| Architecture |
IMAGE_FILE_MACHINE_AMD64
|
|---|---|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| Compilation Date | 2016-May-24 23:16:30 |
| Detected languages |
English - United States
|
| Debug artifacts |
C:\Users\BUILDU~1\AppData\Local\Temp\UnityPlayer_Symbols.pdb
|
| FileVersion | 4.7.2.11009659 |
| ProductVersion | 4.7.2.11009659 |
| Unity Version | 4.7.2f1_a7fe7b7f3d1f |
| Info | Matching compiler(s): | MASM/TASM - sig1(h) |
| Suspicious | Strings found in the binary may indicate undesirable behavior: |
Contains references to system / monitoring tools:
|
| Info | Cryptographic algorithms detected in the binary: |
Uses constants related to CRC32
Uses constants related to MD5 Uses constants related to SHA1 Uses constants related to SHA256 Uses constants related to SHA512 Uses constants related to AES Uses constants related to Blowfish Uses known Mersenne Twister constants Microsoft's Cryptography API |
| Suspicious | The PE is possibly packed. |
Unusual section name found: text
Unusual section name found: data Unusual section name found: .trace |
| Suspicious | The PE contains functions most legitimate programs don't use. |
[!] The program may be hiding some of its imports:
|
| Safe | VirusTotal score: 0/72 (Scanned on 2025-06-19 16:33:26) | All the AVs think this file is safe. |
| e_magic | MZ |
|---|---|
| e_cblp | 0x90 |
| e_cp | 0x3 |
| e_crlc | 0 |
| e_cparhdr | 0x4 |
| e_minalloc | 0 |
| e_maxalloc | 0xffff |
| e_ss | 0 |
| e_sp | 0xb8 |
| e_csum | 0 |
| e_ip | 0 |
| e_cs | 0 |
| e_ovno | 0 |
| e_oemid | 0 |
| e_oeminfo | 0 |
| e_lfanew | 0x138 |
| Signature | PE |
|---|---|
| Machine |
IMAGE_FILE_MACHINE_AMD64
|
| NumberofSections | 10 |
| TimeDateStamp | 2016-May-24 23:16:30 |
| PointerToSymbolTable | 0 |
| NumberOfSymbols | 0 |
| SizeOfOptionalHeader | 0xf0 |
| Characteristics |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
|
| Magic | PE32+ |
|---|---|
| LinkerVersion | 10.0 |
| SizeOfCode | 0xa32400 |
| SizeOfInitializedData | 0x4b5e00 |
| SizeOfUninitializedData | 0 |
| AddressOfEntryPoint | 0x00000000005C6C04 (Section: .text) |
| BaseOfCode | 0x1000 |
| ImageBase | 0x140000000 |
| SectionAlignment | 0x1000 |
| FileAlignment | 0x200 |
| OperatingSystemVersion | 5.2 |
| ImageVersion | 0.0 |
| SubsystemVersion | 5.2 |
| Win32VersionValue | 0 |
| SizeOfImage | 0xeee000 |
| SizeOfHeaders | 0x400 |
| Checksum | 0 |
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
| SizeofStackReserve | 0x100000 |
| SizeofStackCommit | 0x1000 |
| SizeofHeapReserve | 0x100000 |
| SizeofHeapCommit | 0x1000 |
| LoaderFlags | 0 |
| NumberOfRvaAndSizes | 16 |
| HID.DLL |
HidP_GetButtonCaps
HidP_GetCaps HidD_GetProductString HidP_GetValueCaps HidP_MaxDataListLength HidD_FreePreparsedData HidD_GetPreparsedData HidP_GetData HidD_GetHidGuid |
|---|---|
| WS2_32.dll |
bind
WSACleanup closesocket inet_ntoa htonl inet_addr getsockname connect htons WSAAsyncGetHostByName WSACancelAsyncRequest gethostbyaddr getaddrinfo freeaddrinfo getpeername getsockopt send recv shutdown listen accept ntohs WSAGetLastError recvfrom sendto __WSAFDIsSet WSASetLastError select setsockopt ioctlsocket gethostbyname gethostname socket WSAStartup |
