| 文件名 | BeastSaga.exe |
| 文件类型 |
Win32 EXE
|
| 魔术字节 | PE32+ executable (GUI) x86-64, for MS Windows |
| SSDEEP 哈希 |
98304:Pz5Sz7++MpTALxsBbuMwwEzIY7RzjqIhWNa8OG0Izx1zwQeKQ6wkJ:PFSz7+rpTALGnJ6/hWNa8OGpzVQ6
|
| 扫描器版本 | 1.0.211.174 |
| 数据库版本 | 2025-03-18 05:00:19 UTC |
被 11 个安全引擎检测到 - 需要谨慎
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
cb37b513d673107f43ba01ba216538c1
|
|
| SHA1 |
16d9648f423e3f35bbdbe5a24eb8b18180737941
|
|
| SHA256 |
c37fc37cccc4c7bf37c6c862b966a97c94b4ef10f5e974e4f5630f88edac1c32
|
|
| SHA512 |
e84a74c1392a02c38265556fe1c7b9321ce0291f49dcca64f238f065ad2a50044c57fefd59e84b342ebe616b59b92609f5b9f2a9b6556310bf4f3a0a4c4417b4
|
|
| ImpHash |
01ca02582b18deff52ff77b71ebfa393
|
| 图标 |
哈希: 2801269ac6f1d3690351f1a3a8071b50
模糊: d1be5d5c5fa86adcee9c80289ec5d5cf dHash: b4950b7b2b3b9a1b |
| 映像基址 | 0x140000000 |
| 入口点 | 0x140773058 |
| 编译时间 | 2022-06-07 11:30:15 |
| 校验和 | 0x004b68d5 (实际: 0x004b68d5) |
| 操作系统版本 | 6.0 |
| PEiD 签名 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| PDB 路径 | E:\unity\artifacts\WindowsPlayer\Win64_VS2019_nondev_m_r\WindowsPlayer_player_Master_mono_x64.pdb |
| 数字签名 | No valid SignedData structure was found. |
| 导入 |
2 库
kernel32, UnityPlayer |
| 导出 | 2 函数 |
| 资源 | 12 资源 |
| 节 | 13 节 |
| FileVersion | 2021.3.1.3895456 |
| ProductVersion | 2021.3.1.3895456 |
| Unity Version | 2021.3.1f1_3b70a0754835 |
| Translation | 0x0409 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
|
0x00001000 |
41,280 bytes | 27,648 bytes | 7.95 (打包/加密) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
96A4965A529F3B5D59BCEA741835B398 |
|
0x0000c000 |
36,014 bytes | 15,360 bytes | 7.82 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
7A022C607B415A64DC6951E35B774D87 |
|
0x00015000 |
7,400 bytes | 512 bytes | 6.02 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
83871A8F019F6DCE55A1D768E654EB4E |
|
0x00017000 |
3,156 bytes | 2,048 bytes | 7.03 (压缩) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
F0920F82B705EF37F31498117B7B6FC8 |
|
0x00018000 |
148 bytes | 512 bytes | 1.63 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
7D77D199C448AABBED91312177B68DA4 |
|
0x00019000 |
565,576 bytes | 283,648 bytes | 7.97 (打包/加密) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
E365720F23E1A0599ABE2B436E30763C |
|
0x000a4000 |
1,592 bytes | 1,536 bytes | 6.27 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
231E9E0B3E9FA05BA7262E5306C88896 |
.debug |
0x000a5000 |
4,096 bytes | 1,024 bytes | 4.31 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
A8FC6B69756B96AF6CDB4B18C1CB7A18 |
.edata |
0x000a6000 |
4,096 bytes | 512 bytes | 1.73 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
BCAFE21DAA5068C950AC6FAA5A4BA39C |
.idata |
0x000a7000 |
4,096 bytes | 512 bytes | 1.16 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
57A8F85724F6EC1FFC29949263A24A9F |
.rsrc |
0x000a8000 |
565,760 bytes | 565,760 bytes | 6.20 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
018FDF57825A5EE6FBFFA1836E90CCA8 |
.themida |
0x00133000 |
6,553,600 bytes | 0 bytes | 0.00 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.boot |
0x00773000 |
3,996,672 bytes | 3,996,672 bytes | 7.96 (打包/加密) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
B75EF72C41BA78867E62E180F189F1D8 |
4 检测到高熵(≥7.5)的节 - 可能存在打包/加密
1 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_ICON | 9 | 562,568 字节 | |
| RT_GROUP_ICON | 1 | 132 字节 | |
| RT_VERSION | 1 | 444 字节 | |
| RT_MANIFEST | 1 | 1,729 字节 |
| 文件版本 | 2021.3.1.3895456 |
✓ 此文件已进行数字签名,证书链已验证。
No valid SignedData structure was found.
建议: 验证文件来源并确保它来自可信的发布者.
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
