- Description
- Windows setup INFormation, ASCII text, with CRLF line terminators
- AV Scan Result
- 0/55
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 0698da86e88715a24b4f4d878cbf9d96
- SHA1
- 9f8ad80347f77d10d79e4f3f98a82f09ec71f2f1
- SHA256
- 31caa135480e7757e16d02ee9ca0d29d87e99cb3ac5c74c48a6d9a46979cefa3
-
UpdateCoreExt.dll
- Size
- 1.1MiB (1178480 bytes)
- Type
- pedll executable
- Description
- PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
- AV Scan Result
- 0/72
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 2829be3bf832bb28f71df84c101f70ac
- SHA1
- 76bfb44c5adea046ff704bd22d8c5622f2873289
- SHA256
- a1385c8ad5709b32f51e330d7835703b67e8d4a3b91a68a004fb02a7f0322448
-
nvaoui.inf
- Size
- 184KiB (188578 bytes)
- Type
- text
- Description
- Windows setup INFormation, ASCII text, with very long lines, with CRLF line terminators
- AV Scan Result
- 0/23
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 883574c63543adf261597bd86367a040
- SHA1
- 8e647daca7a60f2a695c0d7facf7e71cc1cc23d6
- SHA256
- 4a31975b1786a265ee9c3b74e33e86b3b63bede0234c445b7a4ccf1af8c733c4
-
nvmtcui.inf
- Size
- 91KiB (93333 bytes)
- Type
- text
- Description
- Windows setup INFormation, ASCII text, with very long lines, with CRLF line terminators
- AV Scan Result
- 0/23
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- c638fa366b422b609b930ac03da5d075
- SHA1
- cb1bf4172111a12539fba6dfb11f12d1780f8126
- SHA256
- cb40d5eb5cc736822ae41cacabe5f5e1fee061bb54d1d6a09e6b316fd3c9ddfb
-
NvNodeExt.dll
- Size
- 1.1MiB (1204592 bytes)
- Type
- pedll executable
- Description
- PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
- AV Scan Result
- 0/68
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 344a15c9f7f428b20da9df8f11762339
- SHA1
- de4ca4e4ac413335a2739eda1042dcdbb30f7da7
- SHA256
- 78f959b593605629eef4e3432699fe84e3b2431205838c4ebb5192034ec63d4b
-
-
Informative Selection 1
-
-
CUDAVisualStudioIntegrationExt.dll
- Size
- 999KiB (1022504 bytes)
- Type
- pedll executable
- Description
- PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 42fb2c19ee1369f925ff0d422d01c8dd
- SHA1
- b5c193d9b51b1493124fb63dd7297b580823c777
- SHA256
- 4191af5e10b3fc7c4e1281ee056c9c84ee8f197aec49e268df05c239da67fd8c
-
-
Informative 122
-
-
NVI2.dll
- Size
- 4.6MiB (4791509 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- daaa19e2d9aa4e307d12d72b638d1215
- SHA1
- c62b843a5623e2b1bcb278ca1dac47f1000e6cdc
- SHA256
- 389216fb8beeb26e363aa00893297081784b7d1ad45949cb4bce463481da79eb
-
NVI2UI.dll
- Size
- 1.7MiB (1830384 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- ca85cf567112f31a7f00aea93e1ff44d
- SHA1
- eea06ee1645fb2df23e36d1752821936c752e7d2
- SHA256
- da1fcad904d737bc1570ce647b454a820672a78a152a06cd5587b7625e1f8655
-
NVPrxy32.dll
- Size
- 1MiB (1063736 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- 93e7e3dc5e7cdfb0476df0a7c74b8ef6
- SHA1
- d5985472131626454aefa14df98e8d51c17db35d
- SHA256
- ca3bb63f58ed6a3739c6f63944d3acec61cf6cd72235e6fdf146fe995a138117
-
NVPrxy64.dll
- Size
- 1.3MiB (1361264 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- 69140c4efe9d73dc76f44ffea1b371f8
- SHA1
- a8008b75209ff22e7bb62ade1683640705710451
- SHA256
- 7d7567e2353baf6f4feb03c230be0769edd9105df673a7c3cee9ac4d7236bdc9
-
setup.exe
- Size
- 491KiB (502768 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- e4718d4aa4cc2a53649afb8a0088f2dc
- SHA1
- 945902f85fa0d9b782eb3072e0e32a5a6a4d27f5
- SHA256
- f8dd427911bfff0cccdb77e9d5de7441023c2c8208d1511cc72df698ef90c06c
-
0000.ui.forms
- Size
- 60KiB (61560 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- a68a506afcfd78b3186b586c0bb17211
- SHA1
- 69107a6f6aaf8613b84b2ae55d932d48d7d29e1b
- SHA256
- 44783c068e6d2b30190006225d2bc586a98096d56f41f78e348bbae828cdbcc8
-
0000.ui.strings
- Size
- 1.4KiB (1404 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- 88b402cd5cf6c9145b6c9aba0de7fc20
- SHA1
- 71fa5024b381cf06c60874e41b7d42c263441f3d
- SHA256
- e792f8a6666c05d723d9c19325aa3429e35df36a72cc4c229dc2cef0876de79d
-
0401.ui.forms
- Size
- 4.2KiB (4333 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- 5d712ae753185eff57c343bfb65dad46
- SHA1
- cee3c0025cb260d2406afbd14bafd455b42c69b0
- SHA256
- e9290211bf2ea54d65afd1933fd307a2390ae0c5b17a29f945f9f1b4252a16cb
-
0401.ui.strings
- Size
- 11KiB (11724 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- 6ae5bef94115a369b02cc4430d199a5e
