Manalyze report for 39487ed52dc47d32f7f86c59bf93e08ee2df70e88427f12fc3e2bd8fd24aa646

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2017-Jan-19 12:10:52
Detected languages	English - United States
Debug artifacts	C:\buildslave\unity\build\build\WindowsStandaloneSupport\Variations\win32_nondevelopment_mono\player_win_x86.pdb
FileVersion	`5.5.1.8966154`
ProductVersion	`5.5.1.8966154`
Unity Version	5.5.1f1_88d00a7498cd

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ v6.0 DLL` `Microsoft Visual C++ 6.0 - 8.0` `Microsoft Visual C++` `Microsoft Visual C++ v6.0`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains references to system / monitoring tools: rundll32.exe` `Contains references to internet browsers: firefox.exe iexplore.exe` `Tries to detect virtualized environments: HARDWARE\DESCRIPTION\System b3 eb 36 e4 4f 52 ce 11 9f 53 00 20 af 0b a7 70` `Looks for VMWare presence: VMWare` `Accesses the WMI: root\cimv2` Contains domain names: api.uca.cloud.unity3d.com cdp.cloud.unity3d.com cloud.unity3d.com config.uca.cloud.unity3d.com connectiontester.unity3d.com connectiontesterbeta.unity3d.com cs.unc.edu curl.haxx.se example.com facilitator.unity3d.com facilitatorbeta.unity3d.com http://curl.haxx.se http://curl.haxx.se/docs/http-cookies.html http://msdl.microsoft.com http://msdl.microsoft.com/download/symbols http://unity3d.com http://www.openssl.org http://www.openssl.org/support/faq.html https://api.uca.cloud.unity3d.com https://api.uca.cloud.unity3d.com/v1/events https://cdp.cloud.unity3d.com https://cdp.cloud.unity3d.com/v1/events https://config.uca.cloud.unity3d.com https://stats.unity3d.com https://stats.unity3d.com/HWStats.cgi https://stats.unity3d.com/HWStatsUpdate.cgi masterserver.unity3d.com masterserverbeta.unity3d.com microsoft.com msdl.microsoft.com normal.xyz openssl.org proxy.unity3d.com proxybeta.unity3d.com stats.unity3d.com tangent.xyz uca.cloud.unity3d.com unity3d.com vertex.xyz www.openssl.org
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5` `Uses constants related to SHA1` `Uses constants related to SHA256` `Uses constants related to SHA512` `Uses constants related to AES` `Uses constants related to Blowfish` `Uses known Diffie-Helman primes` `Uses known Mersenne Twister constants` `Microsoft's Cryptography API`
Suspicious	The PE is possibly packed.	`Unusual section name found: .trace` `Unusual section name found: .data1`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryExW LoadLibraryW LoadLibraryA GetProcAddress` `Functions which can be used for anti-debugging purposes: SwitchToThread` `Can access the registry: SHDeleteKeyW RegDeleteValueA RegQueryValueExA RegSetValueExA RegCreateKeyW RegOpenKeyExW RegCloseKey RegQueryValueExW RegSetValueExW RegCreateKeyExW` `Possibly launches other programs: ShellExecuteW` `Uses Windows's Native API: ntohs ntohl` `Uses Microsoft's cryptographic API: CryptGetHashParam CryptImportKey CryptVerifySignatureA CryptDestroyKey CryptDestroyHash CryptHashData CryptReleaseContext CryptCreateHash CryptAcquireContextA` `Can create temporary files: CreateFileW GetTempPathW CreateFileA` `Memory manipulation functions often used by packers: VirtualProtect VirtualAlloc` `Has Internet access capabilities: WinHttpGetIEProxyConfigForCurrentUser` Leverages the raw socket API to access the Internet: accept ntohs gethostname socket WSAGetLastError connect WSAAsyncGetHostByName WSAStartup inet_ntoa closesocket WSACleanup htonl bind htons inet_addr WSACancelAsyncRequest getsockopt WSAEventSelect WSACloseEvent WSACreateEvent WSAWaitForMultipleEvents WSAResetEvent WSAEnumNetworkEvents WSASetEvent getpeername getprotobyname recv gethostbyname ntohl shutdown getnameinfo getaddrinfo WSAIoctl recvfrom sendto send select __WSAFDIsSet freeaddrinfo WSASocketA WSASetLastError setsockopt ioctlsocket getsockname listen `Functions related to the privilege level: OpenProcessToken` `Enumerates local disk drives: GetDriveTypeW GetDriveTypeA` `Can use the microphone to record audio: waveInOpen` `Reads the contents of the clipboard: GetClipboardData`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`53895c73fcf97b2e414a738a51f9b099`
SHA1	`b2d9cf5524ef020eb3724475dd67d5d10b858e0b`
SHA256	`39487ed52dc47d32f7f86c59bf93e08ee2df70e88427f12fc3e2bd8fd24aa646`
SHA3	`d2c9f387cb39ee8d61c79ac3ab40b6ceee8cdd45ae3a825ed8294d4ab9926bbf`
SSDeep	`393216:dTHtu/KhKDsT6KgrJ5LvxUw/FYI3ehP1xv1zdAgs6tz9zqUFxxwKFnICL:c76h5qZK2a`
Imports Hash	`50e57fe09abdcc2e55ceaa3b20bbd1da`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x128`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`9`
TimeDateStamp	2017-Jan-19 12:10:52
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`10.0`
SizeOfCode	`0xe45400`
SizeOfInitializedData	`0x3e7600`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00792A7B (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0xe47000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.1`
ImageVersion	`0.0`
SubsystemVersion	`5.1`
Win32VersionValue	`0`
SizeOfImage	`0x1231000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`676e07b8bf7c54d3edecee99ae059477`
SHA1	`9108f5b27a292855405d76ee79169d35e7ea6b9c`
SHA256	`219c335383cae7f30091f715a233f260305c947692f8888a11efeddf7bd15eab`
SHA3	`e2c0183a232751f83482a5018c9f950974970b0a90afc35bc5ab5c8c71b3eacf`
VirtualSize	`0xe4524a`
VirtualAddress	`0x1000`
SizeOfRawData	`0xe45400`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.76457`

.rdata

MD5	`446fb728b511de3a14350701cd17972a`
SHA1	`f7be1bfebdb1d61edc0588b53108370ef88f0d24`
SHA256	`29b7f920c3f6a42fa0f3734e285a3a780190370569e6fc030af00e6a185a25b9`
SHA3	`1eaa4c08f7dc4cfbec3a8595bc1a721dee80d59df602cf0d86480068349cb8b4`
VirtualSize	`0x1c6acd`
VirtualAddress	`0xe47000`
SizeOfRawData	`0x1c6c00`
PointerToRawData	`0xe45800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.16232`

