Manalyze report for a155ddb4035dc7de221d2718d15fb7c4

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2025-Apr-08 18:45:09
Detected languages	English - United States
TLS Callbacks	2 callback(s) detected.
Debug artifacts	C:\build\output\unity\unity\artifacts\UnityCrashHandler\Win_x64_VS2022_VB_nondev_i_m\UnityCrashHandler64.pdb

Plugin Output

Info	Interesting strings found in the binary:	`Contains domain names: cloud.unity3d.com events.cloud.unity3d.com https://perf-events.cloud.unity3d.com perf-events.cloud.unity3d.com unity3d.com`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5` `Uses constants related to SHA1` `Uses constants related to SHA256`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: LoadLibraryA LoadLibraryW GetProcAddress LoadLibraryExW` `Functions which can be used for anti-debugging purposes: CreateToolhelp32Snapshot SwitchToThread` `Possibly launches other programs: CreateProcessW` `Can create temporary files: CreateFileW GetTempPathW` `Has Internet access capabilities: InternetCloseHandle InternetOpenA InternetCrackUrlA InternetConnectA` `Manipulates other processes: ReadProcessMemory OpenProcess`
Info	The PE is digitally signed.	`Signer: Unity Technologies SF` `Issuer: DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1`
Safe	VirusTotal score: 0/72 (Scanned on 2026-02-20 12:04:13)	`All the AVs think this file is safe.`

Hashes

MD5	`a155ddb4035dc7de221d2718d15fb7c4`
SHA1	`db1ea30d3bc5df1b7e6a30d25ba1a72d18fd62dc`
SHA256	`cff3026d8687496e537c862721ea1b417fd00bc615a2156a83ed70e9f1c29871`
SHA3	`d3863b3fd5e23d078f383810beb13c5e4c7ab70e9a8c90e0bd54c3b0d7fc9ab5`
SSDeep	`24576:wxPeQP3aQqLmlhtFWXoTboxz/y/N9w/X/6:MP3aQEmlLT`
Imports Hash	`d1e6ee0dac82a571bd0ee0ff33281e29`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x118`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`7`
TimeDateStamp	2025-Apr-08 18:45:09
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x76a00`
SizeOfInitializedData	`0x100c00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000000000004FFC8 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x17b000`
SizeOfHeaders	`0x400`
Checksum	`0x17d21e`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`d6a52418014dbc54d7af7ae3c4c07aa9`
SHA1	`3858f2d844b581345e6698b767abf7f0be154602`
SHA256	`7d03cf11129af2754f01ee3e6c5c50af5a8324fdea70671127d7e7c132836ee8`
SHA3	`4601de41405f4030dced4118338a1faa1adf90d691ec1046a52c8897652e89ea`
VirtualSize	`0x76828`
VirtualAddress	`0x1000`
SizeOfRawData	`0x76a00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.51033`

.rdata

MD5	`27162e6916936829c4fc803d9e365c52`
SHA1	`c6e50f0424e20b8c035b4c0d4aa82ae7ae6e7dc9`
SHA256	`e6275466360b386af042ef3e7d8418afdf9069faaf96b5f61c251b29c9ad140e`
SHA3	`8c72dfc2b5bd03ec61fa1c5a78f2e11d449a2b42bf61c805f00fc8712c3dd83c`
VirtualSize	`0x1ddbe`
VirtualAddress	`0x78000`
SizeOfRawData	`0x1de00`
PointerToRawData	`0x76e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.59022`

.data

MD5	`41eca1ffa3fec56d662e67e497ca5f1d`
SHA1	`d6a5ab08806dc0a2234d8c38c936ab7ba0c6ae07`
SHA256	`d6cdba2563cd3f977013c9bd0b21fdc93183d2b6361c69642250c91166d1bca2`
SHA3	`0ebe0aab9f5207011f56438db51748d105edd9533b2bf532635b4ae0b6ec8dd0`
VirtualSize	`0x6184`
VirtualAddress	`0x96000`
SizeOfRawData	`0x1a00`
PointerToRawData	`0x94c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.43523`

.pdata

MD5	`ce816c302926f1a5c7b9b30b95e29890`
SHA1	`1002d8ae2783a0462d10cea3e3a33361973574e8`
SHA256	`3076a1315456dc9c262cae7890ed46e5befbebdc5c65d806d16b42a5028f994f`
SHA3	`e71e057b08f9f89e0d204c776d3a51de624c7f6110707ac29e12d3b1532f4eca`
VirtualSize	`0x5e20`
VirtualAddress	`0x9d000`
SizeOfRawData	`0x6000`
PointerToRawData	`0x96600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.78498`

