Manalyze report for c2d805addf5bb005dae14f1d6ea2005b13471281b50bcc3fa30f63bb5fc1b94c

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2012-Dec-11 18:20:13
Detected languages	English - United States
Debug artifacts	C:\BuildAgent\work\14194e8ce88cdf47\build\WindowsStandalonePlayer\UnityPlayer_Symbols.pdb
FileVersion	`3.5.7.45015`
ProductVersion	`3.5.7.45015`
Unity Version	3.5.7f6_795a449bc926

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0` `MASM/TASM - sig1(h)` `Microsoft Visual C++` `Microsoft Visual C++ v6.0`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains references to system / monitoring tools: rundll32.exe` `Contains references to internet browsers: firefox.exe iexplore.exe` `Tries to detect virtualized environments: HARDWARE\DESCRIPTION\System b3 eb 36 e4 4f 52 ce 11 9f 53 00 20 af 0b a7 70` `Looks for VMWare presence: VMWare` `Accesses the WMI: root\cimv2` Contains domain names: connectiontester.unity3d.com connectiontesterbeta.unity3d.com curl.haxx.se example.com eyePosition.xyz facilitator.unity3d.com facilitatorbeta.unity3d.com http://curl.haxx.se http://curl.haxx.se/rfc/cookie_spec.html http://msdl.microsoft.com http://msdl.microsoft.com/download/symbols http://unity3d.com http://www.openssl.org http://www.openssl.org/support/faq.html light.position.xyz masterserver.unity3d.com masterserverbeta.unity3d.com microsoft.com msdl.microsoft.com openssl.org position.xyz proxy.unity3d.com proxybeta.unity3d.com unity3d.com www.openssl.org
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5` `Uses constants related to SHA1` `Uses constants related to SHA256` `Uses constants related to SHA512` `Uses constants related to AES` `Uses constants related to Blowfish` `Uses known Mersenne Twister constants` `Microsoft's Cryptography API`
Suspicious	The PE is possibly packed.	`Unusual section name found: .trace`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: LoadLibraryW LoadLibraryA GetProcAddress` `Can access the registry: RegDeleteValueA RegCreateKeyExW RegQueryValueExW RegOpenKeyExW RegSetValueExW RegCreateKeyA RegSetValueExA RegOpenKeyExA RegQueryValueExA RegCloseKey SHDeleteKeyA` `Possibly launches other programs: CreateProcessW ShellExecuteW` `Uses Microsoft's cryptographic API: CryptImportKey CryptVerifySignatureA CryptDestroyKey CryptAcquireContextA CryptCreateHash CryptReleaseContext CryptHashData CryptDestroyHash CryptGetHashParam` `Can create temporary files: CreateFileA CreateFileW GetTempPathW` `Leverages the raw socket API to access the Internet: inet_ntoa WSAStartup freeaddrinfo getsockname WSACleanup getaddrinfo closesocket inet_addr connect htons WSAGetLastError gethostname socket htonl` `Enumerates local disk drives: GetDriveTypeA` `Manipulates other processes: ReadProcessMemory` `Can take screenshots: GetDC CreateCompatibleDC BitBlt` `Can use the microphone to record audio: waveInOpen` `Reads the contents of the clipboard: GetClipboardData`
Safe	VirusTotal score: 0/72 (Scanned on 2025-11-14 11:35:47)	`All the AVs think this file is safe.`

Hashes

MD5	`971c25d36fddf68ddf37580abfe7c4da`
SHA1	`73c35b85d6964ec42494bcbd3452b2345db5339f`
SHA256	`c2d805addf5bb005dae14f1d6ea2005b13471281b50bcc3fa30f63bb5fc1b94c`
SHA3	`3b1abb00fe9ac5657013e91ceee838af6f198deb8de4e95a6d3c51393e261d0f`
SSDeep	`196608:x+OllRNuNUo87zziW9OZKx+j3Vq/anFU/Dm7K2ePwG51rKTWuC:LhuNUbfziWqKx+j3hUPwi1z`
Imports Hash	`dab54414381d1086a40cf56d5c22668d`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x118`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2012-Dec-11 18:20:13
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`9.0`
SizeOfCode	`0x724000`
SizeOfInitializedData	`0x21e800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0057021A (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x725000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.0`
ImageVersion	`0.0`
SubsystemVersion	`5.0`
Win32VersionValue	`0`
SizeOfImage	`0x945000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`0a87b2ca06ee84ba1588cc4b6d2739fc`
SHA1	`ec716969efdd2131b9ec55dad70e4d4349e6d57e`
SHA256	`933f2b939245c7db4db656ce81a734e60309d348472263a6ec6f38764add82e6`
SHA3	`0ae8f374c911c6bb45c78554386fcf37edda890f0b895b78f24ec4e2d16eb83a`
VirtualSize	`0x723edc`
VirtualAddress	`0x1000`
SizeOfRawData	`0x724000`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.74701`

