6ca22420e8ebcf7b7cb3ad10052f358921e918f4be3a16741fad0d7bf917ffd4

Summary

Architecture IMAGE_FILE_MACHINE_AMD64
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2023-Jun-21 21:32:50
Detected languages English - United States
Debug artifacts C:\build\output\unity\unity\artifacts\WindowsPlayer\Win64_VS2019_nondev_m_r\WindowsPlayer_player_Master_mono_x64.pdb
FileVersion 2022.3.4.3502396
LegalCopyright (c) 2005-2023 Unity Technologies. All rights reserved.
ProductVersion 2022.3.4f1 (35713cd46cd7)

Plugin Output

Info The PE contains common functions which appear in legitimate applications. [!] The program may be hiding some of its imports:
  • GetProcAddress
  • LoadLibraryExW
Suspicious The PE is possibly a dropper. Resources amount for 84.7484% of the executable.
Suspicious VirusTotal score: 1/68 (Scanned on 2026-07-01 13:23:35) Trapmine: suspicious.low.ml.score

Hashes

MD5 6bf04178400ca984f8642b98147012f7
SHA1 1860044d1c0f1c10e13c19f3efc7ce9a022ee9f9
SHA256 6ca22420e8ebcf7b7cb3ad10052f358921e918f4be3a16741fad0d7bf917ffd4
SHA3 ba66f768b1ad6fcddd81244efc34b0b8422eaf09d99adebd732a96d4ace38e7a
SSDeep 12288:s/744aOD8yN9DA486Oe+Yw2UXyZUutGC:W9aOPN9cM7w2UXTutGC
Imports Hash ce1183cc150987a99aef5749f22af81e

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x110

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_AMD64
NumberofSections 7
TimeDateStamp 2023-Jun-21 21:32:50
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xf0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32+
LinkerVersion 14.0
SizeOfCode 0xca00
SizeOfInitializedData 0x97000
SizeOfUninitializedData 0
AddressOfEntryPoint 0x0000000000001260 (Section: .text)
BaseOfCode 0x1000
ImageBase 0x140000000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0xa8000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 c908b9c0303dc1f82726ca4dae00b772
SHA1 e81e70cb017880d2883f88a85d9a5ba6176ebcc1
SHA256 6e577d9deae653a5181b5a961bc5d68133d0e0c5371dc8bf2e7a30f6ef4d5cb2
SHA3 deefbce421cada627162918879ac6eda8099d036762180ad5ebfb4cbd66be7e2
VirtualSize 0xc8b0
VirtualAddress 0x1000
SizeOfRawData 0xca00
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.41078

.rdata

MD5 63cdf8f0915e86baca8a0ce6a1be76c0
SHA1 04ba3c2720062aac0dff8badab5e25a3abdf7348
SHA256 ecb549442f2ec313752ea0308eda670a21b2f5ccaa0eff8c08925393ce3d1a7e
SHA3 5421f1f3c3dde1e1ca6fc470a2cb1168d6bfc2aa7fb8462452213e46d8e6cb73
VirtualSize 0x948a
VirtualAddress 0xe000
SizeOfRawData 0x9600
PointerToRawData 0xce00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.65295

.data

MD5 90815aa5dc65a7dd3f93bad1bd78a77e
SHA1 608f3e69047b216dda6b0df73c30912e2fef5544
SHA256 435cb9af1df25f501f68a9700182c4d25de99c3f8e8c1ba6b16c0ca98911ff87
SHA3 e5ea90d4dd767bfa3d88e3fa2e107c2e40cac10f43498d5abd74f15888477d18
VirtualSize 0x1d38
VirtualAddress 0x18000
SizeOfRawData 0xc00
PointerToRawData 0x16400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 1.87032

.pdata

MD5 c69bce38ac69d0b835120a5590e69f0c
SHA1 c063139b665bfd43ee632f0741b4b5279a71f404
SHA256 1d79cfdb10b0e6f61968ed084c55a6ae07421354bf9072b12d090926728f3852
SHA3 5b320838ebff98a9e30dc5b9258ca4079fcb7cde4304c61cfe2dd57bb750842e
VirtualSize 0xef4
VirtualAddress 0x1a000
SizeOfRawData 0x1000
PointerToRawData 0x17000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.62843

_RDATA

MD5 f87f407c2a1cab208757ad1d23a2de6f
SHA1 cd739c36958f9ba7505883ae868f1a6ca71e880f
SHA256 6e4ba525d12ef66132e0738191d3a928ba74c0091a6f82bc48f892a41e2fc242
SHA3 0611ad194d9c623281cb358dbc2f2d28bb01b6eab682677ec8d16136d74414ab
VirtualSize 0x94
VirtualAddress 0x1b000
SizeOfRawData 0x200
PointerToRawData 0x18000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 1.11888

