Manalyze report for db01f7315c409ba51c0c0415e37d2d746b8a7e0ba1bef7f1ce93dd241c706f6c

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2024-Jun-26 10:44:26
Detected languages	English - United States
Debug artifacts	C:\build\output\unity\unity\artifacts\WindowsPlayer\Win32_VS2019_nondev_m_r\WindowsPlayer_player_Master_mono_x86.pdb
FileVersion	`2022.3.35.70150`
LegalCopyright	(c) 2005-2024 Unity Technologies. All rights reserved.
ProductVersion	`2022.3.35f1 (011206c7a712)`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExW`
Suspicious	The PE is possibly a dropper.	`Resources amount for 86.8838% of the executable.`
Safe	VirusTotal score: 0/75 (Scanned on 2024-08-29 04:11:13)	`All the AVs think this file is safe.`

Hashes

MD5	`0bbcb690f785b4f0857280ccc42eb621`
SHA1	`f827071c9844173490074c27721022f44af867ac`
SHA256	`db01f7315c409ba51c0c0415e37d2d746b8a7e0ba1bef7f1ce93dd241c706f6c`
SHA3	`a2c3aaa4a4c66021a8d061f42abccca531e951707628b3467ece77db74612b5b`
SSDeep	`12288:sKQGzu2BXIrlM+4CQh2VLt0Ua/saW1yNbx4/lJydxBk+xPSIZX:sKhiCCW2VLt05/saW1uK/l0dbk+9SE`
Imports Hash	`5a8eaca2597eda714e0dcf5fae7d0a60`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x108`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2024-Jun-26 10:44:26
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`14.0`
SizeOfCode	`0xcc00`
SizeOfInitializedData	`0x92800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000125D (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0xe000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xa2000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`0e98fe37c1f52fd9d1e19118be3e0c1d`
SHA1	`3025f8228bbcbca51d83f3fa438cf35227ef1d4a`
SHA256	`3a78c65334d81957c57ee3d518e5ee68a7dbce1e10359640f0d26da53c303f4b`
SHA3	`4c6092657b38dc291b233988aff11f82bf0291ec76b1f13878c8d277ce943a80`
VirtualSize	`0xcbba`
VirtualAddress	`0x1000`
SizeOfRawData	`0xcc00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.64662`

.rdata

MD5	`5e5527a8bc63805d9b96e75d3afe91b1`
SHA1	`576532b01909fea803d42401625a52cebcfc16b8`
SHA256	`b49c66bb0df7a5708a71e5cd019d39af2d553f58962bad559bbdd60b09ff7dbe`
SHA3	`2d0e0f254c727256ebf33d524fffb65ce6a3ed5157ad5eda32e041717d466483`
VirtualSize	`0x5e58`
VirtualAddress	`0xe000`
SizeOfRawData	`0x6000`
PointerToRawData	`0xd000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.77993`

.data

MD5	`8f0a0877cf44bb5c11ce6643765d7a62`
SHA1	`a645b746c0b24692c9afd59d77516a435937faec`
SHA256	`c2a929c388aa4855d736c750e95dda554938d66a6439974badceb9dea489c514`
SHA3	`47557597f59855422965bc790e782ffd7e2b87b1ac3bddbf0b791755da1c7204`
VirtualSize	`0x140c`
VirtualAddress	`0x14000`
SizeOfRawData	`0xa00`
PointerToRawData	`0x13000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.0403`

.rsrc

MD5	`3063f106bc952723d2766dbb049b6888`
SHA1	`f8f78ff6f6d41ad8344226ab316a546d98da45a7`
SHA256	`c4746e80eb659242e4bf07302b5357d1e985a9f59c849082a85215317448543b`
SHA3	`21fc9601c58b717d71898454b26f5eff8db43ef011e391b0c30070ee6486fd28`
VirtualSize	`0x8a198`
VirtualAddress	`0x16000`
SizeOfRawData	`0x8a200`
PointerToRawData	`0x13a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.04158`

.reloc

MD5	`e22aae0a3970c6757c75bcb2625cdfb2`
SHA1	`d3878273d918ef8776e9a4773ab8c4cd81db6c16`
SHA256	`bbb1c85235d87d890f45b8e7d339b2dbfbccd54fe973acd467a0f87b607262f3`
SHA3	`ef31419514fe7fed048789b58c35e739559cc258b3405966c5c32c2304d2f9d1`
VirtualSize	`0xee0`
VirtualAddress	`0xa1000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x9dc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.31048`