- SHA1
- 319fa1f6b98fbfcf97d15214f0a2090b7526fe89
- SHA256
- 1c1399fc7c742ca8d78fbc3925d1acabf454ee9c809cd9071d80466d3e10ca3a
-
0404.ui.forms
- Size
- 4.5KiB (4659 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- 093299dcf0c4dfe44c6a99f390c0c7c7
- SHA1
- 9beca907a684386c17472bba8aa6ccb0d2b5e253
- SHA256
- 124e2f0a14d156e2563b91df958322d4c37ab4f15bf02ce40457b3a3fe17eb98
-
0404.ui.strings
- Size
- 9.5KiB (9704 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- 8826507b598929d2e5d03389924baaa8
- SHA1
- b6dbab740ff7aa02b381974d8f87917a9e792f68
- SHA256
- 5b3402419ab900d32a4f1a122587dea448121b48c86dbe19f8f3a0151d354219
-
0405.ui.forms
- Size
- 4.6KiB (4748 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- e72f42a6dfc3b3d17473b5ddc3d3dda5
- SHA1
- 90a0d939a8c8a667c1ae281313bd0410086cb28d
- SHA256
- f857b2b8210f343b95bd56a37d60e7223a599fef8578beb184e08c03b7bd0bd4
-
0405.ui.strings
- Size
- 10KiB (10303 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- fb49891c20d815d9fd510b1108fa9070
- SHA1
- 665db2af0d18725c66047f8e755e8152e47b8358
- SHA256
- 9a4c9256468738a993a784897fabdf39938a4274ecf6c90030bd532f9ed60064
-
0406.ui.forms
- Size
- 4.5KiB (4581 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- 979cb5fd5604db74ddb0d98077df990f
- SHA1
- 51fbe0eea30ff1d0c2fa10621518a451a74bcb8c
- SHA256
- 4b3344d0e5b644c8d0d0565a3ca244c3efb17b4137b7650d3c6ddd705e705c8d
-
0406.ui.strings
- Size
- 9.8KiB (10008 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- d8e633245a7d32090632dcd9098f2e53
- SHA1
- d140309aad011aedfd8a1667a01b69e4a8bd327a
- SHA256
- 76ccac294da337fd72111e3b367a60dc95b21f3bdda5f58c39c8483a0e08070c
-
0407.ui.forms
- Size
- 6.3KiB (6411 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- eb630dc46a127e3b71ac0f81276be0c5
- SHA1
- 3b5a0c4b1a02bf2132f5a4d21064a2da370ca05c
- SHA256
- ca2a6c92149352ee20e6c9feb9c27a86defd763a1e09eb9a663b1de8b173c422
-
0407.ui.strings
- Size
- 11KiB (10956 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- 64c672dbcafcf8b68f3d62ed0c97b877
- SHA1
- 31409a51a22a4bf7b49442e6c45622d419e4cfcf
- SHA256
- 567bb3ccbcabf441c5c261f556789db790b2369f474630630bb12673efe1cb83
-
0408.ui.forms
- Size
- 6.9KiB (7052 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- 7e307f22e26da23d80650f4aa02b0b18
- SHA1
- eadf598ccb74a59c58233fa93013146bfd48f407
- SHA256
- 8c7203ae72affc0ade9919d0e35856f9f7eeaa6405b5a918154ddc2549af619b
-
0408.ui.strings
- Size
- 14KiB (14538 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- 21740107336eb7fa354d5dbfb474f76b
- SHA1
- f636ceb2d3cb4fecbc7cdeb8886abafdcf601583
- SHA256
- 5a67f70afedff3f5be6857ac6902dcdd00f62f845a30355f7a96dc2512108e81
-
0409.ui.forms
- Size
- 4.3KiB (4423 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- 5d66b8ddd971c9bfa352017747c9a307
- SHA1
- f0dcd33d45de2dc0902e11bae4a7fca3afb19bb4
- SHA256
- 6c9ed114e1965e35c7bfaf446927de7ba36ed8c7c8c5bed0413bef66ddcc2c96
-
NVNetworkServiceAPI.dll
- Size
- 769KiB (787768 bytes)
- Runtime Process
- setup.exe (PID: 3324)
- MD5
- 78c6a41a9e6ad0e93187f1dc1b5a8cf2
- SHA1
- 4497a668e20a1d162ceed2c281afa1ce86fc13ba
- SHA256
- 188ae5b7b2b3bd0cbb96d9ca4d89c3551b29e8c8dd25addc4e5805d81ab0f9c7
-
CUDAToolkitExt.dll
- Size
- 874KiB (894776 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 243372666efad6867921797f4ecff2fe
- SHA1
- 4bc22f4c5b5172dd7261dd1db53d511984e87d19
- SHA256
- be9ec3fe2c7777a7f5b260a7640b9b32899d8fe5e128c6aa7c510026c70898f8
-
CUDAVersionExt.dll
- Size
- 804KiB (823152 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 9cdbce1c5384fa3feab39170bab82587
- SHA1
- 748c54e9e67b2246aae9f01213ad806fc61030ef
- SHA256
- 09038b82f7f4183611d1f519582c5ec544e078fcd0a923e644b617994ba7537b
-
CoInstaller32.exe
- Size
- 1.2MiB (1219384 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- a4fd3a3bc01fa190ead566444ee34a73
- SHA1
- 498e0e40d8fff1f55093eab5f1e4bc36b5c42e54
- SHA256
- b082148af306f7308bf24522ea848303d5775332e1232eaa11ccb4bf6c639834
-
CoInstaller64.exe
- Size
- 1.5MiB (1523184 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 09151aeaa7b9eaf8dff188a3dc87a9c1
- SHA1
- 2b5122bfaaa49722617f403988f3d2e2774596b8
- SHA256
- 256bfd0537f4cee88c2dce56fd13d22307b0c5fb22df5b6011c2a2bc5e2f7857
-
NViewExt.dll
- Size
- 1MiB (1072112 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 33d154e28cb1d4b80751320f9ee350c8