.rsrc

MD5 687f99288810435be6b2750ab177d9b8
SHA1 fb9746cb14cdebc7ace471c3340310ff76fcd391
SHA256 fe6a3b09a9f99313f4ba74e38905cde93e831ba9cc061d0f5fcc89dacbd9742e
SHA3 8a67454403345c1cc06bdd63227da6bec29c6f1cbfae4c17482ff3b5a2516660
VirtualSize 0x8a198
VirtualAddress 0x1c000
SizeOfRawData 0x8a200
PointerToRawData 0x18200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 6.41873

.reloc

MD5 ef1e558d46106d87320dd822be1ddc48
SHA1 10f7b05d107451bd01cf446da512c619fc35bf50
SHA256 34d7b771018e478ba05cd24ec377fd34919d65ec63c43f49e1ab319785368929
SHA3 cc295f58e62efe5c59cad1febf1ce620404450135f442c20ba55235b492ddac9
VirtualSize 0x654
VirtualAddress 0xa7000
SizeOfRawData 0x800
PointerToRawData 0xa2400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 4.84209

Imports

UnityPlayer.dll UnityMain
KERNEL32.dll HeapAlloc
WriteConsoleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
CloseHandle
RtlUnwindEx
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
RaiseException
RtlPcToFileHeader
GetStdHandle
WriteFile
GetModuleFileNameW
GetCurrentProcess
ExitProcess
TerminateProcess
GetModuleHandleExW
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetFileType
GetStringTypeW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GetProcessHeap
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
CreateFileW

Delayed Imports

AmdPowerXpressRequestHighPerformance

Ordinal 1
Address 0x18004

NvOptimusEnablement

Ordinal 2
Address 0x18000

1

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x42028
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.43428
MD5 165312fde5690be4084e6ff813ca02e4
SHA1 fd4af1252719d1bed239df5191c9e05babebb4d4
SHA256 98b1737cef0c2bc71b58ecb0046a35bffc0318a6c98b19b69a5645bca7d803c2
SHA3 ae04c62fea4d6103166f8ac9b4b98724cd71ba43750dbf5d219f8a5ae7c4c35f

2

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x25228
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.42502
MD5 f3230651b4d3acd950aa1b9405479da3
SHA1 203a4f8c896309d104f4e504e814412cbe3f661e
SHA256 6f5a067782987905135dd1c8af2d59bf65f81afe9bd00c1018e0ff2eced94355
SHA3 b89c96d73af615ff71bbc9ce830db1a74ec5d88a52cf2fad23391c0e92536f2e

3

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x10828
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.4037
MD5 3226ed389372437d4bc2fa64a9b5def9
SHA1 40d61c9407786626bfe6dd94c33a4c02d9b2f344
SHA256 502ec1faeef61da7c9bd2ef23b450070fcbe0f1b4a43cd0207e8d9aefbc4431a
SHA3 b0304daa8cf7442a2d569974915027612abb652246eca03e7ee2700b9c33bc1b

4

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x94a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.41406
MD5 59d8dffb2c5f5d4f3ef2fcda7b06885b
SHA1 554fdc3953c3c86def1ae01546aca445e2cd0307
SHA256 32a948b8531cf19ba7bb238344c14d5c16441e80e5797526fbd9f145537ae8cb
SHA3 13aaf7f0fba3019f08ad1bae82c43abdd036dbcb53baeb7eda96d35e1b2fac5c

5

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x4228
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.08025
MD5 61c2c9cc8806e311936375ed05ff4cca
SHA1 ce8d577ad3417b8d5f354aef76808791c2aa29f0
SHA256 649a6b0d488563767c871e5eae9e1dab7a1fb9fb59eb4d2b77f2319d4fb83eba
SHA3 f654e6fecd70852a499a7e061d00139736046a18dad37819b7df85f9d05d0364

6

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.3266
MD5 fffff882598958f5913111d875c6d21f
SHA1 7cdafdc9979f92d0f81e1e50f94d17787e145612
SHA256 d1668df77e2f22e520c27a288654fd71801c07b9552bab2bb8c8eabc84c98b64
SHA3 907d168dda17db445d57f34fcf89766d060a84a590ec6150f2f6b541d3bbdae9

