Manalyze report for c1cc12823c5deb376e26348850d51b1e1b8b533bc63ee44aa6ca437b91db4931

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2025-Aug-26 23:45:04
Detected languages	English - United States
Debug artifacts	C:\build\output\unity\unity\artifacts\WindowsPlayer\Win_x64_VS2022_VB_nondev_m_r\WindowsPlayer_player_Master_mono_x64.pdb
FileVersion	`6000.2.3.13067150`
LegalCopyright	(c) 2005-2025 Unity Technologies. All rights reserved.
ProductVersion	`6000.2.3f1 (c7638eb16d91)`

Plugin Output

Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExW`
Suspicious	The PE is possibly a dropper.	`Resources amount for 84.5615% of the executable.`
Safe	VirusTotal score: 0/71 (Scanned on 2026-04-09 11:41:03)	`All the AVs think this file is safe.`

Hashes

MD5	`d5cd54e313b817e17de4eb7677635952`
SHA1	`beb24781edbd964cf99b0209f1d67e56497ff97f`
SHA256	`c1cc12823c5deb376e26348850d51b1e1b8b533bc63ee44aa6ca437b91db4931`
SHA3	`0e54df0a5dde626fcde3f854df556fbb8491730450af65a9664a3e5730322b5e`
SSDeep	`6144:NaEjvuUwZpMKLgMEbKdWKeahmq+KKRKKmK0VKKrKKMKgKFdb7gKKKsKKGKPHKKK:NdVwZpTXNbuVIS9c2D2`
Imports Hash	`ce1183cc150987a99aef5749f22af81e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x110`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`6`
TimeDateStamp	2025-Aug-26 23:45:04
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0xce00`
SizeOfInitializedData	`0x97000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000001260 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xa7000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`de2fa207587e49351b25984084dad33f`
SHA1	`ca987746b7aaf1c692abf79d76fd7fc6d9851078`
SHA256	`c774ab15f3e55ff14b15bcb69275ae5cd4f91f9021a9ee2249d81eb42d22e699`
SHA3	`0254855c981c2fda6b68fad2f3ab92b1fad380e181b4615a287303861eade96a`
VirtualSize	`0xcdb0`
VirtualAddress	`0x1000`
SizeOfRawData	`0xce00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.44999`

.rdata

MD5	`1cd85fc03c5c555914541a02bda39079`
SHA1	`d80197c7e2fed905bedb3a627203e8dc80c82509`
SHA256	`8d856f2b447ea0daccd655cf1faf2d783f02dbc5a6df7e4c8f203975bd971dc3`
SHA3	`73517a25955fbaf1d912196025d563e07548eceadf0ef873886edf70b3b9caef`
VirtualSize	`0x977a`
VirtualAddress	`0xe000`
SizeOfRawData	`0x9800`
PointerToRawData	`0xd200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.69088`

.data

MD5	`0822db25bce65451a1219de812eea533`
SHA1	`bf4c918ff2184dfeba8cd4f98b21e11d75de05e7`
SHA256	`8987031a7fb9e9ffe2b44dad568693d86af933f2b44447b6f5c1159bd0750a79`
SHA3	`83fbc2d299cd2e5b71ce2f669f319b95fcab94178c620dd04d72a1071efde7b0`
VirtualSize	`0x1d88`
VirtualAddress	`0x18000`
SizeOfRawData	`0xc00`
PointerToRawData	`0x16a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`1.90767`

.pdata

MD5	`1668cb26312458ae49753d766d4ea3c0`
SHA1	`f343709453dc68f1c7a8467c2be75ee428a4a25d`
SHA256	`204c65418c3f3b79e811cdf500a53c1cfd6a937bd6ad94f75e86e250193cb68c`
SHA3	`318a82e16b48c99663b615f1b5fda62041a71e288671b0629305606d965d4d14`
VirtualSize	`0xec4`
VirtualAddress	`0x1a000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x17600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.60721`

.rsrc

MD5	`18d3725ad36a11fd339fc09358991179`
SHA1	`d2fac1bf9d712c68f246522370ccbbad2768fecc`
SHA256	`dd6b9b3dfbf9ab93e0ddfbe9280a4a9895c5783097c450464e5f228692b340a9`
SHA3	`bad34590864e5bb0af09aba649fe212fa86847c8b705cdfdbdd0cd453cf6bf3c`
VirtualSize	`0x8a018`
VirtualAddress	`0x1b000`
SizeOfRawData	`0x8a200`
PointerToRawData	`0x18600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.27276`

