lsassdump_example_test.go
GO
Verdict: HOSTILE
Objectives
Micro-behaviors
-
github.com/oioio-space/maldev/credentials/lsassdump
×2
Metadata
-
github.com/oioio-space/maldev/credentials/lsassdump
-
github.com/oioio-space/maldev/win/syscall
-
lsassdump_example_test.go
-
lsassdump_example_test.go
| 0x36 |
fmt |
| 0x37 |
fmt |
| 0x3e |
github.com/oioio-space/maldev/credentials/lsassdump |
| 0x3f |
github.com/oioio-space/maldev/credentials/lsassdump |
| 0x7e |
github.com/oioio-space/maldev/win/syscall |
| 0x7f |
github.com/oioio-space/maldev/win/syscall |
| 0x1f1 |
C:\Users\Public\lsass.dmp |
| 0x1f2 |
C:\Users\Public\lsass.dmp |
| 0x232 |
dump: |
| 0x233 |
dump: |
Imports
wsyscall.New
lsassdump.DumpToFile
fmt.Println
github.com/oioio-space/maldev/credentials/lsassdump
github.com/oioio-space/maldev/win/syscall
fmt
comments
| chars |
215 |
| lines |
4 |
| to code ratio |
0.25 |
| total |
4 |
functions
| avg length lines |
6 |
| avg name length |
17 |
| code in functions ratio |
0.3 |
| density per 100 lines |
5 |
| high entropy names |
1 |
| max length lines |
6 |
| min length lines |
6 |
| no params count |
1 |
| total |
1 |
identifiers
| all lowercase ratio |
0.86 |
| all uppercase ratio |
0.14 |
| avg entropy |
1.93 |
| avg length |
6.71 |
| high entropy count |
1 |
| high entropy ratio |
0.14 |
| length stddev |
4.98 |
| max length |
17 |
| min length |
1 |
| reuse ratio |
0.64 |
| single char count |
1 |
| single char ratio |
0.14 |
| total |
11 |
| underscore prefix count |
1 |
| unique count |
7 |
imports
| stdlib count |
1 |
| stdlib ratio |
0.17 |
| third party count |
5 |
| third party ratio |
0.83 |
| total |
6 |
| unique modules |
6 |
strings
| avg entropy |
3.25 |
| avg length |
25.2 |
| entropy stddev |
1.09 |
| max length |
51 |
| path count |
1 |
| shell command strings |
1 |
| total |
10 |
| total bytes |
252 |
text
| avg line length |
28.05 |
| char entropy |
5.19 |
| digit ratio |
0 |
| empty line ratio |
0.2 |
| escape density |
0.17 |
| identifier density |
0.55 |
| identifiers to functions ratio |
7 |
| import density |
30 |
| imports to functions ratio |
6 |
| last line length |
1 |
| line length stddev |
28.6 |
| max inline whitespace run |
1 |
| max line length |
85 |
| most common char |
s |
| most common ratio |
0.07 |
| normalized function count |
0.22 |
| normalized import count |
1.34 |
| normalized string count |
2.24 |
| normalized unique identifiers |
1.62 |
| space count |
47 |
| string density |
0.5 |
| strings to functions ratio |
10 |
| suspicious string ratio |
0.1 |
| tab count |
8 |
| total lines |
20 |
| unicode escape count |
1 |
| unique chars |
62 |
| whitespace ratio |
0.13 |
| source.functions[0] |
ExampleDumpToFile |
| source.has_imports |
true |
| source.imports[0] |
fmt |
| source.imports[1] |
fmt.Println |
| source.imports[2] |
github.com/oioio-space/maldev/credentials/lsassdump |
| source.imports[3] |
github.com/oioio-space/maldev/win/syscall |
| source.imports[4] |
lsassdump.DumpToFile |
| source.imports[5] |
wsyscall.New |
| source.strings[0] |
C:\Users\Public\lsass.dmp |
| source.strings[1] |
github.com/oioio-space/maldev/credentials/lsassdump |
| source.strings[2] |
github.com/oioio-space/maldev/win/syscall |
Identity
| SHA-256 |
996cdc0b4e3516fc8eeee91d58a53405f80334c57fdbf5b0b0e2c5381566c99d |
| Filename |
lsassdump_example_test.go |
Timeline
| First seen |
8 May 2026 16:27 UTC |
| Last analyzed |
9 May 2026 08:40 UTC |