Manalyze report for 950320028f02aca66a1d36059c0a06e498c0d904b7c88fabc856961bf2dd9ac3

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2025-Aug-12 13:14:35
Detected languages	English - United States
Debug artifacts	C:\build\output\unity\unity\artifacts\WindowsPlayer\Win_x64_VS2022_VB_nondev_i_r\WindowsPlayer_player_Master_il2cpp_x64.pdb
FileVersion	`6000.0.56.10255198`
LegalCopyright	(c) 2005-2025 Unity Technologies. All rights reserved.
ProductVersion	`6000.0.56f1 (9c7b5e468860)`

Plugin Output

Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExW`
Suspicious	The PE is possibly a dropper.	`Resources amount for 83.983% of the executable.`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`749c6f57bd2b6b72696ed675b708d6ac`
SHA1	`c99f38573387964572707a53d82e8258a922256d`
SHA256	`950320028f02aca66a1d36059c0a06e498c0d904b7c88fabc856961bf2dd9ac3`
SHA3	`00dbf17026fbf2fbe1fa0907fb96941a133e73ea8c4e5f088ab1b3d35e7a7dcb`
SSDeep	`12288:t2NCD1Jr3deUC/k7IMq5uwBE22oHkoc6+SpTdDNIglL7oybjYzbc:LbTyk7IT7coHkoT+Sp3IglL7oybjYzb`
Imports Hash	`ce1183cc150987a99aef5749f22af81e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x110`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`7`
TimeDateStamp	2025-Aug-12 13:14:35
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0xde00`
SizeOfInitializedData	`0x97200`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000001260 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xa9000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`a5e0bf1e14a18380e4aa8fcfecd45cfd`
SHA1	`320e758c261b51cdf475ac1fe2d2b8b0f65ee37a`
SHA256	`9f9a743b5e5c12b459f7533a90382644af884df3aef68c9d7ac7d662735f193e`
SHA3	`0371197b472ffeeb91e1e7c7a9605222c7eee7431b878edcb558990adc374905`
VirtualSize	`0xdc70`
VirtualAddress	`0x1000`
SizeOfRawData	`0xde00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.46141`

.rdata

MD5	`b8baf600205e6127dd7ec4e968aa12dc`
SHA1	`f20b3917384fa0b0ca1ee546bc3c4117411e5e78`
SHA256	`a913f64dead1da68ff1ad5832e7f8775453b8cdd184aafdcea6f264ca5ca8cb5`
SHA3	`881692cc8334c5bb5d819853c5c44ee4f8469d092b4242cfe792e78e857d858e`
VirtualSize	`0x977a`
VirtualAddress	`0xf000`
SizeOfRawData	`0x9800`
PointerToRawData	`0xe200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.70106`

.data

MD5	`d284f7b260ed119794375a6998c5083c`
SHA1	`0944c690e2b7841e681f55d2a731910f8019f2ef`
SHA256	`79ebad17e73900bd4dd43a932cc832e1d907346973e16ac0af549524fa4b88b3`
SHA3	`0c023444d7239a9582798618879cf6e165fcae6d6eec1051c77592814b4894ad`
VirtualSize	`0x1d78`
VirtualAddress	`0x19000`
SizeOfRawData	`0xc00`
PointerToRawData	`0x17a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`1.89847`

.pdata

MD5	`583bf012d5970545541b47ad6f1b2dc4`
SHA1	`ed34342900f8481a1f09e9f73fe8bb0d1e528eb6`
SHA256	`a7a9a284c12beceaf69e80c98bb9708078c1ee29e3581bf7c44e24e7535c04eb`
SHA3	`e57cf3023698fe8882221ba469ca26d236b8a3d44b7d67f42d621316177425fe`
VirtualSize	`0xf24`
VirtualAddress	`0x1b000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x18600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.67239`

_RDATA

MD5	`dd297010ea596c9b749ddc72fe421330`
SHA1	`3213e7a4b99366f1367f1b5dc97aa4853369a784`
SHA256	`420a70f17663b392f63eb448853ebc800a3f7cf9c6e0b78b7e421d671dd927fd`
SHA3	`f4660bd566f5561530bb0e40a752616d5a8180b7180fcf869790d48f9fb6e9bf`
VirtualSize	`0x1f4`
VirtualAddress	`0x1c000`
SizeOfRawData	`0x200`
PointerToRawData	`0x19600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.71477`

.rsrc

MD5	`f795051dd9c1572247851628a380e000`
SHA1	`bbbce2cd1342a9a22112fa7bc7366ff6d8ea74db`
SHA256	`e08fbdce5df7be568b1704583d0d95ba5ef9e8f660e5d7636137f5e9c6766b65`
SHA3	`2afef071ecf4aad4602443f34f066209784bd72789ce48ca50087af2a04c65e8`
VirtualSize	`0x8a020`
VirtualAddress	`0x1d000`
SizeOfRawData	`0x8a200`
PointerToRawData	`0x19800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.11464`