.data

MD5	`11626864c52170e944398a2ee99f7dd3`
SHA1	`7b2906b30f646bac666118399a8444aa6d5a5f86`
SHA256	`55392a008b936ee715dbc5e21643e90615f4f4abc85d2be046ef49fd0739abc6`
SHA3	`89c9a25326a509d1d29f5f67d79e2f499c90339c377823baa11df99de30c987f`
VirtualSize	`0x106e60`
VirtualAddress	`0x100e000`
SizeOfRawData	`0x38a00`
PointerToRawData	`0x100c400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`5.70836`

.rodata

MD5	`6cd27e3241430d756df37aef639cf48a`
SHA1	`8576e5bfef4f234eb7c754eb52e99698104a00c4`
SHA256	`144a34dada4708a578ca10af3f642be898566e2b31fb81ee1885b83f4983ebf2`
SHA3	`c62b9812b4d51c68577d75fd2bc029d35bfd3175295f479c2aca6c46832b0114`
VirtualSize	`0xad0`
VirtualAddress	`0x1115000`
SizeOfRawData	`0xc00`
PointerToRawData	`0x1044e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.97031`

.trace

MD5	`630a6c1fa114517a85cc515181f40aae`
SHA1	`033de86c80f3bc7d6e1083ccfa3f7dd35d575000`
SHA256	`d1ef87872af088d15e299a148bfaf4d0d1b82a242be02f2c4af5d02c721252cf`
SHA3	`efc1578a8987462ef3c8b83d9883a834099e01ea85d6405a591bffa19f6cd56e`
VirtualSize	`0x1d98`
VirtualAddress	`0x1116000`
SizeOfRawData	`0x1e00`
PointerToRawData	`0x1045a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.297`

.data1

MD5	`f5688adfeaf35cd6be99948b3e39f323`
SHA1	`2f55833ab355e954606909994f39dda329ac124f`
SHA256	`e4c3899536c9b4e013c94c9d414ad6c0902675cabdca901b48355f1cfc5b257c`
SHA3	`250e3c80907146c70bf643680ffe1d340a35f3acc2c6b24760df231480e9ac57`
VirtualSize	`0x40`
VirtualAddress	`0x1118000`
SizeOfRawData	`0x200`
PointerToRawData	`0x1047800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.436447`

_RDATA

MD5	`f1f89f2d16a4104b1b44a0abb1c0089e`
SHA1	`60839ee9e1d92ea4ed5290c5b684acd8c78ce825`
SHA256	`16d977a5f98f636ab98c6da1d9e8c4459a15a4fb9728e206842152eececfd4bb`
SHA3	`ef0ff19d8695008c590e9ef2248e10eda2d07d8f5bc6b8582ed1eee275ad577f`
VirtualSize	`0x540`
VirtualAddress	`0x1119000`
SizeOfRawData	`0x600`
PointerToRawData	`0x1047a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.54937`

.rsrc

MD5	`bbc4d0779ba01da0cc76b66c009f415e`
SHA1	`a67a70fee41594ba455889692b3fa410e3286f26`
SHA256	`1090edad5ed217682b0b1a36f2f6265c291e0a792c083c2305163a087d73f115`
SHA3	`b9b92a9b4044be6fc09fbed9b3910b1c594f91f8e4e91cb75907f64cbfefc159`
VirtualSize	`0x8a670`
VirtualAddress	`0x111a000`
SizeOfRawData	`0x8a800`
PointerToRawData	`0x1048000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.93498`

.reloc

MD5	`769e0e57576b0ade14643857e53c668e`
SHA1	`53e7ad9aa70af6d3d4ba6cf628b2c01a055ddd18`
SHA256	`4761177ae2cd70cc7292e810064fc6c039b7858b8294783f28b3c46a26275778`
SHA3	`a353526b63ed2810eab073874c02c015d9060f2968d272552ec7b88d11f8f88b`
VirtualSize	`0x8bf28`
VirtualAddress	`0x11a5000`
SizeOfRawData	`0x8c000`
PointerToRawData	`0x10d2800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.76479`

