Manalyze report for 624403d5b8c3edb1c1e99d19ef506061d6327b4805e54a89a57078f9ac61df4e

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2022-Nov-23 03:40:12
Detected languages	English - United States
Debug artifacts	C:\build\output\unity\unity\artifacts\WindowsPlayer\Win32_VS2019_nondev_m_r\WindowsPlayer_player_Master_mono_x86.pdb
FileVersion	`2021.3.15.15263878`
LegalCopyright	(c) 2022 Unity Technologies ApS. All rights reserved.
ProductVersion	`2021.3.15f1 (e8e88683f834)`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExW`
Suspicious	The PE is possibly a dropper.	`Resources amount for 88.0632% of the executable.`
Safe	VirusTotal score: 0/72 (Scanned on 2026-03-20 20:44:00)	`All the AVs think this file is safe.`

Hashes

MD5	`dbe090c44405c55699999c6ac0071b0e`
SHA1	`9bd96863af6b0707911aef33a1aff4649994ea22`
SHA256	`624403d5b8c3edb1c1e99d19ef506061d6327b4805e54a89a57078f9ac61df4e`
SHA3	`00b2738c2f64c2c2513012b14d2eee5aa2b0615542c948460440027b2f309cbe`
SSDeep	`6144:qdY0qgutYFom+/JLJmFE9IbIIIbW6Hyu7RRRRRRR1IIIIII36Y7lO0IsVMqEcs:qdYQutYFom+/JLJJW6Hy2ZMqEcs`
Imports Hash	`e31e227f9c58f4b15ebf5b93d8c3c2a0`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x118`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2022-Nov-23 03:40:12
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`14.0`
SizeOfCode	`0xb000`
SizeOfInitializedData	`0x92000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000125D (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0xc000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xa0000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`4ab49aa22cc7d3ae58f899ff435a8a6a`
SHA1	`31f622a72048aa59fb6047dd1ec6acd57f40ea16`
SHA256	`edcba01de75b4f5df73b8fdf0d28bc55f8b03aa5d81c242b612c61ee064c094e`
SHA3	`892ddab45d98bc1c2a49550094d27e7ca5f4fd7d2213c1bd21ede0c6d1126133`
VirtualSize	`0xaedf`
VirtualAddress	`0x1000`
SizeOfRawData	`0xb000`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.62185`

.rdata

MD5	`c9a89d628e7f7d8a9931831936c8a6e4`
SHA1	`db7531f308f153f80f38db2ed9a1787ab7b62dff`
SHA256	`6757d47193eccd16bb9c337fd29f7f00a00d50e73533a5d977bfab98925e4529`
SHA3	`ac973382ededf35ec57a3ecfa84ccc8f840f7c5d251ef9a9533f00aceed1746a`
VirtualSize	`0x5a9e`
VirtualAddress	`0xc000`
SizeOfRawData	`0x5c00`
PointerToRawData	`0xb400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.80546`

.data

MD5	`f8ccc19f852cfd9366353f5516003dc6`
SHA1	`d4d8b732331beb3a731549c4f58b6330a60617e1`
SHA256	`e5c0a92c51c13a9ab826fd320a3762e540efab26416c5b31aa9aface399d8c13`
SHA3	`24e2c42b901e9a48f06b672849598c53998f392d29d30d16ad34a7120ff69329`
VirtualSize	`0x13b4`
VirtualAddress	`0x12000`
SizeOfRawData	`0xa00`
PointerToRawData	`0x11000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`1.81902`

.rsrc

MD5	`195c71ca624b01749ad23f053f4ad799`
SHA1	`a22b557a72973dbac59e97e42549d057a6055dc9`
SHA256	`722817b307d62cf065cc7065c56d60fb9f9bf8f7fe79bd39ac8c451ab357890a`
SHA3	`fa206e450a19a183de6b05e918d497a20cb54b0587c02b0e88585183e5787dff`
VirtualSize	`0x8a198`
VirtualAddress	`0x14000`
SizeOfRawData	`0x8a200`
PointerToRawData	`0x11a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.68668`

.reloc

MD5	`0c1b59aee50dc1d3e2981883ff8bf200`
SHA1	`953c05b9be795e73757fab4db629ecb235829a5a`
SHA256	`1cf0b959ba63cffce2a75c4fecadf0a61fa42de4cf5bb16fddf30804ea26a782`
SHA3	`3e1aa0e0337697f1da12c845756ebb7b872f19c5148a62909b04e85049e512ad`
VirtualSize	`0xdcc`
VirtualAddress	`0x9f000`
SizeOfRawData	`0xe00`
PointerToRawData	`0x9bc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.49503`

