MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 dcf407601d692c437ddd3e8535c4e101584c7914bc5df99d8bd3a02ff4620dc1. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


CoinMiner


Vendor detections: 14


Intelligence 14 IOCs YARA 21 File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: dcf407601d692c437ddd3e8535c4e101584c7914bc5df99d8bd3a02ff4620dc1
SHA3-384 hash: f3f25d9f2a356c4a2ac1444bb50857ec413fcd68664ca9c77c49a35fb58c52ba7b6e92934c29bcd1fd392c51b8593ce4
SHA1 hash: 6d349c71b9b72648b09948f56f2cd9151c8d2072
MD5 hash: 77f2fdb37c37415561c973821ae74508
humanhash: glucose-artist-yankee-mississippi
File name:Installer.exe
Download: download sample
Signature CoinMiner
Create hunting rule
File size:7'818'752 bytes
First seen:2025-01-23 14:49:04 UTC
Last seen:2025-03-22 22:45:15 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash d42595b695fc008ef2c56aabd8efd68e (92 x Rhadamanthys, 83 x Vidar, 43 x LummaStealer)
ssdeep 98304:hvgPUD73LiXEm+AFPc2pfvgvRPqL+nGNm:acD73Lb2fvgJ2QY
TLSH T1C3768D03FC9555E9C5A9E234C9B28263BA717C494B3163D32B60F7382F76BD0AA79740
TrID 44.4% (.EXE) Win64 Executable (generic) (10522/11/4)
21.3% (.EXE) Win16 NE executable (generic) (5038/12/1)
8.7% (.ICL) Windows Icons Library (generic) (2059/9)
8.5% (.EXE) OS/2 Executable (generic) (2029/13)
8.4% (.EXE) Generic Win/DOS Executable (2002/3)
Magika pebin
Reporter aachum
Tags:CoinMiner exe PentagonStealer


Avatar
iamaachum
Pentagon C2: https://pentagon.cy

Intelligence

File Origin
# of uploads :
2
# of downloads :
434
Origin country :
ES ES
Vendor Threat Intelligence
Malware family:
n/a
ID:
1
File name:
https://github.com/Frolowbokk/TelegramBlumBot
Verdict:
Malicious activity
Analysis date:
2025-01-23 11:32:38 UTC
Tags:
telegram stealer miner
Link:
https://app.any.run/tasks/10345e59-46a2-4800-8adf-38155af255b7

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Verdict:
Clean
Score:
89.3%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67925836e708b6e7a3b074a2
Tags:
n/a
Result
Verdict:
Malware
Maliciousness:

