Manalyze report for 32239ee9be7e8a340035da3433d6119e2f5d19b0d4f2b1a9c958cb7d5a80d34b

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2023-Oct-05 19:24:04
Detected languages	English - United States
Debug artifacts	C:\build\output\unity\unity\artifacts\WindowsPlayer\Win64_VS2019_nondev_m_r\WindowsPlayer_player_Master_mono_x64.pdb
FileVersion	`2022.3.11.13632072`
LegalCopyright	(c) 2005-2023 Unity Technologies. All rights reserved.
ProductVersion	`2022.3.11f1 (d00248457e15)`

Plugin Output

Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExW`
Suspicious	The PE is possibly a dropper.	`Resources amount for 84.7496% of the executable.`
Safe	VirusTotal score: 0/72 (Scanned on 2026-02-27 12:47:51)	`All the AVs think this file is safe.`

Hashes

MD5	`0920ddbe0e23fb270e50bb7d59e3dae7`
SHA1	`7a2d92ffef074de5a0166492f5b42cc696f78824`
SHA256	`32239ee9be7e8a340035da3433d6119e2f5d19b0d4f2b1a9c958cb7d5a80d34b`
SHA3	`ed872eb01a75cbae4f047e3bc842211a5cb8926df0f3a42683da5e7e56f69a29`
SSDeep	`3072:5QJ/VdFgIW9mYucJ/OD8JlsI9+TI67G2E1:K/7FG9mpcJ/OD87n`
Imports Hash	`ce1183cc150987a99aef5749f22af81e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x110`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`7`
TimeDateStamp	2023-Oct-05 19:24:04
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0xca00`
SizeOfInitializedData	`0x97000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000001260 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xa8000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`c908b9c0303dc1f82726ca4dae00b772`
SHA1	`e81e70cb017880d2883f88a85d9a5ba6176ebcc1`
SHA256	`6e577d9deae653a5181b5a961bc5d68133d0e0c5371dc8bf2e7a30f6ef4d5cb2`
SHA3	`deefbce421cada627162918879ac6eda8099d036762180ad5ebfb4cbd66be7e2`
VirtualSize	`0xc8b0`
VirtualAddress	`0x1000`
SizeOfRawData	`0xca00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.41078`

.rdata

MD5	`f63bfa602c13d5941bd59dd23e742c22`
SHA1	`256481d344b573e184b130d4a953a76fb75c60d6`
SHA256	`0a2f489efa0415b35d0e954c615506db30de9a1e47dc6815e84ff60e9479980f`
SHA3	`7466622e6cfe66c704f0cd8fc1ca5e741c80d2c187faa2814d1642c3cd1d447f`
VirtualSize	`0x948a`
VirtualAddress	`0xe000`
SizeOfRawData	`0x9600`
PointerToRawData	`0xce00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.65282`

.data

MD5	`90815aa5dc65a7dd3f93bad1bd78a77e`
SHA1	`608f3e69047b216dda6b0df73c30912e2fef5544`
SHA256	`435cb9af1df25f501f68a9700182c4d25de99c3f8e8c1ba6b16c0ca98911ff87`
SHA3	`e5ea90d4dd767bfa3d88e3fa2e107c2e40cac10f43498d5abd74f15888477d18`
VirtualSize	`0x1d38`
VirtualAddress	`0x18000`
SizeOfRawData	`0xc00`
PointerToRawData	`0x16400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`1.87032`

.pdata

MD5	`c69bce38ac69d0b835120a5590e69f0c`
SHA1	`c063139b665bfd43ee632f0741b4b5279a71f404`
SHA256	`1d79cfdb10b0e6f61968ed084c55a6ae07421354bf9072b12d090926728f3852`
SHA3	`5b320838ebff98a9e30dc5b9258ca4079fcb7cde4304c61cfe2dd57bb750842e`
VirtualSize	`0xef4`
VirtualAddress	`0x1a000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x17000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.62843`

_RDATA

MD5	`f87f407c2a1cab208757ad1d23a2de6f`
SHA1	`cd739c36958f9ba7505883ae868f1a6ca71e880f`
SHA256	`6e4ba525d12ef66132e0738191d3a928ba74c0091a6f82bc48f892a41e2fc242`
SHA3	`0611ad194d9c623281cb358dbc2f2d28bb01b6eab682677ec8d16136d74414ab`
VirtualSize	`0x94`
VirtualAddress	`0x1b000`
SizeOfRawData	`0x200`
PointerToRawData	`0x18000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`1.11888`

.rsrc

MD5	`c992aa92a41ab4f36310118c78d07ac4`
SHA1	`76ee712eb36ac660392bb9c95d5439af3890495f`
SHA256	`dd418837af0188cf6e735d206963d69d46befb61f27a1624be089c6b7dde553e`
SHA3	`5cfedd52cbd89ac654c4d0bbd4f99722108de5bfac850f2e102de36c3f3c22bd`
VirtualSize	`0x8a1a0`
VirtualAddress	`0x1c000`
SizeOfRawData	`0x8a200`
PointerToRawData	`0x18200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.51456`

