UnityPlayer[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

UnityPlayer.dll
Size

21.7MB
MD5

6f1f0f4c09eab129e1284c01b08c9834
SHA1

7ec0e85b9baafa159cd0287acf4f224f85dabd15
SHA256

f37ebdf5d8648fa08ef1226ccedfc882481a62d4151ca8eafc927b9ca61d8c45
SHA512

fec3b7f710658f3c3b88b89904cbb9c14677fb090c1c5ed5cf1835d0eb0555e5e8c83f5d9a8ffc844f5a15b8847cd5b0eeed4cad6a1f70a5ed19b70581021fb3
SSDEEP

393216:hv81VdAeWaMvEo1UpRcGk1YoPtHkWDiTVx:u6eEEo28YoFbDMv

Score

1^/10

Malware Config

Signatures

Files

UnityPlayer.dll
.dll windows:6 windows x86 arch:x86

3451014ef525ada964125a3ecfe365db

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:7c:5a:5e:06:2a:bd:ba:fc:be:1e:c6:3d:4c:30:52
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

14/07/2021, 00:00

Not After

18/07/2024, 23:59

Subject

CN=Unity Technologies ApS,OU=Developer Services,O=Unity Technologies ApS,L=København,C=DK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e8:64:14:25:8c:4b:6b:06:cd:9b:bb:f2:88:08:ba:85:d6:4e:45:a1
Signer

Actual PE Digest

e8:64:14:25:8c:4b:6b:06:cd:9b:bb:f2:88:08:ba:85:d6:4e:45:a1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
GetTempFileNameW
GlobalAlloc
GlobalUnlock
GlobalLock
GetSystemTime
GetSystemTimeAsFileTime
ExpandEnvironmentStringsW
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesExW
GetFullPathNameW
ReadFile
RemoveDirectoryW
SetEndOfFile
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetFileTime
SuspendThread
ResumeThread
LocalFree
CopyFileW
MoveFileExW
ReplaceFileW
SystemTimeToFileTime
Thread32First
Thread32Next
CreateMutexA
RtlCaptureContext
GetEnvironmentVariableA
GetCurrentDirectoryA
GetCurrentDirectoryW
GetFileAttributesA
DebugBreak
SetUnhandledExceptionFilter
GetErrorMode
GetThreadContext
ReadProcessMemory
GetModuleFileNameA
LocalAlloc
GetOverlappedResult
CancelIo
ResetEvent
FormatMessageA
GetWindowsDirectoryW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateIoCompletionPort
GetQueuedCompletionStatus
DeleteCriticalSection
AttachConsole
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
ReleaseSemaphore
GetSystemInfo
GetLocalTime
GetTimeZoneInformation
GetFileSizeEx
IsDebuggerPresent
CreateSemaphoreExW
TlsAlloc
TlsFree
GetNativeSystemInfo
VirtualQuery
GetFileSize
GetStdHandle
GetEnvironmentVariableW
GetModuleHandleA
SetThreadAffinityMask
CreateEventExW
WaitForMultipleObjectsEx
QueryPerformanceFrequency
QueryPerformanceCounter
VerifyVersionInfoW
CreateFileA
SetConsoleCtrlHandler
K32GetProcessMemoryInfo
TerminateProcess
GetCurrentProcess
WaitForSingleObject
SetLastError
GetModuleHandleW
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
SetStdHandle
GetTimeFormatW
GetDateFormatW
GetProcessHeap
HeapAlloc
HeapFree
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileInformationByHandle
GetDriveTypeW
GetConsoleCP
ExitProcess
HeapQueryInformation
HeapSize
HeapReAlloc
RtlUnwind
UnregisterWaitEx
QueryDepthSList
DuplicateHandle
GetVersionExW
FreeLibraryAndExitThread
UnregisterWait
RegisterWaitForSingleObject
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SignalObjectAndWait
CreateTimerQueue
GetStartupInfoW
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetCPInfo
GetStringTypeW
LCMapStringW
CompareStringW
DecodePointer
EncodePointer
GetTickCount
GetSystemDirectoryW
InitializeCriticalSectionEx
SetConsoleMode
ReadConsoleW
ReadConsoleA
GetConsoleMode
ConvertThreadToFiber
ConvertFiberToThread
CreateFiber
DeleteFiber
SwitchToFiber
GetFileType
GetModuleHandleExW
CreateWaitableTimerA
OpenEventA
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ExitThread
GetCommandLineW
SetThreadPriority
GetCurrentThreadId
CreateThread
SwitchToThread
GetThreadTimes
OpenThread
GetCurrentThread
GetUserDefaultLocaleName
GetSystemPowerStatus
GetComputerNameW
GetModuleFileNameW
VirtualFree
VirtualProtect
VirtualAlloc
UpdateProcThreadAttribute
DeleteProcThreadAttributeList
InitializeProcThreadAttributeList
GetProcessId
CreateProcessW
GetExitCodeProcess
WaitForMultipleObjects
DeleteFileW
GetThreadPriority
GetLogicalProcessorInformationEx
GetSystemDirectoryA
GlobalMemoryStatusEx
CreateToolhelp32Snapshot
CreateEventW
TlsGetValue
CreatePipe
OutputDebugStringA
GetTempPathW
WriteFile
GetStartupInfoA
FlushFileBuffers
SetErrorMode
LoadLibraryExW
VerSetConditionMask
RaiseException
CreateWaitableTimerExW
SetWaitableTimer
SleepEx
CloseHandle
Sleep
CreateEventA
WaitForSingleObjectEx
SetEvent
FormatMessageW
SetHandleInformation
SetDllDirectoryW
LoadLibraryW
GetLastError
WideCharToMultiByte
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentProcessId
MultiByteToWideChar
TlsSetValue

