Manalyze report for 17584cc71a9c8be0956c398b039c47adf8432bc364b021b02c0c5444073d75dc

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2014-Oct-27 19:46:12
Detected languages	English - United States
Debug artifacts	BootstrapPackagedGame-Win64-Shipping.pdb
FileVersion	`++studiostream+ivs_release_day1_build-CL-97146`
CompanyName	Epic Games, Inc.
LegalCopyright	Fill out your copyright notice in the Description page of Project Settings.
ProductName	BootstrapPackagedGame
ProductVersion	`++studiostream+ivs_release_day1_build-CL-97146`
FileDescription	BootstrapPackagedGame
InternalName	UnrealEngine
OriginalFilename	BootstrapPackagedGame-Win64-Shipping.exe

Plugin Output

Info	Interesting strings found in the binary:	`Contains domain names: adobe.com http://ns.adobe.com http://ns.adobe.com/photoshop/1.0/ http://ns.adobe.com/xap/1.0/ http://ns.adobe.com/xap/1.0/mm/ http://ns.adobe.com/xap/1.0/sType/ResourceEvent# http://purl.org http://www.w3.org http://www.w3.org/1999/02/22-rdf-syntax-ns# ns.adobe.com www.w3.org`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryW LoadLibraryExW` `Can access the registry: RegOpenKeyExW RegCloseKey RegQueryValueExW` `Possibly launches other programs: CreateProcessW`
Safe	VirusTotal score: 0/71 (Scanned on 2026-04-30 18:42:20)	`All the AVs think this file is safe.`

Hashes

MD5	`668dbd498084babe7ce744b084c0cb49`
SHA1	`85beca662548088b1e8ccb9e8261b57952220440`
SHA256	`17584cc71a9c8be0956c398b039c47adf8432bc364b021b02c0c5444073d75dc`
SHA3	`794ab70c8c088b31d903a13de24d32a23000345c9b60c0b6e49dab3bd0b00f15`
SSDeep	`3072:iHgfpc7XaiGkxdmUUqZw4kn4WKrs13Fcr4fOz0ZiKqNyAzlTZIDjLsnVshLVgU5:1pc7XazkTmkZwZn4WrO355TKrQ1fGgv`
Imports Hash	`c23089d393e3ab5b33523f5c208d28fb`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x108`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`7`
TimeDateStamp	2014-Oct-27 19:46:12
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x14600`
SizeOfInitializedData	`0x29800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00000000000021E8 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x44000`
SizeOfHeaders	`0x400`
Checksum	`0x2a339`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0xb71b00`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`377e69c56e0c22df4f5e1792abc67319`
SHA1	`c46fbe2e2417ec825db85d955dbb3fb7e3abfd67`
SHA256	`965fa1ce5ffc60d8e82035413c8f2a629431aa0685af3dcd0a0c5f8241493146`
SHA3	`35f81856a5b64d1147588b3093715c85d567fa2eb64aee1723d59181d24ada6b`
VirtualSize	`0x144f0`
VirtualAddress	`0x1000`
SizeOfRawData	`0x14600`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.50432`

.rdata

MD5	`1642337c70123996e5555163da778b24`
SHA1	`4a6407de1bad5d0612e7726058aa97b1699382a5`
SHA256	`21cf2319fab4b937a05573a83e92d8511e7272a47baddb7765ffaebc063b1c08`
SHA3	`ea09c91c26dfece13484b59ffbc52305888f66485c6d8f5807fe5462a2e611b6`
VirtualSize	`0xb1b6`
VirtualAddress	`0x16000`
SizeOfRawData	`0xb200`
PointerToRawData	`0x14a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.95871`

.data

MD5	`585a11728d8ac204f12dda6d0ce4e0d7`
SHA1	`1ee8e54a1d5b26f3e607b79ac6667d042afee35c`
SHA256	`a22bb62a13608ba585288613a12f107b24607751a0d111b0199ddd626e9be785`
SHA3	`34654adeca3493ad4d520e5e1ff4d17679d0da1cf6b8dc7d031566fd8c2a7bb9`
VirtualSize	`0x1e20`
VirtualAddress	`0x22000`
SizeOfRawData	`0xc00`
PointerToRawData	`0x1fc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.05531`

