Manalyze report for 51e9598334d72b555078ae478f59163c062148a424512cb0c0ff0d23313369f9

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2022-Sep-20 01:20:48
Detected languages	English - United States
Debug artifacts	C:\buildslave\unity\build\artifacts\WindowsPlayer\Win64_VS2019_nondev_m_r\WindowsPlayer_player_Master_mono_x64.pdb
CompanyName	Unity Technologies ApS
FileDescription	Unity playback engine.
FileVersion	`2021.3.11.679073`
InternalName	UnityPlayer
LegalCopyright	(c) 2022 Unity Technologies ApS. All rights reserved.
ProductName	Unity
ProductVersion	`2021.3.11f1 (0a5ca18544bf)`

Plugin Output

Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExW`
Suspicious	The PE is possibly a dropper.	`Resources amount for 86.3809% of the executable.`
Safe	VirusTotal score: 0/72 (Scanned on 2026-04-09 20:33:03)	`All the AVs think this file is safe.`

Hashes

MD5	`d12f19bd4571bd7974163f199171b78b`
SHA1	`cb4240bb09a4e675018a619676e1d0577bb81f29`
SHA256	`51e9598334d72b555078ae478f59163c062148a424512cb0c0ff0d23313369f9`
SHA3	`8bb90cd808469d4278da29755e3adfcf34f4917914f727a3eafeb627ca8ee98f`
SSDeep	`6144:WEbaWnBUC5jqgIYhXDIUWqjz/7zIXcx60i1ocuLHN2mNuJZklbpy6qghgYPEyqD:WoCCtZjnzIMs7uLtNIuL7OM72K`
Imports Hash	`5f74a5c747508e2822fdb9b687deaf42`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x118`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`7`
TimeDateStamp	2022-Sep-20 01:20:48
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0xa200`
SizeOfInitializedData	`0x96800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000001260 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xa5000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`43e962188de594e469b200641672762f`
SHA1	`fcbfebfb9477168fc5081289707ffa6d58c93530`
SHA256	`d9efd13dd0f5eb2941ea9a2eb8511e0bacf3cf23f14513be16e4efff9ddf41b4`
SHA3	`68638e60dd19624f0ba95527528cc343a356b77b8618df6a20dbdd57c8106f4e`
VirtualSize	`0xa140`
VirtualAddress	`0x1000`
SizeOfRawData	`0xa200`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.39721`

.rdata

MD5	`057c66acf33501fc1b26d00fab1abd9f`
SHA1	`0e027472b585f5878ff1d2ef84c890a7d86dae48`
SHA256	`3a892d286ac74e768a9000ac641ece3a026712176c472156dcddf62b3d5d563b`
SHA3	`f95cdea3d43a3725b2c705833830e3d97431bdd446ad77f8c0f70b89277c0f97`
VirtualSize	`0x8cbe`
VirtualAddress	`0xc000`
SizeOfRawData	`0x8e00`
PointerToRawData	`0xa600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.65297`

.data

MD5	`2e9924c581c86e57e2e2b0ac87e1aa45`
SHA1	`a1a176fc5c54e8c996a328e810c15c16cdb5b73d`
SHA256	`90b0d83be28bc06320f7b2ce10f056ecd17badc2e84e2b1533c0454096a1e5a0`
SHA3	`8c3bb6dfd1204e833639461f26a41ad45e7fa68dcdc97aa4908992d272dc2237`
VirtualSize	`0x1ce8`
VirtualAddress	`0x15000`
SizeOfRawData	`0xc00`
PointerToRawData	`0x13400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`1.6801`

.pdata

MD5	`a2c626c94e0874a52fc60c6fb5946162`
SHA1	`6c87be30407854e47baabad24730de02f4c197cf`
SHA256	`ebe0fbac293026e15cfcb6794e2892b6d1d07d940f89bf1a2294b1e7b5bb795a`
SHA3	`60674d80e0fd5ed9fe7de19a14d3f29a5bf4970e8b77f5d946634eec07122c57`
VirtualSize	`0xc54`
VirtualAddress	`0x17000`
SizeOfRawData	`0xe00`
PointerToRawData	`0x14000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.34559`

_RDATA

MD5	`1960efd573f3d23522c840210d59fb7e`
SHA1	`47057bb39ae6c80b68d90c47f0cfd7d6bf123ad2`
SHA256	`ad5bd98e9035110e2e2e7b82ed2fe49ec0fae2d89e05400528a6b48804c441a4`
SHA3	`225389cba41c0a9e2c3319b0921ec1ef9962e8af175fca30c67bde60763834d4`
VirtualSize	`0x94`
VirtualAddress	`0x18000`
SizeOfRawData	`0x200`
PointerToRawData	`0x14e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`1.08512`