.reloc

MD5	`ef1e558d46106d87320dd822be1ddc48`
SHA1	`10f7b05d107451bd01cf446da512c619fc35bf50`
SHA256	`34d7b771018e478ba05cd24ec377fd34919d65ec63c43f49e1ab319785368929`
SHA3	`cc295f58e62efe5c59cad1febf1ce620404450135f442c20ba55235b492ddac9`
VirtualSize	`0x654`
VirtualAddress	`0xa7000`
SizeOfRawData	`0x800`
PointerToRawData	`0xa2400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.84209`

Imports

UnityPlayer.dll	`UnityMain`
KERNEL32.dll	`HeapAlloc` `WriteConsoleW` `QueryPerformanceCounter` `GetCurrentProcessId` `GetCurrentThreadId` `GetSystemTimeAsFileTime` `InitializeSListHead` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `IsDebuggerPresent` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetStartupInfoW` `IsProcessorFeaturePresent` `GetModuleHandleW` `CloseHandle` `RtlUnwindEx` `GetLastError` `SetLastError` `EnterCriticalSection` `LeaveCriticalSection` `DeleteCriticalSection` `InitializeCriticalSectionAndSpinCount` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `FreeLibrary` `GetProcAddress` `LoadLibraryExW` `EncodePointer` `RaiseException` `RtlPcToFileHeader` `GetStdHandle` `WriteFile` `GetModuleFileNameW` `GetCurrentProcess` `ExitProcess` `TerminateProcess` `GetModuleHandleExW` `HeapFree` `FindClose` `FindFirstFileExW` `FindNextFileW` `IsValidCodePage` `GetACP` `GetOEMCP` `GetCPInfo` `GetCommandLineA` `GetCommandLineW` `MultiByteToWideChar` `WideCharToMultiByte` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `SetStdHandle` `GetFileType` `GetStringTypeW` `FlsAlloc` `FlsGetValue` `FlsSetValue` `FlsFree` `LCMapStringW` `GetProcessHeap` `HeapSize` `HeapReAlloc` `FlushFileBuffers` `GetConsoleOutputCP` `GetConsoleMode` `SetFilePointerEx` `CreateFileW`

Delayed Imports

AmdPowerXpressRequestHighPerformance

Ordinal	`1`
Address	`0x18004`

NvOptimusEnablement

Ordinal	`2`
Address	`0x18000`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.34755`
MD5	`835061d318c16286fe24506da2a5b0e8`
SHA1	`fe4319971afbaac3336ab68bb8804da84d2f0617`
SHA256	`7025a4e9d4ae5f30a0aa18cabba0f11f62531c0bfdec1fd85d42717cf94fcae2`
SHA3	`f312eb1a0fa886d57f47444817e0503d1645c4ea797fb095ba993822fffc9a5c`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.41352`
MD5	`dad3f972710d856da9d1728ed9ff26de`
SHA1	`f044291574e3b852a628b48c5c97a94d8896d317`
SHA256	`a591ec0eff36611f44e6916eb973ee6f94a2b0b42edf47cadb318af07f9e60b0`
SHA3	`c7ebe5481b1f1261588659685063e044bf6d260037c17d5f48b2a1f5d141ac2b`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.50302`
MD5	`911109fde0f365988e0f835d615a1578`
SHA1	`5248e01aa74e90a44d7a8dd97fe44bd138c29788`
SHA256	`97671b57e650569ebf108db78e917862208f1044bea9ec2879f3a4f00bea5f12`
SHA3	`7672c18b098e0ae8d0335e13048797976b027bb9b84e80e919ca59cc66c80442`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.62141`
MD5	`15988a6b07717785da47bd93ecd4328a`
SHA1	`afbbe35e0c2885b7481c2b1cf3572d8cd04c6534`
SHA256	`39adebaa6f932b7490a9c3f18830c1e4af8986fcbe8148ee2c275a916cbae042`
SHA3	`b515d74138b0cd8fd6644e09536e998b392a50ff8ed8067c04cc081eada46420`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.09752`
MD5	`d66bb26dfc2e29737080857e993c1ee1`
SHA1	`a931c380f8bcbe031c27ffefaef8e69841384565`
SHA256	`7c35fb58603fe4701c3afaa7afa92a9451c8afa3cb43d38737a16bea22733cf0`
SHA3	`08d6bdd76e1e49f86462028f31a6989e094559d23c6c9cca35d05ecc64b8cac6`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.99856`
MD5	`f33411df1d0be871b99c775f56600d55`
SHA1	`dbac7d4f4725d9b7b242929329d2263f7d3d2994`
SHA256	`8332a757c8c1c5d78ab5ab26dc40ffb56f8704c9ab214c95983c115a34d3694d`
SHA3	`eeeaec81477154a65d1593dcd3aa02cd461839b25003ab2eaaf9968ea1ec99ec`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.25684`
MD5	`3ecf28ba61f4cae9a0231cf13a443806`
SHA1	`2bc549a52b91b00e3190d36c941b4386cfbf3f76`
SHA256	`73a75ccc43f626b3647174ae75d84a5c43fd2bb73f0d8bb2f6b02245504b1fca`
SHA3	`570475454c5d6310e5c141088fb6c186d23ad2b3eb548ce5acec8ba2bfa3bd0a`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.4393`
MD5	`fe45a4ddd5872687a3bd509411e93c8d`
SHA1	`3666d781f10f668f71fa530618e4a6c105595de9`
SHA256	`3111f74c44d09072fc8f5a9ddf2d79f45ba95839c209dc7c1489149153b4d9a5`
SHA3	`b5866e3ab169f9d8ab6e703db90f9671c13126a94c37cef7eca7015a9dbddb2b`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.61501`
MD5	`85fbab50f9065a80a713add7c11ad7ee`
SHA1	`fe40afa6c9671787869de717e06e7f512b9915c6`
SHA256	`9bc18b4aa30bc4e8801df6e07e1574a75a71da4ce383c82645be47fb6acef5ee`
SHA3	`ac0f480fdcd4023d475c7f8c96145be94bcb662dca2c1a921fb207a4f31cfa2c`

