UnityPlayer[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

UnityPlayer.dll
Size

29.5MB
MD5

893fe31ad0911162c379cc06bed2a12e
SHA1

c143db71d1898c41bd5fe0e67bebb4bd2367db0d
SHA256

d4edbe73188eeaf047a82619e006ea6f1d556980270c128a5782d276a4eb5e0a
SHA512

f1733d8227676783282719b702c99e0d151b302f381e2bd4c1c15f514dfa542ca25e85d17b24e5cca125dc9dfde0c4e02893eb1b546fd2010292cfe9fd639c42
SSDEEP

393216:U0y/Dt2cnNc9YIyEt2uyz7cLzYrm7LZ8PXisR:UtIqPXVR

Score

1^/10

Malware Config

Signatures

Files

UnityPlayer.dll
.dll windows:6 windows x64 arch:x64

5b899311b6b930e1faa133f57c1ecf12

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:7c:5a:5e:06:2a:bd:ba:fc:be:1e:c6:3d:4c:30:52
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

14/07/2021, 00:00

Not After

18/07/2024, 23:59

Subject

CN=Unity Technologies ApS,OU=Developer Services,O=Unity Technologies ApS,L=København,C=DK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

db:23:50:4e:b2:2f:5f:58:2b:56:47:c0:3b:e2:b6:e0:10:4d:0a:36
Signer

Actual PE Digest

db:23:50:4e:b2:2f:5f:58:2b:56:47:c0:3b:e2:b6:e0:10:4d:0a:36

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\build\output\unity\unity\artifacts\UnityPlayer\Win64_VS2019_nondev_i_m\UnityPlayer_Win64_player_il2cpp_x64.pdb

Imports

kernel32

GetProcessId
OutputDebugStringA
WaitForMultipleObjects
GetExitCodeProcess
SetErrorMode
WriteFile
CreateEventW
GetSystemPowerStatus
GlobalMemoryStatusEx
CreateToolhelp32Snapshot
GetTempPathW
GetUserDefaultLocaleName
GetSystemDirectoryA
CreateFileA
GetComputerNameW
GlobalLock
GlobalUnlock
GlobalAlloc
GetTempFileNameW
DeleteFileW
K32GetProcessMemoryInfo
GetNativeSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
LocalFree
GetFileAttributesExW
CreateFileW
CreateDirectoryW
RemoveDirectoryW
SetFileAttributesW
CopyFileW
MoveFileExW
FindFirstFileExW
FindFirstFileW
FindNextFileW
FindClose
SetFilePointer
SetFilePointerEx
ReadFile
SetEndOfFile
ReplaceFileW
GetFullPathNameW
GetSystemTime
SystemTimeToFileTime
SetFileTime
GetDiskFreeSpaceExW
Thread32First
Thread32Next
SuspendThread
ExpandEnvironmentStringsW
CreateMutexA
RtlCaptureContext
SetUnhandledExceptionFilter
GetErrorMode
GetModuleFileNameA
GetFileAttributesA
GetEnvironmentVariableA
GetCurrentDirectoryA
GetThreadContext
RtlLookupFunctionEntry
RtlVirtualUnwind
ReadProcessMemory
LocalAlloc
GetCurrentDirectoryW
DebugBreak
GetTickCount
GetOverlappedResult
ResetEvent
CancelIo
FormatMessageA
GetWindowsDirectoryW
GetModuleHandleW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteProcThreadAttributeList
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
GetLocalTime
GetTimeZoneInformation
CreatePipe
GetFileSizeEx
CreateSemaphoreExW
TlsAlloc
TlsFree
IsDebuggerPresent
GetStdHandle
SetThreadAffinityMask
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
GetFileSize
OpenEventA
CreateWaitableTimerA
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
GetSystemDirectoryW
EncodePointer
DecodePointer
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
CreateTimerQueue
SignalObjectAndWait
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
RegisterWaitForSingleObject
UnregisterWait
FreeLibraryAndExitThread
GetVersionExW
DuplicateHandle
QueryDepthSList
UnregisterWaitEx
RtlUnwindEx
RtlPcToFileHeader
RtlUnwind
HeapSize
HeapReAlloc
SwitchToThread
GetCurrentThreadId
GetThreadPriority
SetThreadPriority
ResumeThread
CreateThread
GetThreadTimes
OpenThread
UpdateProcThreadAttribute
GetProcessHeap
HeapAlloc
InitializeProcThreadAttributeList
GetCommandLineW
OutputDebugStringW
GetLogicalProcessorInformationEx
LoadLibraryExW
WaitForMultipleObjectsEx
CreateEventExW
ExitThread
QueryPerformanceFrequency
QueryPerformanceCounter
VerifyVersionInfoW
VerSetConditionMask
HeapQueryInformation
ExitProcess
GetModuleHandleExW
GetConsoleOutputCP
GetConsoleMode
GetFileType
ReadConsoleW
FlushFileBuffers
CreateProcessW
ReleaseSemaphore
GetModuleHandleA
GetCurrentThread
RaiseException
HeapFree
GetCurrentProcess
TerminateProcess
SetConsoleCtrlHandler
WaitForSingleObject
GetStartupInfoA
SetLastError
GetFileAttributesW
AttachConsole
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
GetModuleFileNameW
SleepEx
SetWaitableTimer
CreateWaitableTimerExW
Sleep
SetEvent
WaitForSingleObjectEx
CloseHandle
CreateEventA
SetHandleInformation
FormatMessageW
LoadLibraryW
SetDllDirectoryW
FreeLibrary
GetProcAddress
LoadLibraryA
WideCharToMultiByte
GetCurrentProcessId
MultiByteToWideChar
VirtualProtect
VirtualFree
VirtualAlloc
GetSystemInfo
GetLastError
TlsGetValue
InitializeCriticalSection
TlsSetValue
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime

user32

ScreenToClient
MapVirtualKeyExA
GetKeyboardLayout
GetRawInputDeviceInfoW
GetMessageExtraInfo
GetKeyState
MapVirtualKeyA
GetKeyboardLayoutNameW
ToUnicode
MapVirtualKeyW
GetKeyNameTextW
RegisterRawInputDevices
GetRawInputDeviceList
GetRawInputData
GetRawInputBuffer
GetCursorPos
PtInRect
EnumDisplaySettingsA
GetDC
SetWindowLongA
LoadIconW
GetWindowPlacement
AdjustWindowRectEx
GetForegroundWindow
EnumDisplaySettingsW
GetWindowLongA
DispatchMessageA
TranslateMessage
SystemParametersInfoW
UnregisterDeviceNotification
RegisterDeviceNotificationW
SetCapture
ReleaseCapture
GetSystemMetrics
RegisterClassExW
GetAsyncKeyState
EndDialog
SetDlgItemTextW
SetDlgItemTextA
LoadIconA
SendDlgItemMessageW
OffsetRect
CopyRect
SendMessageTimeoutA
SetForegroundWindow
EnumWindows
GetUserObjectInformationA
GetThreadDesktop
DestroyIcon
DestroyCursor
TrackMouseEvent
SetCursor
LoadCursorA
LoadImageW
SetClipboardData
EmptyClipboard
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
AllowSetForegroundWindow
ReleaseDC
GetDesktopWindow
DisplayConfigGetDeviceInfo
QueryDisplayConfig
GetDisplayConfigBufferSizes
UpdateWindow
SendMessageW
GetMessageA
SetWindowTextW
DragDetect
ShowWindow
GetActiveWindow
GetParent
ValidateRect
IsIconic
MonitorFromRect
SetWindowLongPtrA
IsWindowVisible
SetCursorPos
ClientToScreen
ClipCursor
MonitorFromWindow
ShowCursor
GetClientRect
MoveWindow
GetWindowRect
GetMonitorInfoW
SetFocus
GetFocus
SetWindowPos
EnumDisplayMonitors
EnumDisplayDevicesA
GetMonitorInfoA
PostQuitMessage
DefWindowProcW
SetWindowLongPtrW
GetWindowLongPtrW
DestroyWindow
UnregisterClassW
RegisterClassW
CreateWindowExW
KillTimer
MessageBoxA
SetTimer
PeekMessageA
MsgWaitForMultipleObjects
GetCaretBlinkTime
GetDoubleClickTime
DialogBoxParamW
RegisterWindowMessageA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

ole32

CoUninitialize
StringFromGUID2
CoCreateFreeThreadedMarshaler
CoInitialize
PropVariantCopy
CoCreateInstance
CoCreateGuid
CoSetProxyBlanket
CoTaskMemAlloc
PropVariantClear
CoTaskMemFree

shlwapi

SHDeleteKeyW
PathCanonicalizeW

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo

advapi32

RegCreateKeyW
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
GetUserNameA
OpenProcessToken
GetTokenInformation
GetSidSubAuthority
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
CryptAcquireContextW
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
RegOpenKeyExW