.pdata

MD5	`9ddb1ade57411ec0e8f4d9c8ac8362d0`
SHA1	`b47a9699c59459624494eaec89467de9ea7c16f0`
SHA256	`52040c619f926ebab0ddd6dac3794f3e81ae155f62d04301851df7ee34128ef1`
SHA3	`a61283c0aef1af4caf4c1c29ec225fbba739681827cfe81d66f5bc84d5fcd4e9`
VirtualSize	`0x12b4`
VirtualAddress	`0x24000`
SizeOfRawData	`0x1400`
PointerToRawData	`0x20800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.79946`

_RDATA

MD5	`a9f2d34d6fbab38ad80fa9cdaf0c8ea8`
SHA1	`e025c95e489b971b478e00ab897e35d4f6d24164`
SHA256	`38bbf01a01a401013df1c913752a598f17ff029704611d1b044961e45c55d8a5`
SHA3	`3e2beb9a86a62fad34807e5f469fbbb81f0c39bfd24908a8553f98a3a3d583bd`
VirtualSize	`0x1f4`
VirtualAddress	`0x26000`
SizeOfRawData	`0x200`
PointerToRawData	`0x21c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.66262`

.rsrc

MD5	`839f92ee1373663dfac2b2e54fb6cdee`
SHA1	`7f34e7bdb549ca4896d1ab4e075b23ba2c939371`
SHA256	`548fa4dea930b53dec3e09b457c9887b18e43d7ffab8b898037ca957e602b4d2`
SHA3	`55f05f6427fb47e6f03fa1cffbc3b44675cc27867564ed181e6046924b8cab17`
VirtualSize	`0x1bbd8`
VirtualAddress	`0x27000`
SizeOfRawData	`0x1bc00`
PointerToRawData	`0x21e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.50416`

.reloc

MD5	`87a2806c1dbc127a472d7cb506563636`
SHA1	`4a3f0a1e8add9899747923c7836221a6d4b1e9f5`
SHA256	`4927f83920f3367a44ee99be8f55a8b22ae858288f2a5d436a01e856dda4a906`
SHA3	`8c30ed6925821f0724d90029b00cc965a4249599f2f84f47503071230ed7d5d8`
VirtualSize	`0x694`
VirtualAddress	`0x43000`
SizeOfRawData	`0x800`
PointerToRawData	`0x3da00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.96168`

Imports

KERNEL32.dll	`WaitForSingleObject` `GetExitCodeProcess` `CreateProcessW` `FreeLibrary` `GetModuleFileNameW` `GetModuleHandleW` `GetProcAddress` `GetLastError` `LockResource` `SizeofResource` `FindResourceW` `LoadLibraryW` `WriteConsoleW` `CreateFileW` `CloseHandle` `GetFileAttributesW` `LoadResource` `GetEnvironmentVariableW` `GetConsoleMode` `GetConsoleOutputCP` `FlushFileBuffers` `HeapReAlloc` `HeapSize` `SetFilePointerEx` `GetProcessHeap` `LCMapStringW` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetCurrentProcess` `TerminateProcess` `IsProcessorFeaturePresent` `QueryPerformanceCounter` `GetCurrentProcessId` `GetCurrentThreadId` `GetSystemTimeAsFileTime` `InitializeSListHead` `IsDebuggerPresent` `GetStartupInfoW` `RtlUnwindEx` `RtlPcToFileHeader` `RaiseException` `SetLastError` `EnterCriticalSection` `LeaveCriticalSection` `DeleteCriticalSection` `InitializeCriticalSectionAndSpinCount` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `LoadLibraryExW` `EncodePointer` `GetStdHandle` `WriteFile` `ExitProcess` `GetModuleHandleExW` `HeapFree` `HeapAlloc` `GetFileType` `FindClose` `FindFirstFileExW` `FindNextFileW` `IsValidCodePage` `GetACP` `GetOEMCP` `GetCPInfo` `GetCommandLineA` `GetCommandLineW` `MultiByteToWideChar` `WideCharToMultiByte` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `SetStdHandle` `GetStringTypeW` `FlsAlloc` `FlsGetValue` `FlsSetValue` `FlsFree`
USER32.dll	`MessageBoxW` `wsprintfW`
ADVAPI32.dll	`RegOpenKeyExW` `RegCloseKey` `RegQueryValueExW`
SHELL32.dll	`ShellExecuteExW`
SHLWAPI.dll	`PathCanonicalizeW` `PathRemoveFileSpecW` `PathCombineW`
VERSION.dll	`GetFileVersionInfoW` `VerQueryValueW` `GetFileVersionInfoSizeW`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.53685`
MD5	`6288eaf91ba8e24f82e7236c6cc5034b`
SHA1	`a42735a06ceed5021f2f6346affac353dca2d930`
SHA256	`625ad5efdf892c156f6c304580ade8d82a4ec9f5b9d120d4c84e11cfb7f6c629`
SHA3	`1fa2bc21f78a4f45ec1cc6afff2308a59956e30de9c45698a97e4cea888ff167`