user32

SetTimer
MessageBoxA
PeekMessageA
GetCaretBlinkTime
GetDoubleClickTime
DefWindowProcW
MsgWaitForMultipleObjects
GetMessageA
SendMessageW
KillTimer
PostQuitMessage
RegisterClassW
UnregisterClassW
GetUserObjectInformationW
GetProcessWindowStation
CreateWindowExW
DestroyWindow
SetDlgItemTextW
SendDlgItemMessageW
CopyRect
OffsetRect
LoadIconA
ShowWindow
MoveWindow
SetWindowPos
IsWindowVisible
MessageBoxW
EnumDisplaySettingsW
LoadIconW
AdjustWindowRectEx
GetWindowPlacement
GetDC
EnumDisplaySettingsA
GetRawInputDeviceList
RegisterRawInputDevices
GetRawInputBuffer
GetRawInputDeviceInfoW
GetRawInputData
SystemParametersInfoW
GetWindowLongA
PtInRect
ScreenToClient
GetCursorPos
GetSystemMetrics
ReleaseCapture
SetCapture
MapVirtualKeyExA
MapVirtualKeyW
MapVirtualKeyA
IsIconic
SetFocus
GetActiveWindow
GetFocus
DragDetect
ValidateRect
SetWindowTextW
GetClientRect
GetWindowRect
ShowCursor
SetCursorPos
ClientToScreen
ClipCursor
GetWindowLongW
SetWindowLongA
SetWindowLongW
GetParent
EnumDisplayDevicesA
MonitorFromRect
MonitorFromWindow
GetMonitorInfoA
GetMonitorInfoW
EnumDisplayMonitors
UpdateWindow
GetDisplayConfigBufferSizes
QueryDisplayConfig
DisplayConfigGetDeviceInfo
GetDesktopWindow
ReleaseDC
AllowSetForegroundWindow
TrackMouseEvent
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
IsClipboardFormatAvailable
SetCursor
LoadCursorA
DestroyCursor
DestroyIcon
LoadImageW
GetThreadDesktop
GetUserObjectInformationA
RegisterWindowMessageA
SendMessageTimeoutA
SetForegroundWindow
EnumWindows
RegisterClassExW
DialogBoxParamW
EndDialog
ToUnicode
GetKeyNameTextW
GetAsyncKeyState
GetKeyState
UnregisterDeviceNotification
RegisterDeviceNotificationW
GetMessageExtraInfo
DispatchMessageA
TranslateMessage
GetKeyboardLayout
GetKeyboardLayoutNameW
SetDlgItemTextA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

ole32

CoSetProxyBlanket
CoUninitialize
CoInitialize
CoCreateGuid
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CoCreateFreeThreadedMarshaler
PropVariantCopy
CoCreateInstance
PropVariantClear

shlwapi

SHDeleteKeyW
PathCanonicalizeW

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA

advapi32

OpenProcessToken
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExA
RegQueryValueExA
RegOpenKeyExW
RegDeleteValueA
RegCreateKeyW
RegCloseKey
GetSidSubAuthority
GetTokenInformation
GetUserNameA
CryptAcquireContextA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextW
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptSignHashW
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
ReportEventW
DeregisterEventSource
RegisterEventSourceW
CryptEnumProvidersW