_RDATA

MD5	`69ba3f86c55201b11ab73c532640dc66`
SHA1	`3d30900f338aa26656eb99c4f959e3202a371c10`
SHA256	`12f31cd42bbae23ad1c3dfb096b0a6ba5301248194b13a3daacad01151a27005`
SHA3	`ea43d543e0388cf6eba97eb2b173210c69308ea5480e4e2b184b225d6d1ef268`
VirtualSize	`0x1f4`
VirtualAddress	`0xa3000`
SizeOfRawData	`0x200`
PointerToRawData	`0x9c600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.18646`

.rsrc

MD5	`eba817b7b24fca52798561e58f782d1f`
SHA1	`4d2307c9d47bc2f79416bf13ef0bf5246e990f6b`
SHA256	`4960894e8c6aad5e327f0d8766e5a99692d3be7cd889f9922cf39381efd33471`
SHA3	`fb169bba9ded7ca2502314aa37360a8b02c4c19f8cb04b80f25e21137f2ec3a4`
VirtualSize	`0xd5a40`
VirtualAddress	`0xa4000`
SizeOfRawData	`0xd5c00`
PointerToRawData	`0x9c800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.68895`

.reloc

MD5	`447910820ced91f3b0e2e251ae8527ab`
SHA1	`6518b74305d9a4bb7b7fc45250c5920d2988419c`
SHA256	`acb77666e6760e090685335acc0fad9c2ddf40b68bdf7f9b5237a3ddf5835fba`
SHA3	`6d3541a10150472667cf84feafed97f56a8c66ac843b51d5b4f497abe3b6d407`
VirtualSize	`0xcdc`
VirtualAddress	`0x17a000`
SizeOfRawData	`0xe00`
PointerToRawData	`0x172400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.28753`

Imports

api-ms-win-core-synch-l1-2-0.dll	`WakeByAddressSingle` `WaitOnAddress`
USER32.dll	`SetWindowPos` `SetForegroundWindow` `LookupIconIdFromDirectoryEx` `OffsetRect` `AdjustWindowRect` `GetWindowLongA` `DialogBoxParamA` `SetWindowTextW` `GetDlgItem` `EndDialog` `SendMessageW` `UnionRect` `SendDlgItemMessageA` `GetIconInfo` `LoadImageA` `CreateIconFromResourceEx` `InflateRect`
KERNEL32.dll	`GetEnvironmentStringsW` `GetCommandLineA` `GetOEMCP` `GetACP` `IsValidCodePage` `HeapQueryInformation` `HeapSize` `HeapReAlloc` `EnumSystemLocalesW` `GetUserDefaultLCID` `IsValidLocale` `GetLocaleInfoW` `LCMapStringW` `FlsFree` `FlsSetValue` `FlsGetValue` `FlsAlloc` `SetConsoleCtrlHandler` `GetFileType` `SetStdHandle` `GetConsoleMode` `GetConsoleOutputCP` `GetModuleHandleExW` `ExitProcess` `InitializeCriticalSectionAndSpinCount` `RaiseException` `RtlPcToFileHeader` `RtlUnwindEx` `GetCPInfo` `CompareStringEx` `DecodePointer` `EncodePointer` `InitializeCriticalSectionEx` `GetSystemTimeAsFileTime` `GetModuleFileNameA` `SetWaitableTimer` `SetLastError` `RtlCaptureContext` `GetCurrentProcess` `OutputDebugStringA` `RtlVirtualUnwind` `RtlLookupFunctionEntry` `GetEnvironmentVariableA` `SuspendThread` `GetCurrentDirectoryA` `ResumeThread` `MultiByteToWideChar` `GetLastError` `GetFileAttributesA` `GetCurrentThread` `LoadLibraryA` `WaitForSingleObjectEx` `CloseHandle` `LoadLibraryW` `GetThreadContext` `GetProcAddress` `ReadProcessMemory` `GetModuleHandleW` `FreeLibrary` `WideCharToMultiByte` `SleepEx` `CreateWaitableTimerExW` `OpenThread` `HeapFree` `Thread32Next` `Thread32First` `WaitForSingleObject` `CreateToolhelp32Snapshot` `FormatMessageW` `CreateThread` `HeapAlloc` `SwitchToThread` `LocalFree` `VerSetConditionMask` `GetCurrentProcessId` `GetProcessHeap` `VerifyVersionInfoW` `CreateEventW` `CreateDirectoryW` `ReadFile` `FindFirstFileW` `GetFileSizeEx` `FindFirstFileExW` `TlsSetValue` `GetFullPathNameW` `FindNextFileW` `WriteFile` `RemoveDirectoryW` `SetFileTime` `GetModuleFileNameW` `SetFilePointer` `SetEndOfFile` `FindClose` `CreateFileW` `GetFileAttributesW` `SetFileAttributesW` `GetFileAttributesExW` `GetDiskFreeSpaceExW` `DeleteFileW` `SetFilePointerEx` `MoveFileExW` `ReplaceFileW` `SystemTimeToFileTime` `CopyFileW` `TlsGetValue` `GetTempFileNameW` `GetSystemTime` `FlushFileBuffers` `GetStdHandle` `TerminateProcess` `GetProcessId` `GetTempPathW` `WaitForMultipleObjectsEx` `OpenProcess` `Sleep` `SetEvent` `GetThreadId` `GetFileSize` `CreateProcessW` `CopyFileExW` `AllocConsole` `GetExitCodeProcess` `SizeofResource` `EnterCriticalSection` `GetCommandLineW` `EnumResourceNamesA` `LeaveCriticalSection` `InitializeCriticalSection` `SetErrorMode` `FindResourceA` `GetModuleHandleA` `GetExitCodeThread` `TerminateThread` `LockResource` `LoadResource` `DeleteCriticalSection` `CreateEventA` `LoadLibraryExW` `TlsAlloc` `QueryPerformanceFrequency` `TlsFree` `QueryPerformanceCounter` `IsDebuggerPresent` `LCMapStringEx` `TryAcquireSRWLockExclusive` `GetStringTypeW` `InitializeSListHead` `IsProcessorFeaturePresent` `GetStartupInfoW` `SetUnhandledExceptionFilter` `UnhandledExceptionFilter` `SleepConditionVariableSRW` `WakeAllConditionVariable` `AcquireSRWLockExclusive` `ReleaseSRWLockExclusive` `FreeEnvironmentStringsW` `WriteConsoleW` `GetCurrentThreadId`
dbghelp.dll	`SymLoadModuleEx` `SymRegisterFunctionEntryCallback64`
SHELL32.dll	`CommandLineToArgvW` `SHFileOperationW` `SHCreateDirectoryExW` `SHGetKnownFolderPath`
ole32.dll	`CoInitializeEx` `CoCreateGuid` `CoTaskMemFree`
SHLWAPI.dll	`PathCanonicalizeW`
PSAPI.DLL	`GetModuleFileNameExW`
ADVAPI32.dll	`GetUserNameA`
WININET.dll	`HttpSendRequestA` `InternetCloseHandle` `InternetOpenA` `InternetCrackUrlA` `HttpOpenRequestA` `HttpQueryInfoA` `InternetConnectA`
GDI32.dll	`GetObjectA`
VERSION.dll	`GetFileVersionInfoSizeA` `VerQueryValueA` `GetFileVersionInfoA`

