33eb4483b37c775f9d139c38b8fc61d5

Summary

Architecture IMAGE_FILE_MACHINE_AMD64
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2022-Oct-13 20:42:41
Detected languages English - United States
Debug artifacts C:\build\output\unity\unity\artifacts\WindowsPlayer\Win64_VS2019_nondev_i_r\WindowsPlayer_Master_il2cpp_x64.pdb
CompanyName Unity Technologies ApS
FileDescription Unity playback engine.
FileVersion 2020.3.41.8133084
InternalName UnityPlayer
LegalCopyright (c) 2022 Unity Technologies ApS. All rights reserved.
ProductName Unity
ProductVersion 2020.3.41f1 (7c19dc9acfda)

Plugin Output

Info The PE contains common functions which appear in legitimate applications. [!] The program may be hiding some of its imports:
  • GetProcAddress
  • LoadLibraryExW
Suspicious The PE is possibly a dropper. Resources amount for 86.3809% of the executable.
Safe VirusTotal score: 0/71 (Scanned on 2025-10-17 05:12:40) All the AVs think this file is safe.

Hashes

MD5 33eb4483b37c775f9d139c38b8fc61d5
SHA1 438b46f845af647b545d4d64fc7842f90b6ff2f1
SHA256 46bd599f1b0cccd669c1509050a07e204e038cca50461636b1f208f75c13bb1f
SHA3 30a249f1576f9b9685dc3b825e0398019d55be8d386d900f805b4f3f38381357
SSDeep 12288:u4eCmqyKBpdvchPDUfMePSkCcxMKmM39EMUW:pKfmdvnfMeqQxMKmMm8
Imports Hash 5f74a5c747508e2822fdb9b687deaf42

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x108

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_AMD64
NumberofSections 7
TimeDateStamp 2022-Oct-13 20:42:41
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xf0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32+
LinkerVersion 14.0
SizeOfCode 0xa200
SizeOfInitializedData 0x96800
SizeOfUninitializedData 0
AddressOfEntryPoint 0x0000000000001260 (Section: .text)
BaseOfCode 0x1000
ImageBase 0x140000000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0xa5000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 dc34d9506ae9e3616b5265da7e35b1f6
SHA1 dce8f4d17ddc08b8460b046a362a27430cbe2e75
SHA256 e80b2c4dfacb7fab649683f679231937cf85d5498d6d4b5d3a3e61149f064124
SHA3 08b3146b697934b2f68c0ed66868b3c96973ed20c4a70245a96b304f456d0106
VirtualSize 0xa120
VirtualAddress 0x1000
SizeOfRawData 0xa200
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.39574

.rdata

MD5 73884e695dca7fe548e4681579748fb4
SHA1 3865b7f18a8f61d14f45adcd52d44927bb2a802e
SHA256 ce9f5e86e8524a3e22f68d186619fc15a1209e218b5b5c9a97aa310b3091aaea
SHA3 5168897e17e5210c605dff9dcc2a55683c58344aea3340f99452ff7dd51841eb
VirtualSize 0x8c6e
VirtualAddress 0xc000
SizeOfRawData 0x8e00
PointerToRawData 0xa600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.65232

.data

MD5 a9e79420695e9bc679ca784c3876e94f
SHA1 85d68049c56be1369a584c2cef1f26bece917c8f
SHA256 a64f2a1dd771a4ddc2a8b9ebecec8d75683a19da0fcb7c92b1ca380ca540a055
SHA3 902fec18ac997b92fb99b25384f1c089fc9ae1ab1d849e846fff2b3a4d2bd9fa
VirtualSize 0x1cd8
VirtualAddress 0x15000
SizeOfRawData 0xc00
PointerToRawData 0x13400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 1.67624

.pdata

MD5 789f36f907239c1ceca2f8ec3f79fcb5
SHA1 11b2d5522be4b2558a7e492c53b4d86184702c90
SHA256 5e2c8dede33e201308d3fabb30b57b487ba34d524537e56449f854c9d6e560e4
SHA3 0b06f78c7fe1c1611e2e7abfd4a78a87cf82474f2ac5b4a8daa9c07fbbf85778
VirtualSize 0xc48
VirtualAddress 0x17000
SizeOfRawData 0xe00
PointerToRawData 0x14000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.36097

_RDATA

MD5 1960efd573f3d23522c840210d59fb7e
SHA1 47057bb39ae6c80b68d90c47f0cfd7d6bf123ad2
SHA256 ad5bd98e9035110e2e2e7b82ed2fe49ec0fae2d89e05400528a6b48804c441a4
SHA3 225389cba41c0a9e2c3319b0921ec1ef9962e8af175fca30c67bde60763834d4
VirtualSize 0x94
VirtualAddress 0x18000
SizeOfRawData 0x200
PointerToRawData 0x14e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 1.08512