Behaviour
DNS request
Connection attempt
Sending a custom TCP request
Creating a file in the %temp% subdirectories
Creating a process from a recently created file
Creating a process with a hidden window
Searching for the window
Using the Windows Management Instrumentation requests
Creating a file
Creating a file in the %AppData% subdirectories
Сreating synchronization primitives
Running batch commands
Deleting a system file
Launching a process
Creating a service
Setting browser functions hooks
Launching a tool to kill processes
Enabling autorun for a service
Forced shutdown of a browser
Adding an exclusion to Microsoft Defender
Changing the hosts file
Unauthorized injection to a system process
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
crypto golang packed packed packer_detected
Link:
https://www.filescan.io/uploads/6792572070cf772b4cf5ad07/reports/b165c367-c39c-48c5-90eb-b926ade9791f/overview
Verdict:
Malicious
Labled as:
Win/malicious_confidence_70%
Link:
https://www.hybrid-analysis.com/sample/dcf407601d692c437ddd3e8535c4e101584c7914bc5df99d8bd3a02ff4620dc1
Result
Verdict:
UNKNOWN
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Verdict:
Suspicious
Link:
https://analyze.intezer.com/analyses/02983ebc-9589-482b-a13a-bc15766cad69
Result
Threat name:
Xmrig
Create hunting rule
Detection:
malicious
Classification:
phis.troj.adwa.spyw.evad.mine
Score:
100 / 100
Link:
https://www.joesandbox.com/analysis/1597676
Signature
Adds a directory exclusion to Windows Defender
Allocates memory in foreign processes
Attempt to bypass Chrome Application-Bound Encryption
Contains functionality to compare user and computer (likely to detect sandboxes)
Contains functionality to inject code into remote processes
Creates a thread in another existing process (thread injection)
Found direct / indirect Syscall (likely to bypass EDR)
Found many strings related to Crypto-Wallets (likely being stolen)
Found Tor onion address
Hides threads from debuggers
Hooks files or directories query functions (used to hide files and directories)
Hooks processes query functions (used to hide processes)
Hooks registry keys query functions (used to hide registry keys)
Injects a PE file into a foreign processes
Installs new ROOT certificates
Joe Sandbox ML detected suspicious sample
Loading BitLocker PowerShell Module
Malicious sample detected (through community Yara rule)
Modifies power options to not sleep / hibernate
Modifies the context of a thread in another process (thread injection)
Modifies the hosts file
Modifies the prolog of user mode functions (user mode inline hooks)
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Overwrites code with unconditional jumps - possibly settings hooks in foreign process
Overwrites Mozilla Firefox settings
PE file contains section with special chars
Protects its processes via BreakOnTermination flag
Query firmware table information (likely to detect VMs)
Sample is not signed and drops a device driver
Sigma detected: Disable power options
Sigma detected: Potential Data Stealing Via Chromium Headless Debugging
Sigma detected: Powershell Base64 Encoded MpPreference Cmdlet
Sigma detected: Stop EventLog
Suricata IDS alerts for network traffic
Tries to detect debuggers (CloseHandle check)
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Tries to evade analysis by execution special instruction (VM detection)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to steal Crypto Currency Wallets
Uses powercfg.exe to modify the power settings
Uses the Telegram API (likely for C&C communication)
Writes to foreign memory regions
Yara detected Xmrig cryptocurrency miner
Behaviour
Behavior Graph:
Download SVG
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1597676 Sample: Installer.exe Startdate: 23/01/2025 Architecture: WINDOWS Score: 100 82 api.telegram.org 2->82 84 slkpanel3458647.site 2->84 86 2 other IPs or domains 2->86 106 Suricata IDS alerts for network traffic 2->106 108 Malicious sample detected (through community Yara rule) 2->108 110 Multi AV Scanner detection for submitted file 2->110 114 11 other signatures 2->114 9 Installer.exe 3 2->9         started        14 WindowsAutHost 2->14         started        16 svchost.exe 1 2->16         started        signatures3 112 Uses the Telegram API (likely for C&C communication) 82->112 process4 dnsIp5 90 biteblob.com 71.179.14.4, 443, 49731, 49732 UUNETUS United States 9->90 92 api.telegram.org 149.154.167.220, 443, 49739 TELEGRAMRU United Kingdom 9->92 76 C:\Users\user\AppData\Local\Temp\...\Main.exe, PE32+ 9->76 dropped 78 C:\Users\user\AppData\Local\...\Bypass.exe, PE32+ 9->78 dropped 134 Installs new ROOT certificates 9->134 18 Main.exe 1 2 9->18         started        22 Bypass.exe 10 9->22         started        80 C:\Windows\Temp\afioaaeuwupn.sys, PE32+ 14->80 dropped 136 Multi AV Scanner detection for dropped file 14->136 138 Overwrites code with unconditional jumps - possibly settings hooks in foreign process 14->138 140 Query firmware table information (likely to detect VMs) 14->140 142 8 other signatures 14->142 25 powershell.exe 14->25         started        27 cmd.exe 14->27         started        29 sc.exe 14->29         started        31 4 other processes 14->31 94 127.0.0.1 unknown unknown 16->94 file6 signatures7 process8 dnsIp9 70 C:\ProgramData\...\WindowsAutHost, PE32+ 18->70 dropped 72 C:\Windows\System32\drivers\etc\hosts, ASCII 18->72 dropped 116 Multi AV Scanner detection for dropped file 18->116 118 Overwrites code with unconditional jumps - possibly settings hooks in foreign process 18->118 120 Query firmware table information (likely to detect VMs) 18->120 130 10 other signatures 18->130 33 dialer.exe 18->33         started        36 powershell.exe 23 18->36         started        38 cmd.exe 1 18->38         started        44 13 other processes 18->44 88 pentagon.cy 104.21.80.1, 443, 49747, 49748 CLOUDFLARENETUS United States 22->88 74 C:\Users\user\AppData\...\cookies-copy.sqlite, SQLite 22->74 dropped 122 Attempt to bypass Chrome Application-Bound Encryption 22->122 124 Found many strings related to Crypto-Wallets (likely being stolen) 22->124 126 Found Tor onion address 22->126 132 3 other signatures 22->132 46 6 other processes 22->46 128 Loading BitLocker PowerShell Module 25->128 40 conhost.exe 25->40         started        48 2 other processes 27->48 42 conhost.exe 29->42         started        50 4 other processes 31->50 file10 signatures11 process12 signatures13 96 Contains functionality to inject code into remote processes 33->96 98 Writes to foreign memory regions 33->98 100 Allocates memory in foreign processes 33->100 104 3 other signatures 33->104 64 9 other processes 33->64 102 Loading BitLocker PowerShell Module 36->102 52 conhost.exe 36->52         started        54 conhost.exe 38->54         started        56 wusa.exe 38->56         started        58 conhost.exe 44->58         started        60 conhost.exe 44->60         started        62 conhost.exe 44->62         started        66 10 other processes 44->66 68 2 other processes 46->68 process14
Score:
98%
Verdict:
Malware
File Type:
PE
Link:
https://malprob.io/report/dcf407601d692c437ddd3e8535c4e101584c7914bc5df99d8bd3a02ff4620dc1
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/dcf407601d692c437ddd3e8535c4e101584c7914bc5df99d8bd3a02ff4620dc1/
Threat name:
Win64.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-01-23 07:57:08 UTC
File Type:
PE+ (Exe)
AV detection:
9 of 24 (37.50%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=3t2aoya5neweg7o5h2ctlrhbafmey6iuxro7thml2oqc75dcbxaq._file
Result
Malware family:
pentagonstealer
Create hunting rule
Score:
  10/10
Tags:
family:pentagonstealer credential_access defense_evasion execution persistence spyware stealer
Link:
https://tria.ge/reports/250123-r617basrbz/
Behaviour
Checks SCSI registry key(s)
Checks processor information in registry
Enumerates system info in registry
Kills process with taskkill
Modifies data under HKEY_USERS
Modifies system certificate store
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Drops file in Windows directory
Launches sc.exe
Drops file in System32 directory
Suspicious use of NtSetInformationThreadHideFromDebugger
Suspicious use of SetThreadContext
Power Settings
Accesses cryptocurrency files/wallets, possible credential harvesting
Checks BIOS information in registry
Executes dropped EXE
Indicator Removal: Clear Windows Event Logs
Reads user/profile data of local email clients
Reads user/profile data of web browsers
Unsecured Credentials: Credentials In Files
Command and Scripting Interpreter: PowerShell
Creates new service(s)
Drops file in Drivers directory
Stops running service(s)
Uses browser remote debugging
Pentagon Stealer
Pentagonstealer family
Malware Config
C2 Extraction:
https://pentagon.cy
Verdict:
Suspicious
Tags:
n/a
YARA:
n/a
Link:
https://app.threat.zone/submission/77462abe-7025-45c4-b67c-63ead5b67b7b
Unpacked files
SH256 hash:
dcf407601d692c437ddd3e8535c4e101584c7914bc5df99d8bd3a02ff4620dc1
MD5 hash:
77f2fdb37c37415561c973821ae74508
SHA1 hash:
6d349c71b9b72648b09948f56f2cd9151c8d2072
Detections:
Sliver
Create hunting rule
Link:
https://www.unpac.me/results/9d0b0c22-f2a1-47c4-97fd-e87e4c16d76f/
Parent samples :
8578846ede366f0408345227eac93e186ab1af6b6937209fecb7b4de117a098a
dcf407601d692c437ddd3e8535c4e101584c7914bc5df99d8bd3a02ff4620dc1
Malware family:
CryptBot.v3
Create hunting rule
Verdict:
Malicious
Link:
https://www.vmray.com/analyses/_mb/dcf407601d69/report/overview.html
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/dcf407601d692c437ddd3e8535c4e101584c7914bc5df99d8bd3a02ff4620dc1