.rsrc

MD5	`c75c5c00a138e61a02b129bddcb55ac7`
SHA1	`35528a84f5f323d1affece6001dd5cfd1e8391f5`
SHA256	`3ea5c8de0feaa71f12f55aaa37af21ae76b4521d8a5d9ed00967c40674c6cfb1`
SHA3	`8851de32301d1fccbca6d868b6f0d0a7c488daaf3f60775c006758a5c800bc50`
VirtualSize	`0x8a2a0`
VirtualAddress	`0x19000`
SizeOfRawData	`0x8a400`
PointerToRawData	`0x15000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.23969`

.reloc

MD5	`687aa942cda2e64adc67a829f1587240`
SHA1	`26058e365b4fef9cae39c529017700cd0ccfedb7`
SHA256	`e5b51406ab27a5065a374454ac72e242a50072d670957430f820af90f479b506`
SHA3	`8a51aae6ca0ea13d9513cba0336e2446957914c5ba6561a337c3afdf42f3c689`
VirtualSize	`0x638`
VirtualAddress	`0xa4000`
SizeOfRawData	`0x800`
PointerToRawData	`0x9f400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.79086`

Imports

UnityPlayer.dll	`UnityMain`
KERNEL32.dll	`WriteConsoleW` `QueryPerformanceCounter` `GetCurrentProcessId` `GetCurrentThreadId` `GetSystemTimeAsFileTime` `InitializeSListHead` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `IsDebuggerPresent` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetStartupInfoW` `IsProcessorFeaturePresent` `GetModuleHandleW` `CloseHandle` `RtlUnwindEx` `GetLastError` `SetLastError` `EnterCriticalSection` `LeaveCriticalSection` `DeleteCriticalSection` `InitializeCriticalSectionAndSpinCount` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `FreeLibrary` `GetProcAddress` `LoadLibraryExW` `RaiseException` `GetStdHandle` `WriteFile` `GetModuleFileNameW` `GetCurrentProcess` `ExitProcess` `TerminateProcess` `GetModuleHandleExW` `HeapAlloc` `HeapFree` `FindClose` `FindFirstFileExW` `FindNextFileW` `IsValidCodePage` `GetACP` `GetOEMCP` `GetCPInfo` `GetCommandLineA` `GetCommandLineW` `MultiByteToWideChar` `WideCharToMultiByte` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `SetStdHandle` `GetFileType` `GetStringTypeW` `LCMapStringW` `GetProcessHeap` `HeapSize` `HeapReAlloc` `FlushFileBuffers` `GetConsoleCP` `GetConsoleMode` `SetFilePointerEx` `CreateFileW`

Delayed Imports

AmdPowerXpressRequestHighPerformance

Ordinal	`1`
Address	`0x15004`

NvOptimusEnablement

Ordinal	`2`
Address	`0x15000`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.25276`
MD5	`f318219a6526dc7c6b67a6071814f761`
SHA1	`929035d45aa6ca9afdc92c1a73c8a75fa75d77b5`
SHA256	`4171c2f81a96429e73d2bb09bc7029d151d6e19ce80e8db15bd6c7b49a4ab949`
SHA3	`8bf20270664c7a5c56db800ec9b93f2607dfbdc293132494983bb29aae421612`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.25304`
MD5	`a625e9fd51ed83d7b46609de172bd953`
SHA1	`4dd4a67c174ab755d5fa0461c3fd9b9218494e87`
SHA256	`ce2d71c75a18975c53e34c7d79818ed0b3b44c8a0316b5615f11634ad8815489`
SHA3	`d0a7020c66e4bcdcaabae9e8afb284c2bee8bcd9ad85253735f71ed55bfa8ce4`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.77017`
MD5	`af0c04833b7d774c44f6951164a6105b`
SHA1	`db2a41c13bb1f12da4b6573cb474445918d68b90`
SHA256	`ba720d693680eca0b46c7e632dc896d180589182259364e6c6b6557904fb2d6e`
SHA3	`c7316afb940c91f6f62e83f506196c6b6ee53e8e167899b2599a944181ded7f2`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.24381`
MD5	`95fa004718fce9c56e6372b5775aef51`
SHA1	`3bb8901b2da8e805ea4cde4360dd89b6050d7caf`
SHA256	`79fb89938aa921fff611c6beefa79fa744769b39685465a67be45a4b915652db`
SHA3	`268c49501cc180404f6f235a9e874a3c801f71e5164835dc0070a18b09b15e79`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.24274`
MD5	`990d6096f9d67926970ba13e34037ca4`
SHA1	`56686da9a9f0c78a7c2e028615235b2489318274`
SHA256	`e2a6fcf891f6f03e63a43e57c2a5e05964cb9bee01c2c2a9ffcb13cbac62910a`
SHA3	`3fe388783b5857fa4b7b5e6e112c7d2ccdb57250b9e5f35699b65d04be4e92fa`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.18415`
MD5	`2699ddfeaee25757efee450115eeaace`
SHA1	`04966b3412a36fdd7d378cb2ea383960a536302b`
SHA256	`51b6842ea21254d50aff93771f9e6eedeab59230aeb5a57afee839d5f1b0d267`
SHA3	`4d233cc767f61c1a17625bec27606efc4e8cdfa55ec7f720b7da84046f11e491`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.17412`
MD5	`a91282a56ddf601a9e1c08282d5f11ae`
SHA1	`a92198330d678a0a1f3b9305e42082b18e12fd61`
SHA256	`b56792892c5ab3467a554bec38e2a09ac80dc7167075b5070ebddbcd21e88fad`
SHA3	`a37295b91ee27abe6d737e85e403158e5f6da4fa3ee2ea112643f9fa58dd1eec`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.0855`
MD5	`b55e2e3caf167df50b02758fd28d98dc`
SHA1	`fcf025f32d7c61ba7d228420bc6744a5702882df`
SHA256	`145b6b497b7d96044a5433a1ab4f9f8c2cd06ebd5b9a30e9d14c5bbde72aead5`
SHA3	`331bf672f9774136c3295b12389cf2913c1a7c5d7ce8bbac2b7b6d59520c83f7`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.84492`
MD5	`02e39b1213dfe3cd7a3144b8177df773`
SHA1	`92ac1b0c047126ca66c42df13683198e3fa52a53`
SHA256	`5553951c774ecdde1651e37159ededd38d7ea16edfc26399d4c6a1badafe85e5`
SHA3	`9ca6e5da46c80c3c8eea0702e745eae6e2dfa6cca2f6d032679d4e1255212ad0`