.rdata

MD5	`cd208f2c6f1a10585c5981b526e36c6f`
SHA1	`ec8218add413c5911e8f0d01c26fa94f5492b706`
SHA256	`102a141d6d87ee08eef78bc4083fe5a56a35754d677f3e90678a42330c91b4a5`
SHA3	`50074e22ba5d2cba48c2c57b129ed349fd574243aee5e72afea2ebbc508d9a62`
VirtualSize	`0x11288e`
VirtualAddress	`0x725000`
SizeOfRawData	`0x112a00`
PointerToRawData	`0x724400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.99778`

.data

MD5	`889acc09682659f01c27f31d54eb452f`
SHA1	`1d2de6c113a3f154b017551bc693f1da32051a88`
SHA256	`e4717aab4f764c4edda88fec313f214b39baac8f4e2036f49ddbbf14b227bedc`
SHA3	`c88168f1c5b505c63c1e239a953b63a6963ea6fa45265bf831f445517bea4eb5`
VirtualSize	`0xae8c4`
VirtualAddress	`0x838000`
SizeOfRawData	`0x26800`
PointerToRawData	`0x836e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`5.30864`

.trace

MD5	`2440f410957dc0248480e9f295342aa1`
SHA1	`a2f5cf30d6b767025dc3cd827a1b3997a8dcda69`
SHA256	`844d856bcd1550d6c3af492c79e77be2c6e4bf793bd46c84b20fdd1680535f54`
SHA3	`a4a19a4dc9f1fde5c2f50c8d11126c89b3fa3ab4a49cd7c40359d6f0ac971945`
VirtualSize	`0x63d8`
VirtualAddress	`0x8e7000`
SizeOfRawData	`0x6400`
PointerToRawData	`0x85d600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.99685`

.rsrc

MD5	`415517f3274e9df070c79dd28e94d588`
SHA1	`3386b27534f2a7f067bee72f2414d957c2fdd4ac`
SHA256	`8a4652f1169ed6b1cd8e15c0536ae15ca699f964ad20f80909143e2ff714ad6f`
SHA3	`d0a4e0b92c7467664e440ec6603063180d2a422d5cd44ad0f6256d6110a13b70`
VirtualSize	`0x56e48`
VirtualAddress	`0x8ee000`
SizeOfRawData	`0x57000`
PointerToRawData	`0x863a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.08303`