Delayed Imports

102

Type	`AFX_DIALOG_LAYOUT`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`c4103f122d27677c9db144cae1394a66`
SHA1	`1489f923c4dca729178b3e3233458550d8dddf29`
SHA256	`96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7`
SHA3	`762ba6a3d9312bf3e6dc71e74f34208e889fc44e6ff400724deecfeda7d5b3ce`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.3158`
MD5	`dd76d8e429eb85b4cc9ff48cee125b58`
SHA1	`31381d8c8abd49525cff44fb2391e49ed6a2ea02`
SHA256	`c010c77197370976a77b6a108b3dc1ecb00267363946393a9be8df92a85fbe7f`
SHA3	`84d53e0da7c52c55b4ddd4c1735fda56f0386d1903faaeeaa5637566bd33a694`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.10015`
MD5	`ba3036f9503a630d7e5b1cbf536f3d3c`
SHA1	`0552aaff43e63c9517f30c06bb38977692c23525`
SHA256	`9b0d3f3ec8760d964bf271a826cb67d08ca1f48cacedbb52b6919a5e9de3a1d7`
SHA3	`7738c74c7e8fbdccde5aa40871b32ba968f49271a5d63d3b444c177a19ebdd4e`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.14848`
MD5	`d1f3f9d60e22bc8c9a21115112d6e54c`
SHA1	`efbb974ac9544d74f963120ec27bf71c811f10f6`
SHA256	`3257b105cc92b02ba7f276274be480ba30f32dcf4f845ec2fa01c1ac826f8a7a`
SHA3	`e5774a1393ce09be2738596c69990478dd74d62facdbe20435b64fc2e6c9a137`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.88076`
MD5	`bc6f7e681401aad7e342785d0159cebd`
SHA1	`c43967f7deaac4f81be90b1f8ad1b19aa913706e`
SHA256	`8e07b09dc889c0cfe4f3683df4c01a714d5aae1f638d6a93450ce867a71c7a69`
SHA3	`7735d35803c453de7963ac02608a22f76531d7f6d28b78074da08fbf660cadfb`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.88087`
MD5	`5334d779eb7efa1e1d7995a20ed733d6`
SHA1	`738431dc77d68c0afa96c98b43d915072f058bba`
SHA256	`fc7eabf8db026eb70e116ea166326cc0f4752cade05a20222c1c8609b7743c22`
SHA3	`58cfe1ae9ae9d9e646e6ab1e9087fda2a64fa4abe71486ccc915d91be3ba66a2`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.938`
MD5	`13a5d6c9d0ca0e5992d37f2740962a53`
SHA1	`90f8c1bdb73b655d5c050a8ab37c012fd9bc781f`
SHA256	`9d4a3ac515e9e26dec126a8e46f0615376564cacef98942d4a8ff1ef14e2f677`
SHA3	`289d018bdda12cb2dbf29e432add07eb693d2cbe0c250afcc181d7b8fb09f8bd`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.74495`
MD5	`154a7f72a07fb1d33d116b54b8a8507a`
SHA1	`ce6f83e72776ac36bcaf56674ee1a5b0dd4838b2`
SHA256	`835fbaa26b5ae2aafdd3e256274813f2b98df73adb067013c285e5d912e82ad5`
SHA3	`4623d0ec27e7009440b9a5cf7fc64ebc109800478dad088b0c93d86b66275871`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.79804`
MD5	`7ee7637ced015612cc7ee419484c42cf`
SHA1	`acfee9e0dc266831c1746e1956d0b2191f9c812a`
SHA256	`96a3eab080e85d5fbc723c5cfc4fc32aee5cde3461d4e67ccfe8d3d49a9ef089`
SHA3	`0ca34cd05abb3146f9984eca0e0f0c178d11039cd255d817ac17c96791c916a7`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.65747`
MD5	`0c9d48e635f6ef6f4ca06905ec8d5a99`
SHA1	`55c7dee5497720d9978231a98ae8658148da390b`
SHA256	`140bc93cc2736301d6644a15f0164c0135f032a3a00f327af6f30aff4878f57b`
SHA3	`9349f56ef109d12d473c9bf173e43b3654dcb99826930e2c28d5b86ef5c5b058`

10

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.71811`
MD5	`f7dd754594b72d5654923153968276e6`
SHA1	`c130ffada563c210ca322a9c8ac1a0931885334d`
SHA256	`4b27bc68ed2e1948cd047a7628f38e1a90afba1bba3a4fed165b85618a18c2de`
SHA3	`b0ccd6f5ce31609628403a6107c0c83dbafacf77d7ec2e068b4bc17900f0c515`

11

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x70a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.19916`
MD5	`8a4ca97afe15d634cea7207b63be3701`
SHA1	`f1d09bc7c0567ad83d6af6e712a2ed56d04192c2`
SHA256	`34b15097d69fcf90017dbca4840744040c4c86b3176186eeef6b801849a29dfa`
SHA3	`5455f13118c86aafb35ca853eab50760d28750d240f26c1833eb97bd1c786125`

12

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.29952`
MD5	`244ffeb5e8e7c35935bd4a1093e3d0fb`
SHA1	`8e1b244d30420834109cda53753e6b4662ccb9dc`
SHA256	`6df180a42bddee559cf90423dc92f37fc0ca37addb3e26c6d3781519b0e185dc`
SHA3	`dcfd331b1726a62aff83c53158157f31179cce4f92a705ac2faaa630663ebfab`

13

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xca8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.5382`
MD5	`48c4c554fcb90fce19260e650336f8ed`
SHA1	`bf67c894bbc38eda7575c4869287c6f544beb0ef`
SHA256	`899451a5ace5072a979197769838cd6b0c95268ff49ff5392adb7af1cf5a42fb`
SHA3	`ca186fb463efff00ed5d29f42a7ef4e7f61867831458b906da181db19486bc94`

14

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x32028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.03041`
MD5	`a55e5b4e5f9de62e21e60d76c04cdef0`
SHA1	`87eb17173fd83379fa4dd7fce864ec7ef4aff6ac`
SHA256	`c4c06b80ec56d7f818e165f7e9d23c49f90c6fd1c2251a9df5d2df2c94b93b6b`
SHA3	`8a703e75741dbdc93fe10a741e5d1c040de13b2c1c4bc7f73113ef9c79bb6383`