gdi32

GetDeviceCaps
SetPixelFormat
SwapBuffers
ChoosePixelFormat

shell32

SHFileOperationW
ShellExecuteW
SHGetFolderPathW
CommandLineToArgvW

opengl32

wglCreateContext
wglGetProcAddress
wglDeleteContext
wglGetCurrentDC
wglMakeCurrent
wglGetCurrentContext

winmm

waveOutGetDevCapsW
waveOutGetDevCapsA
waveOutGetNumDevs
timeGetTime
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite
waveOutReset
waveInStart
timeBeginPeriod
timeEndPeriod
waveInGetNumDevs
waveInGetDevCapsA
waveInGetDevCapsW
waveInOpen
waveInClose
waveInPrepareHeader
waveInReset
waveOutGetPosition
waveOutClose
waveInUnprepareHeader
waveInAddBuffer
waveOutOpen

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantInit
VariantChangeType

imm32

ImmSetCompositionStringW
ImmGetCompositionStringW
ImmAssociateContextEx
ImmAssociateContext
ImmReleaseContext
ImmGetConversionStatus
ImmNotifyIME
ImmGetContext

winhttp

WinHttpGetIEProxyConfigForCurrentUser

bcrypt

BCryptGenRandom

hid

HidP_SetUsageValue
HidP_SetUsages
HidP_GetData
HidP_MaxDataListLength
HidP_GetValueCaps
HidP_GetButtonCaps
HidP_GetCaps
HidD_GetHidGuid
HidD_GetPreparsedData
HidD_FreePreparsedData
HidD_GetProductString
HidD_GetManufacturerString
HidD_GetSerialNumberString
HidD_GetAttributes

crypt32

CertAddEncodedCertificateToStore
CertFreeCertificateContext
CertCloseStore
CertOpenStore
CertGetCertificateChain
CertFreeCertificateChain
CertVerifyCertificateChainPolicy
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty

ws2_32

WSASetLastError
WSACleanup
WSAStartup
gethostname
socket
shutdown
setsockopt
sendto
send
select
recvfrom
WSAIoctl
ntohs
listen
inet_addr
htons
htonl
getsockname
ioctlsocket
connect
WSAWaitForMultipleEvents
bind
accept
__WSAFDIsSet
WSASocketA
getaddrinfo
freeaddrinfo
getnameinfo
ntohl
getpeername
gethostbyname
getprotobyname
WSARecvFrom
getsockopt
WSACloseEvent
WSAGetLastError
WSACreateEvent
WSASocketW
WSAEnumNetworkEvents
WSAEventSelect
WSAResetEvent
WSASetEvent
gethostbyaddr
WSASendDisconnect
WSAAsyncGetHostByName
WSACancelAsyncRequest
recv
closesocket

dwmapi

DwmGetWindowAttribute

Exports

Exports

UnityMain

Sections

.text
Size: 18.4MB - Virtual size: 18.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 981KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 668KB - Virtual size: 667KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3451014ef525ada964125a3ecfe365db

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

0f:7c:5a:5e:06:2a:bd:ba:fc:be:1e:c6:3d:4c:30:52Certificate

Extended Key Usages

Key Usages

e8:64:14:25:8c:4b:6b:06:cd:9b:bb:f2:88:08:ba:85:d6:4e:45:a1Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

version

ole32

shlwapi

setupapi

advapi32

gdi32

shell32

opengl32

winmm

oleaut32

imm32

winhttp

bcrypt

hid

crypt32

ws2_32

dwmapi

Exports

Exports

Sections

.text Size: 18.4MB - Virtual size: 18.4MB

.rdata Size: 2.3MB - Virtual size: 2.3MB

.data Size: 266KB - Virtual size: 981KB

.rodata Size: 3KB - Virtual size: 2KB

_RDATA Size: 103KB - Virtual size: 103KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 668KB - Virtual size: 667KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

0f:7c:5a:5e:06:2a:bd:ba:fc:be:1e:c6:3d:4c:30:52
Certificate

e8:64:14:25:8c:4b:6b:06:cd:9b:bb:f2:88:08:ba:85:d6:4e:45:a1
Signer

.text
Size: 18.4MB - Virtual size: 18.4MB

.rdata
Size: 2.3MB - Virtual size: 2.3MB

.data
Size: 266KB - Virtual size: 981KB

.rodata
Size: 3KB - Virtual size: 2KB

_RDATA
Size: 103KB - Virtual size: 103KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 668KB - Virtual size: 667KB