- SHA1
- b0f5e932418a9374adfb30faff5d7bff6fb85468
- SHA256
- 947056eaa69998bf844b0119c4c0f006d5f4c8d222133d04c151b1efa5f71d0c
-
OptimusUpdateExt.dll
- Size
- 971KiB (994160 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- ef95b82037936bb6449580133e0d8e82
- SHA1
- 721f94cfc93628593e2ec396c5a7dc59c0bc53f5
- SHA256
- 1c37e9f262fef9b7e0faafe8f40dbed700e0e7a4dc5b139f0c072d7d5593c87e
-
DisplayUpdateExt.dll
- Size
- 1024KiB (1048432 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- a70f066e809654f3aab03d5e8d8a5fc0
- SHA1
- 02f94e1bf27b9d6738922684bf84a122dfb7d22a
- SHA256
- b29618759d21bd86398d3c67aead992ea42c21aba77197e6c11ab6d44aea6ceb
-
NvStreamSrvExt.dll
- Size
- 917KiB (939376 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 2191635af4c779bc9de92aec3ce88cec
- SHA1
- 332f09e0e43a9d4fa6aef248354e0ceba75351a3
- SHA256
- afa2c00f484ca9eed001b4975ec3e6ab99ce9a1612adc3c239e8564d2e513302
-
GFExperienceExt.dll
- Size
- 1.4MiB (1473392 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- d173108c4a7de3451d7c14a2e92de660
- SHA1
- d0e382efe23c7ba0efb0e3984a339d1e941639a9
- SHA256
- 56d6bc3ab882f728484da8cd5793d0287bed514b6f9698a1c7a2189a6096a413
-
OSCExt.dll
- Size
- 845KiB (865136 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 75444a6b600433ab1d9edfdd92d4c08b
- SHA1
- 85580fd0429ad2c788ee0b06ce60c34d4d2f8d02
- SHA256
- a9776c633a20f12ddda7562b78cd319ef0805c983a199673268bcce086880498
-
HDAudioExt.dll
- Size
- 873KiB (894264 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 8ea86c127e6c2e934c41ed465f284143
- SHA1
- 3d9621edd8347c7e4a11865079a175a2c4fee46e
- SHA256
- b0dc2c24c724ac647d594dfa323dd0e655fee27c52bdc718b3a9e1d86f4da8b9
-
nvhda.inf
- Size
- 92KiB (94659 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 33b7e68a35ea66cd5073f38ac711e1fb
- SHA1
- baac56c8b2d1c27dd41ef9cb18e8ee7a52878f07
- SHA256
- 3664757129b2e480edfe82e8c7eb4364828bb910a848bf116db6c31331601d70
-
MSVCRTExt.dll
- Size
- 893KiB (914800 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 94264cb691537d38d69e4f526b871a68
- SHA1
- f117b93afd90a855b40ca2eca29adb2227a59690
- SHA256
- d2e563539bf3ba33e22ce0782fb3f9dffa94a7f8ff521f5250ab19e0fc5e2e3d
-
nvstusb.inf
- Size
- 110KiB (112198 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 4e8ac6dcae052182d207623776c5e721
- SHA1
- 618ffbe5bb34327ea219266fb89c2759e8181667
- SHA256
- 1dc18f8e20ca19188ae5bf5ca33562ba28adeefa0556cc5a0c953112889b0385
-
NV3DVisionExt.dll
- Size
- 987KiB (1010216 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- cec99d5be6949c10dffd7fe6e94a70c9
- SHA1
- 637a1045d362bdcdd661073fa76bf5ccda0ea0a7
- SHA256
- 7415973e4b5de451b8601a12e73315ea63c42c79a9e6f4abfe9e2a904b0c050c
-
NvInstallerUtil.dll
- Size
- 3.3MiB (3480888 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 046411ff711638eeb2e7f02d6a942997
- SHA1
- 0f3f7df9a588be9ca298fb5b9597d392c50d9d65
- SHA256
- 056537f098d1e87aace8bc7c0f59364b87beeacd4e27a5f75899aaff6353106e
-
presentations.dll
- Size
- 938KiB (961008 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 795faa884385d9a11ded5437e81f2478
- SHA1
- 69125b04289d108dd527255777673dd0a0e0cd57
- SHA256
- de9f03635b90e5ec95894e280c772f8c5078a7c69536b93d30560e24f10d7b05
-
NVWMIExt.dll
- Size
- 1.2MiB (1246576 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- dba91d9b7978ec3d6d8c39ef56cf272a
- SHA1
- cf7b61210cde9e3a83c595f66973e90a3d916590
- SHA256
- 45ebd5b6ef7564971568c88646d14c813247c3629c9946fa4b6c1d2f18417505
-
nvWmi.chm
- Size
- 359KiB (367875 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 0a4473cb0046760b16dac55b7b09606f
- SHA1
- 1254684f5ff5eae060d6676b720389e916473889
- SHA256
- fc7cbdfa16e96f87fe1152cd2ab8cbe33732e0494ba347f969d81219ed2613b2
-
nvWmi64.exe
- Size
- 4.5MiB (4730736 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- afc663b8eddac4be1127e26317064ed7
- SHA1
- 2eb6c8926c8446dc3ef940080a2d0475b96ba5f1
- SHA256
- f7229710fa9610be8e53c462860072f04a65a618f7ad2d514a1b6a429dc051fc
-
NvContainerRecovery.bat
- Size
- 1.9KiB (1951 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 74f28574bb8f61ffc7dd419fe6b6e0d5
- SHA1
- 80dcf15e55ae1f8f6d5e0c8004e3fc49d37ad441
- SHA256
- 10102167feff89eb1170c6aaa6bd5871446854aef5cbf05bf82b2fb3a4e2ca76
-
NvContainer.exe
- Size
- 763KiB (781680 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- f86cb0fbb071c05c6d4fcd4363294f39
- SHA1