Imports

UnityPlayer.dll	`UnityMain`
KERNEL32.dll	`HeapAlloc` `WriteConsoleW` `QueryPerformanceCounter` `GetCurrentProcessId` `GetCurrentThreadId` `GetSystemTimeAsFileTime` `InitializeSListHead` `IsDebuggerPresent` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetStartupInfoW` `IsProcessorFeaturePresent` `GetModuleHandleW` `GetCurrentProcess` `TerminateProcess` `CloseHandle` `RtlUnwind` `GetLastError` `SetLastError` `EnterCriticalSection` `LeaveCriticalSection` `DeleteCriticalSection` `InitializeCriticalSectionAndSpinCount` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `FreeLibrary` `GetProcAddress` `LoadLibraryExW` `RaiseException` `GetStdHandle` `WriteFile` `GetModuleFileNameW` `ExitProcess` `GetModuleHandleExW` `DecodePointer` `HeapFree` `FindClose` `FindFirstFileExW` `FindNextFileW` `IsValidCodePage` `GetACP` `GetOEMCP` `GetCPInfo` `GetCommandLineA` `GetCommandLineW` `MultiByteToWideChar` `WideCharToMultiByte` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `SetStdHandle` `GetFileType` `GetStringTypeW` `LCMapStringW` `GetProcessHeap` `HeapSize` `HeapReAlloc` `FlushFileBuffers` `GetConsoleCP` `GetConsoleMode` `SetFilePointerEx` `CreateFileW`

Delayed Imports

AmdPowerXpressRequestHighPerformance

Ordinal	`1`
Address	`0x12004`

NvOptimusEnablement

Ordinal	`2`
Address	`0x12000`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.58048`
MD5	`abbacbee034f8a69c124cd55ee0c4eba`
SHA1	`92a25f9909f5b89a4fd3a8444a469796b08fd06f`
SHA256	`00aa12b06f066d5e33f3ac553e68c4fce0e5bb3ab53cdf300a50176d07da9385`
SHA3	`7b6c9d1bf856516c3efd59b7b1c5e7e07f309586b2e31b9a361e9b5601715755`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.44549`
MD5	`2226d6d0b8678d52dbbbf6b15236d4e8`
SHA1	`b171a041b22808566f553428d604a3894c212b09`
SHA256	`965bbec9a3f1565845138051f8fc9f8471b358e7efdce1fc86182460e0e02732`
SHA3	`cdcf44799ec931daa8c515f2804bc79d1bba3a623b723ab8a8d92b9c9a114788`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.67959`
MD5	`42096932d6960fbb4f78e4df833297af`
SHA1	`a2996dcb9f7333ea5c52814f2d75ade613101dc4`
SHA256	`a8cef7f5122c0f31d590740fb38c943dd463dc195a99d063c687bcdaf527cee7`
SHA3	`d8193560817a74c34da6656ccaac40f0ba34dd21ef470792b1e313961bc1a7ac`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.88196`
MD5	`4855b5f05dde104da5a7b6411ac7ae48`
SHA1	`9f4dd497bce2440ab215e9bed0cd0b529b9e3f39`
SHA256	`44218d425fb523ce9674e96c754a8171a3632f023cfe55b45e017c9e8c516345`
SHA3	`16878b266ad1c598e0473817bda5e1eb297c553c5c1b7f76e31c16fb0af0d451`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.22263`
MD5	`6fcaee2dcdd1338cf16d61144754dc00`
SHA1	`b41345414479326743f644ea1363fdd598863d16`
SHA256	`51ff040fc58682f8c757f650acc720d4bf400016ede7014d3fe13829d095dbcd`
SHA3	`1623ddb547ec4df1adedc69554050998dc9a177ed98db355645cb8d3decc39de`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.46461`
MD5	`103ed10e0ac0f5b37d86faa7751626ff`
SHA1	`d7646e7573db249eaa1923fda3855d8d3a102d23`
SHA256	`e2cd09fdeda3db363ef611a6ed0c33a000ddfaae0b8f41c746e3a7b14e0828d5`
SHA3	`06db426ea93c6cd0c8403d56cc51a99be96a77418e5f9deb6c1c23259e8aa745`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.97013`
MD5	`3a03e8c7d276162be6d0ca2615dbe769`
SHA1	`fc3ff0118abb0ebb0fd5e9b2f731298849f6e81a`
SHA256	`a14ef3c894fd40963bb4cdb6cdcab6ab190d7d5a4a4d356a38e42c6ee718408b`
SHA3	`d9687cf8a0492da86686149f6f8b0f31521cfd8e52edb2e0dd9bca31d0d979dd`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.26905`
MD5	`2a1bf82ceb10448b2c103eded47dbe76`
SHA1	`60790e97ae8f5e23f3080729d20f0537c2daa31c`
SHA256	`0f4e28a4880dc8b829329ca5825bfd419ec62580b521dd64c48875888b6b3164`
SHA3	`df24678e4c1682509f1d39ec7b759a091adbd416f9195e26d4166cc7d36757b3`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.83083`
MD5	`e360c558f2bd95372ace38d917d79989`
SHA1	`d350b33183974a9b98abe1933c9158564d77e8c6`
SHA256	`5cb5e5a32d9c2126a4082c3e165b8aecd86ee59919767a4af51da5aef665931a`
SHA3	`8594bc6ecc1c5739f1ff92f7e1086e3f96955e4c7bad2e407264f59c1133dd71`

