dde0d281e0f84083137d278fa3deb480

Summary

Architecture IMAGE_FILE_MACHINE_AMD64
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2025-Feb-21 00:42:17
Detected languages English - United States
Debug artifacts D:\Noble\Packages\Temp\build\bin\x64\Master\Tales of Graces f Remastered_x64_Master_mono.pdb
FileVersion 1.0.2.0
LegalCopyright Tales of Graces™f& ©Bandai Namco Entertainment Inc. ©いのまたむつみ
ProductVersion 1.0.2.0
FileDescription Tales of Graces f Remastered
InternalName Tales of Graces f Remastered
ProductName Tales of Graces f Remastered
CompanyName Bandai Namco Entertainment Inc.

Plugin Output

Info Cryptographic algorithms detected in the binary: Uses constants related to TEA
Suspicious The PE is possibly packed. Unusual section name found: .bind
Info The PE contains common functions which appear in legitimate applications. [!] The program may be hiding some of its imports:
  • GetProcAddress
  • LoadLibraryExW
Suspicious VirusTotal score: 2/72 (Scanned on 2026-02-17 03:48:33) Cylance: Unsafe
Trapmine: suspicious.low.ml.score

Hashes

MD5 dde0d281e0f84083137d278fa3deb480
SHA1 8688a649946074ec171460335aff53c0be3b9971
SHA256 5ab8b5eb807f47c6005be22608743abbe3d3ba74b738db3a6fb7c4bb821c59c0
SHA3 43166923e1f08565b396f8be7a960555622e217d7a1242e0644d86b0d6477b8b
SSDeep 12288:ON+KLxDTvuVaOrHeI730HBmSTOln1vGgUEtuBHgb1/mW9l:OQazBOr1AhihEEoBqsW9l
Imports Hash 09982fb651914d26832b77beae5dfe77

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x108

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_AMD64
NumberofSections 7
TimeDateStamp 2025-Feb-21 00:42:17
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xf0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32+
LinkerVersion 14.0
SizeOfCode 0xce00
SizeOfInitializedData 0x35a00
SizeOfUninitializedData 0
AddressOfEntryPoint 0x0000000000001260 (Section: .text)
BaseOfCode 0x1000
ImageBase 0x140000000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x7e000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 1bdf5d396d6c337fb3933c5f50750578
SHA1 6cbc9955e025c014aa57abece30fc8b0dad6ffea
SHA256 16805d5258098089b719be81f33a8b088d3f919a273723f22a38176d23879e53
SHA3 384e8736f624adf1f8f64cedc048b4756443bcc0aa441eeeebec07e33b29f7ab
VirtualSize 0xd000
VirtualAddress 0x1000
SizeOfRawData 0xce00
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.45643

.rdata

MD5 16af99b4a5e383ae564a384ea3a9ce27
SHA1 a944a10225c6f5a5c3003540b672fda3b41e3778
SHA256 62f02d88f1fbf4f1da1fefeee9435b191e24dfd27e11c46e904969d2e5650c63
SHA3 f47322db32c3b033b2cee66b6fff01a5d70411c2349fdb981f9f20aa201bfd2a
VirtualSize 0xa000
VirtualAddress 0xe000
SizeOfRawData 0x9800
PointerToRawData 0xd200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.68324

.data

MD5 b9a04041fb18555dddd4221eff327792
SHA1 68dc593b4733cf39060d5758a25ef1cac3d2eaaf
SHA256 9d7f41f40161d482c7a8160a978942da278e1687f659237e1efe643c97d4c9d2
SHA3 ac7352cf88c3cdc051450b01c33f13f96b9fb2b0cc7618edbabd27298df0ee6a
VirtualSize 0x2000
VirtualAddress 0x18000
SizeOfRawData 0xc00
PointerToRawData 0x16a00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 1.89093

.pdata

MD5 2d8d9515696bf34fe5d8cd5f73ebba20
SHA1 dd2cda0e0a8ea6268f82663a7dcd011b3770a122
SHA256 64258be85b638e23c192885ecc2313d66c6d9a0b1083d13b4c5f38f54a718d84
SHA3 c9d5c085e19f5f05e20bdffba291fe54b5286162c76eb4653d9640598753a640
VirtualSize 0x1000
VirtualAddress 0x1a000
SizeOfRawData 0x1000
PointerToRawData 0x17600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.58624

.rsrc

MD5 f9c223b62bea1742cd8f42b225707c80
SHA1 613bf6da90e3c60de6ce02463ffaf1fb763d0332
SHA256 2717fc818fde9f3fea590140acf22387195c52842fa23d15ce3cc24c2499d754
SHA3 0a2dfd728abb1cd4157695b5d1761dfa0f03d7d7dd956ff93f1aabdce2834d3b
VirtualSize 0x29000
VirtualAddress 0x1b000
SizeOfRawData 0x28c00
PointerToRawData 0x18600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 7.9819