- 800b6be6b544e01470f29b71246f71073e08af85
- SHA256
- 515d78c065127c3c8f04a3a6f1378c46dc6c690adcb42c521aa995eb2d0e81fd
-
NvContainerInternal.exe
- Size
- 626KiB (640880 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 870f576726d13699d5d3ee5d4efc278a
- SHA1
- 1a2469ee7cf65c285e682316df2b7ac7958f04f0
- SHA256
- cf308835f74d91d0f1cc0607aae7d9cf84e089970fa508f88efbcd949c4bd839
-
NvContainerTelemetryApi.dll
- Size
- 908KiB (930160 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 6112beb6ac0fd4f72bf82de07ab5a3cd
- SHA1
- 850ffde68c0d3c7f964f4562db048151bf9d33dc
- SHA256
- 44985dc87b1df196e038ca27a37ced82f0e63eafdd23b3d2ae4cad4b1a7e1e5c
-
NvMessageBusBroadcast.dll
- Size
- 81KiB (82800 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- c3c360cd47f55dfb730204c06cc7dba3
- SHA1
- 45e9fbee93145df2acd580f052265189abfb182b
- SHA256
- 725b0b4000862ebd3809b08f8269d055940552fd0cace33e95dd792a4653f8ef
-
NvPluginNvapiMonitor.dll
- Size
- 344KiB (352624 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 822cbf8a5210b25dd0e534df282e6f13
- SHA1
- 15f0a492aa4b2da73dc256e96f4584eb1fc9eddc
- SHA256
- d0148ed9ab6d97e4a09830350167dbad0d90c9fa1c6638bb54dfb8b3923ea6fc
-
NvPluginWatchdog.dll
- Size
- 588KiB (601968 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 6880e33a829259d3b3a250a136deef29
- SHA1
- 35e0fbe76d651c31e983552ea31a850c90886797
- SHA256
- 8a7e2dc4314804f5155b0621c32ec02fe23df7f590e88794a562bdd3e1559a5f
-
Poco.dll
- Size
- 4.6MiB (4873041 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 6dd308dd28367303c0695edfa642d2d5
- SHA1
- b3d6fb786cca6f19e4dc4897baf8653d2bbd5e7e
- SHA256
- ee7fe7641fbadbf3b5e282fa259adbd3e44c39213a7ee4c3d9e6cfb053b0d564
-
PocoInitializer.dll
- Size
- 88KiB (90480 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- ed70b1c94855341f06a348a4b3e5f67d
- SHA1
- c63d881b29b0ecd4917df020bd4f2e647b1a746f
- SHA256
- 392d5a9e12734d7eef6a65cff76e862109115f6aff56f6a86f63aca849abea8d
-
libeay32.dll
- Size
- 1.2MiB (1257328 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 861030c61bb5ddbccf98b6b1b2419eec
- SHA1
- a96b1c226e8a9493921d44c06747b6e7acfded7d
- SHA256
- a0a85bdf0be089b59a4237fa4cce5f602f29fcf864b46adb91614b36faa9bdf1
-
libprotobuf.dll
- Size
- 1008KiB (1032560 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 4d812ebb2c0b0b8074eaa75ae0c097a5
- SHA1
- fd8c0c032828b72a6cfced4b931db50bffb6fd47
- SHA256
- 4b71207b9bb23a750be43cab6e375fd522de229d6b8b91a46e296e6fdd9d76b3
-
ssleay32.dll
- Size
- 291KiB (297840 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 2521539cb8d617ec625c985e3b321c24
- SHA1
- b00370d4e41517bff0d9bb72683ba5f667a1cd21
- SHA256
- 06ca0fa445742fe5489f08b8d03169559d3bafe3f5925b82b5065ecb229ceb0d
-
NvTelemetryAPI32.dll
- Size
- 500KiB (512040 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 61798f5a3e4e5a07e985f2516df069ed
- SHA1
- 60bc60b2d1f0500d6773e52248b8c7cee08995b2
- SHA256
- 7d29f474dc39b9836cea3fc85b1e29c65ad8872cda45e61e3cf3a54d2b0b79ed
-
NvTelemetryAPI64.dll
- Size
- 604KiB (618352 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- a7eef5a63c75846e8fb6782c27f2c7b5
- SHA1
- 695f3b536f624655393198541dc85ab2fe1cba20
- SHA256
- 40b2569e750b935f37082c497d89924fe0e347543329f82c8b602ed7c474bc69
-
NvTelemetryBridge64.dll
- Size
- 520KiB (532336 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- c3ab82bec302a8714eeeb2c3b7869884
- SHA1
- fd5b2e717dbc1768167e0a804d11d461a1aee193
- SHA256
- 39c2fd91a142fdf56c39e16a2b5b7cda777b5f50e1d534a3ab939cb9fd1bdbee
-
NvTelemetryContainerRecovery.bat
- Size
- 1.9KiB (1951 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 74f28574bb8f61ffc7dd419fe6b6e0d5
- SHA1
- 80dcf15e55ae1f8f6d5e0c8004e3fc49d37ad441
- SHA256
- 10102167feff89eb1170c6aaa6bd5871446854aef5cbf05bf82b2fb3a4e2ca76
-
NvTelemetryExt.dll
- Size
- 988KiB (1012024 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 04bd985d7f0a4ec14276615087d3f98f
- SHA1
- d753ffc843d79ec06fa3492bce3338b78028239c
- SHA256
- 29a1d3df531dcbef185278c4385dd1eb588e60c55de1fdcd0de042de95c3c36c
-
nvvad.inf
- Size
- 8.7KiB (8913 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 7faf8f996755d4279f2500d9deeaf249
- SHA1
- 688b80be01dcca42700d63ebb67c756ff0da0d25
- SHA256
- b142b07f6608451394fd38b8c63f717da64b885a9cbe48036e3afdc3bfad1b9f
-
USBCExt.dll
- Size
- 797KiB (816576 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 070545d3baa69bf7bc62f38eb3258c4f