Imports

KERNEL32.dll	`SetLastError` `ReadProcessMemory` `GetEnvironmentVariableA` `GetFileAttributesA` `GetModuleFileNameA` `GetCurrentDirectoryA` `ResumeThread` `GetThreadContext` `SuspendThread` `GetCurrentThread` `IsBadReadPtr` `SetEvent` `CreateEventA` `ResetEvent` `GetTickCount` `CopyFileW` `MoveFileExW` `FileTimeToDosDateTime` `FileTimeToLocalFileTime` `lstrlenA` `GetFileTime` `VirtualQuery` `GlobalMemoryStatus` `GetSystemTimeAsFileTime` `CreateProcessW` `IsDebuggerPresent` `SetErrorMode` `WritePrivateProfileStringW` `HeapValidate` `SetThreadAffinityMask` `TerminateThread` `WaitForMultipleObjects` `GlobalAlloc` `GlobalLock` `GlobalUnlock` `FindFirstFileW` `FindNextFileW` `RemoveDirectoryW` `DeleteFileW` `FindClose` `GetConsoleOutputCP` `WriteConsoleA` `SetEnvironmentVariableA` `CompareStringW` `CompareStringA` `GetLocaleInfoW` `GetProcessHeap` `GetStringTypeW` `GetStringTypeA` `IsValidLocale` `EnumSystemLocalesA` `GetLocaleInfoA` `GetUserDefaultLCID` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `GetEnvironmentStrings` `FreeEnvironmentStringsA` `FlushFileBuffers` `WriteFile` `SetStdHandle` `InitializeCriticalSectionAndSpinCount` `SetHandleCount` `IsValidCodePage` `GetOEMCP` `GetACP` `HeapSize` `HeapCreate` `GetCPInfo` `LCMapStringW` `LCMapStringA` `GetTimeZoneInformation` `GetConsoleMode` `SetConsoleMode` `ReadConsoleInputA` `GetDriveTypeA` `PeekNamedPipe` `GetFileInformationByHandle` `GetCurrentProcessId` `WriteConsoleW` `GetStartupInfoA` `GetCommandLineA` `OutputDebugStringA` `ExitThread` `TerminateProcess` `ExitProcess` `UnhandledExceptionFilter` `SetConsoleCtrlHandler` `RtlUnwind` `HeapFree` `HeapReAlloc` `HeapAlloc` `InterlockedDecrement` `InterlockedIncrement` `CreateSemaphoreW` `CreateMutexW` `GetModuleHandleW` `SignalObjectAndWait` `GetThreadLocale` `GetProcessAffinityMask` `FlushConsoleInputBuffer` `FindFirstFileA` `GetStdHandle` `GetFileType` `GetVersion` `GetSystemDirectoryA` `OpenEventA` `VirtualAlloc` `VirtualFree` `UnmapViewOfFile` `CreateFileA` `CreateFileMappingA` `MapViewOfFile` `GetFileAttributesW` `SetFileAttributesW` `GetFileSize` `GetLastError` `ReadFile` `CreateFileW` `SetEndOfFile` `SetFilePointer` `GetCurrentThreadId` `SleepEx` `CreateThread` `SetThreadPriority` `RaiseException` `ReleaseMutex` `WaitForSingleObject` `CreateMutexA` `TryEnterCriticalSection` `LeaveCriticalSection` `EnterCriticalSection` `DeleteCriticalSection` `InitializeCriticalSection` `QueryPerformanceFrequency` `QueryPerformanceCounter` `FormatMessageA` `LocalFree` `GetFullPathNameW` `ReleaseSemaphore` `WaitForSingleObjectEx` `Sleep` `CloseHandle` `CreateSemaphoreA` `LoadLibraryW` `LoadLibraryA` `GetProcAddress` `FreeLibrary` `WideCharToMultiByte` `CreateDirectoryW` `MultiByteToWideChar` `TlsSetValue` `lstrcmpiA` `GetFullPathNameA` `InterlockedExchange` `InterlockedCompareExchange` `GetComputerNameW` `GetTempPathW` `GetUserDefaultLangID` `GlobalMemoryStatusEx` `GetSystemInfo` `GetVersionExA` `GetModuleHandleA` `GetCurrentProcess` `ExpandEnvironmentStringsA` `CreateEventW` `DuplicateHandle` `SetUnhandledExceptionFilter` `TlsGetValue` `TlsFree` `TlsAlloc` `GetOverlappedResult` `CancelIo` `lstrlenW` `GetCommandLineW` `lstrcpynW` `lstrcpyA` `lstrcpynA` `FileTimeToSystemTime` `GetModuleFileNameW` `GetConsoleCP` `InterlockedExchangeAdd` `HeapWalk`