.reloc

MD5	`79918e2814a23b917e4a5494067a35d5`
SHA1	`eab8dd05e160cbff9fa1c348b6c35e7f161cf459`
SHA256	`cccb376562c958fee6ec06051a48d2c5c0232065e1000ce2d4b0775e46737238`
SHA3	`0fcd95a99b9b4e77c2e23089f450965a4028a243ef56d1928fdcfcebcc4b7120`
VirtualSize	`0x658`
VirtualAddress	`0xa8000`
SizeOfRawData	`0x800`
PointerToRawData	`0xa3a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.87002`

Imports

UnityPlayer.dll	`UnityMain`
KERNEL32.dll	`HeapAlloc` `WriteConsoleW` `QueryPerformanceCounter` `GetCurrentProcessId` `GetCurrentThreadId` `GetSystemTimeAsFileTime` `InitializeSListHead` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `IsDebuggerPresent` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetStartupInfoW` `IsProcessorFeaturePresent` `GetModuleHandleW` `CloseHandle` `RtlUnwindEx` `GetLastError` `SetLastError` `EnterCriticalSection` `LeaveCriticalSection` `DeleteCriticalSection` `InitializeCriticalSectionAndSpinCount` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `FreeLibrary` `GetProcAddress` `LoadLibraryExW` `EncodePointer` `RaiseException` `RtlPcToFileHeader` `GetStdHandle` `WriteFile` `GetModuleFileNameW` `GetCurrentProcess` `ExitProcess` `TerminateProcess` `GetModuleHandleExW` `HeapFree` `FindClose` `FindFirstFileExW` `FindNextFileW` `IsValidCodePage` `GetACP` `GetOEMCP` `GetCPInfo` `GetCommandLineA` `GetCommandLineW` `MultiByteToWideChar` `WideCharToMultiByte` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `SetStdHandle` `GetFileType` `GetStringTypeW` `FlsAlloc` `FlsGetValue` `FlsSetValue` `FlsFree` `LCMapStringW` `GetProcessHeap` `HeapSize` `HeapReAlloc` `FlushFileBuffers` `GetConsoleOutputCP` `GetConsoleMode` `SetFilePointerEx` `CreateFileW`

Delayed Imports

AmdPowerXpressRequestHighPerformance

Ordinal	`1`
Address	`0x19004`

D3D12SDKPath

Ordinal	`2`
Address	`0x19008`

D3D12SDKVersion

Ordinal	`3`
Address	`0xf320`

NvOptimusEnablement

Ordinal	`4`
Address	`0x19000`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.26393`
MD5	`ac46cf972219f09d4bc53b4756569118`
SHA1	`02a51e7a5cd9822ce55e857d3cc872589b0e5d75`
SHA256	`143638cb6bebefd8dea8c68f11c6c91d3580d7954673fc75ebef3ee7a1f17546`
SHA3	`b944bac3d239e52fbc271eb27290aae9608e8b1f1eb5694953073860b438b764`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.38287`
MD5	`2fe7da681a5a6f3358f89ca6c3408b19`
SHA1	`6ad546a2fc2ca0a0768a11b426220678e4242fc8`
SHA256	`3c3b98d74d952536bb0cac0fa2eb8adef0d3d10b7cdd0b51d24219dd537ead48`
SHA3	`190c2aebe77da79637169bf8e4922a903767f2b709bf499186e2dcc8c126c48f`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.34307`
MD5	`b8689e5b007440e7f807b5710fb31d4e`
SHA1	`469320ff2777c8406eb16c1d0eb7f34cfcfc4cf4`
SHA256	`3148c66c7b4b768550619b6a6cc349bcdd5afa6fca779a6a5cd08cf30c4517f1`
SHA3	`20fb249566a8646dda479e6b5287a4f18852a5fde61f48c59c27a7ce72e3e26c`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.24863`
MD5	`7908708cda858be774041129e817377a`
SHA1	`4d0e45c4b6ca263164b8febaf72990cb664ef446`
SHA256	`b5fd7e5d176f77916d6df97f6f683f25ce9025b57fc5c665462abb1d5be8aae0`
SHA3	`585dab92109501294cbc51f7aa494369fd2891963f80871c969add0c665d32d1`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.24226`
MD5	`f4da701fe6e0f19ecb5f85d9e759955f`
SHA1	`a485dcad979eff78354832adbc492eafe172837f`
SHA256	`7ccb1cc8157383cf87826dfe999d9bf532c3939ebbdce7f17b8840792844e720`
SHA3	`c20bb9dadf7c57c07fbdaf13a3001dbe17e157453ef46c15828bc282087f9070`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.16733`
MD5	`d7819cbeb210144c05d7c278a23b8881`
SHA1	`e180f389d8be74319cb51cfe0eead1cffbc453b8`
SHA256	`e96d450c6f78019620345526a6376a0a95d7902cdc761c48bfc9f5cc68b174ec`
SHA3	`bef29320e1d9d2fb1f7e49fe27ce320a238e7ec04948b9e5ee1d3930bd29c423`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.13505`
MD5	`0e9af656fec956877f46402d24cb1be8`
SHA1	`59dad04a175143004f2fe34a2630d9ad429a56a2`
SHA256	`24bd3b0d21569117a95fed48f0476d2b89439a5bbdff6836b357475d27b0417e`
SHA3	`ab132f3a4f1e2ea2599d1e5e84dda51ea89d2ca8c993ad4668f31ec1429d6e83`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.0969`
MD5	`6a9b57fee0cb8ab2ad4740651f6d6124`
SHA1	`9440d84ae4efd60600529293a7d350a7fc21cfb5`
SHA256	`3e76b93a9691f4d0d582d9942e7a728e40a2f23841d48cd49bc29c3bb833c211`
SHA3	`9385a9790220b65e1428b10a288eb264f484169c10b7b82722cedeedf08ad2b3`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.07476`
MD5	`ac1d59b1459d1250efba3a8102686304`
SHA1	`ad3fb2bad5ebf20784bfec4a05378312d7ea8467`
SHA256	`9772613a928b84bd04b8b3bdf0308cd60e449f3112161fc09004df92d905cdd9`
SHA3	`14cd79358fe72589c2614681d22995e8466af4831f0e3ecd76515f854a366399`