.reloc

MD5 ed5e3e812dc07a8ec2693bd008153e14
SHA1 9111d2127e94f4d24ea2d2106ecac1c6057e4379
SHA256 501269bc6242e5374a58d5a2cc262737535cee96f87c304c399d16e53ea7c9c4
SHA3 5b14334abb7451788228b88b0eca02f79e85847546cea58e6ddbf782a9e1b055
VirtualSize 0x1000
VirtualAddress 0x44000
SizeOfRawData 0x800
PointerToRawData 0x41200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 4.87206

.bind

MD5 ac3ec4913988e9da32bebf34b6282f4b
SHA1 4a664950052cd77141e8c0913e5c395d454b58d8
SHA256 df3e6fe586c5f42cf930d6d35b14011f1dc3ab390c704a26d29d5281ddfae845
SHA3 b0e55b66701f73a7a8a0ce4a7ba1773bb669b089d363fe3ad8e4a3d7352743e8
VirtualSize 0x39000
VirtualAddress 0x45000
SizeOfRawData 0x38600
PointerToRawData 0x41a00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 7.95302

Imports

UnityPlayer.dll UnityMain
KERNEL32.dll FindClose
WriteConsoleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
RtlUnwindEx
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
RaiseException
RtlPcToFileHeader
GetStdHandle
WriteFile
GetModuleFileNameW
GetCurrentProcess
ExitProcess
TerminateProcess
GetModuleHandleExW
HeapAlloc
HeapFree
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetFileType
GetStringTypeW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GetProcessHeap
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
CreateFileW
CloseHandle

Delayed Imports

AmdPowerXpressRequestHighPerformance

Ordinal 1
Address 0x18004

NvOptimusEnablement

Ordinal 2
Address 0x18000

1

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x16838
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.98977
Detected Filetype PNG graphic file
MD5 cf8c46f0405810c7ce0d0692267d0950
SHA1 58ec023e320f8b5ac67cd61dc51f4704da787eb6
SHA256 88ee9a8bd7adfdab7822e71386c9aa84800163166cacde8b8b8d7ddf7700f51f
SHA3 9ad08beede697f19eb82ba15c6c985dbec4114a731de334bc873182cf9e9779e

2

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x72cb
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.98321
Detected Filetype PNG graphic file
MD5 2048f21904e73701ddf919a807ffb81e
SHA1 ce38cbc07fc9ce741436fa774fcb94d5444bfe74
SHA256 f605c410d8c9139e7b6905bfd94e8765ac5ba033bbee180fb2d5b4ded492f084
SHA3 e0a8caaf811db8f2c85af70ac06d2fbf712e3381ff9656943c253e3b3a13bbca

3

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x44a4
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.97589
Detected Filetype PNG graphic file
MD5 198269048016cc72222ee7c1c0f9795a
SHA1 fac828d7532d5cd33e2c226270ed37c0fc6f7695
SHA256 8248b2709eb4eb93a2f0494157400d9844d83598cf8ed7d6bc417fe1e3574380
SHA3 d06074c5208b8494544596021bd07f9810aee6a8e68873c0becc3a82a9dc7e1c

4

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x21d0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.96198
Detected Filetype PNG graphic file
MD5 6860b509ead6ec12b1aa79eea5ac88a3
SHA1 847acce3e15652dbc6812553178d15395780e795
SHA256 c219c88edcd1c2648a4caa516414c509a8c89369a3646ad7e79e6b150860f113
SHA3 bc457047cf261504cfa06029c09d660f1738efa7d7c9bc68c41389a7f29ca845

5

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x1465
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.95933
Detected Filetype PNG graphic file
MD5 21952c46a7ac546cbeedd01ff825dfa3
SHA1 eb6cc27507027c2f3043f79a74ad1b63418f82f3
SHA256 ac9be0c1fd46d1ee58bbc74345346ccda9cdff100a71261044acba907576e4cb
SHA3 3f09ce4a8fefd9f77d6e00dcc0a66f92bf685cfe1a2a6abfde25d8cbad0c8ca1

6

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0xf0b
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.93557
Detected Filetype PNG graphic file
MD5 fd0466dfce133c45d47ff8b95bcc1a40
SHA1 a3145aa660d23f5239f1f31d0e725daad3146303
SHA256 51d5aae169372905ad6d2f653d9204ba43dd8cfd4279b4d21e8cf9644805d65b
SHA3 22ebb3618fec84701a23fca08be4e8240169984427c993244d8cd53588fd8b6c

