Manalyze report for 8227b17bed284e7dbf414b5b5c5c8801

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2025-Feb-06 00:06:28
Detected languages	English - United States
Debug artifacts	C:\build\output\unity\unity\artifacts\WindowsPlayer\Win_x64_VS2022_VB_nondev_m_r\WindowsPlayer_player_Master_mono_x64.pdb
FileVersion	`6000.0.38.8532298`
LegalCopyright	(c) 2005-2025 Unity Technologies. All rights reserved.
ProductVersion	`6000.0.38f1 (82314a941f2d)`

Plugin Output

Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExW`
Suspicious	The PE is possibly a dropper.	`Resources amount for 83.9824% of the executable.`
Safe	VirusTotal score: 0/57 (Scanned on 2026-01-11 04:33:01)	`All the AVs think this file is safe.`

Hashes

MD5	`8227b17bed284e7dbf414b5b5c5c8801`
SHA1	`abb794ce79edcdb5a7056a23311ca1fd7873b1c4`
SHA256	`def66d0d45bed13f5769cbed68ba0ee9b440a4d9e0c04455b61287be475a7614`
SHA3	`4402bd43b1895f62aef77d075b9081f379419941b6884b097bd276e726865f03`
SSDeep	`6144:u2E4CD20ZB4Gr34QHHri4I/uXd/vZtqCGnJtlHyjU4vl+N5WXsRYYgAo9X:u2NCD1Jr3dnuRqNvZtiJvHrqMN1lo9`
Imports Hash	`ce1183cc150987a99aef5749f22af81e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x110`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`7`
TimeDateStamp	2025-Feb-06 00:06:28
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0xde00`
SizeOfInitializedData	`0x97200`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000001260 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xa9000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`a5e0bf1e14a18380e4aa8fcfecd45cfd`
SHA1	`320e758c261b51cdf475ac1fe2d2b8b0f65ee37a`
SHA256	`9f9a743b5e5c12b459f7533a90382644af884df3aef68c9d7ac7d662735f193e`
SHA3	`0371197b472ffeeb91e1e7c7a9605222c7eee7431b878edcb558990adc374905`
VirtualSize	`0xdc70`
VirtualAddress	`0x1000`
SizeOfRawData	`0xde00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.46141`

.rdata

MD5	`a53c725dd3e945806924ba0123a945a4`
SHA1	`6d332e8d5fae68fee1c169dac0e6a2d91efe56b5`
SHA256	`e5fcaedcba457fd3b841398c7c13df1b5e908b83a6d658d398608414a153e256`
SHA3	`020bbce954386b72dd305762a123a1adf0fcf10d6bc8744364076298ad1cad28`
VirtualSize	`0x977a`
VirtualAddress	`0xf000`
SizeOfRawData	`0x9800`
PointerToRawData	`0xe200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.70108`

.data

MD5	`d284f7b260ed119794375a6998c5083c`
SHA1	`0944c690e2b7841e681f55d2a731910f8019f2ef`
SHA256	`79ebad17e73900bd4dd43a932cc832e1d907346973e16ac0af549524fa4b88b3`
SHA3	`0c023444d7239a9582798618879cf6e165fcae6d6eec1051c77592814b4894ad`
VirtualSize	`0x1d78`
VirtualAddress	`0x19000`
SizeOfRawData	`0xc00`
PointerToRawData	`0x17a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`1.89847`

.pdata

MD5	`583bf012d5970545541b47ad6f1b2dc4`
SHA1	`ed34342900f8481a1f09e9f73fe8bb0d1e528eb6`
SHA256	`a7a9a284c12beceaf69e80c98bb9708078c1ee29e3581bf7c44e24e7535c04eb`
SHA3	`e57cf3023698fe8882221ba469ca26d236b8a3d44b7d67f42d621316177425fe`
VirtualSize	`0xf24`
VirtualAddress	`0x1b000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x18600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.67239`

_RDATA

MD5	`dd297010ea596c9b749ddc72fe421330`
SHA1	`3213e7a4b99366f1367f1b5dc97aa4853369a784`
SHA256	`420a70f17663b392f63eb448853ebc800a3f7cf9c6e0b78b7e421d671dd927fd`
SHA3	`f4660bd566f5561530bb0e40a752616d5a8180b7180fcf869790d48f9fb6e9bf`
VirtualSize	`0x1f4`
VirtualAddress	`0x1c000`
SizeOfRawData	`0x200`
PointerToRawData	`0x19600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.71477`

.rsrc

MD5	`84fe449546563eed159402a77ead7e84`
SHA1	`d9ad8e050ea1f368dd35432c4afb669739f3bb86`
SHA256	`3a2e64df0a77d6b551bc5d283c04c2dfd1af060f2c080a281cece0528a036a05`
SHA3	`50d33ee3ba08d92d89ffef5d05fb495a50783f99ffaee6cd4d6408a939fb3352`
VirtualSize	`0x8a018`
VirtualAddress	`0x1d000`
SizeOfRawData	`0x8a200`
PointerToRawData	`0x19800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.35954`