103

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.04448`
Detected Filetype	Icon file
MD5	`f7731730720cfe035cf030b40d0e2eb6`
SHA1	`d046e23f2ee2b93ad96be8e1dc9120ecf3915091`
SHA256	`5c92a41adaf3265071482fd1a182ae8702c168636a7d9ff51798ee3a1dfc8500`
SHA3	`6f2d12e4c63c131a3f7f48293996e2be05da351536d013affe5d2265965ce657`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x210`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.57253`
MD5	`3a940e1050baf30b07a1d942894ac7ab`
SHA1	`9f400a251a061384bf29c3c2204ad6b657397811`
SHA256	`dec8ea440b1ad6d544a232badbff511cc2b4ceceb8e5ff4237caca686ea3e8b2`
SHA3	`2a804ae7b3e378a8f04c0b1824a9fc3bc2f3e6f7bfc01ae088847bdc4f516a90`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6c1`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.37708`
MD5	`aab7e8aafe7b06ab3d003b54ab5e18ed`
SHA1	`dccf0408f43059df37b755f3241a8b4b35c728af`
SHA256	`fb88b19523afd8fed48eddfd10805a3a0a45997bbf8fac04d595ddf93c1a88a8`
SHA3	`a981b8e907b79cd9448766ace938dfd96560d11c29e6ba165912a8508bd52ca7`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2021.3.15.59526
ProductVersion	2021.3.15.59526
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_UNKNOWN`
Language	English - United States
FileVersion (#2)	2021.3.15.15263878
LegalCopyright	(c) 2022 Unity Technologies ApS. All rights reserved.
ProductVersion (#2)	2021.3.15f1 (e8e88683f834)

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2022-Nov-23 03:40:12
Version	`0.0`
SizeofData	`141`
AddressOfRawData	`0x10d0c`
PointerToRawData	`0x1010c`
Referenced File	C:\build\output\unity\unity\artifacts\WindowsPlayer\Win32_VS2019_nondev_m_r\WindowsPlayer_player_Master_mono_x86.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2022-Nov-23 03:40:12
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x10d9c`
PointerToRawData	`0x1019c`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2022-Nov-23 03:40:12
Version	`0.0`
SizeofData	`672`
AddressOfRawData	`0x10db0`
PointerToRawData	`0x101b0`

TLS Callbacks

Load Configuration

Size	`0xbc`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x412018`
SEHandlerTable	`0x410d00`
SEHandlerCount	`3`

RICH Header

XOR Key	`0x64873248`
Unmarked objects	`0`
ASM objects (VS2017 v14.15 compiler 26715)	`10`
C++ objects (VS2017 v14.15 compiler 26715)	`139`
C objects (VS2017 v14.15 compiler 26715)	`18`
Imports (VS2017 v14.15 compiler 26715)	`2`
C++ objects (VS 2015/2017/2019 runtime 29118)	`37`
C objects (VS 2015/2017/2019 runtime 29118)	`17`
ASM objects (VS 2015/2017/2019 runtime 29118)	`17`
Imports (VS2019 Update 8 (16.8.0-1) compiler 29333)	`3`
Total imports	`81`
C++ objects (VS2019 Update 8 (16.8.0-1) compiler 29333)	`3`
Exports (VS2019 Update 8 (16.8.0-1) compiler 29333)	`1`
Resource objects (VS2019 Update 8 (16.8.0-1) compiler 29333)	`1`
Linker (VS2019 Update 8 (16.8.0-1) compiler 29333)	`1`

Errors

Leave a comment

No comments yet.