Manalyze report for aa71a5975c38c7446636e6db70321ca3d8c5cccce8ad953fb32b96d0c3ec4295

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2025-Sep-26 11:37:03
Detected languages	English - United States
Debug artifacts	C:\build\output\unity\unity\artifacts\WindowsPlayer\Win64_VS2019_nondev_m_r\WindowsPlayer_player_Master_mono_x64.pdb
FileVersion	`2022.3.62.7762112`
LegalCopyright	(c) 2005-2025 Unity Technologies. All rights reserved.
ProductVersion	`2022.3.62f2 (7670c08855a9)`

Plugin Output

Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExW`
Suspicious	The PE is possibly a dropper.	`Resources amount for 84.749% of the executable.`
Suspicious	VirusTotal score: 1/72 (Scanned on 2026-04-20 16:06:45)	`Trapmine: suspicious.low.ml.score`

Hashes

MD5	`1de86a8be057954c68eb95a71f349b67`
SHA1	`ca819fe77d60c8b394044696b271251f1c0144fa`
SHA256	`aa71a5975c38c7446636e6db70321ca3d8c5cccce8ad953fb32b96d0c3ec4295`
SHA3	`39374a686c4a6a69145ac21d888ecb8a54705d016f57befe0cf170730ccd5066`
SSDeep	`12288:R/7g4aOD8IYqMvWwNgz1BEvi5Z7S/xVXsPFrlExaSTb7eYiQOLU6P5dm3y:JFaO5YqMD61BEvi5Z7S/xVc9rlExaS/`
Imports Hash	`a136217cdd3247ff6a8766561064ca0b`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x110`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`7`
TimeDateStamp	2025-Sep-26 11:37:03
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0xca00`
SizeOfInitializedData	`0x97000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000001264 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xa8000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`e1ace82cc0f3d159779f5c95aa7e575b`
SHA1	`e4a5358996f267c921e5d996de44f3525bb042ed`
SHA256	`bec109031034001337c9be3c07e16f6fab9c862313fc1f8fb0699672e09c63a4`
SHA3	`449bef44a9ee4a68767a70da31c7ceb6aa3d1da49237a84227bbfb02c7e428a2`
VirtualSize	`0xc8b0`
VirtualAddress	`0x1000`
SizeOfRawData	`0xca00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.41019`

.rdata

MD5	`3968e717f74350a1e572417731491393`
SHA1	`900495159060a8bdd1d091ffc28d69a62786a219`
SHA256	`b85ddb43cdfcf1d57aeef685f86b2443b5d2ee1e4e539cd1c9b99fd7c69f07c4`
SHA3	`626b582315f0c8dfccfed470c899340f9a4904c7a804563fe1b36454f6b4ec2b`
VirtualSize	`0x948c`
VirtualAddress	`0xe000`
SizeOfRawData	`0x9600`
PointerToRawData	`0xce00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.65435`

.data

MD5	`90815aa5dc65a7dd3f93bad1bd78a77e`
SHA1	`608f3e69047b216dda6b0df73c30912e2fef5544`
SHA256	`435cb9af1df25f501f68a9700182c4d25de99c3f8e8c1ba6b16c0ca98911ff87`
SHA3	`e5ea90d4dd767bfa3d88e3fa2e107c2e40cac10f43498d5abd74f15888477d18`
VirtualSize	`0x1d38`
VirtualAddress	`0x18000`
SizeOfRawData	`0xc00`
PointerToRawData	`0x16400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`1.87032`

.pdata

MD5	`6e619149c26d436c6f07193ff1e8032b`
SHA1	`70aea7c26eff6d7619bd6a5a97ab259d68dd24f5`
SHA256	`48cb5fb202e79c0b8da5091cb440a9068502b37c8e4200eb78df617ae99fd024`
SHA3	`196183a21caf69a7292ff77b288d707ce7d63e2b887053ae1bc258b99d1e36f0`
VirtualSize	`0xef4`
VirtualAddress	`0x1a000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x17000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.62125`

_RDATA

MD5	`f87f407c2a1cab208757ad1d23a2de6f`
SHA1	`cd739c36958f9ba7505883ae868f1a6ca71e880f`
SHA256	`6e4ba525d12ef66132e0738191d3a928ba74c0091a6f82bc48f892a41e2fc242`
SHA3	`0611ad194d9c623281cb358dbc2f2d28bb01b6eab682677ec8d16136d74414ab`
VirtualSize	`0x94`
VirtualAddress	`0x1b000`
SizeOfRawData	`0x200`
PointerToRawData	`0x18000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`1.11888`

.rsrc

MD5	`5c92289455eb21e056d81510096bd814`
SHA1	`6fa1ca9475e67208c2c724a5c2747c1e37f8d13c`
SHA256	`342f3169d727b23e8af84d360250ef00908d5cba2d224c023ce9a1c277b0a429`
SHA3	`3a17b6afa65f3f136929f30dfa7e9e3d5a8148ae1dc6e04d35478cca42ce63d2`
VirtualSize	`0x8a198`
VirtualAddress	`0x1c000`
SizeOfRawData	`0x8a200`
PointerToRawData	`0x18200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.34553`