Imports

HID.DLL	`HidP_GetButtonCaps` `HidP_GetCaps` `HidD_GetProductString` `HidD_GetPreparsedData` `HidP_MaxDataListLength` `HidP_GetData` `HidD_FreePreparsedData` `HidP_GetValueCaps` `HidD_GetHidGuid`
KERNEL32.dll	`GetLocalTime` `GetTimeZoneInformation` `LocalFree` `TerminateThread` `GetSystemInfo` `GetSystemTimeAsFileTime` `CreateFileW` `InitializeCriticalSection` `ResetEvent` `ReadFile` `SetFilePointerEx` `WriteFile` `SetFilePointer` `SetEndOfFile` `GetFileAttributesExW` `SetFileAttributesW` `GetFileAttributesW` `CopyFileW` `MoveFileExW` `FindClose` `FindNextFileW` `FindFirstFileW` `FindFirstFileExW` `LoadLibraryExW` `InterlockedIncrement` `InterlockedDecrement` `CreateEventW` `GlobalUnlock` `GlobalLock` `GlobalAlloc` `GetModuleHandleA` `RemoveDirectoryW` `DeleteFileW` `SetFileTime` `GetSystemTime` `GetDiskFreeSpaceExA` `GetModuleFileNameW` `lstrcpynA` `lstrcpyA` `lstrcpynW` `GetCommandLineW` `CancelIo` `GetOverlappedResult` `ExpandEnvironmentStringsW` `SetLastError` `ResumeThread` `GetThreadContext` `SuspendThread` `OutputDebugStringA` `GetEnvironmentVariableA` `GetFileAttributesA` `GetModuleFileNameA` `GetVersionExA` `GetCurrentDirectoryA` `VerifyVersionInfoW` `VerSetConditionMask` `GetVersionExW` `GlobalMemoryStatusEx` `GetUserDefaultUILanguage` `GetComputerNameW` `GetTempPathW` `LocalAlloc` `SetUnhandledExceptionFilter` `GetCurrentDirectoryW` `OpenEventW` `DebugBreak` `GetFileSize` `FileTimeToDosDateTime` `FileTimeToLocalFileTime` `lstrlenA` `GetFileTime` `VirtualQuery` `GlobalMemoryStatus` `SetErrorMode` `HeapAlloc` `HeapFree` `GetCurrentProcess` `HeapReAlloc` `DecodePointer` `EncodePointer` `HeapQueryInformation` `HeapSize` `DuplicateHandle` `ExitProcess` `SetConsoleCtrlHandler` `SystemTimeToFileTime` `MapViewOfFile` `HeapSetInformation` `GetStartupInfoW` `GetStdHandle` `HeapCreate` `IsProcessorFeaturePresent` `GetLocaleInfoW` `UnhandledExceptionFilter` `TerminateProcess` `GetCPInfo` `GetACP` `GetOEMCP` `IsValidCodePage` `SetHandleCount` `GetFileType` `GetConsoleCP` `GetConsoleMode` `FlushFileBuffers` `SetStdHandle` `InterlockedExchange` `LCMapStringW` `FreeEnvironmentStringsW` `GetEnvironmentStringsW` `GetTickCount` `GetStringTypeW` `GetUserDefaultLCID` `GetLocaleInfoA` `EnumSystemLocalesA` `IsValidLocale` `WriteConsoleW` `CreateFileA` `CompareStringW` `SetEnvironmentVariableA` `GetProcessHeap` `GetProcessAffinityMask` `InterlockedExchangeAdd` `VirtualProtect` `VirtualAlloc` `VirtualFree` `SwitchToThread` `SetThreadAffinityMask` `InitializeSListHead` `InterlockedPushEntrySList` `InterlockedPopEntrySList` `InterlockedFlushSList` `GetThreadPriority` `OpenEventA` `SetWaitableTimer` `CreateWaitableTimerA` `GetSystemDirectoryA` `GetDriveTypeW` `PeekNamedPipe` `GetFileInformationByHandle` `FindFirstFileExA` `GetDriveTypeA` `FileTimeToSystemTime` `SetConsoleMode` `ReadConsoleInputA` `GetFullPathNameA` `GetDateFormatA` `GetTimeFormatA` `CreateSemaphoreW` `FlushInstructionCache` `CreateMutexW` `SignalObjectAndWait` `ExpandEnvironmentStringsA` `VerifyVersionInfoA` `FlushConsoleInputBuffer` `GetVersion` `GetCurrentProcessId` `GetFullPathNameW` `GetModuleHandleW` `GetCurrentThreadId` `SetThreadPriority` `FormatMessageA` `ExitThread` `CreateFileMappingA` `CreateThread` `InitializeCriticalSectionAndSpinCount` `TryEnterCriticalSection` `UnmapViewOfFile` `CreateMutexA` `ReleaseMutex` `WaitForSingleObject` `GetWindowsDirectoryW` `IsDebuggerPresent` `GetCommandLineA` `GetCurrentThread` `LeaveCriticalSection` `EnterCriticalSection` `DeleteCriticalSection` `RaiseException` `SleepEx` `QueryPerformanceFrequency` `QueryPerformanceCounter` `SetHandleInformation` `FormatMessageW` `SetDllDirectoryW` `LoadLibraryW` `GetLastError` `CreateDirectoryW` `LoadLibraryA` `GetProcAddress` `FreeLibrary` `WideCharToMultiByte` `MultiByteToWideChar` `InterlockedCompareExchange` `CreateEventA` `SetEvent` `ReleaseSemaphore` `WaitForSingleObjectEx` `Sleep` `CloseHandle` `CreateSemaphoreA` `TlsSetValue` `TlsGetValue` `TlsFree` `TlsAlloc` `RtlUnwind`