.reloc

MD5	`79918e2814a23b917e4a5494067a35d5`
SHA1	`eab8dd05e160cbff9fa1c348b6c35e7f161cf459`
SHA256	`cccb376562c958fee6ec06051a48d2c5c0232065e1000ce2d4b0775e46737238`
SHA3	`0fcd95a99b9b4e77c2e23089f450965a4028a243ef56d1928fdcfcebcc4b7120`
VirtualSize	`0x658`
VirtualAddress	`0xa8000`
SizeOfRawData	`0x800`
PointerToRawData	`0xa3a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.87002`

Imports

UnityPlayer.dll	`UnityMain`
KERNEL32.dll	`HeapAlloc` `WriteConsoleW` `QueryPerformanceCounter` `GetCurrentProcessId` `GetCurrentThreadId` `GetSystemTimeAsFileTime` `InitializeSListHead` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `IsDebuggerPresent` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetStartupInfoW` `IsProcessorFeaturePresent` `GetModuleHandleW` `CloseHandle` `RtlUnwindEx` `GetLastError` `SetLastError` `EnterCriticalSection` `LeaveCriticalSection` `DeleteCriticalSection` `InitializeCriticalSectionAndSpinCount` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `FreeLibrary` `GetProcAddress` `LoadLibraryExW` `EncodePointer` `RaiseException` `RtlPcToFileHeader` `GetStdHandle` `WriteFile` `GetModuleFileNameW` `GetCurrentProcess` `ExitProcess` `TerminateProcess` `GetModuleHandleExW` `HeapFree` `FindClose` `FindFirstFileExW` `FindNextFileW` `IsValidCodePage` `GetACP` `GetOEMCP` `GetCPInfo` `GetCommandLineA` `GetCommandLineW` `MultiByteToWideChar` `WideCharToMultiByte` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `SetStdHandle` `GetFileType` `GetStringTypeW` `FlsAlloc` `FlsGetValue` `FlsSetValue` `FlsFree` `LCMapStringW` `GetProcessHeap` `HeapSize` `HeapReAlloc` `FlushFileBuffers` `GetConsoleOutputCP` `GetConsoleMode` `SetFilePointerEx` `CreateFileW`

Delayed Imports

AmdPowerXpressRequestHighPerformance

Ordinal	`1`
Address	`0x19004`

D3D12SDKPath

Ordinal	`2`
Address	`0x19008`

D3D12SDKVersion

Ordinal	`3`
Address	`0xf320`

NvOptimusEnablement

Ordinal	`4`
Address	`0x19000`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.2792`
MD5	`73c0feebc58f5f4b094ae8418a70e103`
SHA1	`18dcce8a18d6006eabb5b6b1066c3c0d2ca5ab2a`
SHA256	`9085d4c5df7d2194d8071603d2bdf775dc8539919c4d00ceea2405b64b1175e6`
SHA3	`a17d288b4b064c96c86642d63cb5bbacca965b957d5419be01fa8e4c7384d637`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.25099`
MD5	`b5e9d22cd4e62748b387b6a20982e76f`
SHA1	`d5baf1c52201958eea4e1feee8dd8839d66af8a5`
SHA256	`87945c7883359a61c602699a2365411a597fcbbeb11c100cf0be69f79765ddf4`
SHA3	`a4fb8829ac197a2fd86e7d73e8528531c5d995d7ee7147160c95375c052a3fae`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.10147`
MD5	`a967fef1acc972a66c70a2235f31efed`
SHA1	`2ddaab3204cc2325b73d56a6c78f0581f0b0f6ea`
SHA256	`70f4b269b9277085892c4da49a85d1cde456c3c5b45f54a938accb0792235934`
SHA3	`ea3d3664cf88f04ff48b2fef01000be9cc3e972ffeb9cdf9f9840ef4179fb4ad`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.83825`
MD5	`9e11ff127ccd1daa5cba30d7f405b323`
SHA1	`c180f3afc26c665ea38ec273018c025cc2e5cbc4`
SHA256	`ac77c20387628234556840e4246da179cd49233bdb2d45e1674a2e74505b10aa`
SHA3	`e6fa7a8c25d814113b3bb2acce6c15b07f4fdd7564db30f09d0f3ef9ce5fc35e`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.68423`
MD5	`76e9cc06b65f7dd3939b3c2293b6e831`
SHA1	`e3f6c65902445ac16a5bb64ab193d7769d8c2de4`
SHA256	`07178c3d2d6f60011dc99565f36723ab07a11d94e120a8f303124dea1215c934`
SHA3	`1a5b7551d08039be620b5708f119f2afafcd8d0e630142177e7c59e9caacb113`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.49384`
MD5	`b023fc29ce670d8a887441a825350bf4`
SHA1	`6bff3d96b23f03b7ff0d5549f8b1f4d580966f45`
SHA256	`869382321bc766d0ebbd7c3aa9ad9ce3fa861e0e1de3c5bc4a32b36262256432`
SHA3	`3ad4166b9f6ae0bd3a9317aca37a59b7b513decd90f2c38e677b132aa198e3fe`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.38362`
MD5	`81c3426f62a4aab73b27b3a78f86fe76`
SHA1	`0a03fbfa2a241b5ec0ada2cd7cd76afdba4786c8`
SHA256	`60e0bbfb2c81d5848c0e63b096bc90fee2878db7ee49b79d7f20754982c4ede7`
SHA3	`2435f3a13a155dc02b49c336c32c02cce804a9e0ea7e8c428ebd9c995dd88f20`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.26003`
MD5	`18e6f094928568aecfbb7ac276d8d4c6`
SHA1	`3d06b945f0d2df93e38a5191d289770b36ecf818`
SHA256	`daf0a39aa8b0ab3b655e372404f734426505cf678328e55a9a0f23ca1d56546b`
SHA3	`09c07b5377a8e17d93fbf6f0e2ebaaa0351b0df8a87847064f08e8365d837b72`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.23651`
MD5	`53c2da020bf28c2efde70c2a0fc52fcf`
SHA1	`4ea5748f45c73755abb8ce398f106cb4ea41f4be`
SHA256	`bf9367ddf46668693837359c8f0e1b9f65a6cc09db95261981a03d84c888c5e7`
SHA3	`fbada1ac25c6cd69c0bf78d0c9068698be15fa38861b15d1a2918057d7d970ac`