.rsrc

MD5 caca202c0dff34c0eb15ed9a5b6bcf7c
SHA1 92ccb7ed596148314c6a14b5e0c356364a2edf8e
SHA256 ee08473d4685dd49f1db26f29d1dd96f062a4d41c85647b18f05f18046797666
SHA3 eda7234bb4cf0939c0d2d3039b4d95bd68b47bc3a781a14f334e1b426b34e9c4
VirtualSize 0x8a2a0
VirtualAddress 0x19000
SizeOfRawData 0x8a400
PointerToRawData 0x15000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 6.48152

.reloc

MD5 a9c3cf69888151777a2a472fa85313df
SHA1 a5410c074ce059a802887d8ef48a198d601aa9e3
SHA256 02d5b365a568a1cfd46be8549a8fee9793a57a8d69c3544d8232330a87a3d7ad
SHA3 874351b3eea840f9c0337e4533e9a1b535fab5c0ccdeba911f149a1902c60a44
VirtualSize 0x634
VirtualAddress 0xa4000
SizeOfRawData 0x800
PointerToRawData 0x9f400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 4.78467

Imports

UnityPlayer.dll UnityMain
KERNEL32.dll WriteConsoleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
CloseHandle
RtlUnwindEx
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
GetStdHandle
WriteFile
GetModuleFileNameW
GetCurrentProcess
ExitProcess
TerminateProcess
GetModuleHandleExW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetFileType
GetStringTypeW
LCMapStringW
GetProcessHeap
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CreateFileW

Delayed Imports

AmdPowerXpressRequestHighPerformance

Ordinal 1
Address 0x15004

NvOptimusEnablement

Ordinal 2
Address 0x15000

1

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x42028
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.43108
MD5 675e1a0ad9c62965d7a74d55dd4611c6
SHA1 5ba75399b7838f58c3719f5f8315549760eae059
SHA256 189db1dd62e81bc10a8a7cd7d39c803cccaa540f99db5659b562d932181c62e8
SHA3 857c493f01381798509215274f728a41d239598ad0ae09383681889635136473

2

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x25228
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.46943
MD5 eb676010bac532d1724b7058808fa0f3
SHA1 9876298d5fbc3673236abdbd1848955ffedac0a8
SHA256 5a2caf169dcd6fdd92a428e7f469db9295cd9fdf95c58ffc1cd4fb8d82462f38
SHA3 d55ece0aa9b68cbdea7b51bb0bd4649a614366b648732f28b6078090a4712203

3

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x10828
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.5056
MD5 4a782302264fa67787dc91943f98efd5
SHA1 045e51b172d7228e536283903366e0d285b1dcb8
SHA256 5aa3a6cd2bfcb72668b319857446ddb5b4c20b607063971ab51ff8c44b248e8c
SHA3 8902a634dc8f27ab5299ed690803ee673268f5ae12a95af8092e052d4bc96a63

4

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x94a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.5281
MD5 8d7d78dbf02c56b94b157248bec389d7
SHA1 a6a0d2da37c1e08892f73c017d5d112b54db5c78
SHA256 6bff75246821afdcd493980556731bc4a2fd1120204719666d7e9cc784a6beff
SHA3 b0e548236c86aaa16ecbdb47800f0b27eecf6d714d2ad70b019ae338c4f8990d

5

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x4228
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.56142
MD5 5cbb9e6dac39325dcc6d8431548c749e
SHA1 777e6bd40e83bba3c4dabde4665029b15f1167aa
SHA256 a0140896837d01de7b10096cb8ab7b62ed3db718076792d5cf0b52ce6f7ae9a7
SHA3 bea3bbce034e794c45eb8563160d78f55a22c72641922d00c8990b969679b57a

6

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.53964
MD5 2a73b087fe152d27b7174ca483a75790
SHA1 41088a157d1edd457463168132be89b7e1f7ea4a
SHA256 7e8bfef28c0f17c5461c73ecd7c19f187feaf064684a07d3ffe4dc0f469642e9
SHA3 380c4499f57d499109395e6a1bd273cc53a9837733e4b678eb51b65c014c6f58

7

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.60878
MD5 d47ac8faf1b599485e39bba5521c812f
SHA1 34d929f9ec60a732cb61bb6e8626bcbfa8d26852
SHA256 c74966b706e0c34bfdbd4c42eb5c9ab8c06734887b06a0634ecb6e6e9c427cee
SHA3 2e394dd65dcc55131168887c1f74a02e61ba3413fd11a9a25e4c5eaf742663bc