YARA Signatures

MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.

Rule name:command_and_control
Create hunting rule
Author:CD_R0M_
Description:This rule searches for common strings found by malware using C2. Based on a sample used by a Ransomware group
Rule name:DebuggerException__SetConsoleCtrl
Create hunting rule
Reference:https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara
Rule name:DetectGoMethodSignatures
Create hunting rule
Author:Wyatt Tauber
Description:Detects Go method signatures in unpacked Go binaries
Rule name:Detect_PowerShell_Obfuscation
Create hunting rule
Author:daniyyell
Description:Detects obfuscated PowerShell commands commonly used in malicious scripts.
Rule name:GoBinTest
Create hunting rule
Rule name:golang
Create hunting rule
Rule name:Golangmalware
Create hunting rule
Author:Dhanunjaya
Description:Malware in Golang
Rule name:golang_binary_string
Create hunting rule
Description:Golang strings present
Rule name:golang_bin_JCorn_CSC846
Create hunting rule
Author:Justin Cornwell
Description:CSC-846 Golang detection ruleset
Rule name:golang_duffcopy_amd64
Create hunting rule
Rule name:HiveRansomware
Create hunting rule
Author:Dhanunjaya
Description:Yara Rule To Detect Hive V4 Ransomware
Rule name:identity_golang
Create hunting rule
Author:Eric Yocam
Description:find Golang malware
Rule name:MD5_Constants
Create hunting rule
Author:phoul (@phoul)
Description:Look for MD5 constants
Rule name:RANSOMWARE
Create hunting rule
Author:ToroGuitar
Rule name:RIPEMD160_Constants
Create hunting rule
Author:phoul (@phoul)
Description:Look for RIPEMD-160 constants
Rule name:SEH__vectored
Create hunting rule
Reference:https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara
Rule name:SHA1_Constants
Create hunting rule
Author:phoul (@phoul)
Description:Look for SHA1 constants
Rule name:SHA512_Constants
Create hunting rule
Author:phoul (@phoul)
Description:Look for SHA384/SHA512 constants
Rule name:Sus_Obf_Enc_Spoof_Hide_PE
Create hunting rule
Author:XiAnzheng
Description:Check for Overlay, Obfuscating, Encrypting, Spoofing, Hiding, or Entropy Technique(can create FP)
Rule name:telegram_bot_api
Create hunting rule
Author:rectifyq
Description:Detects file containing Telegram Bot API
Rule name:ThreadControl__Context
Create hunting rule
Reference:https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Glupteba