- SHA1
- 3a24b7ba4cff8d08faf5f896da0b079e4f93b2dc
- SHA256
- 10e7d92e56e9a837f79ee4ade62a8d1a2eba2bbbb1e1ff6b9193cd4ff7a77a57
-
nvppc.inf
- Size
- 2.9KiB (2936 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 9a3f6e146126651f06390e5fea67ee08
- SHA1
- cee85f089201be0a8b4a42ad1106c68a6b61c901
- SHA256
- 9389b3b620e724a7ab67a7168a47e9986ad2b7809aca4cfcf8a7fb67350d9bbb
-
PhysxExt.dll
- Size
- 2.9MiB (3025264 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- bd6b9f786e118d84788d30400b29281c
- SHA1
- 02edbab04a6d696fd9c94c115f974658532b06d7
- SHA256
- f0d2cf75332c9f6485546fc46eea1f1e4ad24f8fc72054681218e56b6a95d5e5
-
ShadowPlayExt.dll
- Size
- 1MiB (1058160 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- b96b3907702306e4876d72ae3de711d3
- SHA1
- 02841f0db043c4495487ed5c76b2763ba590e9bd
- SHA256
- b41b7c7c3dcea4a6ee7d4a3c115439b2c71b43677d580ae33d00d700a9e49ff8
-
nvclui.inf
- Size
- 90KiB (92457 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- a65700573a247cae8daf758e3811cc1d
- SHA1
- 829dde11759f1b37fefa6182855b653d21f73b9b
- SHA256
- c9aed28ba2aeda372c821d7816cbba8b3f245718f3126e704d45a82494ab9bc1
-
nvctui.inf
- Size
- 242KiB (248030 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 10a9770e77d524506ac6e134f0e032f6
- SHA1
- 67474515fc77f63d979f31c606a3de0922615f22
- SHA256
- f8bf509a56235c93c20bbdb50fb7b6959365c61fe9612b3f8302e75bc64d7c0c
-
nvemui.inf
- Size
- 256KiB (262047 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 7c692b6d20e90e2328efeec0198f8881
- SHA1
- 1e72162f3158cf47f7b1252e936c0724310f5f9c
- SHA256
- 5033ac035bc97f88b9f0ca012494accbc228bac2e89abcfde79c4f8074879139
-
nvfxui.inf
- Size
- 85KiB (87495 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- aa5fbf2d6b1395a8926a6f2cb7038b29
- SHA1
- 71c410c1f7b5276e56e55fbfb815676cd235fabd
- SHA256
- 721d503e11ce44ad90d277e584c933171d55f7bcf29f75ec81cb75c828f34286
-
nvgbdui.inf
- Size
- 191KiB (195538 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- f209315a6da769d661ad7642e6fdf234
- SHA1
- 282e0068589212fc43b0cd4e47a3f453b10d4618
- SHA256
- 5cfcfd6af61dd0a093d8539c711f072f27453bc4cc3a7ca40bf5615fbfc58a2a
-
nvgeui.inf
- Size
- 103KiB (105179 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 8c44f16481978a7d2282fc68798a7c78
- SHA1
- c36f64324d6600a75ff60d357bea782ac81b927a
- SHA256
- 825f63a7ca406d79005ad91b81e8efb8a8091fcc6cdc1b1ae86dcba170045de8
-
nvicui.inf
- Size
- 492KiB (503730 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 563d727fe7d2935b3ffe31e4201c144c
- SHA1
- 586c05f77fbffec749fbb1205c47f5efb3b6cea2
- SHA256
- 093a6a78eaa22b7fcae96227d1ee2c284de223c14d9dfa7c6e61227744423c31
-
nvivui.inf
- Size
- 125KiB (128234 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 32be0c8ba6cacc3aaf87c8e606799937
- SHA1
- cdf9cbfc8050a21b5202e3b6ff85a05d48c2bf94
- SHA256
- 9cf1437cb0f471cf68572144e8c918cdffc130c92839c4dfe65543d450acb412
-
nvjaui.inf
- Size
- 97KiB (99438 bytes)
- Type
- text
- Description
- Windows setup INFormation, ASCII text, with very long lines, with CRLF line terminators
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 0f7541deeb3319156ff4022fbbd022f6
- SHA1
- 4b00ebc4846f50d61734ec4982d8bc8a7840adde
- SHA256
- 71f5b6adaa898c57716013393ea3f201fc1559ea9eeac8d03bdac9940446b474
-
nvjwui.inf
- Size
- 60KiB (61360 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 38669e68c189bbae9f89f57851ccc49f
- SHA1
- 3e5c63e292cd426d3d4801a05dfc98a968a67eb9
- SHA256
- 7bacc9d589dffeffcb9ddf73addb1161e2d7e18fbd6b16f45f086f6397c9a103
-
nvlaui.inf
- Size
- 265KiB (271646 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 16dc1aa3cfc8ee3410acd05800c89512
- SHA1
- 73f65b8883013e60dbaf6bef3bad46789aaf4d39
- SHA256
- b06d7e04b37ffaf9751816af04f97a960cf9409a37ac24d7a88b4ee4b055f8bb
-
nvlbhui.inf
- Size
- 578KiB (591662 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- a6ce980cb93a4fb4ffc2b3e479fa07ce
- SHA1
- b8035077341bf1f8d079b6d6c89623af5be6e20f
- SHA256
- aa6eac4b52e80b4a3fde61d079abc40ba3b792baa985c4db7aeb5ce7b70ac8e8
-
nvloui.inf
- Size
- 213KiB (217768 bytes)
- Type
- text
- Description
- Windows setup INFormation, ASCII text, with very long lines, with CRLF line terminators
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 823d63dbd7973716b6ab4d74cf4b2b4f
- SHA1
- fc2c7b951e4301be33287b6fc98d36fa8188d659
- SHA256
- d8efca8ad5e0b0c32d84508a9a4d9e6aef53671f925f31aee6245deacdb9c5a6