USER32.dll	`MessageBoxW` `IsWindowVisible` `ScreenToClient` `WindowFromPoint` `GetCursorPos` `GetCaretBlinkTime` `EnumDisplaySettingsA` `SetClipboardData` `EmptyClipboard` `OpenClipboard` `GetClipboardData` `IsClipboardFormatAvailable` `CreateIconIndirect` `ReleaseDC` `GetDC` `GetSystemMetrics` `SetCursor` `CloseClipboard` `wvsprintfA` `UpdateWindow` `MonitorFromWindow` `PostQuitMessage` `ValidateRect` `GetWindowLongW` `RegisterClassExW` `DialogBoxParamW` `EndDialog` `LoadIconA` `SendDlgItemMessageW` `SetDlgItemTextA` `SetDlgItemTextW` `MessageBoxA` `CopyRect` `OffsetRect` `GetAncestor` `UnregisterClassW` `SetWindowTextW` `GetDesktopWindow` `AdjustWindowRectEx` `GetWindowPlacement` `ChangeDisplaySettingsA` `GetDlgItem` `SetWindowLongA` `CreateDialogParamA` `SetWindowPos` `GetWindowRect` `GetParent` `GetThreadDesktop` `GetUserObjectInformationA` `EnumWindows` `RegisterWindowMessageA` `SendMessageA` `IsIconic` `ShowWindow` `SetTimer` `PeekMessageA` `GetMessageA` `KillTimer` `LoadImageW` `DialogBoxParamA` `CheckDlgButton` `PeekMessageW` `CreateDialogParamW` `IsDialogMessageW` `DispatchMessageW` `MsgWaitForMultipleObjects` `EnableWindow` `CopyImage` `SetWindowLongW` `IsDlgButtonChecked` `LoadCursorA` `DestroyCursor` `DestroyIcon` `SetCapture` `ReleaseCapture` `UnregisterDeviceNotification` `DispatchMessageA` `TranslateMessage` `PtInRect` `GetClientRect` `GetWindowLongA` `GetProcessWindowStation` `GetUserObjectInformationW` `SendMessageTimeoutA` `GetMessageExtraInfo` `RegisterDeviceNotificationW` `SystemParametersInfoW` `ClientToScreen` `DefWindowProcW` `DestroyWindow` `CreateWindowExW` `GetAsyncKeyState` `GetKeyState` `wsprintfA` `RegisterRawInputDevices` `GetRawInputData` `GetRawInputDeviceInfoW` `GetRawInputDeviceList` `SetForegroundWindow` `ClipCursor` `SetCursorPos` `ShowCursor` `GetFocus` `SetFocus` `EnumDisplayDevicesA` `EnumDisplayMonitors` `GetMonitorInfoA` `RegisterClassW`
VERSION.dll	`GetFileVersionInfoSizeA` `GetFileVersionInfoA` `GetFileVersionInfoSizeW` `GetFileVersionInfoW` `VerQueryValueA`
ole32.dll	`CoUninitialize` `CoInitialize` `CoCreateGuid` `CoTaskMemAlloc` `CoTaskMemFree` `CoSetProxyBlanket` `StringFromGUID2` `PropVariantClear` `CoCreateInstance`
SHLWAPI.dll	`PathCanonicalizeW` `PathFileExistsW` `SHDeleteKeyW`
ADVAPI32.dll	`CryptGetHashParam` `RegisterEventSourceA` `ReportEventA` `DeregisterEventSource` `CryptImportKey` `CryptVerifySignatureA` `CryptDestroyKey` `RegDeleteValueA` `RegQueryValueExA` `RegSetValueExA` `RegCreateKeyW` `OpenProcessToken` `CryptDestroyHash` `CryptHashData` `CryptReleaseContext` `CryptCreateHash` `CryptAcquireContextA` `RegOpenKeyExW` `RegCloseKey` `RegQueryValueExW` `RegSetValueExW` `RegCreateKeyExW` `GetUserNameA` `GetSidSubAuthority` `GetTokenInformation`
GDI32.dll	`SwapBuffers` `DeleteObject` `CreateBitmap` `CreateDIBSection` `SetPixelFormat` `ChoosePixelFormat` `GetDeviceCaps` `GetObjectA`
SHELL32.dll	`CommandLineToArgvW` `SHGetFolderPathW` `ShellExecuteW` `SHFileOperationW`
OPENGL32.dll	`wglGetCurrentContext` `wglCreateContext` `wglMakeCurrent` `wglDeleteContext` `wglGetProcAddress` `wglGetCurrentDC`
WINMM.dll	`timeBeginPeriod` `waveInGetNumDevs` `timeEndPeriod` `waveOutGetDevCapsA` `waveOutGetDevCapsW` `waveOutClose` `waveOutOpen` `waveOutUnprepareHeader` `waveOutWrite` `waveOutReset` `waveOutGetPosition` `timeGetTime` `waveOutGetNumDevs` `waveInPrepareHeader` `waveInUnprepareHeader` `waveInGetDevCapsA` `waveInGetDevCapsW` `waveInStart` `waveInOpen` `waveInClose` `waveInReset` `waveOutPrepareHeader` `waveInAddBuffer`
WS2_32.dll	`accept` `ntohs` `gethostname` `socket` `WSAGetLastError` `connect` `WSAAsyncGetHostByName` `WSAStartup` `inet_ntoa` `closesocket` `WSACleanup` `htonl` `bind` `htons` `inet_addr` `WSACancelAsyncRequest` `getsockopt` `WSAEventSelect` `WSACloseEvent` `WSACreateEvent` `WSAWaitForMultipleEvents` `WSAResetEvent` `WSAEnumNetworkEvents` `WSASetEvent` `getpeername` `getprotobyname` `recv` `gethostbyname` `ntohl` `shutdown` `getnameinfo` `getaddrinfo` `WSAIoctl` `recvfrom` `sendto` `send` `select` `__WSAFDIsSet` `freeaddrinfo` `WSASocketA` `WSASetLastError` `setsockopt` `ioctlsocket` `getsockname` `listen`
OLEAUT32.dll	`VariantClear` `SysAllocString` `SysFreeString` `VariantChangeType` `VariantInit`
IMM32.dll	`ImmReleaseContext` `ImmSetOpenStatus` `ImmGetConversionStatus` `ImmGetCompositionStringW` `ImmAssociateContextEx` `ImmAssociateContext` `ImmGetContext` `ImmSetCompositionStringW`
DNSAPI.dll	`DnsQuery_A` `DnsFree`
IPHLPAPI.DLL	`GetIpAddrTable`
WINHTTP.dll	`WinHttpGetIEProxyConfigForCurrentUser`