.reloc

MD5	`ef1e558d46106d87320dd822be1ddc48`
SHA1	`10f7b05d107451bd01cf446da512c619fc35bf50`
SHA256	`34d7b771018e478ba05cd24ec377fd34919d65ec63c43f49e1ab319785368929`
SHA3	`cc295f58e62efe5c59cad1febf1ce620404450135f442c20ba55235b492ddac9`
VirtualSize	`0x654`
VirtualAddress	`0xa7000`
SizeOfRawData	`0x800`
PointerToRawData	`0xa2400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.84209`

Imports

UnityPlayer.dll	`UnityMain2`
KERNEL32.dll	`HeapAlloc` `WriteConsoleW` `QueryPerformanceCounter` `GetCurrentProcessId` `GetCurrentThreadId` `GetSystemTimeAsFileTime` `InitializeSListHead` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `IsDebuggerPresent` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetStartupInfoW` `IsProcessorFeaturePresent` `GetModuleHandleW` `CloseHandle` `RtlUnwindEx` `GetLastError` `SetLastError` `EnterCriticalSection` `LeaveCriticalSection` `DeleteCriticalSection` `InitializeCriticalSectionAndSpinCount` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `FreeLibrary` `GetProcAddress` `LoadLibraryExW` `EncodePointer` `RaiseException` `RtlPcToFileHeader` `GetStdHandle` `WriteFile` `GetModuleFileNameW` `GetCurrentProcess` `ExitProcess` `TerminateProcess` `GetModuleHandleExW` `HeapFree` `FindClose` `FindFirstFileExW` `FindNextFileW` `IsValidCodePage` `GetACP` `GetOEMCP` `GetCPInfo` `GetCommandLineA` `GetCommandLineW` `MultiByteToWideChar` `WideCharToMultiByte` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `SetStdHandle` `GetFileType` `GetStringTypeW` `FlsAlloc` `FlsGetValue` `FlsSetValue` `FlsFree` `LCMapStringW` `GetProcessHeap` `HeapSize` `HeapReAlloc` `FlushFileBuffers` `GetConsoleOutputCP` `GetConsoleMode` `SetFilePointerEx` `CreateFileW`

Delayed Imports

AmdPowerXpressRequestHighPerformance

Ordinal	`1`
Address	`0x18004`

NvOptimusEnablement

Ordinal	`2`
Address	`0x18000`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.27319`
MD5	`53ab34964972454fedb28bd7b1f9840a`
SHA1	`585104bac1c1fa1e3b889f06cd835847f07d5ff6`
SHA256	`84215fe054087fa6dfbff7546d1a2a5c94c6f3a4b645c60866c151a8fce8ea22`
SHA3	`f0394504207dc6bb704411d1083dff77c375be54bcbf603f62f86e525092dfb8`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.34023`
MD5	`5adbee3ddf625b7a36c18433859ae191`
SHA1	`bcbc737bcae7bffe8dc08e225dfa48b1d92df542`
SHA256	`d73c21808e3744b27c1ebaf6cf6c13df63b6cbd6e4e4973031a7a6528961e12f`
SHA3	`2f59ecbdef936445f14814d03cde36a5d1d8197ebea2273ea3304293e38f61a6`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.41826`
MD5	`5b8235f93dd0dfe38fb0e34b2435b776`
SHA1	`5ff2683159d15214117c43fe372b1476d81e9d36`
SHA256	`15dcad42fbad9a796bfdcacb3f329712c1a7b29d1583c1c3961a3489c19a4349`
SHA3	`ab1a2c4458f76a96fd4636ed411b388476c4c82d61653525138d2eeb02f45204`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.45916`
MD5	`612c3038cf48ee513b284e414b2f93e7`
SHA1	`23a503a55c5c28ee87b4a50a824fefa60347a9cc`
SHA256	`3c467995be8120bf9e053786751b0ccfd24e9e76ebc45dcee4e96435901a8ecf`
SHA3	`254f38452f0c7faac91e11d56860a4c4d1ced96d07c32aaf0ff655d7038af924`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.49982`
MD5	`b1662bdff7b72a9620a664f68feb9a52`
SHA1	`02c002756cf51f3d6ba40ade658dc6ae23d22269`
SHA256	`4b616e0caf4576bffeaae0a2dd2bba8defb31eccd8a1f2a5d75c8f13fb089c7d`
SHA3	`3d57245cd6764ccf7404e7e15de0ea2cb21668e8f3d5f63ff7abdbdb667b9b02`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.48984`
MD5	`091d6d9089ec7249b0eb4041cc7dec20`
SHA1	`c83c829bf9e0464ab1ce0ac0c36188545fa7f8e9`
SHA256	`b63c3108ace6d86ac7f104af585f6c0006236485c44ac0d4262fbcb52f9d0e7b`
SHA3	`9cf17523f69b5689aea0685571e710d35a6ee564741d6134a24f427f390e28ff`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.53521`
MD5	`60af9c17a111c4763805ab7bbe1bb0e5`
SHA1	`2a6138fd5ee58e50ba8556faa1cc00e322d7be36`
SHA256	`b8bda39a1107d0da83004f3e545a6d201dfc2fb5ab615d5851324764e38222a4`
SHA3	`a0f3662ae726a79515a2188667d91c5c0933ab5dc32564d1732f9abb2ccc06cd`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.47393`
MD5	`041fa2572192d09e978b7e55a804a043`
SHA1	`22781adde530047005070fcd0b6b540540664021`
SHA256	`da9ea02ef8c4990417baf9fca1f04bf407b084475e62184eff2467dd2fee448c`
SHA3	`7709ca89d23a379bb29d44ec1aa1c7eaf9dc767e39cf32d82eaca9a9004b77d4`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.27409`
MD5	`0174ffe74705bf0ec0720cda36726ded`
SHA1	`47400db65bfa0bd36a6cc529317a5e10bb18b6f9`
SHA256	`383b8abef0f18b7c342fdb5dc4e3598db5a5779d4da519a102c09f45d8c75ddc`
SHA3	`04083d88ac8d252dc4c81ae78cd8d367de9045494391e06d0f7bc750e7646c09`

