D:\a\lychee\lychee\target\release\deps\lychee.pdb
Static task
static1
1 signatures
General
-
Target
lychee-v0.15.1-windows-x86_64.exe
-
Size
18.6MB
-
MD5
af2d6a01af58c4dc5dc5a798b511dbf9
-
SHA1
93c0b37eec563f6f6b4615626c4c9ff8658e1cc3
-
SHA256
b75a5ba20d18fcd09b831451111d12501873ae7bdd5054819824f6e818e316f0
-
SHA512
3293e0fe34a4b13c91e5ea4beaf9b5206ba73b57157e4c3f9735f71670af666173f97dbadf42da98f5d9567a13ea94172c98816a6bb10e340a5575a2741fbfdf
-
SSDEEP
98304:RxcpCXvUoVbFy+ZJ60Cdgj523al2ycnyFDT2wQqok5Juo151iitGcR78bIwlFT+D:RDXvUo7S9euqpvGOkTVU5mso9l
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource lychee-v0.15.1-windows-x86_64.exe
Files
-
lychee-v0.15.1-windows-x86_64.exe.exe windows:6 windows x64 arch:x64
c6e73b59d32dd73e98568dca0be26d7b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
kernel32
SetHandleInformation
PostQueuedCompletionStatus
UnregisterWait
CreateIoCompletionPort
SetFileCompletionNotificationModes
RegisterWaitForSingleObject
GetModuleHandleW
GetProcAddress
GetQueuedCompletionStatusEx
FormatMessageW
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
Sleep
GetCurrentProcessId
SleepConditionVariableSRW
GetCurrentProcess
GetSystemInfo
lstrlenW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetFileInformationByHandleEx
GetModuleHandleA
RtlVirtualUnwind
SetConsoleTextAttribute
AddVectoredExceptionHandler
SetThreadStackGuarantee
SwitchToThread
GetLastError
SetWaitableTimer
WaitForSingleObject
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
GetCurrentDirectoryW
GetEnvironmentVariableW
FillConsoleOutputAttribute
GetCommandLineW
SetFileInformationByHandle
SetFilePointerEx
FillConsoleOutputCharacterA
TerminateProcess
WakeAllConditionVariable
WakeConditionVariable
QueryPerformanceFrequency
HeapFree
SetConsoleCursorPosition
HeapReAlloc
ReleaseMutex
GetProcessHeap
HeapAlloc
FindNextFileW
FindClose
CreateFileW
GetFileInformationByHandle
FindFirstFileW
DeviceIoControl
GetFinalPathNameByHandleW
SetConsoleMode
GetConsoleMode
GetFileType
GetConsoleScreenBufferInfo
GetModuleFileNameW
ExitProcess
GetFullPathNameW
MultiByteToWideChar
WriteConsoleW
WideCharToMultiByte
ReadConsoleW
CreateThread
GetCurrentThread
GetSystemTimeAsFileTime
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
GetStdHandle
AcquireSRWLockShared
ReleaseSRWLockShared
CloseHandle
CreateWaitableTimerExW
TryAcquireSRWLockExclusive
SetLastError
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
IsProcessorFeaturePresent
ws2_32
getsockopt
getpeername
setsockopt
shutdown
WSASend
sendto
recvfrom
send
recv
WSACleanup
WSAGetLastError
WSAStartup
connect
bind
ioctlsocket
WSAIoctl
socket
closesocket
freeaddrinfo
getsockname
getaddrinfo
WSASocketW
shell32
SHGetKnownFolderPath
ole32
CoTaskMemFree
secur32
EncryptMessage
FreeContextBuffer
AcceptSecurityContext
InitializeSecurityContextW
ApplyControlToken
DecryptMessage
FreeCredentialsHandle
AcquireCredentialsHandleA
QueryContextAttributesW
DeleteSecurityContext
crypt32
CertFreeCertificateContext
CertOpenStore
CertGetCertificateChain
CertFreeCertificateChain
CertDuplicateCertificateChain
CertVerifyCertificateChainPolicy
CertCloseStore
CertEnumCertificatesInStore
CertAddCertificateContextToStore
CertDuplicateCertificateContext
CertVerifyTimeValidity
CertGetEnhancedKeyUsage
CertDuplicateStore
advapi32
SystemFunction036
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
iphlpapi
GetAdaptersAddresses
ntdll
RtlNtStatusToDosError
NtDeviceIoControlFile
NtCancelIoFileEx
NtWriteFile
NtCreateFile
NtReadFile
bcrypt
BCryptGenRandom
vcruntime140
memmove
memcpy
__current_exception
memset
__CxxFrameHandler3
memcmp
__current_exception_context
_CxxThrowException
__C_specific_handler
api-ms-win-crt-math-l1-1-0
trunc
pow
__setusermatherr
truncf
ceil
round
api-ms-win-crt-string-l1-1-0
strlen
api-ms-win-crt-runtime-l1-1-0
_cexit
exit
_exit
_initialize_narrow_environment
_set_app_type
_initterm
_c_exit
_initterm_e
_register_thread_local_exe_atexit_callback
_configure_narrow_argv
__p___argv
terminate
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_get_initial_narrow_environment
_seh_filter_exe
__p___argc
api-ms-win-crt-stdio-l1-1-0
_set_fmode
__p__commode
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
api-ms-win-crt-heap-l1-1-0
free
_set_new_mode
Sections
.text Size: 11.3MB - Virtual size: 11.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 6.5MB - Virtual size: 6.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 25KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 511KB - Virtual size: 510KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 238KB - Virtual size: 237KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