.reloc

MD5	`3ab8a3a955e5040e25556085e21a2be2`
SHA1	`f29b173f0ea430d70ff0803cbaa89fa1d4d024d9`
SHA256	`119eed3c019ffdb0bba4cee06b80d85e78a679f1bb17317cbb6a352bb4102d7a`
SHA3	`a5c3cb0725d2fd68e14265c6e03629d6270e73c1f049eb78b3e40b7b2535d802`
VirtualSize	`0x658`
VirtualAddress	`0xa6000`
SizeOfRawData	`0x800`
PointerToRawData	`0xa2800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.86735`

Imports

UnityPlayer.dll	`UnityMain`
KERNEL32.dll	`HeapAlloc` `WriteConsoleW` `QueryPerformanceCounter` `GetCurrentProcessId` `GetCurrentThreadId` `GetSystemTimeAsFileTime` `InitializeSListHead` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `IsDebuggerPresent` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetStartupInfoW` `IsProcessorFeaturePresent` `GetModuleHandleW` `CloseHandle` `RtlUnwindEx` `GetLastError` `SetLastError` `EnterCriticalSection` `LeaveCriticalSection` `DeleteCriticalSection` `InitializeCriticalSectionAndSpinCount` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `FreeLibrary` `GetProcAddress` `LoadLibraryExW` `EncodePointer` `RaiseException` `RtlPcToFileHeader` `GetStdHandle` `WriteFile` `GetModuleFileNameW` `GetCurrentProcess` `ExitProcess` `TerminateProcess` `GetModuleHandleExW` `HeapFree` `FindClose` `FindFirstFileExW` `FindNextFileW` `IsValidCodePage` `GetACP` `GetOEMCP` `GetCPInfo` `GetCommandLineA` `GetCommandLineW` `MultiByteToWideChar` `WideCharToMultiByte` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `SetStdHandle` `GetFileType` `GetStringTypeW` `FlsAlloc` `FlsGetValue` `FlsSetValue` `FlsFree` `LCMapStringW` `GetProcessHeap` `HeapSize` `HeapReAlloc` `FlushFileBuffers` `GetConsoleOutputCP` `GetConsoleMode` `SetFilePointerEx` `CreateFileW`

Delayed Imports

AmdPowerXpressRequestHighPerformance

Ordinal	`1`
Address	`0x18004`

D3D12SDKPath

Ordinal	`2`
Address	`0x18008`

D3D12SDKVersion

Ordinal	`3`
Address	`0xe320`

NvOptimusEnablement

Ordinal	`4`
Address	`0x18000`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.87443`
MD5	`21d139256366e5958007257cd97fdb51`
SHA1	`dd2e3ef9bbba1f482656208963fd79befa7bf14d`
SHA256	`b5ba667d2603de364a5b1ed7123c40636de08cd478696c1cf8d87b3960206dbb`
SHA3	`3961e0eb4e29949ba74df92f6b7c4ee7459d8583c19b1c0eee79cece7443f548`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.84693`
MD5	`5051a096e5ef6bdd210bcf889effe5e3`
SHA1	`b3e9c0cf186fab7e8a30cfec05c573905674f293`
SHA256	`0d2f012d7374e5e7071ad53852a6a9a504ba94a341ca3bd74385e81c3a154eed`
SHA3	`e4e638b9a7974e51f7138c4c4e151e774e039c695e2a64f6147cf47a7ae1defd`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.73704`
MD5	`9d8202afe2abd6c74a1ac0c341cc7356`
SHA1	`017d0d53dfcbfa6fd73d1bf452832ded2fc624b3`
SHA256	`36b8659b9a562a47e453e2683ab3ceacec0e7a9e1a250d6858fb28c75bfc51dc`
SHA3	`564ea636a871c4e4b2a405a067f141f6e9f3f219827c3c06704193f3befa3e4e`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.53262`
MD5	`044a612bb332a267d280596c031b9d66`
SHA1	`cc6a4ebb8f41568b75cd07099f7bbbfeca7ebd37`
SHA256	`467e03a449c1c0ad4e7e398846247dbcd43cb48e208424367086ca4db454b939`
SHA3	`830f8b6bbf8aaf07374f8c5560bb6f238a641c1387cabb745fe7627c12055444`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.4161`
MD5	`f5437dd6a286d1b0ee2a21a150e30c99`
SHA1	`945eee99fed734e87574dcb2758b66fc7467f93f`
SHA256	`16b6843c78654b94105d4d13dbf0cfba4db9ef1adf87eedec9a3fd53a7f10ea0`
SHA3	`20165fa0a4f13e9f6e71496da1ff618c84d76d074115c5a9e522fa5c3a2bc841`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.19469`
MD5	`28f1dee37b7ffdbdfc15e7dc3b16a06b`
SHA1	`df9c64f412a06320e23ce4a507706a25e5f2bd82`
SHA256	`e6041a13658d024c7507acf1ff5a5f0a71846063b0c06e6e460d55a26ca6cb18`
SHA3	`2111ece8dea61ad3b582b7b5887edd0fd8374da554bff1638667e046425de02c`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.66606`
MD5	`7a36d8f26e64a8d0f89727e9254003c4`
SHA1	`784628b1d42c4592cfc593f64c08865c8b00acd6`
SHA256	`94fac2c65bc728bf733278452e56cec3b9a9882881ca3d248fff3ba3cb305ecd`
SHA3	`53b8b002045c5d3c8748db9e95058ce5c09ceeb38d8099967be9e3c76198b373`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.3093`
MD5	`1cda633d9b58a5b82d8f31084b21214f`
SHA1	`107878e1e32f6d513040b5f19d32e6f1e8c66db1`
SHA256	`ed9d52fc170f8e20e1f204dc79ad6749a4543b5723ab027acf7d04065de31474`
SHA3	`d7194493e2b3018ebcc8006e0ab2f6b632b2ffd50033b0c9672bb9734eb87d7a`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.28939`
MD5	`b5fe7237bb45e1b62096808545a36b49`
SHA1	`0c8424aa6a58c27f0f3aff9eb1ef78d7fe255ead`
SHA256	`cba67cebaaf00c5ed3f5958d1f39d54cbf3fcbf6f4769a3a8e1dd9f73e00f23a`
SHA3	`30b39d796efc0bc85890064b2d3f6f2ca9bced272d701eade59342576295fd0d`

