UnderminersTeam
SONIC 2011- data.win extraction error
Describe the bug
Opening the data.win file extracted from this game results in the following:
Reproducing steps
- Create a full dump using Process Hacker
- Use ExtractEmbeddedDataFile.csx on it
- Results in attached error while trying to load data.win
Setup Details
- UndertaleModTool v0.8.1.1
- Windows 10 IoT Enterprise LTSC 2021
- https://gamejolt.com/games/sonic/783884
https://gitlab.com/gameripper/gameripper - This program loads the data.win file partially, showing sounds and sprites
I don't think we support loading data files that are loaded in runtime memory at all. The runtime completely changes the file format - you'd need to intercept the process before this happens and get a memory dump of that, instead.
Also, I believe this is a duplicate of https://github.com/UnderminersTeam/UndertaleModTool/issues/1420.
I did some research on this game.
Although it was developed using GMS2, it uses a custom protect shell and a custom resource encryption tool.
As a result, mainstream shell detectors cannot properly analyze the game process.
The reason why the dumped data.win appears so strange is precisely because the game hasn't been unpacked.
During runtime, it extracts MrCatalyseurGM.dll and window_command_hook_x64.dll (which I assume is used for fullscreen functionality) into the same directory as the game.
Also, I believe this is a YYC-compiled game—so even if it were unpacked and data.win was obtained, it would still be meaningless. This falls outside the scope of what UTMT is responsible for, so I think the related issue regarding "SONIC 2011" should be closed.
