Manalyze report for d8cd190d6425732adea3cde56fae46eac0a7bb4a6d8f7d26228388900c02cc40

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2026-Feb-11 00:07:46
Detected languages	English - United States
Debug artifacts	C:\build\output\unity\unity\artifacts\WindowsPlayer\Win_x64_VS2022_VB_MT_nondev_i_r\WindowsPlayer_player_Master_il2cpp_x64.pdb
FileVersion	`6000.3.9.8034645`
LegalCopyright	(c) 2005-2026 Unity Technologies. All rights reserved.
ProductVersion	`6000.3.9f1 (7a9955a4f2fa)`

Plugin Output

Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExW`
Suspicious	The PE is possibly a dropper.	`Resources amount for 84.5615% of the executable.`
Safe	VirusTotal score: 0/71 (Scanned on 2026-03-30 22:14:50)	`All the AVs think this file is safe.`

Hashes

MD5	`26d232d9d185318fd3853efd7f6854e6`
SHA1	`b6a94cc11f42671667dabceebd3501f3cc52f06d`
SHA256	`d8cd190d6425732adea3cde56fae46eac0a7bb4a6d8f7d26228388900c02cc40`
SHA3	`9ed066a00aa7ae097e6a8e0758a03b9b0ac4193041de7f991ac06e74e5fe3ff9`
SSDeep	`6144:0aMjvuUwZp7UhL+NtEuevMcz/y50srJ9tC/FVYE16:0tVwZpIhMtqxz/yasN9tC/XE`
Imports Hash	`a136217cdd3247ff6a8766561064ca0b`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x110`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`6`
TimeDateStamp	2026-Feb-11 00:07:46
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0xce00`
SizeOfInitializedData	`0x97000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000001264 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xa7000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`457fb5274ed18adc024e01b603e258a4`
SHA1	`159fdb99c377edc82c57d34217a711578edb0e63`
SHA256	`336709c08beca21a675f029c2d588ac0cae8cc8f42422039cbb827b6284374e5`
SHA3	`7d6db62af5f0503638e32b2c5a2ebd94056e5e490598ebed73cb0495875d3499`
VirtualSize	`0xcdb0`
VirtualAddress	`0x1000`
SizeOfRawData	`0xce00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.45019`

.rdata

MD5	`e7fa216fcff052d25f27d9d20d59b87c`
SHA1	`ec98932f0ea7d7e2e4676e79916ff802e664593c`
SHA256	`8dec4128b3cd98c1c6d3dd8ceeb886c946676a8c7d1516cd0e0f32ea40bca119`
SHA3	`e753200dbfece803692a363081d86faa0e3cab949cf8e75ce0bca4190c4ca91e`
VirtualSize	`0x977c`
VirtualAddress	`0xe000`
SizeOfRawData	`0x9800`
PointerToRawData	`0xd200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.6924`

.data

MD5	`0822db25bce65451a1219de812eea533`
SHA1	`bf4c918ff2184dfeba8cd4f98b21e11d75de05e7`
SHA256	`8987031a7fb9e9ffe2b44dad568693d86af933f2b44447b6f5c1159bd0750a79`
SHA3	`83fbc2d299cd2e5b71ce2f669f319b95fcab94178c620dd04d72a1071efde7b0`
VirtualSize	`0x1d88`
VirtualAddress	`0x18000`
SizeOfRawData	`0xc00`
PointerToRawData	`0x16a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`1.90767`

.pdata

MD5	`017f81338461c6b246bdb8ce1bf5fc08`
SHA1	`aa79861d4dea94c5fd283f1359435734dfb03517`
SHA256	`d1cc88f6e981b629ad1f47d33507ac8b71f82346871b690375752ffc69c6063d`
SHA3	`e197cfb7530afb455ed4ebbd26984d4562c62ea8c9c65f07f5d04c80970ee830`
VirtualSize	`0xec4`
VirtualAddress	`0x1a000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x17600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.60208`

.rsrc

MD5	`52560a6ec5d4e526956e1a3061b177ab`
SHA1	`68ac1b960b5c0e68c032efe2fff1b110d167b744`
SHA256	`ae807c52fad113ba4699d63be5274086ad6f8818bd77618ff24620890d1e71c7`
SHA3	`42d2bb3d215d1dfabd2edad231e0ca851fb3791c2699048b6993c7ed1b9dda13`
VirtualSize	`0x8a018`
VirtualAddress	`0x1b000`
SizeOfRawData	`0x8a200`
PointerToRawData	`0x18600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.76035`