2

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.19098`
MD5	`f96437f9c1fb830950befef6c8b18560`
SHA1	`0ed6d8c30d2e331acae257585a9ac3a28d1beb7d`
SHA256	`fdff647dd371cb69bd348af04b0c541fc2f71947a43dd7cc30a7d91cd924424f`
SHA3	`9dbb9a78b39e41dc9279c5fd84ceb8d40336d4d508ad23d0a95eea42c69ddfc2`

3

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.52293`
MD5	`d0e1dcbae047f720c9613c9a4b7a1e6f`
SHA1	`515a14f79cf8e46bec4ba26f69315920b7c37e9d`
SHA256	`1d86f6a8b7271e2418de5000965ff099084cd29b9eb72040fb9502da68decad3`
SHA3	`d85ce60b9c69331ddec5c12b57b91c453982042c3637178ba6c8a3177bb4e737`

4

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.19122`
MD5	`2b428817a59378c7abd87f3d0f212719`
SHA1	`f3e83100118b4e6074a04620bede34b0a57680c5`
SHA256	`f9103bab145398fd5536996a0494cc5e9ebb7be8a8a3d6022f8f0b18cccd2d3c`
SHA3	`0aefebc038e93419ff4cbc52ea6482fbecdc8650470da48ad2f5cef7cf34c714`

5

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.59245`
MD5	`5cbdce156a93ec7d0e1a44d3f7bc94f6`
SHA1	`994cbdccdf9c1ccb3d90eb835df7326dfc0e41b4`
SHA256	`1fd4c5192b5e33947166f9eb49a19413efcd8867aa81ac692985fe6a08d1ce0f`
SHA3	`5d06a0ceb7e1cfe01ba9d0c11a255170d1fedbd6bada78a8e742ab101264e066`

6

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0xdcb`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.41581`
Detected Filetype	PNG graphic file
MD5	`7bf36c29bcb6b5839d85c9c836216593`
SHA1	`86e7a55cacd17d1bda55a1a1de5a03adcba06c2b`
SHA256	`7a96ab7db1fa191a6bd087497c2f55239d7cda01dcc226e742daa80c5bc37de2`
SHA3	`72655fed7cd84d2c2de3957446a52a6a22dff86ca62a37d4e8586e86a1e613f0`

7

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x1b13`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.73886`
Detected Filetype	PNG graphic file
MD5	`1f48923337871ba25cf266bba17429cc`
SHA1	`279f47235e20eedee5daa535ea611e0aed1157d0`
SHA256	`2399dfb472a6c753447b847fbb144235145ca6507a60941b5295389c6fc45639`
SHA3	`06825c34eb7fe14d622735aa986a3e26247e95d5493a5b22eb3884f51b155493`

201

Type	`RT_RCDATA`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x74`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.14906`
MD5	`5102926db9753d9ad2d492426e9a39e9`
SHA1	`8ff5c513b9f65a80baf5c367dc1a215578ec40c7`
SHA256	`f262862dd2fd37afe08ea9e78e9ce38b81b0bb5f9c1425313b320de72dcfcf7e`
SHA3	`ddf40e846c34b6f35438c2a4d63e015df3041244b6db3acf14f105a6b4f54f74`