| KERNEL32.dll |
DeleteFileW
RemoveDirectoryW FindNextFileW FindFirstFileW GetModuleFileNameW lstrcpynA lstrcpyA lstrcpynW FreeLibrary GetCommandLineW GetProcAddress LoadLibraryW CancelIo GetOverlappedResult CreateEventW ExpandEnvironmentStringsA CreateMutexA GetCurrentThreadId RaiseException VerifyVersionInfoW VerSetConditionMask GetVersionExW GetSystemInfo GetModuleHandleA GlobalMemoryStatusEx GetCurrentProcess GetUserDefaultLangID GetComputerNameW LoadLibraryA GetTempPathW GetModuleHandleW GetVersionExA GetCurrentProcessId SetUnhandledExceptionFilter WaitForSingleObject CreateThread OutputDebugStringA SetLastError GetEnvironmentVariableA GetFileAttributesA GetModuleFileNameA GetCurrentDirectoryA ResumeThread GetThreadContext SuspendThread RtlCaptureContext GetCurrentThread IsBadReadPtr GetWindowsDirectoryA GetFullPathNameW CreateSemaphoreA Sleep WaitForSingleObjectEx ReleaseSemaphore SleepEx InitializeCriticalSection DeleteCriticalSection EnterCriticalSection LeaveCriticalSection TryEnterCriticalSection SetThreadPriority CreateEventA CopyFileW CloseHandle ResetEvent FileTimeToDosDateTime FileTimeToLocalFileTime lstrlenA GetFileTime VirtualQuery GlobalMemoryStatus GetSystemTimeAsFileTime CreateProcessW FindClose GetFileAttributesW WritePrivateProfileStringW HeapAlloc HeapReAlloc HeapFree RtlLookupFunctionEntry RtlUnwindEx RtlPcToFileHeader EncodePointer DecodePointer ExitProcess SetConsoleCtrlHandler ExitThread DuplicateHandle GetCommandLineA GetStartupInfoW GetStdHandle HeapSetInformation GetVersion HeapCreate FlsGetValue FlsSetValue FlsFree FlsAlloc HeapSize GetLocaleInfoW UnhandledExceptionFilter RtlVirtualUnwind TerminateProcess GetCPInfo GetACP GetOEMCP IsValidCodePage InitializeCriticalSectionAndSpinCount GetConsoleCP GetConsoleMode FlushFileBuffers SetHandleCount GetFileType SetStdHandle LCMapStringW FreeEnvironmentStringsW GetEnvironmentStringsW GetTickCount GetStringTypeW GetUserDefaultLCID GetLocaleInfoA EnumSystemLocalesA IsValidLocale CompareStringW SetEnvironmentVariableA CreateFileA WriteConsoleW GetProcessHeap GetFullPathNameA lstrcmpiA MapViewOfFile CreateFileMappingA UnmapViewOfFile VirtualFree VirtualAlloc GetProcessAffinityMask OpenEventA GetSystemDirectoryA GetDateFormatA CreateSemaphoreW CreateMutexW SignalObjectAndWait ReleaseMutex GetThreadLocale FlushConsoleInputBuffer WriteFile IsDebuggerPresent MoveFileExW WideCharToMultiByte GlobalAlloc GlobalLock SetFileAttributesW CreateDirectoryW GetFileSize ReadFile CreateFileW SetEndOfFile SetErrorMode SetFilePointer GlobalUnlock FormatMessageW FormatMessageA LocalFree MultiByteToWideChar QueryPerformanceCounter QueryPerformanceFrequency GetLastError TlsSetValue TlsGetValue TlsFree TlsAlloc GetTimeFormatA FileTimeToSystemTime GetFileInformationByHandle PeekNamedPipe GetDriveTypeA FindFirstFileExA GetTimeZoneInformation ReadConsoleInputA SetConsoleMode GetCurrentDirectoryW GetDriveTypeW WaitForMultipleObjects TerminateThread SetThreadAffinityMask HeapValidate SetEvent HeapWalk |
