ab76aff9e7470ae1718bde6e48020382

Summary

Architecture IMAGE_FILE_MACHINE_AMD64
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2025-Feb-19 03:56:12
Detected languages English - United States
Debug artifacts C:\build\output\unity\unity\artifacts\WindowsPlayer\Win64_VS2019_nondev_i_r\WindowsPlayer_player_Master_il2cpp_x64.pdb
FileVersion 2022.3.59.6489880
LegalCopyright (c) 2005-2025 Unity Technologies. All rights reserved.
ProductVersion 2022.3.59f1 (630718f645a5)

Plugin Output

Info Cryptographic algorithms detected in the binary: Uses constants related to TEA
Suspicious The PE is possibly packed. Unusual section name found: .bind
Info The PE contains common functions which appear in legitimate applications. [!] The program may be hiding some of its imports:
  • GetProcAddress
  • LoadLibraryExW
Suspicious VirusTotal score: 2/72 (Scanned on 2026-02-07 05:25:22) Cylance: Unsafe
Trapmine: malicious.moderate.ml.score

Hashes

MD5 ab76aff9e7470ae1718bde6e48020382
SHA1 8ab244c22d65e87f9dac29678c625eccaedc07a7
SHA256 27d60e4fa1bda2ef0d197b34f59aee7f3d2c451cf47fc500b5df8e0c5722045c
SHA3 bab0b424898d33d06573fa0e8165fbd3e8bfbda4348f33f98a0275397a98d6e4
SSDeep 12288:D/744aOD8e3RbTWadclo0xGM3H3xxoKVd8WsE6L61VasK:X9aOLbTWadc60xGM3BxoUd9n6L61csK
Imports Hash ce1183cc150987a99aef5749f22af81e

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x110

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_AMD64
NumberofSections 8
TimeDateStamp 2025-Feb-19 03:56:12
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xf0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32+
LinkerVersion 14.0
SizeOfCode 0xca00
SizeOfInitializedData 0x97000
SizeOfUninitializedData 0
AddressOfEntryPoint 0x0000000000001260 (Section: .text)
BaseOfCode 0x1000
ImageBase 0x140000000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0xe1000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 c908b9c0303dc1f82726ca4dae00b772
SHA1 e81e70cb017880d2883f88a85d9a5ba6176ebcc1
SHA256 6e577d9deae653a5181b5a961bc5d68133d0e0c5371dc8bf2e7a30f6ef4d5cb2
SHA3 deefbce421cada627162918879ac6eda8099d036762180ad5ebfb4cbd66be7e2
VirtualSize 0xc8b0
VirtualAddress 0x1000
SizeOfRawData 0xca00
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.41078

.rdata

MD5 0806e1436a1e715d03dd06390040baa9
SHA1 7d0654eb8ba9ed40133dd47f1c86f129d86029f6
SHA256 43a5d02c570b5a361c48f854df74df6e225748316d2ddc5b25239b2aecee4f2e
SHA3 c4b87f419ff6b8d45f37ad9cfad72c4ea7d78d460fdff8e2e07ecefeccc92d63
VirtualSize 0x948a
VirtualAddress 0xe000
SizeOfRawData 0x9600
PointerToRawData 0xce00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.65373

.data

MD5 90815aa5dc65a7dd3f93bad1bd78a77e
SHA1 608f3e69047b216dda6b0df73c30912e2fef5544
SHA256 435cb9af1df25f501f68a9700182c4d25de99c3f8e8c1ba6b16c0ca98911ff87
SHA3 e5ea90d4dd767bfa3d88e3fa2e107c2e40cac10f43498d5abd74f15888477d18
VirtualSize 0x1d38
VirtualAddress 0x18000
SizeOfRawData 0xc00
PointerToRawData 0x16400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 1.87032

.pdata

MD5 c69bce38ac69d0b835120a5590e69f0c
SHA1 c063139b665bfd43ee632f0741b4b5279a71f404
SHA256 1d79cfdb10b0e6f61968ed084c55a6ae07421354bf9072b12d090926728f3852
SHA3 5b320838ebff98a9e30dc5b9258ca4079fcb7cde4304c61cfe2dd57bb750842e
VirtualSize 0xef4
VirtualAddress 0x1a000
SizeOfRawData 0x1000
PointerToRawData 0x17000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.62843

_RDATA

MD5 f87f407c2a1cab208757ad1d23a2de6f
SHA1 cd739c36958f9ba7505883ae868f1a6ca71e880f
SHA256 6e4ba525d12ef66132e0738191d3a928ba74c0091a6f82bc48f892a41e2fc242
SHA3 0611ad194d9c623281cb358dbc2f2d28bb01b6eab682677ec8d16136d74414ab
VirtualSize 0x94
VirtualAddress 0x1b000
SizeOfRawData 0x200
PointerToRawData 0x18000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 1.11888

