From the looks of it, the descriptor got encrypted. It is from offset hex 200 - hex 550. (See attached screenshot).
I am not sure if the encoding would be UTF-8 on Windows OS with Shift-JIS character set. But my best guess is it should not matter to the guest OS inside.
If you have a working Python3 environment in your host machine (or some other machine), I wrote a quick and dirty Python program (the replaceVMDK.txt in the attachment, .py attachments not allowed) that would read a text file that has the encrypted descriptor and replace the location. I suppose this program can be modified to write directly to the VMDK instead of the metadata.bin file.