103

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.04448`
Detected Filetype	Icon file
MD5	`3bf2dac037ce87794e66ff7f054e913f`
SHA1	`52ca961fd37ad960905a681d1db5157508ef1602`
SHA256	`2a87b1f32c5d0435090c72c392b75394f706e5750eff64fd85d25e1c622ee581`
SHA3	`8454d3273522657b5926068082b2cb88f6dbf352e7e9568008c0e33c792f349b`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x210`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.5133`
MD5	`b5662a1bb9a7e6a57268aa7fbbde087e`
SHA1	`54685bc11dbc81d9557af6c018fa64a7e650e8a4`
SHA256	`f090f9a2ed19f45f5eb6e995b21ef1c302f57774a077b2825061adaa30b059ee`
SHA3	`0f63de86768d78e401fc950438439a7dfaf22ce8f2ec6c663ed4d2e6760a0939`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x545`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.24993`
MD5	`9df530c2f4fbe460da74e130d5d351a9`
SHA1	`f8719b6c74e0179556c1a18f214d6c1bbff8f823`
SHA256	`3c357bd1125971bda05bc59eaeca279da41715741e2535e9e75c94273b1c3a1f`
SHA3	`ce3dd46f87bd462f8730fca18daea6df444422f8d88b810aefbd7b2e62536dee`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	6000.0.38.12618
ProductVersion	6000.0.38.12618
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_UNKNOWN`
Language	English - United States
FileVersion (#2)	6000.0.38.8532298
LegalCopyright	(c) 2005-2025 Unity Technologies. All rights reserved.
ProductVersion (#2)	6000.0.38f1 (82314a941f2d)

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2025-Feb-06 00:06:28
Version	`0.0`
SizeofData	`146`
AddressOfRawData	`0x16d58`
PointerToRawData	`0x15f58`
Referenced File	C:\build\output\unity\unity\artifacts\WindowsPlayer\Win_x64_VS2022_VB_nondev_m_r\WindowsPlayer_player_Master_mono_x64.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2025-Feb-06 00:06:28
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x16dec`
PointerToRawData	`0x15fec`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2025-Feb-06 00:06:28
Version	`0.0`
SizeofData	`852`
AddressOfRawData	`0x16e00`
PointerToRawData	`0x16000`

TLS Callbacks

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140019040`

RICH Header

XOR Key	`0x7139305b`
Unmarked objects	`0`
ASM objects (28900)	`5`
C++ objects (28900)	`138`
C objects (28900)	`10`
Unmarked objects (#2)	`1`
Imports (28900)	`2`
C++ objects (33218)	`40`
C objects (33218)	`16`
ASM objects (33218)	`17`
Imports (33523)	`3`
Total imports	`89`
C++ objects (33523)	`2`
Exports (33523)	`1`
Resource objects (33523)	`1`
Linker (33523)	`1`

8227b17bed284e7dbf414b5b5c5c8801

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.pdata

_RDATA

.rsrc

.reloc

Imports

Delayed Imports

AmdPowerXpressRequestHighPerformance

D3D12SDKPath

D3D12SDKVersion

NvOptimusEnablement

1

2

3

4

5

6

7

8

9

103

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

IMAGE_DEBUG_TYPE_VC_FEATURE

IMAGE_DEBUG_TYPE_POGO

TLS Callbacks

Load Configuration

RICH Header

Errors