103

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.04448`
Detected Filetype	Icon file
MD5	`f7731730720cfe035cf030b40d0e2eb6`
SHA1	`d046e23f2ee2b93ad96be8e1dc9120ecf3915091`
SHA256	`5c92a41adaf3265071482fd1a182ae8702c168636a7d9ff51798ee3a1dfc8500`
SHA3	`6f2d12e4c63c131a3f7f48293996e2be05da351536d013affe5d2265965ce657`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x210`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.55946`
MD5	`a817f5c1ee4993dc4fb84fbfc5cbd0bb`
SHA1	`ffb6bbc9ea4d9108b994b5b4d71fc558827c88a6`
SHA256	`4a7fde3055000864489cc4abddfe9a8c5dfbd3b0129f76c59e1b5068b2c8459d`
SHA3	`86d49d4ea4b0e3900b5aa666f910c3aff9973b8e17aa1aac4a9b04dc06fd3953`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6c1`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.37708`
MD5	`aab7e8aafe7b06ab3d003b54ab5e18ed`
SHA1	`dccf0408f43059df37b755f3241a8b4b35c728af`
SHA256	`fb88b19523afd8fed48eddfd10805a3a0a45997bbf8fac04d595ddf93c1a88a8`
SHA3	`a981b8e907b79cd9448766ace938dfd96560d11c29e6ba165912a8508bd52ca7`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2022.3.62.28864
ProductVersion	2022.3.62.28864
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_UNKNOWN`
Language	English - United States
FileVersion (#2)	2022.3.62.7762112
LegalCopyright	(c) 2005-2025 Unity Technologies. All rights reserved.
ProductVersion (#2)	2022.3.62f2 (7670c08855a9)

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2025-Sep-26 11:37:03
Version	`0.0`
SizeofData	`141`
AddressOfRawData	`0x15aec`
PointerToRawData	`0x148ec`
Referenced File	C:\build\output\unity\unity\artifacts\WindowsPlayer\Win64_VS2019_nondev_m_r\WindowsPlayer_player_Master_mono_x64.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2025-Sep-26 11:37:03
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x15b7c`
PointerToRawData	`0x1497c`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2025-Sep-26 11:37:03
Version	`0.0`
SizeofData	`768`
AddressOfRawData	`0x15b90`
PointerToRawData	`0x14990`

TLS Callbacks

Load Configuration

Size	`0x138`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140018030`

RICH Header

XOR Key	`0xe5e06b0d`
Unmarked objects	`0`
ASM objects (28900)	`5`
C++ objects (28900)	`138`
C objects (28900)	`10`
Imports (28900)	`2`
C++ objects (VS 2015/2017/2019 runtime 29118)	`39`
C objects (VS 2015/2017/2019 runtime 29118)	`16`
ASM objects (VS 2015/2017/2019 runtime 29118)	`9`
Imports (VS2019 Update 8 (16.8.0-1) compiler 29333)	`3`
Total imports	`89`
C++ objects (VS2019 Update 8 (16.8.0-1) compiler 29333)	`3`
Exports (VS2019 Update 8 (16.8.0-1) compiler 29333)	`1`
Resource objects (VS2019 Update 8 (16.8.0-1) compiler 29333)	`1`
Linker (VS2019 Update 8 (16.8.0-1) compiler 29333)	`1`

Errors

Leave a comment

No comments yet.