C:\sources\cecil\symbols\mdb\obj\net_3_5_Release\Mono.Cecil.Mdb.pdb
Static task
static1
1 signatures
General
-
Target
BepInEx_x64_5.4.21.0.zip
-
Size
620KB
-
MD5
5f4fc1374cc7de33a79b099de5a395e6
-
SHA1
646cc384e41d922c190ed01da8ea9168b763cad7
-
SHA256
2af69fe0aaf821e95c4cd3e4d53860e667c54648f97dca6f971a5bcd3c22aa34
-
SHA512
7138f65902173b27b011a2849308e35a44b410cc0beae3fe64b4bbc8aadb525721b7f765a37cf6b83541a1ab17b74ce5dc7fbcca69e9c4596068912e28c32878
-
SSDEEP
12288:t0dd4noWwAFGocH7tRcc5k6E/14BRUScU396mEpNszQt1H0qdgLVJbFHKL:Gdmnoz5RcIRE/14BRgYmNsEtFdWb9KL
Score
3/10
Malware Config
Signatures
-
Unsigned PE 13 IoCs
Checks for missing Authenticode signature.
resource unpack001/BepInEx/core/0Harmony.dll unpack001/BepInEx/core/0Harmony20.dll unpack001/BepInEx/core/BepInEx.Harmony.dll unpack001/BepInEx/core/BepInEx.Preloader.dll unpack001/BepInEx/core/BepInEx.dll unpack001/BepInEx/core/HarmonyXInterop.dll unpack001/BepInEx/core/Mono.Cecil.Mdb.dll unpack001/BepInEx/core/Mono.Cecil.Pdb.dll unpack001/BepInEx/core/Mono.Cecil.Rocks.dll unpack001/BepInEx/core/Mono.Cecil.dll unpack001/BepInEx/core/MonoMod.RuntimeDetour.dll unpack001/BepInEx/core/MonoMod.Utils.dll unpack001/winhttp.dll
Files
-
BepInEx_x64_5.4.21.0.zip.zip
-
BepInEx/core/0Harmony.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 197KB - Virtual size: 197KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
BepInEx/core/0Harmony.xml.xml .js polyglot
-
BepInEx/core/0Harmony20.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 107KB - Virtual size: 106KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 928B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
BepInEx/core/BepInEx.Harmony.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 1000B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
BepInEx/core/BepInEx.Harmony.xml.xml
-
BepInEx/core/BepInEx.Preloader.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 964B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
BepInEx/core/BepInEx.Preloader.xml.xml
-
BepInEx/core/BepInEx.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 120KB - Virtual size: 120KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 960B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
BepInEx/core/BepInEx.xml.xml
-
BepInEx/core/HarmonyXInterop.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 21KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 936B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
BepInEx/core/Mono.Cecil.Mdb.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
mscoree
_CorDllMain
Sections
.text Size: 40KB - Virtual size: 39KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 864B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
BepInEx/core/Mono.Cecil.Pdb.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\sources\cecil\symbols\pdb\obj\net_3_5_Release\Mono.Cecil.Pdb.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 82KB - Virtual size: 82KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 864B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
BepInEx/core/Mono.Cecil.Rocks.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\sources\cecil\rocks\obj\net_3_5_Release\Mono.Cecil.Rocks.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 876B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
BepInEx/core/Mono.Cecil.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\sources\cecil\obj\net_3_5_Release\Mono.Cecil.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 329KB - Virtual size: 329KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 840B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
BepInEx/core/MonoMod.RuntimeDetour.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
D:\a\1\s\MonoMod.RuntimeDetour\obj\Release\net35\MonoMod.RuntimeDetour.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 101KB - Virtual size: 100KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
BepInEx/core/MonoMod.RuntimeDetour.xml.xml
-
BepInEx/core/MonoMod.Utils.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
D:\a\1\s\MonoMod.Utils\obj\Release\net35\MonoMod.Utils.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 181KB - Virtual size: 180KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
BepInEx/core/MonoMod.Utils.xml.xml
-
changelog.txt
-
doorstop_config.ini
-
winhttp.dll.dll windows:6 windows x64 arch:x64
26aaf6d092b2094f4d3bc0710b708de0
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
kernel32
GetCommandLineW
GetEnvironmentVariableW
GetFileAttributesW
GetFullPathNameW
HeapFree
LocalFree
lstrcmpiW
GetPrivateProfileStringW
HeapAlloc
GetStdHandle
GetCommandLineA
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateFileW
GetFileSize
ReadFile
CloseHandle
GetLastError
GetProcessHeap
ExitProcess
GetSystemDirectoryW
VirtualProtect
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
LoadLibraryW
lstrcmpA
lstrcmpiA
MultiByteToWideChar
WideCharToMultiByte
user32
MessageBoxW
wsprintfW
shell32
CommandLineToArgvW
Exports
Exports
GetFileVersionInfoA
GetFileVersionInfoByHandle
GetFileVersionInfoExA
GetFileVersionInfoExW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeExA
GetFileVersionInfoSizeExW
GetFileVersionInfoSizeW
GetFileVersionInfoW
Private1
SvchostPushServiceGlobals
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW
VerLanguageNameA
VerLanguageNameW
VerQueryValueA
VerQueryValueW
WinHttpAddRequestHeaders
WinHttpAutoProxySvcMain
WinHttpCheckPlatform
WinHttpCloseHandle
WinHttpConnect
WinHttpConnectionDeletePolicyEntries
WinHttpConnectionDeleteProxyInfo
WinHttpConnectionFreeNameList
WinHttpConnectionFreeProxyInfo
WinHttpConnectionFreeProxyList
WinHttpConnectionGetNameList
WinHttpConnectionGetProxyInfo
WinHttpConnectionGetProxyList
WinHttpConnectionSetPolicyEntries
WinHttpConnectionSetProxyInfo
WinHttpConnectionUpdateIfIndexTable
WinHttpCrackUrl
WinHttpCreateProxyResolver
WinHttpCreateUrl
WinHttpDetectAutoProxyConfigUrl
WinHttpFreeProxyResult
WinHttpFreeProxyResultEx
WinHttpFreeProxySettings
WinHttpGetDefaultProxyConfiguration
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpGetProxyForUrlEx
WinHttpGetProxyForUrlEx2
WinHttpGetProxyForUrlHvsi
WinHttpGetProxyResult
WinHttpGetProxyResultEx
WinHttpGetProxySettingsVersion
WinHttpGetTunnelSocket
WinHttpOpen
WinHttpOpenRequest
WinHttpPacJsWorkerMain
WinHttpProbeConnectivity
WinHttpQueryAuthSchemes
WinHttpQueryDataAvailable
WinHttpQueryHeaders
WinHttpQueryOption
WinHttpReadData
WinHttpReadProxySettings
WinHttpReadProxySettingsHvsi
WinHttpReceiveResponse
WinHttpResetAutoProxy
WinHttpSaveProxyCredentials
WinHttpSendRequest
WinHttpSetCredentials
WinHttpSetDefaultProxyConfiguration
WinHttpSetOption
WinHttpSetStatusCallback
WinHttpSetTimeouts
WinHttpTimeFromSystemTime
WinHttpTimeToSystemTime
WinHttpWebSocketClose
WinHttpWebSocketCompleteUpgrade
WinHttpWebSocketQueryCloseStatus
WinHttpWebSocketReceive
WinHttpWebSocketSend
WinHttpWebSocketShutdown
WinHttpWriteData
WinHttpWriteProxySettings
Sections
.text Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 300B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