Mal-ecule
O(Eu)H₂(CrDb)Md
Objectives
Micro-behaviors
Metadata
| 0x20 | bytes |
| 0x21 | bytes |
| 0x29 | errors |
| 0x2a | errors |
| 0x33 | testing |
| 0x34 | testing |
| 0x3f | github.com/oioio-space/maldev/internal/msrpc/msrpc/pac |
| 0x40 | github.com/oioio-space/maldev/internal/msrpc/msrpc/pac |
| 0x254 | Unmarshal for tamper: %v |
| 0x255 | Unmarshal for tamper: %v |
| 0x3d3 | PAC buffer type 0x%X not found |
| 0x3d4 | PAC buffer type 0x%X not found |
| 0x53b | normalize: %v |
| 0x53c | normalize: %v |
| 0x58f | buildPAC: %v |
| 0x590 | buildPAC: %v |
| 0x63b | ValidatePAC(nil) returned nil, want error |
| 0x63c | ValidatePAC(nil) returned nil, want error |
| 0x6b1 | ValidatePAC([]byte{}) returned nil, want error |
| 0x6b2 | ValidatePAC([]byte{}) returned nil, want error |
| 0x78d | ValidatePAC(bogus) returned nil, want error |
| 0x78e | ValidatePAC(bogus) returned nil, want error |
| 0x84d | ValidatePAC(forged RC4): %v |
| 0x84e | ValidatePAC(forged RC4): %v |
| 0x93f | normalize: %v |
| 0x940 | normalize: %v |
| 0x993 | buildPAC: %v |
| 0x994 | buildPAC: %v |
| 0x9ed | ValidatePAC(forged AES256): %v |
| 0x9ee | ValidatePAC(forged AES256): %v |
| 0xae2 | normalize: %v |
| 0xae3 | normalize: %v |
| 0xb36 | buildPAC: %v |
| 0xb37 | buildPAC: %v |
| 0xb90 | ValidatePAC(forged AES128): %v |
| 0xb91 | ValidatePAC(forged AES128): %v |
| 0xccc | ValidatePAC(server sig tampered) = %v, want %v |
| 0xccd | ValidatePAC(server sig tampered) = %v, want %v |
| 0xe2d | ValidatePAC(KDC sig tampered) = %v, want %v |
| 0xe2e | ValidatePAC(KDC sig tampered) = %v, want %v |
| 0xf7f | ValidatePAC(wrong key) = %v, want %v |
| 0xf80 | ValidatePAC(wrong key) = %v, want %v |
| 0x116f | ValidatePAC(wrong etype) returned nil, want error |
| 0x1170 | ValidatePAC(wrong etype) returned nil, want error |
Imports
t.Helper
p.Unmarshal
t.Fatalf
append
t.Fatalf
t.Helper
okParams
p.normalize
t.Fatalf
buildPAC
t.Fatalf
ValidatePAC
fixedHash
t.Fatal
ValidatePAC
fixedHash
t.Fatal
bytes.Repeat
ValidatePAC
fixedHash
t.Fatal
pacForOk
ValidatePAC
t.Fatalf
okParams
bytes.Repeat
p.normalize
t.Fatalf
buildPAC
t.Fatalf
ValidatePAC
t.Fatalf
okParams
bytes.Repeat
p.normalize
t.Fatalf
buildPAC
t.Fatalf
ValidatePAC
t.Fatalf
pacForOk
tamperSignatureByte
ValidatePAC
errors.Is
t.Fatalf
pacForOk
tamperSignatureByte
ValidatePAC
errors.Is
t.Fatalf
pacForOk
bytes.Repeat
ValidatePAC
errors.Is
t.Fatalf
pacForOk
bytes.Repeat
ValidatePAC
t.Fatal
github.com/oioio-space/maldev/internal/msrpc/msrpc/pac
errors
testing
bytes
No sections found
comments
| chars | 788 |
| lines | 15 |
| to code ratio | 0.11 |
| total | 15 |
file
| size | 4521 |
functions
| avg length lines | 11.09 |
| avg name length | 30.73 |
| code in functions ratio | 0.81 |
| density per 100 lines | 7.33 |
| high entropy names | 10 |
| length stddev | 4.14 |
| max length lines | 20 |
| min length lines | 6 |
| no params count | 11 |
| numeric suffix names | 1 |
| total | 11 |
identifiers
| all lowercase ratio | 0.34 |
| all uppercase ratio | 0.02 |
| avg entropy | 2.77 |
| avg length | 14.68 |
| base64 like names | 6 |
| has digit ratio | 0.15 |
| high entropy count | 14 |
| high entropy ratio | 0.34 |
| length stddev | 12.95 |
| max length | 47 |
| min length | 1 |
| numeric suffix count | 3 |
| reuse ratio | 0.19 |
| sequential names | 4 |
| single char count | 5 |
| single char ratio | 0.12 |
| total | 220 |
| underscore prefix count | 1 |
| unique count | 41 |
imports
| stdlib count | 3 |
| stdlib ratio | 0.05 |
| third party count | 60 |
| third party ratio | 0.95 |
| total | 63 |
| unique modules | 18 |