7

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0xa3c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.91699
Detected Filetype PNG graphic file
MD5 7fde9a31991dab1e2c7437d5205154fd
SHA1 0255bafb3d177a6483aa86dbccff9eb1474e2a39
SHA256 f2df0f9f84c472fe8f53ab2f9a389dc76ff300d63d626e67ac642c3849d431cd
SHA3 e2623bcf25874d08592de9572666bb34a34dc72211b42e7ba960dd66671bd9c2

8

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x65d
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.86829
Detected Filetype PNG graphic file
MD5 77281c266f84cff262b2330de65cbaf3
SHA1 8fb2b42d2e7cad9978e627611632259b61eb4383
SHA256 fe728b486dfe288482ec59d49fa44082c014c171f57858b10ca9b0f52eeae075
SHA3 bf33264965b5f8f7f1fce708f4c623b9546a2a3504788a5775da4b567a219db7

9

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x4b2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.80837
Detected Filetype PNG graphic file
MD5 19e347aaef7457e22d8b424358f3cbb0
SHA1 569a287dde6b959e64ed27bf482afe329be91567
SHA256 adfff95baeb566e1a6c3773eb1459700f88c5f2cc0965472483d3b8237100a83
SHA3 e2a4dc8cb6d8d0c4853cc92f483f2c0085ca11bc9d6ef0dbf6c6abae7b6c80cd

10

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x34d
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.70849
Detected Filetype PNG graphic file
MD5 ecc1891f1dcc8481656337876d2a62de
SHA1 01b06441ceb8f7ea0535852f22c340054c2238cd
SHA256 e2fa4504d092d2cd0570c5e52c26053824f4d6744e8e049a8b4f54c27f121a75
SHA3 4d0e8234d73e715704e6d87134ab4c53f714cfeaa9afc059671d17120359851a

103

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x92
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.16382
Detected Filetype Icon file
MD5 9a36025b4a03be87242d671a4c12dc49
SHA1 7e0a87ad8e0645eb148d83d6d1b52584d29d80aa
SHA256 6a5d671d89f3bef4c8f65c149f31b0bc0d9e86c1978c8a2e135954747d6b82b7
SHA3 04a0b2d5a860099f9a3cd7734576ff18502e2faf8a2a7a5a62ae4aa6f7fd893f

1 (#2)

Type RT_VERSION
Language English - United States
Codepage UNKNOWN
Size 0x35c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.41289
MD5 8f812d558cd5b6f89680f11673e25348
SHA1 a8a65eee7c00048e5ebca8dfd476aa95bb1eb475
SHA256 60ef0332346098a0638b599166beec436964326560ae812ecd3c5aebc86814e9
SHA3 0371e4e7ebb3d39a23f672e31d4fbbac1215db12482ba995ffce88b8d7f17a02

1 (#3)

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x6c1
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.37708
MD5 aab7e8aafe7b06ab3d003b54ab5e18ed
SHA1 dccf0408f43059df37b755f3241a8b4b35c728af
SHA256 fb88b19523afd8fed48eddfd10805a3a0a45997bbf8fac04d595ddf93c1a88a8
SHA3 a981b8e907b79cd9448766ace938dfd96560d11c29e6ba165912a8508bd52ca7

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 1.0.2.0
ProductVersion 1.0.2.0
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_UNKNOWN
Language English - United States
FileVersion (#2) 1.0.2.0
LegalCopyright Tales of Graces™f& ©Bandai Namco Entertainment Inc. ©いのまたむつみ
ProductVersion (#2) 1.0.2.0
FileDescription Tales of Graces f Remastered
InternalName Tales of Graces f Remastered
ProductName Tales of Graces f Remastered
CompanyName Bandai Namco Entertainment Inc.
Resource LangID English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2025-Feb-21 00:42:17
Version 0.0
SizeofData 117
AddressOfRawData 0x15d68
PointerToRawData 0x14f68
Referenced File D:\Noble\Packages\Temp\build\bin\x64\Master\Tales of Graces f Remastered_x64_Master_mono.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics 0
TimeDateStamp 2025-Feb-21 00:42:17
Version 0.0
SizeofData 20
AddressOfRawData 0x15de0
PointerToRawData 0x14fe0

IMAGE_DEBUG_TYPE_POGO

Characteristics 0
TimeDateStamp 2025-Feb-21 00:42:17
Version 0.0
SizeofData 836
AddressOfRawData 0x15df4
PointerToRawData 0x14ff4

TLS Callbacks

Load Configuration

Size 0x140
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x140018040

RICH Header

Errors