.reloc

MD5	`3ab8a3a955e5040e25556085e21a2be2`
SHA1	`f29b173f0ea430d70ff0803cbaa89fa1d4d024d9`
SHA256	`119eed3c019ffdb0bba4cee06b80d85e78a679f1bb17317cbb6a352bb4102d7a`
SHA3	`a5c3cb0725d2fd68e14265c6e03629d6270e73c1f049eb78b3e40b7b2535d802`
VirtualSize	`0x658`
VirtualAddress	`0xa6000`
SizeOfRawData	`0x800`
PointerToRawData	`0xa2800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.86735`

Imports

UnityPlayer.dll	`UnityMain2`
KERNEL32.dll	`HeapAlloc` `WriteConsoleW` `QueryPerformanceCounter` `GetCurrentProcessId` `GetCurrentThreadId` `GetSystemTimeAsFileTime` `InitializeSListHead` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `IsDebuggerPresent` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetStartupInfoW` `IsProcessorFeaturePresent` `GetModuleHandleW` `CloseHandle` `RtlUnwindEx` `GetLastError` `SetLastError` `EnterCriticalSection` `LeaveCriticalSection` `DeleteCriticalSection` `InitializeCriticalSectionAndSpinCount` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `FreeLibrary` `GetProcAddress` `LoadLibraryExW` `EncodePointer` `RaiseException` `RtlPcToFileHeader` `GetStdHandle` `WriteFile` `GetModuleFileNameW` `GetCurrentProcess` `ExitProcess` `TerminateProcess` `GetModuleHandleExW` `HeapFree` `FindClose` `FindFirstFileExW` `FindNextFileW` `IsValidCodePage` `GetACP` `GetOEMCP` `GetCPInfo` `GetCommandLineA` `GetCommandLineW` `MultiByteToWideChar` `WideCharToMultiByte` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `SetStdHandle` `GetFileType` `GetStringTypeW` `FlsAlloc` `FlsGetValue` `FlsSetValue` `FlsFree` `LCMapStringW` `GetProcessHeap` `HeapSize` `HeapReAlloc` `FlushFileBuffers` `GetConsoleOutputCP` `GetConsoleMode` `SetFilePointerEx` `CreateFileW`

Delayed Imports

AmdPowerXpressRequestHighPerformance

Ordinal	`1`
Address	`0x18004`

D3D12SDKPath

Ordinal	`2`
Address	`0x18008`

D3D12SDKVersion

Ordinal	`3`
Address	`0xe320`

NvOptimusEnablement

Ordinal	`4`
Address	`0x18000`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.3158`
MD5	`dd76d8e429eb85b4cc9ff48cee125b58`
SHA1	`31381d8c8abd49525cff44fb2391e49ed6a2ea02`
SHA256	`c010c77197370976a77b6a108b3dc1ecb00267363946393a9be8df92a85fbe7f`
SHA3	`84d53e0da7c52c55b4ddd4c1735fda56f0386d1903faaeeaa5637566bd33a694`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.10015`
MD5	`ba3036f9503a630d7e5b1cbf536f3d3c`
SHA1	`0552aaff43e63c9517f30c06bb38977692c23525`
SHA256	`9b0d3f3ec8760d964bf271a826cb67d08ca1f48cacedbb52b6919a5e9de3a1d7`
SHA3	`7738c74c7e8fbdccde5aa40871b32ba968f49271a5d63d3b444c177a19ebdd4e`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.14848`
MD5	`d1f3f9d60e22bc8c9a21115112d6e54c`
SHA1	`efbb974ac9544d74f963120ec27bf71c811f10f6`
SHA256	`3257b105cc92b02ba7f276274be480ba30f32dcf4f845ec2fa01c1ac826f8a7a`
SHA3	`e5774a1393ce09be2738596c69990478dd74d62facdbe20435b64fc2e6c9a137`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.88076`
MD5	`bc6f7e681401aad7e342785d0159cebd`
SHA1	`c43967f7deaac4f81be90b1f8ad1b19aa913706e`
SHA256	`8e07b09dc889c0cfe4f3683df4c01a714d5aae1f638d6a93450ce867a71c7a69`
SHA3	`7735d35803c453de7963ac02608a22f76531d7f6d28b78074da08fbf660cadfb`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.88087`
MD5	`5334d779eb7efa1e1d7995a20ed733d6`
SHA1	`738431dc77d68c0afa96c98b43d915072f058bba`
SHA256	`fc7eabf8db026eb70e116ea166326cc0f4752cade05a20222c1c8609b7743c22`
SHA3	`58cfe1ae9ae9d9e646e6ab1e9087fda2a64fa4abe71486ccc915d91be3ba66a2`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.938`
MD5	`13a5d6c9d0ca0e5992d37f2740962a53`
SHA1	`90f8c1bdb73b655d5c050a8ab37c012fd9bc781f`
SHA256	`9d4a3ac515e9e26dec126a8e46f0615376564cacef98942d4a8ff1ef14e2f677`
SHA3	`289d018bdda12cb2dbf29e432add07eb693d2cbe0c250afcc181d7b8fb09f8bd`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.74495`
MD5	`154a7f72a07fb1d33d116b54b8a8507a`
SHA1	`ce6f83e72776ac36bcaf56674ee1a5b0dd4838b2`
SHA256	`835fbaa26b5ae2aafdd3e256274813f2b98df73adb067013c285e5d912e82ad5`
SHA3	`4623d0ec27e7009440b9a5cf7fc64ebc109800478dad088b0c93d86b66275871`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.79804`
MD5	`7ee7637ced015612cc7ee419484c42cf`
SHA1	`acfee9e0dc266831c1746e1956d0b2191f9c812a`
SHA256	`96a3eab080e85d5fbc723c5cfc4fc32aee5cde3461d4e67ccfe8d3d49a9ef089`
SHA3	`0ca34cd05abb3146f9984eca0e0f0c178d11039cd255d817ac17c96791c916a7`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.65747`
MD5	`0c9d48e635f6ef6f4ca06905ec8d5a99`
SHA1	`55c7dee5497720d9978231a98ae8658148da390b`
SHA256	`140bc93cc2736301d6644a15f0164c0135f032a3a00f327af6f30aff4878f57b`
SHA3	`9349f56ef109d12d473c9bf173e43b3654dcb99826930e2c28d5b86ef5c5b058`