strings
| avg entropy | 3.81 |
| avg length | 26.91 |
| entropy stddev | 0.72 |
| max length | 54 |
| total | 44 |
| total bytes | 1184 |
text
| avg line length | 29.14 |
| char entropy | 5.29 |
| digit ratio | 0.02 |
| empty line ratio | 0.09 |
| high byte ratio | 0 |
| identifier density | 1.47 |
| identifiers to functions ratio | 3.73 |
| import density | 42 |
| imports to functions ratio | 5.73 |
| last line length | 1 |
| line length stddev | 25.1 |
| max inline whitespace run | 1 |
| max line length | 82 |
| most common char | e |
| most common ratio | 0.08 |
| non ascii ratio | 0 |
| normalized function count | 0.9 |
| normalized import count | 5.14 |
| normalized string count | 3.59 |
| normalized unique identifiers | 5.67 |
| space count | 438 |
| string density | 0.29 |
| strings to functions ratio | 4 |
| suspicious identifier ratio | 0.24 |
| tab count | 134 |
| total lines | 150 |
| unique chars | 83 |
| whitespace ratio | 0.16 |
| source.functions[0] | TestValidatePAC_DetectsKDCSignatureTampering |
| source.functions[10] | tamperSignatureByte |
| source.functions[1] | TestValidatePAC_DetectsServerSignatureTampering |
| source.functions[2] | TestValidatePAC_DetectsWrongEType |
| source.functions[3] | TestValidatePAC_DetectsWrongKey |
| source.functions[4] | TestValidatePAC_RejectsBogusBytes |
| source.functions[5] | TestValidatePAC_RejectsEmptyBytes |
| source.functions[6] | TestValidatePAC_RoundTripAES128 |
| source.functions[7] | TestValidatePAC_RoundTripAES256 |
| source.functions[8] | TestValidatePAC_RoundTripRC4 |
| source.functions[9] | pacForOk |
| source.has_imports | true |
| source.imports[0] | ValidatePAC |
| source.imports[10] | p.Unmarshal |
| source.imports[11] | p.normalize |
| source.imports[12] | pacForOk |
| source.imports[13] | t.Fatal |
| source.imports[14] | t.Fatalf |
| source.imports[15] | t.Helper |
| source.imports[16] | tamperSignatureByte |
| source.imports[17] | testing |
| source.imports[1] | append |
| source.imports[2] | buildPAC |
| source.imports[3] | bytes |
| source.imports[4] | bytes.Repeat |
| source.imports[5] | errors |
| source.imports[6] | errors.Is |
| source.imports[7] | fixedHash |
| source.imports[8] | github.com/oioio-space/maldev/internal/msrpc/msrpc/pac |
| source.imports[9] | okParams |
| source.strings[0] | PAC buffer type 0x%X not found |
| source.strings[10] | ValidatePAC(wrong etype) returned nil, want error |
| source.strings[11] | ValidatePAC(wrong key) = %v, want %v |
| source.strings[12] | buildPAC: %v |
| source.strings[13] | errors |
| source.strings[14] | github.com/oioio-space/maldev/internal/msrpc/msrpc/pac |
| source.strings[15] | normalize: %v |
| source.strings[16] | testing |
| source.strings[1] | Unmarshal for tamper: %v |
| source.strings[2] | ValidatePAC(KDC sig tampered) = %v, want %v |
| source.strings[3] | ValidatePAC([]byte{}) returned nil, want error |
| source.strings[4] | ValidatePAC(bogus) returned nil, want error |
| source.strings[5] | ValidatePAC(forged AES128): %v |
| source.strings[6] | ValidatePAC(forged AES256): %v |
| source.strings[7] | ValidatePAC(forged RC4): %v |
| source.strings[8] | ValidatePAC(nil) returned nil, want error |
| source.strings[9] | ValidatePAC(server sig tampered) = %v, want %v |
Identity
| SHA-256 | ee4956dd4f84871cde7e5da281945e28469a175122c0e84b5483016b66b551fa |
|---|---|
| Filename | validate_test.go |
Origin
| Ecosystem | windows |
|---|
Timeline
| First seen | 8 May 2026 16:27 UTC |
|---|---|
| Last analyzed | 9 May 2026 02:10 UTC |
Not seeing what you expected? Let us know