USER32.dll	`CloseClipboard` `SetClipboardData` `EmptyClipboard` `OpenClipboard` `GetClipboardData` `IsClipboardFormatAvailable` `SetCapture` `ReleaseCapture` `GetProcessWindowStation` `GetUserObjectInformationW` `RegisterDeviceNotificationW` `UnregisterDeviceNotification` `SystemParametersInfoW` `ClientToScreen` `DefWindowProcW` `DestroyWindow` `ReleaseDC` `GetDC` `CreateWindowExW` `MessageBoxW` `GetAsyncKeyState` `GetKeyState` `wsprintfA` `RegisterRawInputDevices` `GetRawInputData` `GetRawInputDeviceList` `GetRawInputDeviceInfoW` `SendMessageTimeoutA` `EnumWindows` `SendMessageA` `SetForegroundWindow` `ShowWindow` `IsIconic` `RegisterWindowMessageA` `GetUserObjectInformationA` `GetThreadDesktop` `GetParent` `GetWindowRect` `GetWindowLongA` `SetWindowPos` `GetClientRect` `CreateDialogParamA` `IsWindowVisible` `GetCursorPos` `WindowFromPoint` `ScreenToClient` `wvsprintfA` `MonitorFromWindow` `EnumDisplayDevicesA` `GetCaretBlinkTime` `PeekMessageA` `GetMessageA` `DispatchMessageA` `ValidateRect` `LoadImageA` `DialogBoxParamA` `IsDlgButtonChecked` `CheckDlgButton` `CreateDialogParamW` `EnableWindow` `PeekMessageW` `IsDialogMessageW` `TranslateMessage` `DispatchMessageW` `MsgWaitForMultipleObjects` `SetWindowTextW` `RegisterClassW` `PostQuitMessage` `SetWindowLongW` `GetWindowLongW` `SetFocus` `SetCursorPos` `ClipCursor` `ShowCursor` `GetFocus` `LoadCursorA` `RegisterClassExW` `DialogBoxParamW` `EndDialog` `LoadIconA` `SendDlgItemMessageW` `SetDlgItemTextA` `SetDlgItemTextW` `MessageBoxA` `CopyRect` `OffsetRect` `GetAncestor` `UnregisterClassW` `GetDesktopWindow` `EnumDisplaySettingsA` `AdjustWindowRectEx` `GetSystemMetrics` `ChangeDisplaySettingsA` `GetDlgItem` `SetWindowLongA`
GDI32.dll	`GetDeviceCaps` `ChoosePixelFormat` `SetPixelFormat` `GetObjectW` `GetGlyphOutlineW` `AddFontMemResourceEx` `CreateCompatibleDC` `GetFontUnicodeRanges` `GetObjectA` `SetTextAlign` `SetTextColor` `CreateFontIndirectW` `SelectObject` `GetTextFaceW` `EnumFontFamiliesExW` `DeleteDC` `DeleteObject` `RemoveFontMemResourceEx` `SetBkMode` `GetBitmapBits` `BitBlt` `CreateCompatibleBitmap` `CreateDCA` `SwapBuffers`
ADVAPI32.dll	`RegisterEventSourceA` `ReportEventA` `DeregisterEventSource` `CryptImportKey` `CryptVerifySignatureA` `CryptDestroyKey` `RegDeleteValueA` `GetUserNameA` `RegCreateKeyExW` `RegQueryValueExW` `RegOpenKeyExW` `RegSetValueExW` `RegCreateKeyA` `RegSetValueExA` `RegOpenKeyExA` `RegQueryValueExA` `RegCloseKey` `CryptAcquireContextA` `CryptCreateHash` `CryptReleaseContext` `CryptHashData` `CryptDestroyHash` `CryptGetHashParam`
SHELL32.dll	`ShellExecuteW` `CommandLineToArgvW` `SHGetFolderPathW`
ole32.dll	`CoUninitialize` `CoInitialize` `CoCreateGuid` `StringFromGUID2` `CoSetProxyBlanket` `CoTaskMemAlloc` `CoTaskMemFree` `CoCreateInstance`