Imports

UnityPlayer.dll	`UnityMain`
KERNEL32.dll	`HeapAlloc` `WriteConsoleW` `QueryPerformanceCounter` `GetCurrentProcessId` `GetCurrentThreadId` `GetSystemTimeAsFileTime` `InitializeSListHead` `IsDebuggerPresent` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetStartupInfoW` `IsProcessorFeaturePresent` `GetModuleHandleW` `GetCurrentProcess` `TerminateProcess` `CloseHandle` `RtlUnwind` `GetLastError` `SetLastError` `EnterCriticalSection` `LeaveCriticalSection` `DeleteCriticalSection` `InitializeCriticalSectionAndSpinCount` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `FreeLibrary` `GetProcAddress` `LoadLibraryExW` `EncodePointer` `RaiseException` `GetStdHandle` `WriteFile` `GetModuleFileNameW` `ExitProcess` `GetModuleHandleExW` `DecodePointer` `HeapFree` `FindClose` `FindFirstFileExW` `FindNextFileW` `IsValidCodePage` `GetACP` `GetOEMCP` `GetCPInfo` `GetCommandLineA` `GetCommandLineW` `MultiByteToWideChar` `WideCharToMultiByte` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `SetStdHandle` `GetFileType` `GetStringTypeW` `LCMapStringW` `GetProcessHeap` `HeapSize` `HeapReAlloc` `FlushFileBuffers` `GetConsoleOutputCP` `GetConsoleMode` `SetFilePointerEx` `CreateFileW`

Delayed Imports

AmdPowerXpressRequestHighPerformance

Ordinal	`1`
Address	`0x14004`

NvOptimusEnablement

Ordinal	`2`
Address	`0x14000`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.96164`
MD5	`5a12b51fca24941c17b4a0c461cf9ee3`
SHA1	`555565cd0c6c322cddc7965921a1059fbb394ff9`
SHA256	`84d3a1d17b106a8460008f9254eb3bd9485e42d8d153738ea526e7911d8c6703`
SHA3	`ee079e063d44974000b59498df7527eb78b98144dec2a09f32b56dae1fa2d996`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.03714`
MD5	`b2e4d4e50dcad82cb38cf863abe24f31`
SHA1	`58c6486d74a121731a01bdf4905d6fedfd6aae7b`
SHA256	`ec53b1f358e2605e98e7877239fd82095a160ce27300c1651aa8dbe3475f56f8`
SHA3	`d03f7a736d925156108b4943d893dfc64e860f5fbfbb3d8004cc76f50ce985aa`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.05987`
MD5	`6a9b66a73b4192bc2b18e5629a32fb8d`
SHA1	`17c2fea5956fc5b47667a30ce023343550300067`
SHA256	`de1383e96638dafa0f1aa6b0b4834e1a0ebe9e41dc4c6b958b9bcb550266cf13`
SHA3	`66de4d2d7ab62a057be1fc6e08c60ff6deb66003d4a5296ea776ceb56d360bcd`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.09092`
MD5	`b5281298d99bc9e112458e5b67648e9a`
SHA1	`f83469cc2a5d8161aaf5a809294f224278837584`
SHA256	`ce28b619e17a136dbc2a8bf779a8f13576f970f25099f890aa71f3f02588e647`
SHA3	`f2ebab4d3e032849fc65028fc1be2bbdb8afcdec5ed26c48c539db2bf3913d96`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.10411`
MD5	`4a0428c7156fd27f52627c9b6a6ae985`
SHA1	`1ebf21f7eba59bce2d1e9d70196e1669e3170e4c`
SHA256	`09e2036a5f1c550e105a4ac2621f46b648c27d8b5f7ac7e48ad80044eac24fda`
SHA3	`40c2ebcb61290dc9df6d0cf932793bfcfa8e865b215a2dc9ed55ba53365707bd`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.06927`
MD5	`8313f4a74d7cd6bbfce3953ea02f8c46`
SHA1	`ef671823e80a71078c1787435aa569e4c60ffe0a`
SHA256	`4afa0a5ce999294cd2e32c4ce586c837f0a6739073270fa871f80c73ac35c734`
SHA3	`8bee573ef1c4a8e154e2b7ee94eff71cf7e16a2dd210f8d9674b237b4f0485ce`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.08909`
MD5	`7edbec0e4c72d9f01f55396e4f72b905`
SHA1	`22bf2112fc6d92458868c8e218fbb677c15ceb55`
SHA256	`7c96b7d693f19ee8ada9a554e5a5284fde87c05647ec7a4e0d8282bdbc9a5b96`
SHA3	`1173d5e3c96da4abfdd8ce6e2b25a20a52603caea682f9f509c89b1280150aa9`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.00308`
MD5	`1e920c356b4c19c281d9d127b94323f5`
SHA1	`1c8b7c1f2e0701d29bdc109da3cf24cd329d3fe4`
SHA256	`6d5e5d6def6be6bb0eb7d778be9c4359f4eb2c075b8d96475db713dcea637cbd`
SHA3	`5fcd6f7066b5ee9da5ac13afef26a83944bef4ac82c112bb9ffe788d73aa3bf3`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.82302`
MD5	`59cea0b97cbe8d7fa88eb5047163ca6c`
SHA1	`99e2042f0568d69b3483a58f6cd042d0c3f32da1`
SHA256	`fb3f18c2809f9b5dd127007a18644df00fbdd7dc11fbbb78c527d556c399ea60`
SHA3	`b11564b0756e0945e2589771ec914f5b0ad2f218b35c54a091d0346747d34db0`

