| 文件名 | BeastSaga.exe |
| 文件类型 |
Win32 EXE
|
| 魔术字节 | PE32+ executable (GUI) x86-64, for MS Windows |
| SSDEEP 哈希 |
98304:S0pSz7++MpTbdoOekrXHS9HsGLIQ8zGVMwbIKOoWPp2k2xd/gik6I:S0pSz7+rpTbd7VrXWHsGLMsOxp2kyd/6
|
| 扫描器版本 | 1.0.210.174 |
| 数据库版本 | 2025-03-08 03:00:38 UTC |
被 9 个安全引擎检测到 - 需要谨慎
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
fb07906f9be405df8f81d0a1d81c6811
|
|
| SHA1 |
95ad8f1341816329ce1801b1aa2a803a9055a0d2
|
|
| SHA256 |
a9ffe393097da601f7852f12867be554abce7a659c7b0ded0a09428a066087da
|
|
| SHA512 |
8f810b7dbc9a4cddc3ebcb63ca0dc90e26c6efcfde4dcd3694761d3a2b8028a40c6352711ae2bef74d50c89f1efcc68889dfac2366218ad4593d3ace1bffcfca
|
|
| ImpHash |
01ca02582b18deff52ff77b71ebfa393
|
| 图标 |
哈希: 2801269ac6f1d3690351f1a3a8071b50
模糊: d1be5d5c5fa86adcee9c80289ec5d5cf dHash: b4950b7b2b3b9a1b |
| 映像基址 | 0x140000000 |
| 入口点 | 0x140741058 |
| 编译时间 | 2022-06-07 11:30:15 |
| 校验和 | 0x0048bf9e (实际: 0x0048bf9e) |
| 操作系统版本 | 6.0 |
| PEiD 签名 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| PDB 路径 | E:\unity\artifacts\WindowsPlayer\Win64_VS2019_nondev_m_r\WindowsPlayer_player_Master_mono_x64.pdb |
| 数字签名 | No valid SignedData structure was found. |
| 导入 |
2 库
kernel32, UnityPlayer |
| 导出 | 2 函数 |
| 资源 | 12 资源 |
| 节 | 13 节 |
| FileVersion | 2021.3.1.3895456 |
| ProductVersion | 2021.3.1.3895456 |
| Unity Version | 2021.3.1f1_3b70a0754835 |
| Translation | 0x0409 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
|
0x00001000 |
41,280 bytes | 27,648 bytes | 7.93 (打包/加密) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
AB1BAE8DF817A1FD52590EAD8F488190 |
|
0x0000c000 |
36,014 bytes | 15,360 bytes | 7.86 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
B11CAB779C30B30289296E24FCA6FBEF |
|
0x00015000 |
7,400 bytes | 512 bytes | 6.00 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
1793536752DE530C98000B39EC90BA19 |
|
0x00017000 |
3,156 bytes | 2,048 bytes | 7.06 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
462DD145184E4DA2A06C312EE5191623 |
|
0x00018000 |
148 bytes | 512 bytes | 1.62 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
2102DFE3CAA2E3D7F894D08297427884 |
|
0x00019000 |
565,576 bytes | 283,648 bytes | 7.96 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
72A8838D28E9D1E9B3B68B2882CE5F57 |
|
0x000a4000 |
1,592 bytes | 1,536 bytes | 6.41 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
449B06D0EDD1A67AAE39BB4FE851280B |
.debug |
0x000a5000 |
4,096 bytes | 1,024 bytes | 4.31 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
A8FC6B69756B96AF6CDB4B18C1CB7A18 |
.edata |
0x000a6000 |
4,096 bytes | 512 bytes | 1.73 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
BCAFE21DAA5068C950AC6FAA5A4BA39C |
.idata |
0x000a7000 |
4,096 bytes | 512 bytes | 1.16 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
57A8F85724F6EC1FFC29949263A24A9F |
.rsrc |
0x000a8000 |
565,760 bytes | 565,760 bytes | 6.20 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
018FDF57825A5EE6FBFFA1836E90CCA8 |
.themida |
0x00133000 |
6,348,800 bytes | 0 bytes | 0.00 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.boot |
0x00741000 |
3,852,288 bytes | 3,852,288 bytes | 7.96 (打包/加密) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
7C613234B0C2865912E501CB36448813 |
4 检测到高熵(≥7.5)的节 - 可能存在打包/加密
1 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_ICON | 9 | 562,568 字节 | |
| RT_GROUP_ICON | 1 | 132 字节 | |
| RT_VERSION | 1 | 444 字节 | |
| RT_MANIFEST | 1 | 1,729 字节 |
| 文件版本 | 2021.3.1.3895456 |
✓ 此文件已进行数字签名,证书链已验证。
No valid SignedData structure was found.
建议: 验证文件来源并确保它来自可信的发布者.
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