.rsrc

MD5 cc7d7f0f2739878d2ab16fbe60a11a66
SHA1 41124fb2d9e540c09910d4a9ba30763d2c23c272
SHA256 35dec3f07c2212a94809ba6a1846ffe81c11ed80fe98b9ab07ca12a23e43f465
SHA3 4a1c7a7b50c5b21505181d55d8392e50ac1f4312615a30b7f087b9e751549a5f
VirtualSize 0x8a198
VirtualAddress 0x1c000
SizeOfRawData 0x8a200
PointerToRawData 0x18200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 6.01689

.reloc

MD5 ef1e558d46106d87320dd822be1ddc48
SHA1 10f7b05d107451bd01cf446da512c619fc35bf50
SHA256 34d7b771018e478ba05cd24ec377fd34919d65ec63c43f49e1ab319785368929
SHA3 cc295f58e62efe5c59cad1febf1ce620404450135f442c20ba55235b492ddac9
VirtualSize 0x654
VirtualAddress 0xa7000
SizeOfRawData 0x800
PointerToRawData 0xa2400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 4.84209

.bind

MD5 f0080aa919a6e61b10648a6be25d98ed
SHA1 bb052f08d32e0a0bc92984b992b505af36b97e0a
SHA256 dc71ba600d658dcad64ba34cb073caafa3b7c0183d57c586d882648113cc8d95
SHA3 2bc4be1509f1d64b5656762cbabf03c02d1591a03464f6afa76b8bdd2d3cc4c9
VirtualSize 0x38448
VirtualAddress 0xa8000
SizeOfRawData 0x38448
PointerToRawData 0xa2c00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 7.95918

Imports

UnityPlayer.dll UnityMain
KERNEL32.dll HeapAlloc
WriteConsoleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
CloseHandle
RtlUnwindEx
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
RaiseException
RtlPcToFileHeader
GetStdHandle
WriteFile
GetModuleFileNameW
GetCurrentProcess
ExitProcess
TerminateProcess
GetModuleHandleExW
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetFileType
GetStringTypeW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GetProcessHeap
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
CreateFileW

Delayed Imports

AmdPowerXpressRequestHighPerformance

Ordinal 1
Address 0x18004

NvOptimusEnablement

Ordinal 2
Address 0x18000

1

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x42028
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.5041
MD5 20462d9bc7380274b07a7b4f072231ef
SHA1 0940e1e8bbbf6cc9ce0e97c189b04b1cb7bc188f
SHA256 99c3a15ee0db7566d8518fd77d7bc70bdb92214c661c8f7bc24d1d6840c5441b
SHA3 8dca71374feac402d56e8f4931bf5777031a9f083287bf2554e05eb10d805a4a

2

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x25228
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.15512
MD5 ec21857a22e53eef231c14ac13bb33a0
SHA1 666c47d947a5adcb600bb513fecf8f851d2fe2fc
SHA256 d6835a76cc0eb34ce7cdff8f70d6d9e6aa1e9f5a70f98b355cd7dfa7e8c3f84e
SHA3 45583b24d3c8922b81a49c1872afd4f6109a7038b6af4f21a53d010a976dfdb7

3

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x10828
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.26783
MD5 7f628b2e6fb55e52b47db72e5cd126a7
SHA1 6fccef477418d8b9dbae67ac5086968db1454b19
SHA256 6130cd7145962bd3c416580c6e919c61f241d0f29dc083cfdd690db572db868d
SHA3 006d517e4b65d0de6ad3fad9b1d1c93d3c358a5b183ee6affd800961dc7dd825

4

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x94a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.34896
MD5 a343009beba1effb447218320e27b569
SHA1 e9b7444426f6a57a8d64268044af0a8a11ee4e7f
SHA256 f3aa10e9803987e8aa3de91717fcceb286e03c600907fb9d32a66c6cb39c36dd
SHA3 2ee2959544b4f223629638bf16200ebf5be62a5a52b68f5d1f3dc928b53128eb

5

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x4228
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.43918
MD5 3f6cff0fab41d92ca99a86b91b001436
SHA1 b733ffbeb3523c0603311d7f21a6f9072453bb91
SHA256 f6279da5d4677a54a4d3f16334d61df2fed7a4030e415f9408af7776904d3d01
SHA3 3befd894dca9701b38a2bcc793900c22bfb53218bc2ff9ef0138401a0030ce22

6

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.61389
MD5 4c6641bc8e5c1b461b9d7031b3e34c14
SHA1 130ad18ce59b0128cb227da9386b4de30796abbd
SHA256 2b8925a94184e9e705b8a9ade919495ffa3818acf3a81a2d1e7767b300573ffe
SHA3 b42938bfbba67d0e78fa9083f8f339bd8a99c574bdf85ac3c7332640dc7cd962