| USER32.dll |
SendMessageTimeoutA
EnumWindows SendMessageA SetForegroundWindow ShowWindow IsIconic RegisterWindowMessageA GetUserObjectInformationA GetThreadDesktop GetRawInputDeviceList GetWindowRect GetWindowLongA SetWindowPos GetClientRect GetWindowLongPtrA CreateDialogParamA SetWindowLongPtrA GetDlgItem ChangeDisplaySettingsA SetWindowLongA GetWindowPlacement AdjustWindowRectEx EnumDisplaySettingsA GetRawInputDeviceInfoW GetRawInputData IsWindowVisible GetCursorPos GetKeyState wsprintfA GetParent OpenClipboard EmptyClipboard SetClipboardData CloseClipboard CreateWindowExW DestroyWindow DefWindowProcW DestroyCursor LoadCursorA SetCursor GetSystemMetrics GetDC ReleaseDC CreateIconIndirect GetUserObjectInformationW GetProcessWindowStation MessageBoxW wvsprintfA MonitorFromWindow GetCaretBlinkTime PeekMessageA GetMessageA DispatchMessageA ValidateRect EnumDisplayDevicesA EnumDisplayMonitors GetMonitorInfoA LoadImageA DialogBoxParamA IsDlgButtonChecked CheckDlgButton CreateDialogParamW PeekMessageW IsDialogMessageW TranslateMessage DispatchMessageW MsgWaitForMultipleObjects EnableWindow SetWindowTextW RegisterClassW PostQuitMessage SetWindowLongPtrW GetWindowLongPtrW SetCursorPos ClipCursor ShowCursor GetFocus ScreenToClient GetAsyncKeyState GetClipboardData IsClipboardFormatAvailable SetCapture ReleaseCapture UnregisterDeviceNotification RegisterDeviceNotificationW SystemParametersInfoW ClientToScreen SetFocus WindowFromPoint RegisterClassExW DialogBoxParamW EndDialog LoadIconA SendDlgItemMessageW SetDlgItemTextA GetDesktopWindow MessageBoxA CopyRect OffsetRect GetAncestor UnregisterClassW RegisterRawInputDevices SetDlgItemTextW |
| VERSION.dll |
GetFileVersionInfoW
GetFileVersionInfoSizeW GetFileVersionInfoA GetFileVersionInfoSizeA VerQueryValueA |
| ole32.dll |
CoCreateInstance
CoTaskMemFree CoUninitialize CoInitialize CoTaskMemAlloc StringFromGUID2 CoCreateGuid CoSetProxyBlanket |
| SHLWAPI.dll |
PathCanonicalizeW
PathFileExistsW SHDeleteKeyA PathIsDirectoryW |
| ADVAPI32.dll |
CryptReleaseContext
CryptImportKey CryptVerifySignatureA CryptDestroyKey RegDeleteValueA GetUserNameA RegCreateKeyExW RegQueryValueExW CryptDestroyHash RegOpenKeyExW RegSetValueExW RegCreateKeyA RegSetValueExA RegOpenKeyExA RegQueryValueExA RegCloseKey CryptAcquireContextA RegisterEventSourceW ReportEventW DeregisterEventSource CryptGetHashParam CryptHashData CryptCreateHash |
| GDI32.dll |
SwapBuffers
GetObjectA GetDeviceCaps ChoosePixelFormat SetPixelFormat DeleteObject CreateBitmap CreateDIBSection |
| SHELL32.dll |
ShellExecuteW
SHGetFolderPathW CommandLineToArgvW |
| OPENGL32.dll |
glIsTexture