Delayed Imports

??0Allocator@shdfnd@physx@@QAE@PBD@Z

Ordinal	`1`
Address	`0x879cf0`

??0ErrorHandler@shdfnd@physx@@QAE@XZ

Ordinal	`2`
Address	`0x8af170`

??0FPUGuard@shdfnd@physx@@QAE@XZ

Ordinal	`3`
Address	`0xa9fa60`

??0Foundation@shdfnd@physx@@AAE@AAVPxErrorCallback@2@AAVPxAllocatorCallback@2@@Z

Ordinal	`4`
Address	`0x87a120`

??0MutexImpl@shdfnd@physx@@QAE@XZ

Ordinal	`5`
Address	`0x8aefb0`

??0PAUtils@shdfnd@physx@@QAE@XZ

Ordinal	`6`
Address	`0x8af330`

??0PxFoundation@physx@@QAE@ABV01@@Z

Ordinal	`7`
Address	`0x879bb0`

??0PxFoundation@physx@@QAE@XZ

Ordinal	`8`
Address	`0x879ba0`

??0ReadWriteLock@shdfnd@physx@@QAE@XZ

Ordinal	`9`
Address	`0x8af090`

??0SListImpl@shdfnd@physx@@QAE@XZ

Ordinal	`10`
Address	`0xa253b0`

??0SyncImpl@shdfnd@physx@@QAE@XZ

Ordinal	`11`
Address	`0xa48480`

??0TempAllocator@shdfnd@physx@@QAE@PBD@Z

Ordinal	`12`
Address	`0x879cf0`

??0ThreadImpl@shdfnd@physx@@QAE@P6APAXPAX@Z0@Z

Ordinal	`13`
Address	`0xa48970`

??0ThreadImpl@shdfnd@physx@@QAE@XZ

Ordinal	`14`
Address	`0xa48560`

??0Time@shdfnd@physx@@QAE@XZ

Ordinal	`15`
Address	`0xa807d0`

??1ErrorHandler@shdfnd@physx@@QAE@XZ

Ordinal	`16`
Address	`0x8af180`

??1FPUGuard@shdfnd@physx@@QAE@XZ

Ordinal	`17`
Address	`0xa9faa0`

??1Foundation@shdfnd@physx@@EAE@XZ

Ordinal	`18`
Address	`0x87a000`

??1MutexImpl@shdfnd@physx@@QAE@XZ

Ordinal	`19`
Address	`0x8aefd0`

??1PAUtils@shdfnd@physx@@QAE@XZ

Ordinal	`20`
Address	`0x8af810`

??1PxFoundation@physx@@MAE@XZ

Ordinal	`21`
Address	`0x879b90`

??1ReadWriteLock@shdfnd@physx@@QAE@XZ

Ordinal	`22`
Address	`0x8af0d0`

??1SListImpl@shdfnd@physx@@QAE@XZ

Ordinal	`23`
Address	`0xa25390`

??1SyncImpl@shdfnd@physx@@QAE@XZ

Ordinal	`24`
Address	`0xa484a0`

??1ThreadImpl@shdfnd@physx@@QAE@XZ

Ordinal	`25`
Address	`0xa488d0`

??4Allocator@shdfnd@physx@@QAEAAV012@ABV012@@Z

Ordinal	`26`
Address	`0x879cf0`

??4ErrorHandler@shdfnd@physx@@QAEAAV012@ABV012@@Z

Ordinal	`27`
Address	`0x879c50`

??4FPUGuard@shdfnd@physx@@QAEAAV012@ABV012@@Z

Ordinal	`28`
Address	`0x879bc0`

??4MutexImpl@shdfnd@physx@@QAEAAV012@ABV012@@Z

Ordinal	`29`
Address	`0x879cf0`

??4PAUtils@shdfnd@physx@@QAEAAV012@ABV012@@Z

Ordinal	`30`
Address	`0x879c00`

??4PxFoundation@physx@@QAEAAV01@ABV01@@Z

Ordinal	`31`
Address	`0x879cf0`

??4SListImpl@shdfnd@physx@@QAEAAU012@ABU012@@Z

Ordinal	`32`
Address	`0x879cf0`

??4SyncImpl@shdfnd@physx@@QAEAAV012@ABV012@@Z

Ordinal	`33`
Address	`0x879cf0`

??4TempAllocator@shdfnd@physx@@QAEAAV012@ABV012@@Z

Ordinal	`34`
Address	`0x879cf0`

??4ThreadImpl@shdfnd@physx@@QAEAAV012@ABV012@@Z

Ordinal	`35`
Address	`0x879cf0`

??4Time@shdfnd@physx@@QAEAAV012@ABV012@@Z

Ordinal	`36`
Address	`0xa80680`

??_7Foundation@shdfnd@physx@@6B@

Ordinal	`37`
Address	`0xf58898`

??_7PxFoundation@physx@@6B@

Ordinal	`38`
Address	`0xf58628`

??_FAllocator@shdfnd@physx@@QAEXXZ

Ordinal	`39`
Address	`0x5d3f20`

??_FTempAllocator@shdfnd@physx@@QAEXXZ

Ordinal	`40`
Address	`0x5d3f20`

?MAX_LISTENER_COUNT@ErrorHandler@shdfnd@physx@@2IB

Ordinal	`41`
Address	`0xf58624`

?PxDiagonalize@physx@@YA?AVPxVec3@1@ABVPxMat33@1@AAVPxQuat@1@@Z

Ordinal	`42`
Address	`0x8eadb0`

?PxShortestRotation@physx@@YA?AVPxQuat@1@ABVPxVec3@1@0@Z

Ordinal	`43`
Address	`0x8ea720`

?PxTransformFromPlaneEquation@physx@@YA?AVPxTransform@1@ABVPxPlane@1@@Z

Ordinal	`44`
Address	`0x8ea8c0`

?PxTransformFromSegment@physx@@YA?AVPxTransform@1@ABVPxVec3@1@0PAM@Z

Ordinal	`45`
Address	`0x8eab60`

?TlsAlloc@shdfnd@physx@@YAIXZ

Ordinal	`46`
Address	`0xa487a0`

?TlsFree@shdfnd@physx@@YAXI@Z

Ordinal	`47`
Address	`0xa487b0`

?TlsGet@shdfnd@physx@@YAPAXI@Z

Ordinal	`48`
Address	`0xa487c0`

?TlsSet@shdfnd@physx@@YAIIPAX@Z

Ordinal	`49`
Address	`0xa487d0`

?allocate@Allocator@shdfnd@physx@@QAEPAXIPBDH@Z

Ordinal	`50`
Address	`0x8af110`

?allocate@TempAllocator@shdfnd@physx@@QAEPAXIPBDH@Z

Ordinal	`51`
Address	`0x8ebe20`

?atomicAdd@shdfnd@physx@@YAHPCHH@Z

Ordinal	`52`
Address	`0x995750`

?atomicCompareExchange@shdfnd@physx@@YAHPCHHH@Z

Ordinal	`53`
Address	`0x9956f0`

?atomicCompareExchangePointer@shdfnd@physx@@YAPAXPAPCXPAX1@Z

Ordinal	`54`
Address	`0x995710`

?atomicDecrement@shdfnd@physx@@YAHPCH@Z

Ordinal	`55`
Address	`0x995740`

?atomicExchange@shdfnd@physx@@YAHPCHH@Z

Ordinal	`56`
Address	`0x9956d0`

?atomicIncrement@shdfnd@physx@@YAHPCH@Z

Ordinal	`57`
Address	`0x995730`

?atomicMax@shdfnd@physx@@YAHPCHH@Z

Ordinal	`58`
Address	`0x995780`

?computeQuatFromNormal@shdfnd@physx@@YA?AVPxQuat@2@ABVPxVec3@2@@Z

Ordinal	`59`
Address	`0x97c780`

?createInstance@Foundation@shdfnd@physx@@SAPAV123@IAAVPxErrorCallback@3@AAVPxAllocatorCallback@3@@Z

Ordinal	`60`
Address	`0x87a1e0`

?deallocate@Allocator@shdfnd@physx@@QAEXPAX@Z

Ordinal	`61`
Address	`0x8af150`

?deallocate@TempAllocator@shdfnd@physx@@QAEXPAX@Z

Ordinal	`62`
Address	`0x8ebf20`

?debugEvent@PAUtils@shdfnd@physx@@QAEXGII@Z

Ordinal	`63`
Address	`0x8af7e0`

?decRefCount@Foundation@shdfnd@physx@@SAXXZ

Ordinal	`64`
Address	`0x879f10`

?destroyInstance@Foundation@shdfnd@physx@@SAXXZ

Ordinal	`65`
Address	`0x879e70`

?disableFPExceptions@shdfnd@physx@@YAXXZ

Ordinal	`66`
Address	`0xa9fb00`

?enableFPExceptions@shdfnd@physx@@YAXXZ

Ordinal	`67`
Address	`0xa9fae0`

?error@Foundation@shdfnd@physx@@QAAXW4Enum@PxErrorCode@3@PBDH1ZZ

Ordinal	`68`
Address	`0x879e00`

?errorImpl@Foundation@shdfnd@physx@@QAEXW4Enum@PxErrorCode@3@PBDH1PAD@Z

Ordinal	`69`
Address	`0x879d90`

?flush@SListImpl@shdfnd@physx@@QAEPAVSListEntry@23@XZ

Ordinal	`70`
Address	`0xa253f0`

?getAllocator@Foundation@shdfnd@physx@@UBEAAVPxBroadcastingAllocator@3@XZ

Ordinal	`71`
Address	`0x879c70`

?getAllocator@shdfnd@physx@@YAAAVPxAllocatorCallback@2@XZ

Ordinal	`72`
Address	`0x879df0`

?getAllocatorCallback@Foundation@shdfnd@physx@@UBEAAVPxAllocatorCallback@3@XZ

Ordinal	`73`
Address	`0x879d40`

?getBootCounterFrequency@Time@shdfnd@physx@@SAABUCounterFrequencyToTensOfNanos@23@XZ