103

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.04448`
Detected Filetype	Icon file
MD5	`3bf2dac037ce87794e66ff7f054e913f`
SHA1	`52ca961fd37ad960905a681d1db5157508ef1602`
SHA256	`2a87b1f32c5d0435090c72c392b75394f706e5750eff64fd85d25e1c622ee581`
SHA3	`8454d3273522657b5926068082b2cb88f6dbf352e7e9568008c0e33c792f349b`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x20c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.55599`
MD5	`14762773acafcbe74079d69c9a55066c`
SHA1	`6e431fac8da9c3cc63956f3ec10c9878cafcc8b3`
SHA256	`fefe68140e21fa2073a538d927cd832a2c5c1c1fe6aead0660ec037c2f6c9d5f`
SHA3	`dd05fe42eeca3c9e31ef0005a11e5b31a825638a3e7e30c942f2f6d7bd81cba1`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x545`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.24993`
MD5	`9df530c2f4fbe460da74e130d5d351a9`
SHA1	`f8719b6c74e0179556c1a18f214d6c1bbff8f823`
SHA256	`3c357bd1125971bda05bc59eaeca279da41715741e2535e9e75c94273b1c3a1f`
SHA3	`ce3dd46f87bd462f8730fca18daea6df444422f8d88b810aefbd7b2e62536dee`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	6000.2.3.25486
ProductVersion	6000.2.3.25486
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_UNKNOWN`
Language	English - United States
FileVersion (#2)	6000.2.3.13067150
LegalCopyright	(c) 2005-2025 Unity Technologies. All rights reserved.
ProductVersion (#2)	6000.2.3f1 (c7638eb16d91)

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2025-Aug-26 23:45:04
Version	`0.0`
SizeofData	`146`
AddressOfRawData	`0x15d68`
PointerToRawData	`0x14f68`
Referenced File	C:\build\output\unity\unity\artifacts\WindowsPlayer\Win_x64_VS2022_VB_nondev_m_r\WindowsPlayer_player_Master_mono_x64.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2025-Aug-26 23:45:04
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x15dfc`
PointerToRawData	`0x14ffc`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2025-Aug-26 23:45:04
Version	`0.0`
SizeofData	`836`
AddressOfRawData	`0x15e10`
PointerToRawData	`0x15010`

TLS Callbacks

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140018040`

RICH Header

XOR Key	`0x7914df52`
Unmarked objects	`0`
ASM objects (28900)	`5`
C++ objects (28900)	`138`
C objects (28900)	`10`
Imports (28900)	`2`
ASM objects (34321)	`9`
C objects (34321)	`16`
C++ objects (34321)	`40`
Imports (34433)	`3`
Total imports	`89`
C++ objects (34433)	`2`
Exports (34433)	`1`
Resource objects (34433)	`1`
Linker (34433)	`1`

Errors

Leave a comment

No comments yet.