glGetTexParameteriv glTexSubImage2D glPixelStorei glCopyTexSubImage2D glDrawBuffer glReadBuffer glDrawArrays wglDeleteContext glBegin glEnd glColor4f glNormal3f glVertex3f glHint glLightModelf glLoadIdentity glMaterialfv glMaterialf glReadPixels glFinish glFogi glFogf glFogfv glLightModelfv glLightf glLightfv glTexGeni glTexGenfv glTexEnvfv glScissor glViewport glColor4fv glLightModeli glColorMaterial glGetFloatv glMultMatrixf glMatrixMode glLoadMatrixf glPolygonMode glClearColor glClearDepth glClearStencil glClear glIsEnabled glStencilFunc glStencilOp glStencilMask glDepthFunc glDepthMask glCullFace glPolygonOffset glColorMask glDisable glBlendFunc glEnable glAlphaFunc glTexEnvi glTexEnvf glDisableClientState glEnableClientState glColorPointer glVertexPointer glNormalPointer glTexCoordPointer glDrawElements glGetString glGetError glDeleteTextures glGenTextures glBindTexture glTexParameteri glTexImage2D wglGetProcAddress glGetIntegerv wglShareLists wglGetCurrentDC wglGetCurrentContext wglMakeCurrent wglCreateContext glFrontFace |
| WINMM.dll |
waveInOpen
waveInStart waveInGetDevCapsW waveInGetDevCapsA waveInUnprepareHeader waveInPrepareHeader waveInAddBuffer waveInClose waveOutReset waveOutWrite waveOutUnprepareHeader waveOutOpen waveOutClose waveOutGetDevCapsW waveOutGetDevCapsA waveOutGetNumDevs waveInGetNumDevs timeBeginPeriod timeEndPeriod timeGetTime waveInReset waveOutPrepareHeader waveOutGetPosition |
| OLEAUT32.dll |
SysStringLen
SysAllocString VariantChangeType VariantClear VariantInit SysFreeString |
| MSACM32.dll |
acmStreamConvert
acmStreamUnprepareHeader acmFormatSuggest acmStreamOpen acmStreamSize acmStreamPrepareHeader |
| IMM32.dll |
ImmReleaseContext
ImmSetOpenStatus ImmGetCompositionStringW ImmGetConversionStatus ImmAssociateContextEx ImmAssociateContext ImmGetContext ImmSetCompositionStringW |
| DNSAPI.dll |
DnsQuery_A
DnsFree |
| IPHLPAPI.DLL |
GetIpAddrTable
|
| WINHTTP.dll |
WinHttpGetIEProxyConfigForCurrentUser
|
| Ordinal | 1 |
|---|---|
| Address | 0x425e90 |
| Ordinal | 2 |
|---|---|
| Address | 0x12b0e0 |
| Ordinal | 3 |
|---|---|
| Address | 0xf090 |
| Ordinal | 4 |
|---|---|
| Address | 0x132a0 |
| Ordinal | 5 |
|---|---|
| Address | 0xc3b0 |
| Ordinal | 6 |
|---|---|
| Address | 0xc3b0 |
| Ordinal | 7 |
|---|---|
| Address | 0x17d40 |
| Ordinal | 8 |
|---|---|
| Address | 0x8c3720 |
| Ordinal | 9 |
|---|---|
| Address | 0x128fb0 |
| Ordinal | 10 |
|---|---|
| Address | 0x425d60 |
| Ordinal | 11 |
|---|---|
| Address | 0x12ac50 |
| Ordinal | 12 |
|---|---|
| Address | 0xe3e0 |
| Ordinal | 13 |
|---|---|
| Address | 0x13140 |
| Ordinal | 14 |
|---|---|
| Address | 0xc3b0 |
| Ordinal | 15 |
|---|---|
| Address | 0xc3b0 |
| Ordinal | 16 |
|---|---|
| Address | 0x17ca0 |
| Ordinal | 17 |
|---|---|
| Address | 0x8c3720 |
| Ordinal | 18 |
|---|---|
| Address | 0x128db0 |
| Ordinal | 19 |
|---|---|
| Address | 0x425830 |
| Ordinal | 20 |
|---|---|
| Address | 0x12acc0 |
| Ordinal | 21 |
|---|---|
| Address | 0xe420 |
| Ordinal | 22 |
|---|---|
| Address | 0x11de0 |
| Ordinal | 23 |
|---|---|
| Address | 0xc3b0 |
| Ordinal | 24 |
|---|---|
| Address | 0xc3b0 |
| Ordinal | 25 |
|---|---|
| Address | 0x17e60 |
| Ordinal | 26 |
|---|---|
| Address | 0x8c3720 |
| Ordinal | 27 |
|---|---|
| Address | 0x1291f0 |
| Ordinal | 28 |
|---|---|
| Address | 0x425960 |
| Ordinal | 29 |
|---|---|
| Address | 0x12abf0 |
| Ordinal | 30 |