VERSION.dll	`GetFileVersionInfoSizeW` `VerQueryValueA` `GetFileVersionInfoW` `GetFileVersionInfoA` `GetFileVersionInfoSizeA`
OPENGL32.dll	`glStencilFunc` `glIsEnabled` `glClear` `glClearStencil` `glClearDepth` `glClearColor` `glFrontFace` `glLoadMatrixf` `glMatrixMode` `glMultMatrixf` `glGetFloatv` `glColorMaterial` `glLightModeli` `glMaterialf` `glMaterialfv` `glColor4fv` `glViewport` `glScissor` `glTexEnvfv` `glBindTexture` `glTexGenfv` `glTexGeni` `glLightfv` `glLightf` `glLightModelfv` `glFogfv` `glFogf` `glFogi` `glDeleteTextures` `glFinish` `glVertex3f` `glNormal3f` `glStencilOp` `glTexCoord3f` `glBegin` `glEnd` `glReadPixels` `glLoadIdentity` `glLightModelf` `glHint` `glTexParameteri` `wglDeleteContext` `glGenTextures` `glTexImage2D` `glDrawArrays` `glReadBuffer` `glDrawBuffer` `glCopyTexSubImage2D` `glPixelStorei` `glTexSubImage2D` `glIsTexture` `glNormalPointer` `glTexCoordPointer` `glStencilMask` `glDepthFunc` `glDepthMask` `glCullFace` `glPolygonOffset` `glColorMask` `glDisable` `glColorPointer` `wglCreateContext` `wglMakeCurrent` `glGetIntegerv` `glEnable` `wglGetCurrentContext` `wglGetCurrentDC` `wglShareLists` `wglGetProcAddress` `glGetError` `glGetString` `glDrawElements` `glBlendFunc` `glAlphaFunc` `glTexEnvi` `glTexEnvf` `glDisableClientState` `glEnableClientState` `glColor4f` `glVertexPointer`
WINMM.dll	`waveOutGetDevCapsW` `waveInGetNumDevs` `waveOutPrepareHeader` `waveInReset` `waveInClose` `waveInOpen` `waveOutGetNumDevs` `waveInGetDevCapsW` `waveInGetDevCapsA` `waveInUnprepareHeader` `waveInPrepareHeader` `waveInAddBuffer` `waveOutGetPosition` `waveOutReset` `waveOutWrite` `waveOutUnprepareHeader` `waveOutOpen` `waveOutClose` `waveInStart` `timeGetTime` `timeEndPeriod` `timeBeginPeriod` `waveOutGetDevCapsA`
WS2_32.dll	`inet_ntoa` `WSAStartup` `freeaddrinfo` `getsockname` `WSACleanup` `getaddrinfo` `closesocket` `inet_addr` `connect` `htons` `WSAGetLastError` `gethostname` `socket` `htonl`
SHLWAPI.dll	`PathIsDirectoryW` `PathFileExistsW` `SHDeleteKeyA`
OLEAUT32.dll	`SysFreeString` `VariantInit` `VariantClear` `VariantChangeType` `SysStringLen` `SysAllocString`
IMM32.dll	`ImmGetContext` `ImmAssociateContext` `ImmAssociateContextEx` `ImmGetCompositionStringW` `ImmGetConversionStatus` `ImmSetOpenStatus` `ImmReleaseContext` `ImmSetCompositionStringW`
DNSAPI.dll	`DnsFree` `DnsQuery_A`
IPHLPAPI.DLL	`GetIpAddrTable`
HID.DLL	`HidP_GetData` `HidD_GetPreparsedData` `HidD_GetProductString` `HidP_GetCaps` `HidP_GetButtonCaps` `HidP_GetValueCaps` `HidP_MaxDataListLength` `HidD_FreePreparsedData` `HidD_GetHidGuid`
WSOCK32.dll	`inet_ntoa` `gethostbyaddr` `gethostbyname` `recv` `send` `select` `WSACancelAsyncRequest` `WSAAsyncGetHostByName` `listen` `bind` `accept` `ntohs` `getsockopt` `getpeername` `setsockopt` `sendto` `recvfrom` `__WSAFDIsSet` `shutdown` `WSASetLastError`
MSACM32.dll	`acmStreamSize` `acmStreamPrepareHeader` `acmStreamConvert` `acmStreamUnprepareHeader` `acmFormatSuggest` `acmStreamOpen`