-
nvmmui.inf
- Size
- 77KiB (78924 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 7e4cb6e2b55f9a4e485e5b87fbd75e1b
- SHA1
- 3ba744b0b603c465bf587b8615063a0beacbc77e
- SHA256
- 1c460c9967b0c1a93100467e5045383a5b196e9fd6a60d8da270eba5c9b80901
-
nvmsoui.inf
- Size
- 230KiB (235567 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- d3ccc9a436d2a048e474fd9e09c4262f
- SHA1
- b58925ea5b930992cf8b3077296af341f8a4a579
- SHA256
- f3150c98e58de42870da69348460299564107a55ea4603191a5740e2cd87314a
-
nvmtui.inf
- Size
- 170KiB (174104 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 3e8ab84b6ff7000ffcc8713c5ebd98e7
- SHA1
- 87957a8edcd54e4523ae35d6219b40e6926d5d95
- SHA256
- 3a1257d0bff0ecb9fd49197c7b74c727c212bb8e0a6b9989cf0b02bd03e615c4
-
nvndui.inf
- Size
- 95KiB (97556 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- ad6660cb88b7faa2394ff6032981645c
- SHA1
- 2184902446d4406f783de6668391534e2d8e83a5
- SHA256
- f7a630bf075e712d4daa8e2f4f2b9a1cc5e7478665a8a153dd504c259190cfaf
-
nvpgui.inf
- Size
- 110KiB (112797 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 605f41b51498b3bc21584529599554c8
- SHA1
- fed6470f393aebdb7d804bee6b00e422b9a33604
- SHA256
- d81b3aa33cea3acd67922b14b6e0a5c20149a206e03939f6928efedc0e75c08a
-
nvpnui.inf
- Size
- 173KiB (176905 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 0f62870d8764d05ce0954c6de67e9b51
- SHA1
- ac498fac889d425299bd12f7361aef8405beb26e
- SHA256
- 066b7b85b019766c4a8b325ac5d4cd3fc13087a887b9aca28ee1e1ad265650c8
-
nvspui.inf
- Size
- 82KiB (83977 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- d629b8f0c6b2ae3c307a4c05cf6fff55
- SHA1
- aa310bba37c1eca382ce29d2d55d327ab177423e
- SHA256
- 15a8d10603e769f28aadc89f75c8ba630bf8857256f0e0aa661ff2e7db7e814f
-
nvsznui.inf
- Size
- 61KiB (62037 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 14318681c3223c4f84fba8694812add9
- SHA1
- 918a569f497d86b4852888ee929f6b8b88bad1a0
- SHA256
- 6a7ac8b39b122d1075943cb177565af553598ca99b05712b8ff4bbaa41b47c6b
-
nvszqui.inf
- Size
- 99KiB (101028 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- dc6517890f852937167d6a86d2b3dbae
- SHA1
- ac0d78feb7ef81252a4d3e6a108f930190228998
- SHA256
- c5cd26156bbec15ec78c4b58dd443cccae750add47d74cc3c8226808397957d3
-
nvtdui.inf
- Size
- 174KiB (177977 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 292e09b13315a96c1be6067f9dfb2a1b
- SHA1
- 0b5660d4e19c7bd24712c96edad8f9d790bf28a8
- SHA256
- 3b145f4f7d30d43f0fb7590a913542fa78471ef4264d89ec270f54904844558a
-
nvtniui.inf
- Size
- 60KiB (61202 bytes)
- Type
- text
- Description
- Windows setup INFormation, ASCII text, with very long lines, with CRLF line terminators
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- ed142d8dddef748cb1e93f74c13f9f03
- SHA1
- c9856ff70ba9114a30e2947519cc10742714a8b8
- SHA256
- 80d60856f4bd557e987e2841ecf5d7e3b3d436574e3c0ff0f10f1039f3bdbeab
-
nvtsui.inf
- Size
- 197KiB (201743 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- fa0b4c4b35d09d6e1f2a3ffe4437201e
- SHA1
- 75ad860f11f6ca20de08c07dbffd20c3797e6adb
- SHA256
- cf47f5be15d21b778c6d5b3fbb3d689578026a7b94086215d86def95d0a08265
-
nvvidui.inf
- Size
- 85KiB (87498 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- bd899f431e5da08c36280c1a2035eebd
- SHA1
- ab12ebe77bb830070065a33f5a6b02e691ec7567
- SHA256
- ae714d72dcaad025a5bb7bf2fc08b801eb6337bef046e4fd71aa38d48881f51c
-
nvwiui.inf
- Size
- 75KiB (76290 bytes)
- Type
- text
- Description
- Windows setup INFormation, ASCII text, with very long lines, with CRLF line terminators
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- ba25a6c52eaf76b3ad83c0bcec54f51e
- SHA1
- 29291fca23a0b40beac4fc03eb7ab2af8abf92a8
- SHA256
- 2fa604701d384ea3ceed139bb01b98bf1e886aa855a28a74d5c2b66b12eb6024
-
NGXCoreExt.dll
- Size
- 1MiB (1061744 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 64b411f7e0a97271c71e48a2b29a91f1
- SHA1
- d2f08dcd7fe829e3252ed6eacdd49732a7e354d1
- SHA256
- 760367caa16e3edfc65fc3ded39ed3e2d586931beb5ccb0db14b59217b7cb330
-
DisplayDriverExt.dll
- Size
- 1.5MiB (1563336 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- fe3b9b1f1b8a582b5585c1de9ff7b791
- SHA1
- d178391e03bfc09d95e20408c8d819505c2f8321
- SHA256
- 34e7eca323706296ebeb149089df98fc109b3f7655355e34c925eaad9e172c80
-
nv_dispui.inf
- Size
- 1.4MiB (1474921 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 6266f6c3074a61384aed8a7e38691553