gdi32

ChoosePixelFormat
SetPixelFormat
GetDeviceCaps
SwapBuffers

shell32

ShellExecuteW
SHGetFolderPathW
SHFileOperationW
CommandLineToArgvW

opengl32

wglGetCurrentContext
wglGetProcAddress
wglDeleteContext
wglMakeCurrent
wglGetCurrentDC
wglCreateContext

winmm

waveOutGetNumDevs
waveOutGetDevCapsA
waveOutGetDevCapsW
waveInPrepareHeader
waveOutClose
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite
waveOutReset
waveOutGetPosition
waveInGetNumDevs
waveInGetDevCapsA
waveInGetDevCapsW
waveInOpen
timeBeginPeriod
timeEndPeriod
waveInUnprepareHeader
waveInAddBuffer
waveInStart
waveOutOpen
waveInReset
waveInClose
timeGetTime

oleaut32

SysAllocString
VariantClear
SysFreeString
VariantInit
VariantChangeType

imm32

ImmSetCompositionStringW
ImmNotifyIME
ImmGetCompositionStringW
ImmAssociateContextEx
ImmAssociateContext
ImmGetConversionStatus
ImmReleaseContext
ImmGetContext

winhttp

WinHttpGetProxyForUrl
WinHttpOpen
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCloseHandle

bcrypt

BCryptGenRandom

hid

HidP_GetData
HidP_MaxDataListLength
HidD_GetSerialNumberString
HidD_GetManufacturerString
HidD_GetProductString
HidD_FreePreparsedData
HidD_GetPreparsedData
HidD_GetHidGuid
HidP_SetUsages
HidP_SetUsageValue
HidP_GetButtonCaps
HidP_GetValueCaps
HidD_GetAttributes
HidP_GetCaps

crypt32

CertFreeCertificateContext
CertFreeCertificateChain
CertVerifyCertificateChainPolicy
CertGetCertificateChain
CertAddEncodedCertificateToStore
CertOpenStore
CertCloseStore

ws2_32

gethostname
getsockname
connect
WSAGetLastError
ntohs
closesocket
WSACleanup
WSAStartup
bind
htonl
inet_addr
htons
WSAIoctl
WSASetLastError
WSAEnumNetworkEvents
accept
shutdown
select
__WSAFDIsSet
ioctlsocket
setsockopt
listen
sendto
send
recvfrom
recv
WSASocketA
getaddrinfo
freeaddrinfo
ntohl
gethostbyname
getprotobyname
getpeername
getsockopt
WSAWaitForMultipleEvents
WSASocketW
WSACreateEvent
WSACloseEvent
gethostbyaddr
WSASendDisconnect
WSAAsyncGetHostByName
WSACancelAsyncRequest
WSAResetEvent
WSAEventSelect
socket

dwmapi

DwmSetWindowAttribute
DwmGetWindowAttribute

Exports

Exports

UnityMain

Sections

.text
Size: 24.3MB - Virtual size: 24.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 299KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b899311b6b930e1faa133f57c1ecf12

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

0f:7c:5a:5e:06:2a:bd:ba:fc:be:1e:c6:3d:4c:30:52Certificate

Extended Key Usages

Key Usages

db:23:50:4e:b2:2f:5f:58:2b:56:47:c0:3b:e2:b6:e0:10:4d:0a:36Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

version

ole32

shlwapi

setupapi

advapi32

gdi32

shell32

opengl32

winmm

oleaut32

imm32

winhttp

bcrypt

hid

crypt32

ws2_32

dwmapi

Exports

Exports

Sections

.text Size: 24.3MB - Virtual size: 24.3MB

.rdata Size: 3.6MB - Virtual size: 3.6MB

.data Size: 299KB - Virtual size: 1.2MB

.pdata Size: 1.1MB - Virtual size: 1.1MB

.rodata Size: 3KB - Virtual size: 2KB

_RDATA Size: 68KB - Virtual size: 67KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 118KB - Virtual size: 117KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

0f:7c:5a:5e:06:2a:bd:ba:fc:be:1e:c6:3d:4c:30:52
Certificate

db:23:50:4e:b2:2f:5f:58:2b:56:47:c0:3b:e2:b6:e0:10:4d:0a:36
Signer

.text
Size: 24.3MB - Virtual size: 24.3MB

.rdata
Size: 3.6MB - Virtual size: 3.6MB

.data
Size: 299KB - Virtual size: 1.2MB

.pdata
Size: 1.1MB - Virtual size: 1.1MB

.rodata
Size: 3KB - Virtual size: 2KB

_RDATA
Size: 68KB - Virtual size: 67KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 118KB - Virtual size: 117KB