15

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.09548`
MD5	`be112084b833b18448effc8c95c4601d`
SHA1	`f230cafb5b1bbf54a862263f3468ae3ca5a86da8`
SHA256	`de155fad4ddb4dc5a7845c0b9df15e043aafb6fb169bf7a28696988aa5fd8573`
SHA3	`a195bca0077ce489df3a7fc56ad7840ccd6623770969bef597c189c52d32f83a`

16

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1ca8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.40306`
MD5	`fe10ed11b6166dd4b8467e8d325ac282`
SHA1	`ba5e0c3e9add13111774a8c69bd56a423348dc32`
SHA256	`b2e691ab369f5873c7c3be606a4c0d3c972ec078649dc323d302f51fbbd64e03`
SHA3	`9f55b31d74a49b07775f0021d6f96f53fbb4e83e14492d4e1ab7610c60dda30d`

102 (#2)

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xd2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.93657`
MD5	`70c36911241f8ad69116d468a3f16c66`
SHA1	`512067ab94cf0481b3b5d9bcf6b8393ca69e719c`
SHA256	`261a11977d98fa9a46602fdea51adf5a4048ed070aec88fd71f35e198d14e5f2`
SHA3	`1bee0dc19e4e8360f08b5681e68d9b31041fa3701f6d04d3f4b3d90ec60bf441`

101

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.04448`
Detected Filetype	Icon file
MD5	`3bf2dac037ce87794e66ff7f054e913f`
SHA1	`52ca961fd37ad960905a681d1db5157508ef1602`
SHA256	`2a87b1f32c5d0435090c72c392b75394f706e5750eff64fd85d25e1c622ee581`
SHA3	`8454d3273522657b5926068082b2cb88f6dbf352e7e9568008c0e33c792f349b`

107

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.99433`
Detected Filetype	Icon file
MD5	`068985ffca9b5adcd1a5008ab1c9ce54`
SHA1	`de3ba72792af76bfbb87429fe7a22d0abcf9d3d8`
SHA256	`9da435434327ce3296ca1a9c1ac724b9f4f54abc00100aea82919d7c8a451392`
SHA3	`f3040faeabd7cfc159f08665be046fe1aa5065cecb0cccbccedacd564e499da9`

1 (#2)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x669`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.38078`
MD5	`4babfeab1bbc131b0e30ff27f7a9cacc`
SHA1	`320dfbbabcea9030f6d97a954a9b015192ad0121`
SHA256	`c29ae7d06588395bbcbd97e1c9dbfcf29ccf06a485216c10b83c134809c0c40b`
SHA3	`fb9f91e8b02aea62574eae1b9997b48f69a7f9eddfe121c69802b40cfc45426d`

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2025-Apr-08 18:45:09
Version	`0.0`
SizeofData	`133`
AddressOfRawData	`0x8bd64`
PointerToRawData	`0x8ab64`
Referenced File	C:\build\output\unity\unity\artifacts\UnityCrashHandler\Win_x64_VS2022_VB_nondev_i_m\UnityCrashHandler64.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2025-Apr-08 18:45:09
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x8bdec`
PointerToRawData	`0x8abec`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2025-Apr-08 18:45:09
Version	`0.0`
SizeofData	`1128`
AddressOfRawData	`0x8be00`
PointerToRawData	`0x8ac00`

TLS Callbacks

StartAddressOfRawData	`0x14008c2b0`
EndAddressOfRawData	`0x14008c3f0`
AddressOfIndex	`0x1400979f8`
AddressOfCallbacks	`0x140078800`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_16BYTES`
Callbacks	`0x000000014004FBC8` `0x000000014004FC30`

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140096040`

RICH Header

XOR Key	`0x31ad84dd`
Unmarked objects	`0`
ASM objects (28900)	`8`
C++ objects (28900)	`188`
C objects (28900)	`24`
Unmarked objects (#2)	`1`
253 (33218)	`1`
C++ objects (33218)	`87`
C objects (33218)	`19`
ASM objects (33218)	`18`
C objects (CVTCIL) (28900)	`1`
Imports (VS2008 SP1 build 30729)	`2`
Imports (28900)	`29`
Total imports	`294`
C++ objects (LTCG) (33523)	`64`
Resource objects (33523)	`1`
Linker (33523)	`1`

a155ddb4035dc7de221d2718d15fb7c4

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.pdata

_RDATA

.rsrc

.reloc

Imports

Delayed Imports

102

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

102 (#2)

101

107

1 (#2)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

IMAGE_DEBUG_TYPE_VC_FEATURE

IMAGE_DEBUG_TYPE_POGO

TLS Callbacks

Load Configuration

RICH Header

Errors