Ordinal	`74`
Address	`0xa806e0`

?getCallbackCount@ErrorHandler@shdfnd@physx@@QBEIXZ

Ordinal	`75`
Address	`0x879c40`

?getCheckedAllocator@Foundation@shdfnd@physx@@QAEAAVPxAllocatorCallback@3@XZ

Ordinal	`76`
Address	`0x879c70`

?getCounterFrequency@Time@shdfnd@physx@@SA?AUCounterFrequencyToTensOfNanos@23@XZ

Ordinal	`77`
Address	`0xa806f0`

?getCurrentCounterValue@Time@shdfnd@physx@@SA_KXZ

Ordinal	`78`
Address	`0xa80720`

?getCurrentTimeInTensOfNanoSeconds@Time@shdfnd@physx@@SA_KXZ

Ordinal	`79`
Address	`0xa80810`

?getDefaultStackSize@ThreadImpl@shdfnd@physx@@SAIXZ

Ordinal	`80`
Address	`0xa487f0`

?getElapsedSeconds@Time@shdfnd@physx@@QAENXZ

Ordinal	`81`
Address	`0xa80740`

?getErrorCallback@ErrorHandler@shdfnd@physx@@QBEPAVPxErrorCallback@3@H@Z

Ordinal	`82`
Address	`0x6c2040`

?getErrorCallback@Foundation@shdfnd@physx@@UBEAAVPxErrorCallback@3@XZ

Ordinal	`83`
Address	`0x879d50`

?getErrorHandler@Foundation@shdfnd@physx@@QAEAAVErrorHandler@23@XZ

Ordinal	`84`
Address	`0x879ce0`

?getErrorLevel@Foundation@shdfnd@physx@@UBE?AW4Enum@PxErrorCode@3@XZ

Ordinal	`85`
Address	`0x879d70`

?getErrorMutex@Foundation@shdfnd@physx@@QAEAAV?$MutexT@V?$ReflectionAllocator@VMutexImpl@shdfnd@physx@@@shdfnd@physx@@@23@XZ

Ordinal	`86`
Address	`0x729870`

?getId@ThreadImpl@shdfnd@physx@@SAIXZ

Ordinal	`87`
Address	`0xa48550`

?getInstance@Foundation@shdfnd@physx@@SAAAV123@XZ

Ordinal	`88`
Address	`0x879d20`

?getLastTime@Time@shdfnd@physx@@QBENXZ

Ordinal	`89`
Address	`0xa807c0`

?getMaxCallbackNum@ErrorHandler@shdfnd@physx@@QBEIXZ

Ordinal	`90`
Address	`0x1076e0`

?getNamedAllocMap@Foundation@shdfnd@physx@@QAEAAV?$HashMap@PBVNamedAllocator@shdfnd@physx@@PBDU?$Hash@PBVNamedAllocator@shdfnd@physx@@@23@VNonTrackingAllocator@23@@23@XZ

Ordinal	`91`
Address	`0x879ca0`

?getNamedAllocMutex@Foundation@shdfnd@physx@@QAEAAV?$MutexT@V?$ReflectionAllocator@VMutexImpl@shdfnd@physx@@@shdfnd@physx@@@23@XZ

Ordinal	`92`
Address	`0x879cb0`

?getNbPhysicalCores@ThreadImpl@shdfnd@physx@@SAIXZ

Ordinal	`93`
Address	`0xa48800`

?getPAUtils@Foundation@shdfnd@physx@@QAEAAVPAUtils@23@XZ

Ordinal	`94`
Address	`0x2165c0`

?getPriority@ThreadImpl@shdfnd@physx@@SA?AW4Enum@ThreadPriority@23@I@Z

Ordinal	`95`
Address	`0xa48750`

?getReportAllocationNames@Foundation@shdfnd@physx@@UBE_NXZ

Ordinal	`96`
Address	`0x879c80`

?getSize@MutexImpl@shdfnd@physx@@SAABIXZ

Ordinal	`97`
Address	`0x8af010`

?getSize@SListImpl@shdfnd@physx@@SAABIXZ

Ordinal	`98`
Address	`0xa253a0`

?getSize@SyncImpl@shdfnd@physx@@SAABIXZ

Ordinal	`99`
Address	`0xa48470`

?getSize@ThreadImpl@shdfnd@physx@@SAABIXZ

Ordinal	`100`
Address	`0xa48540`

?getTempAllocFreeTable@Foundation@shdfnd@physx@@QAEAAV?$Array@PATTempAllocatorChunk@shdfnd@physx@@VAllocator@23@@23@XZ

Ordinal	`101`
Address	`0x879cc0`

?getTempAllocMutex@Foundation@shdfnd@physx@@QAEAAV?$MutexT@V?$ReflectionAllocator@VMutexImpl@shdfnd@physx@@@shdfnd@physx@@@23@XZ