103

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.04448`
Detected Filetype	Icon file
MD5	`3bf2dac037ce87794e66ff7f054e913f`
SHA1	`52ca961fd37ad960905a681d1db5157508ef1602`
SHA256	`2a87b1f32c5d0435090c72c392b75394f706e5750eff64fd85d25e1c622ee581`
SHA3	`8454d3273522657b5926068082b2cb88f6dbf352e7e9568008c0e33c792f349b`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x20c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.54861`
MD5	`29ae93efcb89c2c181cafc8df2f11745`
SHA1	`263f313e493e991389cd0e10412132bb3cfc9b16`
SHA256	`611d8cf0851b874f309f3203a07a859e205b7abadb34cc0a1a14ac960dfacf09`
SHA3	`653e1219ce7a9dcfef9ff1d24fb25116d07f257a09b1a141d5a144d53c04a855`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x545`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.24993`
MD5	`9df530c2f4fbe460da74e130d5d351a9`
SHA1	`f8719b6c74e0179556c1a18f214d6c1bbff8f823`
SHA256	`3c357bd1125971bda05bc59eaeca279da41715741e2535e9e75c94273b1c3a1f`
SHA3	`ce3dd46f87bd462f8730fca18daea6df444422f8d88b810aefbd7b2e62536dee`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	6000.3.9.39253
ProductVersion	6000.3.9.39253
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_UNKNOWN`
Language	English - United States
FileVersion (#2)	6000.3.9.8034645
LegalCopyright	(c) 2005-2026 Unity Technologies. All rights reserved.
ProductVersion (#2)	6000.3.9f1 (7a9955a4f2fa)

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2026-Feb-11 00:07:46
Version	`0.0`
SizeofData	`151`
AddressOfRawData	`0x15d68`
PointerToRawData	`0x14f68`
Referenced File	C:\build\output\unity\unity\artifacts\WindowsPlayer\Win_x64_VS2022_VB_MT_nondev_i_r\WindowsPlayer_player_Master_il2cpp_x64.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2026-Feb-11 00:07:46
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x15e00`
PointerToRawData	`0x15000`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2026-Feb-11 00:07:46
Version	`0.0`
SizeofData	`836`
AddressOfRawData	`0x15e14`
PointerToRawData	`0x15014`

TLS Callbacks

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140018040`

RICH Header

XOR Key	`0x7914df52`
Unmarked objects	`0`
ASM objects (28900)	`5`
C++ objects (28900)	`138`
C objects (28900)	`10`
Imports (28900)	`2`
ASM objects (34321)	`9`
C objects (34321)	`16`
C++ objects (34321)	`40`
Imports (34433)	`3`
Total imports	`89`
C++ objects (34433)	`2`
Exports (34433)	`1`
Resource objects (34433)	`1`
Linker (34433)	`1`

Errors

Leave a comment

No comments yet.