8

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x988
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.58367
MD5 db4e91931b03ba55b67dd1bc979f7151
SHA1 cedf3359a4f74583fc574a6b381b1a10bece372c
SHA256 f309f8601ad4380f2c95f6646db140e507e55d15452a5f627affef6bc1010f4f
SHA3 f30dc09498c077f18549fafb4c084ff87ce3e4fd3dd180e3a543794f8cb91cef

9

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.47178
MD5 39118f87f45f758820456291114f8955
SHA1 5ee76cfdb95d030381342d1e56f3a656474fe49e
SHA256 9f0292228a57829e0b517ec0f9e1a8329543cd43da85342ba3d0226474200f70
SHA3 32c90e15e225f6673ad7c5decc07e6728618a1e45307c8da723f2f3db76f3900

103

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x84
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.04448
Detected Filetype Icon file
MD5 f7731730720cfe035cf030b40d0e2eb6
SHA1 d046e23f2ee2b93ad96be8e1dc9120ecf3915091
SHA256 5c92a41adaf3265071482fd1a182ae8702c168636a7d9ff51798ee3a1dfc8500
SHA3 6f2d12e4c63c131a3f7f48293996e2be05da351536d013affe5d2265965ce657

1 (#2)

Type RT_VERSION
Language English - United States
Codepage UNKNOWN
Size 0x318
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.54362
MD5 9c52b078bbb72f4648ebb8c5c11cbbdd
SHA1 344a8116b64f3f6c5fd1126c7ea7f939b91c1eec
SHA256 26792d78e2ffa2b6a1d5315f4064d8d8ed0038af55e980f63595d2682f426751
SHA3 b438b1915db78d05cc5bdee9e8a1f02c44ac8c3ae2373f9a2dd0ddc35e40662b

1 (#3)

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x6c1
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.37708
MD5 aab7e8aafe7b06ab3d003b54ab5e18ed
SHA1 dccf0408f43059df37b755f3241a8b4b35c728af
SHA256 fb88b19523afd8fed48eddfd10805a3a0a45997bbf8fac04d595ddf93c1a88a8
SHA3 a981b8e907b79cd9448766ace938dfd96560d11c29e6ba165912a8508bd52ca7

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 2020.3.41.6620
ProductVersion 2020.3.41.6620
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_UNKNOWN
Language English - United States
CompanyName Unity Technologies ApS
FileDescription Unity playback engine.
FileVersion (#2) 2020.3.41.8133084
InternalName UnityPlayer
LegalCopyright (c) 2022 Unity Technologies ApS. All rights reserved.
ProductName Unity
ProductVersion (#2) 2020.3.41f1 (7c19dc9acfda)
Resource LangID English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2022-Oct-13 20:42:41
Version 0.0
SizeofData 136
AddressOfRawData 0x13730
PointerToRawData 0x11d30
Referenced File C:\build\output\unity\unity\artifacts\WindowsPlayer\Win64_VS2019_nondev_i_r\WindowsPlayer_Master_il2cpp_x64.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics 0
TimeDateStamp 2022-Oct-13 20:42:41
Version 0.0
SizeofData 20
AddressOfRawData 0x137b8
PointerToRawData 0x11db8

IMAGE_DEBUG_TYPE_POGO

Characteristics 0
TimeDateStamp 2022-Oct-13 20:42:41
Version 0.0
SizeofData 712
AddressOfRawData 0x137cc
PointerToRawData 0x11dcc

TLS Callbacks

Load Configuration

Size 0x130
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x140015030

RICH Header

XOR Key 0x69197163
Unmarked objects 0
C objects (VS2017 v14.15 compiler 26715) 10
ASM objects (VS2017 v14.15 compiler 26715) 5
C++ objects (VS2017 v14.15 compiler 26715) 136
Imports (VS2017 v14.15 compiler 26715) 2
C++ objects (VS 2015/2017/2019 runtime 28427) 37
C objects (VS 2015/2017/2019 runtime 28427) 16
ASM objects (VS 2015/2017/2019 runtime 28427) 8
Imports (VS2019 Update 5 (16.5.4-5) compiler 28614) 3
Total imports 85
C++ objects (VS2019 Update 5 (16.5.4-5) compiler 28614) 2
Exports (VS2019 Update 5 (16.5.4-5) compiler 28614) 1
Resource objects (VS2019 Update 5 (16.5.4-5) compiler 28614) 1
Linker (VS2019 Update 5 (16.5.4-5) compiler 28614) 1

Errors