103

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.04448`
Detected Filetype	Icon file
MD5	`3bf2dac037ce87794e66ff7f054e913f`
SHA1	`52ca961fd37ad960905a681d1db5157508ef1602`
SHA256	`2a87b1f32c5d0435090c72c392b75394f706e5750eff64fd85d25e1c622ee581`
SHA3	`8454d3273522657b5926068082b2cb88f6dbf352e7e9568008c0e33c792f349b`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x214`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.48604`
MD5	`922567109185e0814f027ba837416829`
SHA1	`a970f93625c248e0437a24155a3b89aaab2ee189`
SHA256	`53c8f6c9c3a2597bdb2fbd852385e1e67850b90f69baa05e564b0fd8ebda4fcb`
SHA3	`4760999470386ac2e6a110e8ef4e8e59af9b257f05758ef7ac2725b92971b37a`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x545`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.24993`
MD5	`9df530c2f4fbe460da74e130d5d351a9`
SHA1	`f8719b6c74e0179556c1a18f214d6c1bbff8f823`
SHA256	`3c357bd1125971bda05bc59eaeca279da41715741e2535e9e75c94273b1c3a1f`
SHA3	`ce3dd46f87bd462f8730fca18daea6df444422f8d88b810aefbd7b2e62536dee`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	6000.0.56.31582
ProductVersion	6000.0.56.31582
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_UNKNOWN`
Language	English - United States
FileVersion (#2)	6000.0.56.10255198
LegalCopyright	(c) 2005-2025 Unity Technologies. All rights reserved.
ProductVersion (#2)	6000.0.56f1 (9c7b5e468860)

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2025-Aug-12 13:14:35
Version	`0.0`
SizeofData	`148`
AddressOfRawData	`0x16d58`
PointerToRawData	`0x15f58`
Referenced File	C:\build\output\unity\unity\artifacts\WindowsPlayer\Win_x64_VS2022_VB_nondev_i_r\WindowsPlayer_player_Master_il2cpp_x64.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2025-Aug-12 13:14:35
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x16dec`
PointerToRawData	`0x15fec`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2025-Aug-12 13:14:35
Version	`0.0`
SizeofData	`852`
AddressOfRawData	`0x16e00`
PointerToRawData	`0x16000`

TLS Callbacks

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140019040`

RICH Header

XOR Key	`0x7139305b`
Unmarked objects	`0`
ASM objects (28900)	`5`
C++ objects (28900)	`138`
C objects (28900)	`10`
Unmarked objects (#2)	`1`
Imports (28900)	`2`
C++ objects (33218)	`40`
C objects (33218)	`16`
ASM objects (33218)	`17`
Imports (33523)	`3`
Total imports	`89`
C++ objects (33523)	`2`
Exports (33523)	`1`
Resource objects (33523)	`1`
Linker (33523)	`1`

Errors

Leave a comment

No comments yet.