- SHA1
- a7a66e30d393991d2d22fcaa238dfe1146fc135b
- SHA256
- 5d31b91d90d0478004b41b0d842442b3000bc00773ade0b191bb2373f9dd11ab
-
nvacui.inf
- Size
- 147KiB (150967 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 048c1001371454a3b5163b4f43e4a540
- SHA1
- 9a1042187cfd3d8b9720ad46ec2e22f8127be360
- SHA256
- c34432a1e5086b293e103a6f2b3370b009990cb5d76b64dfd8822ac6cd115612
-
nvaeui.inf
- Size
- 540KiB (552693 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- b4fad403cb38ed04394bcd96bb1c1b72
- SHA1
- 6f525778b68bb3510847ea48b80a06e10a4536f3
- SHA256
- 2fc5f00324b91c6f1f69746471a1fe5664da3935816267c72f8ee2305f4ea051
-
nvakui.inf
- Size
- 158KiB (161530 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 2fca819d289ad5be4f125a986c282574
- SHA1
- 099baf823ace01b26feeb5ddadf6a532c67af126
- SHA256
- a5ad8744526906f46a4c78712798258d524746b471e75278e041541b8da315dc
-
nvamui.inf
- Size
- 2MiB (2097057 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 6f585f59edec6fd71c915719669cdb1a
- SHA1
- 0ad89516d19bbd125c143dbeeeac239357f8d97f
- SHA256
- 76284c4117945fe5b21452b3ee6ad2772ff581ecf73d96af37d5805fab290475
-
nvblui.inf
- Size
- 1.7MiB (1762169 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 2c3189cbdfc05e99a08defaa7a398abe
- SHA1
- 84de2a0050668d7969714f16cff679f8acd343a0
- SHA256
- facbd2043b6fe953d29db11547f7dd5e764a044720af6cab3d7107d0a07ba9fd
-
nvcvui.inf
- Size
- 2.2MiB (2358407 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 807038e43b147a4ee9b9325543ec8294
- SHA1
- 8d5568c55a2fd4f008ce3c343169fdcafbdff451
- SHA256
- abdd85b24e5bef11cea278e6e910dfb6241d5ed5dfb0812205c3faecde52ddba
-
nvddui.inf
- Size
- 178KiB (182111 bytes)
- Type
- text
- Description
- Windows setup INFormation, ASCII text, with very long lines, with CRLF line terminators
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 09200786b7fcb5eb90eced1b1180a9e4
- SHA1
- dc0291c406ce2310d2bc8954afa276b616ff55fd
- SHA256
- f26d85d6e78b51755d7efa02974b9865183fc98f22478165bd8722a765e635f8
-
nvdmui.inf
- Size
- 3.8MiB (3950668 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- ccaa3961336c0b5e9514a517b3e5c3db
- SHA1
- c11c4281449eb16bc1cf54da85fdd1296bc6eeaa
- SHA256
- 0331ed25f58b5cdf92a3700dadd075d6946221c2ce443b844cf4cd43a485eeb5
-
nvfmui.inf
- Size
- 459KiB (470462 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- a121506d71e019a8e31d8493aa2322ee
- SHA1
- af2e9737811a410b58d80da350646d8aa3fd88a8
- SHA256
- 394c13d33ddf451210452958f986ee4ff89ada96e4da51d4117882760e0957e0
-
nvfsui.inf
- Size
- 54KiB (55503 bytes)
- Type
- text
- Description
- Windows setup INFormation, ASCII text, with very long lines, with CRLF line terminators
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 09a3011718f87e377a6180c62a0eab6a
- SHA1
- 4278ed188f73d7d0ff65b8196610fac484a28547
- SHA256
- 633dcb6b5bd8d66cb5e1d64880b93eee8410ab931cdcb89f57e684ae405d750b
-
nvgbui.inf
- Size
- 1.1MiB (1172440 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 1f0ccd04c27e71515969366ff225907d
- SHA1
- fbed1067adc511639a124ae0df1124d51bc7f0bf
- SHA256
- f3b9d830556c2a48958a265c6c01791735f7c9d0e0f8fecb5d93c2bbbae2a61f
-
nvhdcui.inf
- Size
- 979KiB (1002635 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- a2fa6d8e09d6fa38f8ab393d58ee1cbc
- SHA1
- 025befab295c6337d4806eda0061cb6d484f0308
- SHA256
- a3925b490650afbff66d3136aa7f603f921620ec6c34b3ea6d8b69f24042950b
-
nvhmui.inf
- Size
- 1.1MiB (1164294 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- fb1c100b88526800550dac025162bde1
- SHA1
- 30da84c7b37b2cae26e83a43f7f2e749686c264d
- SHA256
- e2b00aa43239dd82d5db691b3f1f2d742b14fcbbdcdca65f5b417496297360a6
-
nvhwui.inf
- Size
- 79KiB (80543 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 25ce01e1f5725009bf0960aa5ed5b6c4
- SHA1
- 0dc212c84ae11542b6d3bb094dbf35122acec9ca
- SHA256
- be9006a0799b2b98c8513a82223cdeb12e20ce0727422ee3a5ed372939408327
-
nvleui.inf
- Size
- 495KiB (507114 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 18a0c44a7d96bd1ab2a2501bdaf31707
- SHA1
- 958ea9eef60c04659e5b99346460d4f7d0c7c794
- SHA256
- da4a5441c40faac8cd0fe7cef4815a2c29427bf6ed09663da4b62ce8a67ff81a
-
nvlgui.inf
- Size
- 195KiB (199273 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 06930830e568135a1ef707b1b77788b6
- SHA1
- 6516b0c5400a77d9263991aca2f1766ffc1fcce6
- SHA256
