| Property | Value |
|---|---|
| Version | tucert_Y01S03_C6101049_D1004780_S6167_123 |
| Built | Mon Mar 29 20:20:36 2021 UTC |
| Exeuctable | scimitar_engine_win64_2017_flto_vulkan.exe |
The information for this wiki concerns this version of HyperScape.
Hyperscape.exe| Property | Value |
|---|---|
| Operation system | Windows(Vista)[AMD64, 64-bit, GUI] |
| Linker | Microsoft Linker(14.16.27027) |
| Compiler | Microsoft Visual C/C++(19.16.27043)[C++] |
| Language | C++ |
| Library | Direct3D(9) |
| Library | Steam |
| Library | Vulkan |
| Tool | Visual Studio(2017, v15.9) |
| Sign tool | Windows Authenticode(2.0)[PKCS #7] |
| Protector | VMProtect(3.2.0-3.5.0) |
| (Heur)Packer | Compressed or packed data[Imports like VMProtect (v3.2.0-3.5.0) + Sections collision (".UBX") + High entropy + Section 6 (".UBX1") compressed] |
| Debug data | PDB file link(7.0) |
| Certificate | WinAuth(2.0)[PKCS #7] |
Because the game is normally distributed with BattlEye, the following game flags are required to pass into the executable: -eac_launcher /belaunch -be in order to disable the anti-cheat in the game.
The game also handles game license checks through Ubisoft Connect (Formerly known as, and in the game files as, 'UPlay'). Check out the uplay_r1 page for more information on how this works and how to bypass this restriction.
The game executable is obfuscated with VMProtect v3.20-v3.5.0, but critical game functions are not.
A tool like VMP3 Import Fix can be used to dynamically fix imports and export a much more manageable executable for reverse-engineering with a decompiler like IDA or Ghidra.
Note that many lower level functions and especially IO-related procedures remain obfuscated.
No debug builds are currently known of the game itself, however debug builds and PDBs of libraries like RendezVous have been leaked and have been instrumental in further understanding the game.
The game has additional protections against using VirtualProtect (Although, earlier versions of the game, for example from Season 1, appear to have this protection removed).
Bypassing this restriction either involves using VirtualProtect from an external process to mark all pages as writable and executable, or removing this protection entirely by running code before the game starts.