7

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.6766
MD5 c7d7da8fd0a84eb4fe86584bb02f6d3d
SHA1 c92e3b6d9d45475bde3359f5ae55e4ca9e72a936
SHA256 2cc54201b8d6b30a91670f201218a5c8a4c97b3a98da7d029d59988fb7ed594f
SHA3 be43d1ec4a52e1370b70ee089509d52631d286943a96d0e774034662addd8929

8

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x988
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.34295
MD5 aa1591880fbb7d7913d4b0eceee8bf00
SHA1 6ff3e70afd5684bb33e45ec37856e7c06fa1bce9
SHA256 b650315e4c53f57467759bfeb359f84bbf51e07770c686dc66848d4be4a0e132
SHA3 62c94fc6be622154fcd6b7f4abae36468fafa175240929838593243256468e91

9

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.04308
MD5 e5a1a0411953fadb416f4ee00b5ab78b
SHA1 44c0f66d3030116c3d2cc0c06670fdc81309c7a6
SHA256 589e53f3cddcf85207ecf7c76a8660e4211fc4e8e5018f7fdd5bceef48620481
SHA3 b1dbb0733c68bf8fa4849faf2513d22e8d8668136a7b87936573418250abe228

103

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x84
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.04448
Detected Filetype Icon file
MD5 f7731730720cfe035cf030b40d0e2eb6
SHA1 d046e23f2ee2b93ad96be8e1dc9120ecf3915091
SHA256 5c92a41adaf3265071482fd1a182ae8702c168636a7d9ff51798ee3a1dfc8500
SHA3 6f2d12e4c63c131a3f7f48293996e2be05da351536d013affe5d2265965ce657

1 (#2)

Type RT_VERSION
Language English - United States
Codepage UNKNOWN
Size 0x210
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.57322
MD5 bd6ce0bcc8ae86edadc8a110322a3e14
SHA1 9af33c38ac3b986e25b3e0d5807b15e86df456cc
SHA256 5f4efdd2919ba08fd2842ba27c9f687a6a9723bf8e20f6e2a6e825b73495eda8
SHA3 fb67d197acdb5f4256de13589a408bc23bf09733c63d3824e47ae08f7f6be1a1

1 (#3)

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x6c1
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.37708
MD5 aab7e8aafe7b06ab3d003b54ab5e18ed
SHA1 dccf0408f43059df37b755f3241a8b4b35c728af
SHA256 fb88b19523afd8fed48eddfd10805a3a0a45997bbf8fac04d595ddf93c1a88a8
SHA3 a981b8e907b79cd9448766ace938dfd96560d11c29e6ba165912a8508bd52ca7

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 2022.3.59.1816
ProductVersion 2022.3.59.1816
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_UNKNOWN
Language English - United States
FileVersion (#2) 2022.3.59.6489880
LegalCopyright (c) 2005-2025 Unity Technologies. All rights reserved.
ProductVersion (#2) 2022.3.59f1 (630718f645a5)
Resource LangID English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2025-Feb-19 03:56:12
Version 0.0
SizeofData 143
AddressOfRawData 0x15aec
PointerToRawData 0x148ec
Referenced File C:\build\output\unity\unity\artifacts\WindowsPlayer\Win64_VS2019_nondev_i_r\WindowsPlayer_player_Master_il2cpp_x64.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics 0
TimeDateStamp 2025-Feb-19 03:56:12
Version 0.0
SizeofData 20
AddressOfRawData 0x15b7c
PointerToRawData 0x1497c

IMAGE_DEBUG_TYPE_POGO

Characteristics 0
TimeDateStamp 2025-Feb-19 03:56:12
Version 0.0
SizeofData 768
AddressOfRawData 0x15b90
PointerToRawData 0x14990

TLS Callbacks

Load Configuration

Size 0x138
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x140018030

RICH Header

XOR Key 0xe5e06b0d
Unmarked objects 0
ASM objects (28900) 5
C++ objects (28900) 138
C objects (28900) 10
Imports (28900) 2
C++ objects (VS 2015/2017/2019 runtime 29118) 39
C objects (VS 2015/2017/2019 runtime 29118) 16
ASM objects (VS 2015/2017/2019 runtime 29118) 9
Imports (VS2019 Update 8 (16.8.0-1) compiler 29333) 3
Total imports 89
C++ objects (VS2019 Update 8 (16.8.0-1) compiler 29333) 3
Exports (VS2019 Update 8 (16.8.0-1) compiler 29333) 1
Resource objects (VS2019 Update 8 (16.8.0-1) compiler 29333) 1
Linker (VS2019 Update 8 (16.8.0-1) compiler 29333) 1

Errors