202

Type	`RT_RCDATA`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x16`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.41309`
MD5	`73af7ed76c52eb0a7432f27760d7af67`
SHA1	`0abaa213ca3d7f79b531839da524e13a818dd922`
SHA256	`2e328ddb76e02d79cd6ff3dc31f3ac9244d810af27ae52a040067afcac1754ab`
SHA3	`b9bc16e8435402a10f5cfc6dfe57a4362b3f4e79adec7886560508721ded625d`

101

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x4c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.80283`
Detected Filetype	Icon file
MD5	`da9b70665374e3394540c51191a2dfd6`
SHA1	`c91b3f6407149e322850f6a257923abb260adeb5`
SHA256	`9595be7d246f12c7356d15b8facc45ea482de63d316af484c99156170b9d7362`
SHA3	`d75e51b150e9bb574412de784a1ecf652c36717a52f920f529a2c01e2dfce6af`

123

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.93324`
Detected Filetype	Icon file
MD5	`26e4bbdda9f8e58b060feaa53c3083e2`
SHA1	`bd724469fc43a9a58679a7016c303a5693fe9f94`
SHA256	`74c73b469e08909c1b539a80c66cb442d04b3c29cd03e8a533a3c349c5cc84c4`
SHA3	`49df4b8afdcf81a2097c2608740540f7e25ce3aa86c892702db1183998142c1b`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x438`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.47757`
MD5	`70a530ea44f975bd59a352d57857ac53`
SHA1	`9572a13a6b4b6db169f2360b1d5748dd3c29581f`
SHA256	`26fb2131521f5fe5f0eef587f76ca89c2f3305d2e817670067ee2ef6cd2c5089`
SHA3	`cf5d8e236bbe41c64a367da6d2cdf8b52e24abc1dd034d769c79950fecf9671c`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x580`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.29956`
MD5	`c61240657e13443faa673941f5309de2`
SHA1	`c0fbe2a825d7b0526747bf774f0924ded81b7462`
SHA256	`527ba3511f5e6271211343cd03168ec681b1afc356ed87eeece038bbd480731b`
SHA3	`e61279125dbdfd1216bc206250bdaf599743f063b1fb74df33968dee1f3c874d`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	5.5.4.0
ProductVersion	5.5.4.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_DLL`
Language	English - United States
FileVersion (#2)	++studiostream+ivs_release_day1_build-CL-97146
CompanyName	Epic Games, Inc.
LegalCopyright	Fill out your copyright notice in the Description page of Project Settings.
ProductName	BootstrapPackagedGame
ProductVersion (#2)	++studiostream+ivs_release_day1_build-CL-97146
FileDescription	BootstrapPackagedGame
InternalName	UnrealEngine
OriginalFilename	BootstrapPackagedGame-Win64-Shipping.exe

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2014-Oct-27 19:46:12
Version	`0.0`
SizeofData	`65`
AddressOfRawData	`0x1f1a0`
PointerToRawData	`0x1dba0`
Referenced File	BootstrapPackagedGame-Win64-Shipping.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2014-Oct-27 19:46:12
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x1f1e4`
PointerToRawData	`0x1dbe4`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2014-Oct-27 19:46:12
Version	`0.0`
SizeofData	`836`
AddressOfRawData	`0x1f1f8`
PointerToRawData	`0x1dbf8`

UNKNOWN

Characteristics	`0`
TimeDateStamp	2014-Oct-27 19:46:12
Version	`0.0`
SizeofData	`36`
AddressOfRawData	`0x1f564`
PointerToRawData	`0x1df64`

TLS Callbacks

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140022040`

RICH Header

XOR Key	`0xcfdaeda8`
Unmarked objects	`0`
ASM objects (30795)	`5`
C++ objects (30795)	`139`
C objects (30795)	`10`
Unmarked objects (#2)	`1`
C objects (VS 2015-2022 runtime 33030)	`16`
ASM objects (VS 2015-2022 runtime 33030)	`17`
C++ objects (VS 2015-2022 runtime 33030)	`45`
Imports (30795)	`13`
Total imports	`111`
C++ objects (33144)	`1`
Resource objects (33144)	`1`
151	`1`
Linker (33144)	`1`

Errors

Leave a comment

No comments yet.