103

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.04448`
Detected Filetype	Icon file
MD5	`f7731730720cfe035cf030b40d0e2eb6`
SHA1	`d046e23f2ee2b93ad96be8e1dc9120ecf3915091`
SHA256	`5c92a41adaf3265071482fd1a182ae8702c168636a7d9ff51798ee3a1dfc8500`
SHA3	`6f2d12e4c63c131a3f7f48293996e2be05da351536d013affe5d2265965ce657`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x318`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.55476`
MD5	`98c76134624a4a7a764f46d0b2fad6f9`
SHA1	`ca0ecb811ab434294ef30c6fc31e4ef2c7a072fd`
SHA256	`f0c425075f269f2472a1015d213e89d2e4f6601b108d0ac61061dfde59cbe08b`
SHA3	`5218dd7ba35de58ccd55d0dcb313bee76e18087334190fe9c5ab03b3c74af23b`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6c1`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.37708`
MD5	`aab7e8aafe7b06ab3d003b54ab5e18ed`
SHA1	`dccf0408f43059df37b755f3241a8b4b35c728af`
SHA256	`fb88b19523afd8fed48eddfd10805a3a0a45997bbf8fac04d595ddf93c1a88a8`
SHA3	`a981b8e907b79cd9448766ace938dfd96560d11c29e6ba165912a8508bd52ca7`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2021.3.11.23713
ProductVersion	2021.3.11.23713
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_UNKNOWN`
Language	English - United States
CompanyName	Unity Technologies ApS
FileDescription	Unity playback engine.
FileVersion (#2)	2021.3.11.679073
InternalName	UnityPlayer
LegalCopyright	(c) 2022 Unity Technologies ApS. All rights reserved.
ProductName	Unity
ProductVersion (#2)	2021.3.11f1 (0a5ca18544bf)

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2022-Sep-20 01:20:48
Version	`0.0`
SizeofData	`139`
AddressOfRawData	`0x13780`
PointerToRawData	`0x11d80`
Referenced File	C:\buildslave\unity\build\artifacts\WindowsPlayer\Win64_VS2019_nondev_m_r\WindowsPlayer_player_Master_mono_x64.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2022-Sep-20 01:20:48
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x1380c`
PointerToRawData	`0x11e0c`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2022-Sep-20 01:20:48
Version	`0.0`
SizeofData	`712`
AddressOfRawData	`0x13820`
PointerToRawData	`0x11e20`

TLS Callbacks

Load Configuration

Size	`0x138`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140015030`

RICH Header

XOR Key	`0x735735a6`
Unmarked objects	`0`
C objects (VS2017 v14.15 compiler 26715)	`10`
ASM objects (VS2017 v14.15 compiler 26715)	`5`
C++ objects (VS2017 v14.15 compiler 26715)	`136`
Imports (VS2017 v14.15 compiler 26715)	`2`
C++ objects (VS 2015/2017/2019 runtime 29118)	`37`
C objects (VS 2015/2017/2019 runtime 29118)	`16`
ASM objects (VS 2015/2017/2019 runtime 29118)	`9`
Imports (VS2019 Update 8 (16.8.0-1) compiler 29333)	`3`
Total imports	`85`
C++ objects (VS2019 Update 8 (16.8.0-1) compiler 29333)	`3`
Exports (VS2019 Update 8 (16.8.0-1) compiler 29333)	`1`
Resource objects (VS2019 Update 8 (16.8.0-1) compiler 29333)	`1`
Linker (VS2019 Update 8 (16.8.0-1) compiler 29333)	`1`

Errors

Leave a comment

No comments yet.