Delayed Imports

AgPmDestroySourceConnection

Ordinal	`1`
Address	`0x715720`

AgPmEventEnabled

Ordinal	`2`
Address	`0x715780`

AgPmEventLoggingEnabled

Ordinal	`3`
Address	`0x7157a0`

AgPmSubmitEvent

Ordinal	`4`
Address	`0x715760`

NxCreateCoreSDK

Ordinal	`5`
Address	`0x5aa470`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.52814`
MD5	`d4dab55275a498bb7ae42fe64b3cac20`
SHA1	`ec7603fd470986f4f5ba016a6bbdb188200cce10`
SHA256	`de622050d378829794c93e21decf3f8fb183896931b9ffe82b2c37809909c332`
SHA3	`e729b65fc8e7079677ae03c8e6202e471edab5e9fb39af3bcca18d036c50c04e`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.12842`
MD5	`b7c9810d178463c416d321d07a761e76`
SHA1	`42620db6d8edac6db932681ae910faeed2fec7f9`
SHA256	`0e6d57b28649e66b23b8c31039c404be3c5ab509ee390a61d6fa5039d6bcb1b6`
SHA3	`db8f5ddf002963faeee7134ab6bf95cc7106feb62853331b6268f2c7b319815d`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.57135`
MD5	`bbd6003141761e357ba9ddb95cec5fd8`
SHA1	`9b1b017104be2601009fc439af2a0adc7a4d0873`
SHA256	`ebe5704ccacd0efb96ab334ef528ffe539d65c9dadefe27915238c48a3ead65b`
SHA3	`d59249b360dac82fc5d2965f1799e5ed9aa331f092a04880b3d5ed58939d0445`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x11da6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.98389`
Detected Filetype	PNG graphic file
MD5	`cd5921d584aeade16c35507e45e13458`
SHA1	`b6d26093431aa727a8bbbeed99f260f1ac6cd05e`
SHA256	`18cb9080ee35852fd0666e91c42843bb5abc1081911b1e9e606fdc0e5aedfb3e`
SHA3	`b20ca2d80fe5cbb9891ae0d200ca90543511a1bb075ee3908b4ecad001e31c51`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.01802`
MD5	`ca6176bddd9f2c81e31c05317addd522`
SHA1	`f94277783b4e9f95a59b2fed240368aa64c3dd14`
SHA256	`b44f52ec052fdbc4ab37c7d35520fc68ad8ef6bd06f58cda941353c58521f6d3`
SHA3	`af129ac14a0d1b0e5fd319b6ba9e0d570c4b263deda4340efa4d2399cf69e41e`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.94908`
MD5	`d55e27f4c4a8ed62ef2c12564ddc171c`
SHA1	`672821c8df84ced3d3aa51b939276fd2914edc7c`
SHA256	`d5260a21ca9e514df603b460c00b60d03d91e6f2927e730b765e41a9102c661b`
SHA3	`4d673240b016bda6981ebc2908b5f7ad7b69e620a62a9324f1a46527b327f0f9`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.87906`
MD5	`c6d0553c7380044c526052c22f4da032`
SHA1	`265b1fd4c15f7fc6a93da7ccd23fbe893b3b85b9`
SHA256	`9b5d6e2b2d7f3d3134cbe8bea08c27eaa0b2ac53e306868d773c80b33e035cb6`
SHA3	`190ddc0132082e87ee88aa1d2db4c10d445558cafd95306bc9dd57d1f27bb5a8`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.31644`
MD5	`166a2d405491c584bc3ad3fa798a11c9`
SHA1	`a76ab970f34f9efaf64c58d5b9532bd596e1776f`
SHA256	`dff289b5ab37d2a11edf3fb2944444943686ed50661ebe81cbaf23f29a8dd6b2`
SHA3	`30fecebe404bee64e92e7fac81e1a49aa7d325b370edb48695d4f8bed174256a`

9

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x124`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.99471`
MD5	`b62b6b1e4cd3054ab1b07b033356d108`
SHA1	`c0170ce1c06de46e62508e1d774d64e952cd111a`
SHA256	`6a3c71d7f89e83280ff2aa75c76d49c3239060f8ee53cfc2692e05c4fc9c7eab`
SHA3	`9e885ae1d0f740d603c9ef2ca1a92c8a61ddb587a0f50bee653496e0ac8fe4f6`

106

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.98084`
MD5	`2165d3c35627dfb0f24dfa8839b650c1`
SHA1	`5168d394292dd31902f3f8112b22cd604529f378`
SHA256	`7aa854f2b6bf3241c666d0b851ecaea27082934a4b2fa43db752591dfcf9434e`
SHA3	`395d76a75afaab97318d9ea2f3785b5ade74331f689f98e69f22f301be84d67a`