|---|---|
| Address | 0x10200 |
| Ordinal | 31 |
|---|---|
| Address | 0x12ce0 |
| Ordinal | 32 |
|---|---|
| Address | 0xc3b0 |
| Ordinal | 33 |
|---|---|
| Address | 0xc3b0 |
| Ordinal | 34 |
|---|---|
| Address | 0x17bd0 |
| Ordinal | 35 |
|---|---|
| Address | 0x8c3720 |
| Ordinal | 36 |
|---|---|
| Address | 0x1299e0 |
| Ordinal | 37 |
|---|---|
| Address | 0x425460 |
| Ordinal | 38 |
|---|---|
| Address | 0x125d90 |
| Ordinal | 39 |
|---|---|
| Address | 0xdd60 |
| Ordinal | 40 |
|---|---|
| Address | 0x10760 |
| Ordinal | 41 |
|---|---|
| Address | 0xc3b0 |
| Ordinal | 42 |
|---|---|
| Address | 0xc3b0 |
| Ordinal | 43 |
|---|---|
| Address | 0x17c20 |
| Ordinal | 44 |
|---|---|
| Address | 0x8c3720 |
| Ordinal | 45 |
|---|---|
| Address | 0x128d20 |
| Ordinal | 46 |
|---|---|
| Address | 0x425af0 |
| Ordinal | 47 |
|---|---|
| Address | 0x12b000 |
| Ordinal | 48 |
|---|---|
| Address | 0x10270 |
| Ordinal | 49 |
|---|---|
| Address | 0x12ff0 |
| Ordinal | 50 |
|---|---|
| Address | 0xc3b0 |
| Ordinal | 51 |
|---|---|
| Address | 0xc3b0 |
| Ordinal | 52 |
|---|---|
| Address | 0x17c50 |
| Ordinal | 53 |
|---|---|
| Address | 0x8c3720 |
| Ordinal | 54 |
|---|---|
| Address | 0x129de0 |
| Ordinal | 55 |
|---|---|
| Address | 0xa172a0 |
| Ordinal | 56 |
|---|---|
| Address | 0xa17320 |
| Ordinal | 57 |
|---|---|
| Address | 0xa17340 |
| Ordinal | 58 |
|---|---|
| Address | 0xa172f0 |
| Ordinal | 59 |
|---|---|
| Address | 0xc838e4 |
| Ordinal | 60 |
|---|---|
| Address | 0xc838e0 |
| Ordinal | 61 |
|---|---|
| Address | 0x8c1450 |
| Signature | 0xfeef04bd |
|---|---|
| StructVersion | 0x10000 |
| FileVersion | 4.7.2.65147 |
| ProductVersion | 4.7.2.65147 |
| FileFlags | (EMPTY) |
| FileOs |
VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
|
| FileType |
VFT_UNKNOWN
|
| Language | English - United States |
| FileVersion (#2) | 4.7.2.11009659 |
| ProductVersion (#2) | 4.7.2.11009659 |
| Unity Version | 4.7.2f1_a7fe7b7f3d1f |
| Resource LangID | English - United States |
|---|
| Characteristics |
0
|
|---|---|
| TimeDateStamp | 2016-May-24 23:16:30 |
| Version | 0.0 |
| SizeofData | 85 |
| AddressOfRawData | 0xbc4684 |
| PointerToRawData | 0xbc2e84 |
| Referenced File | C:\Users\BUILDU~1\AppData\Local\Temp\UnityPlayer_Symbols.pdb |
| XOR Key | 0x8bca792a |
|---|---|
| Unmarked objects | 0 |
| ASM objects (VS2008 build 21022) | 2 |
| Unmarked objects (#2) | 172 |
| 135 (VS2008 SP1 build 30729) | 1 |
| C objects (VS2012 build 50727 / VS2005 build 50727) | 1 |
| C++ objects (VS2008 SP1 build 30729) | 42 |
| C objects (VS2008 SP1 build 30729) | 26 |
| 173 (VS2010 build 30319) | 1 |
| C objects (40310) | 1 |
| C++ objects (40310) | 29 |
| Imports (VS2008 SP1 build 30729) | 41 |
| Total imports | 550 |
| 152 (20115) | 8 |
| ASM objects (VS2010 SP1 build 40219) | 29 |
| C objects (VS2010 SP1 build 40219) | 880 |
| C++ objects (VS2010 SP1 build 40219) | 1526 |
| Exports (VS2010 SP1 build 40219) | 1 |
| Resource objects (VS2010 SP1 build 40219) | 1 |
| Linker (VS2010 SP1 build 40219) | 1 |
No comments yet.