- f6c8d6870297ab54c996eca7edf29a9a1184d5e498be03b60fd17d8db7d5d2fc
-
nvltui.inf
- Size
- 810KiB (829590 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 3396048f0028e597f861271fa3838c43
- SHA1
- f8f1ae6c3f46a0f4dd72014244f44539a94b607d
- SHA256
- 9c4673191f5325243da2adb04daba6bb27f9c5df99c399fb072943d6dcddb854
-
nvmdui.inf
- Size
- 133KiB (135701 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 3d1ed3f29259b50481f84a63f528a92b
- SHA1
- 9e546496019727305c7652e32aecc6b334c5be24
- SHA256
- 5ef5044882029abcd62cc4ccb0668034674261dd94a15910d911f20365a82eac
-
nvmiui.inf
- Size
- 356KiB (364182 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 7c8437324d103b23a90828275eefc509
- SHA1
- d508098386ca6a6c891cb81bc4d98f9b86cfaaea
- SHA256
- 3298904d3ae19430c7168a875536da1ccf45261dfb4d6b57b96ca9529e352e30
-
nvmoui.inf
- Size
- 274KiB (280100 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 25762c49f83464392f43618fc129299c
- SHA1
- 2e81ab74456b5960241c8699e3b07c8db8f92d77
- SHA256
- 6975a16deaa10a9587d1d64f266e080602f681888e97741510b2e1f7d07a6a85
-
nvmsoaui.inf
- Size
- 150KiB (153789 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 4ffd6c928c97fbcccf928120bd767f6e
- SHA1
- de8cd796640b73da0c0bb4644e828eb41b3a0eea
- SHA256
- 60002f06120baae47ddd092a6eafc885653641504ef31aeb77ad5378a12d0d1a
-
nvpcdui.inf
- Size
- 413KiB (422846 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 9226c634f6a8d06df0ea21c5ffdec3b1
- SHA1
- dd9d18e417a650f5fa8361d46240163f6f9c98bb
- SHA256
- d94b1c3cee84c11bbe845e0bc176b6391f4d0246a7529cc38f581ff6cc9607b7
-
nvpmui.inf
- Size
- 123KiB (125773 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 7880efddfbb5b44c008ffb7c47e83ed3
- SHA1
- 679421f261e0788526f30998f9344df13f8207a4
- SHA256
- 20e9718f83d44c55d1d55ca670acc60d56054f3f658472dcfc1d396b2b0d842e
-
nvquui.inf
- Size
- 245KiB (251173 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 914149a9ae3ea43e7847af2ad9363e4a
- SHA1
- 53642b8b264cf0b532235943c026b8fca9bc4ff4
- SHA256
- b127919cc16f529ea45aa93f92d55c0864d0a6fae084ad99420babd846cd6343
-
nvrfui.inf
- Size
- 503KiB (515166 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 60992bb1495029aa15c387b439ab21ee
- SHA1
- eff5627abe7c8e180bf7a7dd5943e23507bab334
- SHA256
- 09e8795c4fb71d58e7db0c27286c8d7c1e98b351ec9a69cb5d1e394d3645c246
-
nvrzui.inf
- Size
- 120KiB (122754 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 6cd9781cee153e5d3c43027acf2401aa
- SHA1
- 9df6150397f2f5654f354604f71f64a210bb4891
- SHA256
- aac1228a4ed948326b26f65b67e79e191a5286c888f23ee05ef5e7f19470ba96
-
nvsaui.inf
- Size
- 68KiB (69165 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 0923f9a097a249d9815d831fa40ee83f
- SHA1
- 2561ab3f5e6ddc7599430727fa12c15428b213be
- SHA256
- 716577191f09b554b8d3b9122774cbd816cb10c42d575de53bbfcdbbbd95e592
-
nvsmui.inf
- Size
- 148KiB (151436 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- a0c6dfe3b6cfb38772615877dc58d7fe
- SHA1
- b334ce6ae09f0bfe7c77f79f7852736f8af1ba76
- SHA256
- 9f29d361aa91009d5e5be80a0d9d5fb5407f4e3b8562ce72c36cee1c0d92608b
-
nvtfui.inf
- Size
- 424KiB (434473 bytes)
- Runtime Process
- cuda_10.1.243_win10_network.exe (PID: 2728)
- MD5
- 34172bb7e9b0f0663bd4de39b578896e
- SHA1
- c3bc05ff292301468d0eace524b6f959bb911f70
- SHA256
- 0a825779e3191b05fc7e68f509316578722af6f569db055ad26fa12f3e3bc052
-
Notifications
-
Runtime
- Not all Falcon MalQuery lookups completed in time
- Not all IP/URL string resources were checked online
- Not all sources for indicator ID "api-4" are available in the report
- Not all sources for indicator ID "api-55" are available in the report
- Not all sources for indicator ID "binary-0" are available in the report
- Not all sources for indicator ID "binary-1" are available in the report
- Not all sources for indicator ID "binary-16" are available in the report
- Not all sources for indicator ID "hooks-8" are available in the report
- Not all sources for indicator ID "registry-72" are available in the report
- Not all sources for indicator ID "static-0" are available in the report
- Not all sources for indicator ID "static-1" are available in the report
- Not all sources for indicator ID "static-6" are available in the report
- Not all strings are visible in the report, because the maximum number of strings was reached (5000)
- Some low-level data is hidden, as this is only a slim report