Ordinal	`102`
Address	`0x879cd0`

?getWarnOnceTimestamp@Foundation@shdfnd@physx@@SAIXZ

Ordinal	`103`
Address	`0x879d30`

?incRefCount@Foundation@shdfnd@physx@@SAXXZ

Ordinal	`104`
Address	`0x879ee0`

?integrateTransform@shdfnd@physx@@YAXABVPxTransform@2@ABVPxVec3@2@1MAAV32@@Z

Ordinal	`105`
Address	`0x97c520`

?isEnabled@PAUtils@shdfnd@physx@@QAE_NXZ

Ordinal	`106`
Address	`0x8af5c0`

?isEventEnabled@PAUtils@shdfnd@physx@@QAE_NG@Z

Ordinal	`107`
Address	`0x8af590`

?kill@ThreadImpl@shdfnd@physx@@QAEXXZ

Ordinal	`108`
Address	`0xa485e0`

?lock@MutexImpl@shdfnd@physx@@QAEXXZ

Ordinal	`109`
Address	`0x8aefe0`

?lock@PAUtils@shdfnd@physx@@QAE_NXZ

Ordinal	`110`
Address	`0x8af340`

?lockReader@ReadWriteLock@shdfnd@physx@@QAEXXZ

Ordinal	`111`
Address	`0x8af030`

?lockWriter@ReadWriteLock@shdfnd@physx@@QAEXXZ

Ordinal	`112`
Address	`0x8af060`

?mInstance@Foundation@shdfnd@physx@@0PAV123@A

Ordinal	`113`
Address	`0x10c9990`

?mRefCount@Foundation@shdfnd@physx@@0IA

Ordinal	`114`
Address	`0x10c9994`

?mWarnOnceTimestap@Foundation@shdfnd@physx@@0IA

Ordinal	`115`
Address	`0x10c9998`

?optimizeBoundingBox@shdfnd@physx@@YA?AVPxVec3@2@AAVPxMat33@2@@Z

Ordinal	`116`
Address	`0x97c8f0`

?peekElapsedSeconds@Time@shdfnd@physx@@QAENXZ

Ordinal	`117`
Address	`0xa80780`

?pop@SListImpl@shdfnd@physx@@QAEPAVSListEntry@23@XZ

Ordinal	`118`
Address	`0xa253e0`

?push@SListImpl@shdfnd@physx@@QAEXPAVSListEntry@23@@Z

Ordinal	`119`
Address	`0xa253c0`

?quit@ThreadImpl@shdfnd@physx@@QAEXXZ

Ordinal	`120`
Address	`0xa485d0`

?quitIsSignalled@ThreadImpl@shdfnd@physx@@QAE_NXZ

Ordinal	`121`
Address	`0xa485b0`

?rawEvent@PAUtils@shdfnd@physx@@QAEXGIIE@Z

Ordinal	`122`
Address	`0x8af5e0`

?rawEventWithTimestamp@PAUtils@shdfnd@physx@@QAE_NG_KIIE@Z

Ordinal	`123`
Address	`0x8af390`

?registerErrorCallback@ErrorHandler@shdfnd@physx@@QAEHAAVPxErrorCallback@3@@Z

Ordinal	`124`
Address	`0x8af210`

?registerEvent@PAUtils@shdfnd@physx@@QAEGPBD@Z

Ordinal	`125`
Address	`0x8af860`

?release@Foundation@shdfnd@physx@@UAEXXZ

Ordinal	`126`
Address	`0x879f40`

?reportError@ErrorHandler@shdfnd@physx@@QAEXW4Enum@PxErrorCode@3@PBD1H@Z

Ordinal	`127`
Address	`0x8af1b0`

?reset@SyncImpl@shdfnd@physx@@QAEXXZ

Ordinal	`128`
Address	`0xa484b0`

?sNumTensOfNanoSecondsInASecond@Time@shdfnd@physx@@2_KB

Ordinal	`129`
Address	`0xf5f650`

?set@SyncImpl@shdfnd@physx@@QAEXXZ

Ordinal	`130`
Address	`0xa484c0`

?setAffinityMask@ThreadImpl@shdfnd@physx@@QAEII@Z

Ordinal	`131`
Address	`0xa48620`

?setErrorLevel@Foundation@shdfnd@physx@@UAEXW4Enum@PxErrorCode@3@@Z

Ordinal	`132`
Address	`0x879d60`

?setName@ThreadImpl@shdfnd@physx@@QAEXPBD@Z

Ordinal	`133`
Address	`0xa48650`

?setPriority@ThreadImpl@shdfnd@physx@@QAEXW4Enum@ThreadPriority@23@@Z

Ordinal	`134`
Address	`0xa486d0`

?setReportAllocationNames@Foundation@shdfnd@physx@@UAEX_N@Z

Ordinal	`135`
Address	`0x879c90`

?signalQuit@ThreadImpl@shdfnd@physx@@QAEXXZ

Ordinal	`136`
Address	`0xa48580`

?sleep@ThreadImpl@shdfnd@physx@@SAXI@Z

Ordinal	`137`
Address	`0xa48600`

?slerp@shdfnd@physx@@YA?AVPxQuat@2@MABV32@0@Z

Ordinal	`138`
Address	`0x97c360`

?start@ThreadImpl@shdfnd@physx@@QAEXIPAVRunnable@23@@Z

Ordinal	`139`
Address	`0xa48900`

?startEvent@PAUtils@shdfnd@physx@@QAEXGG@Z

Ordinal	`140`
Address	`0x8af610`

?statEvent@PAUtils@shdfnd@physx@@QAEXGI@Z

Ordinal	`141`
Address	`0x8af770`

?statEvent@PAUtils@shdfnd@physx@@QAEXGII@Z

Ordinal	`142`
Address	`0x8af7b0`

?stopEvent@PAUtils@shdfnd@physx@@QAEXGG@Z

Ordinal	`143`
Address	`0x8af6c0`

?trylock@MutexImpl@shdfnd@physx@@QAE_NXZ

Ordinal	`144`
Address	`0x8aeff0`

?unRegisterErrorCallback@ErrorHandler@shdfnd@physx@@QAEXAAVPxErrorCallback@3@@Z

Ordinal	`145`
Address	`0x8af2d0`

?unRegisterErrorCallback@ErrorHandler@shdfnd@physx@@QAEXH@Z

Ordinal	`146`
Address	`0x8af280`

?unlock@MutexImpl@shdfnd@physx@@QAEXXZ

Ordinal	`147`
Address	`0x8af000`

?unlock@PAUtils@shdfnd@physx@@QAE_NXZ

Ordinal	`148`
Address	`0x8af3c0`

?unlockReader@ReadWriteLock@shdfnd@physx@@QAEXXZ

Ordinal	`149`
Address	`0x8af020`

?unlockWriter@ReadWriteLock@shdfnd@physx@@QAEXXZ

Ordinal	`150`
Address	`0x8af080`

?wait@SyncImpl@shdfnd@physx@@QAE_NI@Z

Ordinal	`151`
Address	`0xa484d0`

?waitForQuit@ThreadImpl@shdfnd@physx@@QAE_NXZ

Ordinal	`152`
Address	`0xa48590`

?waitForever@SyncImpl@shdfnd@physx@@2IB

Ordinal	`153`
Address	`0xf5e060`

?yield@ThreadImpl@shdfnd@physx@@SAXXZ

Ordinal	`154`
Address	`0xa48610`

AmdPowerXpressRequestHighPerformance

Ordinal	`155`
Address	`0x10201c0`

NvOptimusEnablement

Ordinal	`156`
Address	`0x10201bc`

PxCreateFoundation

Ordinal	`157`
Address	`0x87a2e0`

PxGetFoundation

Ordinal	`158`
Address	`0x879d80`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.10857`
MD5	`615f49f34b3869309206df409f9fb091`
SHA1	`f098d5fe158154e20822cb1d0ef8a74007442422`
SHA256	`f29da48c76e867c5ab25cba719e293259f90a26b0007afe5d9be927a448fbf6a`
SHA3	`a6ed786b517fa0d3f4689e37d3ad40bb6655890c1e90619a89c0b765614a3b25`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.23514`
MD5	`062c8cbf9fbd9db807f415ab1d72fd21`
SHA1	`57deab6b8974bbbd085ee8a63bbd2cc05ed79cbe`
SHA256	`e31e4609abf932a8819cc73a7c125232416320992d7d57612c8a1b42659edd19`
SHA3	`59367929493831883e30a6a1d7165a8e34bae2e7d1335b6b78d793b7221473f7`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.2625`
MD5	`03bc1d9895d358c85f7bf4304cff5693`
SHA1	`33c5d4cc320274c2708b03c802665a37ae44c02d`
SHA256	`ebc3a6f658195a2433eea61010a7529707a918c974b1c2cbd3ebba2cb740da9f`
SHA3	`d78dc22d49c3814732e990b45552c900b633001b75d94218f3838d3caab8064a`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.18051`
MD5	`dad4cb6ed9ec92b08744c00eb13d6b04`
SHA1	`eb349d5847f0b06e7e6b43ee17455ec3e09c0427`
SHA256	`6349105f9c85baaa6bd91821b70699da5d82fa8df2ff461906b5c1241fb42ea7`
SHA3	`ed9e7fd8a47a7135ba27e7d02cf5e3ba7bfd5295c1b972d6121b45ecef852b29`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.15612`
MD5	`9f6e85b7324bfb53536492d914532800`
SHA1	`c91f240163bdcfec934c3490a32b5185af9ae4f4`
SHA256	`e5e601139f5078d2cf6dc9373bc016096a0db47c2bfe759f8da7bc72278517b5`
SHA3	`2a65aa498f3021dc452377ec3c85080e7915c411f772aa205b499596e4b179d5`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.07479`
MD5	`6f4b571d445f1e63cc61cbaef30b1b79`
SHA1	`ba84a2ab5b5e3a28510c85bb961abe614d59b2b8`
SHA256	`ce29edb2fa0cf3aaf4fd0d3797a2b90aa58777ba7c8926aaff8bbb996da971b3`
SHA3	`daf6c199cee55b45c887c33b627b85bdb9d18129817bae03da2f9648b66f62f8`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.01004`
MD5	`7742b7eb9cf75acfe285245d1eafa22a`
SHA1	`8701fdf13bda072b0f81a363105c01e464cf2fc5`
SHA256	`4c66beffe1f963084872ea286b5a064a39b36e4cb573f4c6382a9c17ba13e4af`
SHA3	`ffa2aae097e06940b96f56b5b6ba86b0985a0aa923b4d8b54c06ba4123c3ac84`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.92212`
MD5	`32dfd605450c55d30da5adbefba44f20`
SHA1	`b643ecdb0f89ebf81fdc8cc3d852052d8d83449d`
SHA256	`b356838448be7982b8becda0c240eb7d217cba6480a81678e33e1a35b3c67f5e`
SHA3	`4d095cd99cf0f5fd6714ac07d051cedc844a4f857ff09206daf98729084e47cb`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.85917`
MD5	`dd4d943aea48a410db2b630d575df612`
SHA1	`0c2369b92839a72469bf22de2f62901ef9d138cb`
SHA256	`31e6fadfcd518e7d4b61b7c06ac93c2d2756ab327d25e25fd91bfdc335b0f706`
SHA3	`cb7ab635b8544daa4b75a81619f745c945a5ed022fdb1307a7983a8eb7cc810d`