103

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.04448`
Detected Filetype	Icon file
MD5	`f7731730720cfe035cf030b40d0e2eb6`
SHA1	`d046e23f2ee2b93ad96be8e1dc9120ecf3915091`
SHA256	`5c92a41adaf3265071482fd1a182ae8702c168636a7d9ff51798ee3a1dfc8500`
SHA3	`6f2d12e4c63c131a3f7f48293996e2be05da351536d013affe5d2265965ce657`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x20c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.55815`
MD5	`fc9cbbdcb7afc0b487672ec92cc64044`
SHA1	`c7f25c8309a3a16181b1bb63135fea07ae36e181`
SHA256	`f430aa1a0f18911f4fe35d32ace2c3e063727752748183780bddc8079671d526`
SHA3	`aacee128584a1263017d3d2fb42fa78dab4aecee6cf6f970ca77a861dc100652`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6c1`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.37708`
MD5	`aab7e8aafe7b06ab3d003b54ab5e18ed`
SHA1	`dccf0408f43059df37b755f3241a8b4b35c728af`
SHA256	`fb88b19523afd8fed48eddfd10805a3a0a45997bbf8fac04d595ddf93c1a88a8`
SHA3	`a981b8e907b79cd9448766ace938dfd96560d11c29e6ba165912a8508bd52ca7`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2022.3.35.4614
ProductVersion	2022.3.35.4614
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_UNKNOWN`
Language	English - United States
FileVersion (#2)	2022.3.35.70150
LegalCopyright	(c) 2005-2024 Unity Technologies. All rights reserved.
ProductVersion (#2)	2022.3.35f1 (011206c7a712)

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2024-Jun-26 10:44:26
Version	`0.0`
SizeofData	`141`
AddressOfRawData	`0x12e88`
PointerToRawData	`0x11e88`
Referenced File	C:\build\output\unity\unity\artifacts\WindowsPlayer\Win32_VS2019_nondev_m_r\WindowsPlayer_player_Master_mono_x86.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2024-Jun-26 10:44:26
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x12f18`
PointerToRawData	`0x11f18`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2024-Jun-26 10:44:26
Version	`0.0`
SizeofData	`724`
AddressOfRawData	`0x12f2c`
PointerToRawData	`0x11f2c`

TLS Callbacks

Load Configuration

Size	`0xbc`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x414018`
SEHandlerTable	`0x412e5c`
SEHandlerCount	`11`

RICH Header

XOR Key	`0x58816681`
Unmarked objects	`0`
ASM objects (28900)	`10`
C++ objects (28900)	`141`
C objects (28900)	`20`
Imports (28900)	`2`
C++ objects (VS 2015/2017/2019 runtime 29118)	`38`
C objects (VS 2015/2017/2019 runtime 29118)	`17`
ASM objects (VS 2015/2017/2019 runtime 29118)	`18`
Imports (VS2019 Update 8 (16.8.0-1) compiler 29333)	`3`
Total imports	`81`
C++ objects (VS2019 Update 8 (16.8.0-1) compiler 29333)	`3`
Exports (VS2019 Update 8 (16.8.0-1) compiler 29333)	`1`
Resource objects (VS2019 Update 8 (16.8.0-1) compiler 29333)	`1`
Linker (VS2019 Update 8 (16.8.0-1) compiler 29333)	`1`

Errors

Leave a comment

No comments yet.