103

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.04448`
Detected Filetype	Icon file
MD5	`f7731730720cfe035cf030b40d0e2eb6`
SHA1	`d046e23f2ee2b93ad96be8e1dc9120ecf3915091`
SHA256	`5c92a41adaf3265071482fd1a182ae8702c168636a7d9ff51798ee3a1dfc8500`
SHA3	`6f2d12e4c63c131a3f7f48293996e2be05da351536d013affe5d2265965ce657`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x214`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.53465`
MD5	`5a39f02e472826d8a1a9e83b576674b6`
SHA1	`eb6868755f8339e9ed79be132d0721003d652ca2`
SHA256	`ffaeb775702aedee1e3e5f3a6a3fd10ca584b9afd1d4b6ab035c62ad014609a7`
SHA3	`e951357f7cfa2bbedd3b73fa5ea6166b8741f7270bbd095bd9465c245834ca12`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6c1`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.37708`
MD5	`aab7e8aafe7b06ab3d003b54ab5e18ed`
SHA1	`dccf0408f43059df37b755f3241a8b4b35c728af`
SHA256	`fb88b19523afd8fed48eddfd10805a3a0a45997bbf8fac04d595ddf93c1a88a8`
SHA3	`a981b8e907b79cd9448766ace938dfd96560d11c29e6ba165912a8508bd52ca7`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2022.3.11.584
ProductVersion	2022.3.11.584
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_UNKNOWN`
Language	English - United States
FileVersion (#2)	2022.3.11.13632072
LegalCopyright	(c) 2005-2023 Unity Technologies. All rights reserved.
ProductVersion (#2)	2022.3.11f1 (d00248457e15)

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2023-Oct-05 19:24:04
Version	`0.0`
SizeofData	`141`
AddressOfRawData	`0x15aec`
PointerToRawData	`0x148ec`
Referenced File	C:\build\output\unity\unity\artifacts\WindowsPlayer\Win64_VS2019_nondev_m_r\WindowsPlayer_player_Master_mono_x64.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2023-Oct-05 19:24:04
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x15b7c`
PointerToRawData	`0x1497c`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2023-Oct-05 19:24:04
Version	`0.0`
SizeofData	`768`
AddressOfRawData	`0x15b90`
PointerToRawData	`0x14990`

TLS Callbacks

Load Configuration

Size	`0x138`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140018030`

RICH Header

XOR Key	`0xe5e06b0d`
Unmarked objects	`0`
ASM objects (28900)	`5`
C++ objects (28900)	`138`
C objects (28900)	`10`
Imports (28900)	`2`
C++ objects (VS 2015/2017/2019 runtime 29118)	`39`
C objects (VS 2015/2017/2019 runtime 29118)	`16`
ASM objects (VS 2015/2017/2019 runtime 29118)	`9`
Imports (VS2019 Update 8 (16.8.0-1) compiler 29333)	`3`
Total imports	`89`
C++ objects (VS2019 Update 8 (16.8.0-1) compiler 29333)	`3`
Exports (VS2019 Update 8 (16.8.0-1) compiler 29333)	`1`
Resource objects (VS2019 Update 8 (16.8.0-1) compiler 29333)	`1`
Linker (VS2019 Update 8 (16.8.0-1) compiler 29333)	`1`

Errors

Leave a comment

No comments yet.