107

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.19731`
MD5	`0e6aa2292352c8f495f2e6451d67ef4b`
SHA1	`e2fa8cfad9347763200e2521d871dc3fe2733014`
SHA256	`336aeb2d43e4c8dee0a5b237f44eaa2675aa2a028d8ae09e6e528d5a457c9130`
SHA3	`fbf59c28104fc329ef6909029e4cabaf7c2c31216f1b2650bb6d144be25b0165`

108

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xdc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.23439`
MD5	`89647fd8d7ee80b9e9e46db2a1053a29`
SHA1	`10dd88f00a8f56cce48908628abe1215235f624a`
SHA256	`692985cf029eb28098357336ea128b16211fb8fb8ab3e8f90949a952a2514f65`
SHA3	`01c77f889f7bb48a0744fe4f076df03cf74591df831c9d043237c2a7a7426f3e`

109

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.09377`
MD5	`839f2e562a1f062fd873414ab28cf1d2`
SHA1	`ed961a5852bd1ac5b55fa8fd70fa8213754abc57`
SHA256	`296b7d861a9ee473d4e8a62f9d7adb025d1fbe8e61206870f426e5c870a98936`
SHA3	`6a4b1fab7319e07585d923be21a3d852ecc1988286973bf8440e25f2a35a3cd0`

103

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x76`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.78113`
Detected Filetype	Icon file
MD5	`1082a9b7a5aa69a7bd21914c1a3793ee`
SHA1	`700327a39e5ad3cb4f91c541d3eee715648fd97a`
SHA256	`91624c00082d5dd66a6e9cc923e529087a89b1d26a61ac235b230bb15a9526e9`
SHA3	`490f6b89868e918754b0442330f5645d810930d5f821518dac348962df871ba8`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1a0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.36816`
MD5	`a7a275e48f0bbaa87597766d4376ee6b`
SHA1	`f503808a6d443620d599c288b5d29cf6b948d4d1`
SHA256	`8a54aa811fb043dbeea6f8b1e1b2f24e82b2b67a949df0eb3f805e37ec483fe5`
SHA3	`46ce993650a55f721429d9457c896569fc52a78de738812d92fc07f43135b00c`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x259`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.99263`
MD5	`a96f61e092d98c5af6806d31f3c6905e`
SHA1	`ee20f6337e6cfcefb40a77db7a39cf00b4e6cf3e`
SHA256	`9048e1792df503d40fce72e1a9552c0e52e719f8a5750f6ad443b9a16df4a002`
SHA3	`2a676b7e44773421ac4a2aca02cdb22b423549cdcea5946f03e5171ef06ab378`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	3.5.7.45015
ProductVersion	3.5.7.45015
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_UNKNOWN`
Language	English - United States
FileVersion (#2)	3.5.7.45015
ProductVersion (#2)	3.5.7.45015
Unity Version	3.5.7f6_795a449bc926

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2012-Dec-11 18:20:13
Version	`0.0`
SizeofData	`114`
AddressOfRawData	`0x819f40`
PointerToRawData	`0x819340`
Referenced File	C:\BuildAgent\work\14194e8ce88cdf47\build\WindowsStandalonePlayer\UnityPlayer_Symbols.pdb

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0xe5a73df6`
Unmarked objects	`0`
150 (20413)	`8`
ASM objects (VS2008 SP1 build 30729)	`35`
ASM objects (VS2012 build 50727 / VS2005 build 50727)	`3`
C objects (VS2003 (.NET) build 4035)	`1`
C++ objects (VS2003 (.NET) build 4035)	`29`
Imports (VS2003 (.NET) build 4035)	`2`
C objects (VS2012 build 50727 / VS2005 build 50727)	`7`
Imports (VS2012 build 50727 / VS2005 build 50727)	`37`
Total imports	`537`
Unmarked objects (#2)	`326`
C++ objects (VS2008 SP1 build 30729)	`1194`
C objects (VS2008 SP1 build 30729)	`800`
Exports (VS2008 SP1 build 30729)	`1`
Linker (VS2008 build 21022)	`1`
Resource objects (VS2008 SP1 build 30729)	`1`

Errors

Leave a comment

No comments yet.