7

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.55005
MD5 831aa3e2174c179145b51905b3ee86e2
SHA1 322fe8db794902ff024fc9d71ef63cf10da0b626
SHA256 949af4da2f73a592ef54fb1ba45d1a31fef496f5e800e20a094ed0a3991c6956
SHA3 9cd63b3287f02239135b24f16dca94be4dac207e5055e35a2b32a71b5cf41cb6

8

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x988
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.59877
MD5 84a5689235afb22af0991c0607cca2ea
SHA1 291d92cf08ebcb5e20d81d6b517fd2d091a0192f
SHA256 4396998f88e039edf4737182875348eb6958425e15770fa1b3510ae746f172f2
SHA3 aa83ceddc060a4eba9009cf7dc5610a45523993657fac28933e74e9a3d07f1bb

9

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.58174
MD5 f998c082ae3cb1edc0423d81cca5ad05
SHA1 88139b7a119217bea0b27e904addc928db85815a
SHA256 a5892d9629beec3c2701cfb7082ec9db11f8c547db7940bb6a6ec97aabcd2645
SHA3 86f2c98cde092802c13397bb938b91e10ac5fd390d0767b6a3f7f895490c997f

103

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x84
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.04448
Detected Filetype Icon file
MD5 f7731730720cfe035cf030b40d0e2eb6
SHA1 d046e23f2ee2b93ad96be8e1dc9120ecf3915091
SHA256 5c92a41adaf3265071482fd1a182ae8702c168636a7d9ff51798ee3a1dfc8500
SHA3 6f2d12e4c63c131a3f7f48293996e2be05da351536d013affe5d2265965ce657

1 (#2)

Type RT_VERSION
Language English - United States
Codepage UNKNOWN
Size 0x20c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.55757
MD5 f373a8bdf7dc21cc402fc792dc3ab963
SHA1 e6f02f3b832e823792fcf035b6b5fd1f8eb2d0ce
SHA256 7bab79e06b6f2d25b232254a9d126ae7c359b7f3ab1df760daf7700617a50727
SHA3 ad4088d97ac19ffb1f4bdf61f2388216265d169db9b6de951bc1c7050455c03d

1 (#3)

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x6c1
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.37708
MD5 aab7e8aafe7b06ab3d003b54ab5e18ed
SHA1 dccf0408f43059df37b755f3241a8b4b35c728af
SHA256 fb88b19523afd8fed48eddfd10805a3a0a45997bbf8fac04d595ddf93c1a88a8
SHA3 a981b8e907b79cd9448766ace938dfd96560d11c29e6ba165912a8508bd52ca7

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 2022.3.4.28988
ProductVersion 2022.3.4.28988
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_UNKNOWN
Language English - United States
FileVersion (#2) 2022.3.4.3502396
LegalCopyright (c) 2005-2023 Unity Technologies. All rights reserved.
ProductVersion (#2) 2022.3.4f1 (35713cd46cd7)
Resource LangID English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2023-Jun-21 21:32:50
Version 0.0
SizeofData 141
AddressOfRawData 0x15aec
PointerToRawData 0x148ec
Referenced File C:\build\output\unity\unity\artifacts\WindowsPlayer\Win64_VS2019_nondev_m_r\WindowsPlayer_player_Master_mono_x64.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics 0
TimeDateStamp 2023-Jun-21 21:32:50
Version 0.0
SizeofData 20
AddressOfRawData 0x15b7c
PointerToRawData 0x1497c

IMAGE_DEBUG_TYPE_POGO

Characteristics 0
TimeDateStamp 2023-Jun-21 21:32:50
Version 0.0
SizeofData 768
AddressOfRawData 0x15b90
PointerToRawData 0x14990

TLS Callbacks

Load Configuration

Size 0x138
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x140018030

RICH Header

XOR Key 0xe5e06b0d
Unmarked objects 0
ASM objects (28900) 5
C++ objects (28900) 138
C objects (28900) 10
Imports (28900) 2
C++ objects (VS 2015/2017/2019 runtime 29118) 39
C objects (VS 2015/2017/2019 runtime 29118) 16
ASM objects (VS 2015/2017/2019 runtime 29118) 9
Imports (VS2019 Update 8 (16.8.0-1) compiler 29333) 3
Total imports 89
C++ objects (VS2019 Update 8 (16.8.0-1) compiler 29333) 3
Exports (VS2019 Update 8 (16.8.0-1) compiler 29333) 1
Resource objects (VS2019 Update 8 (16.8.0-1) compiler 29333) 1
Linker (VS2019 Update 8 (16.8.0-1) compiler 29333) 1

Errors

Leave a comment

No comments yet.