9 (#2)

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x124`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.99471`
MD5	`b62b6b1e4cd3054ab1b07b033356d108`
SHA1	`c0170ce1c06de46e62508e1d774d64e952cd111a`
SHA256	`6a3c71d7f89e83280ff2aa75c76d49c3239060f8ee53cfc2692e05c4fc9c7eab`
SHA3	`9e885ae1d0f740d603c9ef2ca1a92c8a61ddb587a0f50bee653496e0ac8fe4f6`

105

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.98084`
MD5	`2165d3c35627dfb0f24dfa8839b650c1`
SHA1	`5168d394292dd31902f3f8112b22cd604529f378`
SHA256	`7aa854f2b6bf3241c666d0b851ecaea27082934a4b2fa43db752591dfcf9434e`
SHA3	`395d76a75afaab97318d9ea2f3785b5ade74331f689f98e69f22f301be84d67a`

107

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1c2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.19606`
MD5	`e71ed01bef9a6e44b5a60f28e2d14320`
SHA1	`28a0948d37b93bfd392044a4338968bd3f4de535`
SHA256	`af380b7f1f6bedba49ef3833569a36314f9834b759bfbdc7f5474d65081186c6`
SHA3	`a275daef8cf31a8e4d53a63b80b73137c0c41a126920ed0b63416f8643332d35`

108

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xdc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.23439`
MD5	`89647fd8d7ee80b9e9e46db2a1053a29`
SHA1	`10dd88f00a8f56cce48908628abe1215235f624a`
SHA256	`692985cf029eb28098357336ea128b16211fb8fb8ab3e8f90949a952a2514f65`
SHA3	`01c77f889f7bb48a0744fe4f076df03cf74591df831c9d043237c2a7a7426f3e`

109

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.09377`
MD5	`839f2e562a1f062fd873414ab28cf1d2`
SHA1	`ed961a5852bd1ac5b55fa8fd70fa8213754abc57`
SHA256	`296b7d861a9ee473d4e8a62f9d7adb025d1fbe8e61206870f426e5c870a98936`
SHA3	`6a4b1fab7319e07585d923be21a3d852ecc1988286973bf8440e25f2a35a3cd0`

103

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.04448`
Detected Filetype	Icon file
MD5	`3bf2dac037ce87794e66ff7f054e913f`
SHA1	`52ca961fd37ad960905a681d1db5157508ef1602`
SHA256	`2a87b1f32c5d0435090c72c392b75394f706e5750eff64fd85d25e1c622ee581`
SHA3	`8454d3273522657b5926068082b2cb88f6dbf352e7e9568008c0e33c792f349b`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.35701`
MD5	`0d4201f5e131457d481bbd742b177f10`
SHA1	`60f8ee6c3cc65f2d1a25117fa41555bd4f53bee3`
SHA256	`c86139582b5a8285376eb75c79a1943c2bc4e6cc374460d1922fc6d99cdd2e5c`
SHA3	`5ca6f60b5e9b3acac25ffb4a299a3b4c6ded030703daa987e1b098df5293d673`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x581`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.37424`
MD5	`ed4212968d15a196c34d461040b44336`
SHA1	`4d331b10588bcfeb306ba2ad31ce5ee96e12667c`
SHA256	`b91c0fd1d3a91447a5b1207d1f625d19a6a0df1921aac32c60ffbd8e0a11ef00`
SHA3	`914a36db86cc3ab4399e6e59366be51f0f6dae23a7a55f7e19ea927f9dd1a2b0`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	5.5.1.53258
ProductVersion	5.5.1.53258
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_UNKNOWN`
Language	English - United States
FileVersion (#2)	5.5.1.8966154
ProductVersion (#2)	5.5.1.8966154
Unity Version	5.5.1f1_88d00a7498cd

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2017-Jan-19 12:10:52
Version	`0.0`
SizeofData	`137`
AddressOfRawData	`0xfecefc`
PointerToRawData	`0xfeb6fc`
Referenced File	C:\buildslave\unity\build\build\WindowsStandaloneSupport\Variations\win32_nondevelopment_mono\player_win_x86.pdb

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0x78e26d3d`
Unmarked objects	`0`
ASM objects (VS2008 build 21022)	`2`
C++ objects (VS2010 build 30319)	`4`
Imports (VS2008 SP1 build 30729)	`36`
C objects (VS2012 build 50727 / VS2005 build 50727)	`1`
C objects (VS2008 SP1 build 30729)	`33`
Imports (VS2003 (.NET) build 4035)	`3`
Total imports	`516`
152 (20115)	`8`
ASM objects (VS2010 SP1 build 40219)	`71`
Unmarked objects (#2)	`195`
C objects (VS2010 SP1 build 40219)	`1043`
C++ objects (VS2010 SP1 build 40219)	`2465`
Exports (VS2010 SP1 build 40219)	`1`
Resource objects (VS2010 SP1 build 40219)	`1`
Linker (VS2010 SP1 build 40219)	`1`

Errors

Leave a comment

No comments yet.