Executable exe 8578846ede366f0408345227eac93e186ab1af6b6937209fecb7b4de117a098a

CoinMiner

Executable exe dcf407601d692c437ddd3e8535c4e101584c7914bc5df99d8bd3a02ff4620dc1

(this sample)

  
Link
https://tria.ge/250123-r4aatavjdr/
  
Dropped by
SHA256 8578846ede366f0408345227eac93e186ab1af6b6937209fecb7b4de117a098a
  
Dropped by
MD5 c6a17f436fd10da6775f69183b20630c

BLint

The following table provides more information about this file using BLint. BLint is a Binary Linter to check the security properties, and capabilities in executables.

Findings
IDTitleSeverity
CHECK_AUTHENTICODEMissing Authenticodehigh
Reviews
IDCapabilitiesEvidence
DNS_METHODSPerforms DNS callsvendor/golang.org/x/net/dns/dnsmessage.(*nestedError).Error
vendor/golang.org/x/net/dns/dnsmessage.(*header).pack
vendor/golang.org/x/net/dns/dnsmessage.(*header).unpack
vendor/golang.org/x/net/dns/dnsmessage.(*Parser).Start
vendor/golang.org/x/net/dns/dnsmessage.(*Parser).resourceHeader
vendor/golang.org/x/net/dns/dnsmessage.(*Parser).skipResource
vendor/golang.org/x/net/dns/dnsmessage.(*Parser).Question
vendor/golang.org/x/net/dns/dnsmessage.(*Parser).SkipQuestion
vendor/golang.org/x/net/dns/dnsmessage.(*Parser).CNAMEResource
vendor/golang.org/x/net/dns/dnsmessage.(*Parser).AResource
vendor/golang.org/x/net/dns/dnsmessage.(*Parser).AAAAResource
vendor/golang.org/x/net/dns/dnsmessage.NewBuilder
vendor/golang.org/x/net/dns/dnsmessage.(*Builder).Question
vendor/golang.org/x/net/dns/dnsmessage.(*Builder).OPTResource
vendor/golang.org/x/net/dns/dnsmessage.(*Builder).Finish
vendor/golang.org/x/net/dns/dnsmessage.(*ResourceHeader).pack
vendor/golang.org/x/net/dns/dnsmessage.(*ResourceHeader).unpack
vendor/golang.org/x/net/dns/dnsmessage.skipResource
vendor/golang.org/x/net/dns/dnsmessage.(*Name).pack
vendor/golang.org/x/net/dns/dnsmessage.(*Name).unpack
vendor/golang.org/x/net/dns/dnsmessage.(*Question).pack
vendor/golang.org/x/net/dns/dnsmessage.unpackCNAMEResource
vendor/golang.org/x/net/dns/dnsmessage.init
type:.eq.vendor/golang.org/x/net/dns/dnsmessage.nestedError
vendor/golang.org/x/net/dns/dnsmessage::inittask
vendor/golang.org/x/net/dns/dnsmessage.classNames
vendor/golang.org/x/net/dns/dnsmessage.rCodeNames
vendor/golang.org/x/net/dns/dnsmessage.ErrNotStarted
vendor/golang.org/x/net/dns/dnsmessage.ErrSectionDone
vendor/golang.org/x/net/dns/dnsmessage.errBaseLen
vendor/golang.org/x/net/dns/dnsmessage.errCalcLen
vendor/golang.org/x/net/dns/dnsmessage.errReserved
vendor/golang.org/x/net/dns/dnsmessage.errTooManyPtr
vendor/golang.org/x/net/dns/dnsmessage.errInvalidPtr
vendor/golang.org/x/net/dns/dnsmessage.errInvalidName
vendor/golang.org/x/net/dns/dnsmessage.errResourceLen
vendor/golang.org/x/net/dns/dnsmessage.errSegTooLong
vendor/golang.org/x/net/dns/dnsmessage.errNameTooLong
vendor/golang.org/x/net/dns/dnsmessage.errZeroSegLen
vendor/golang.org/x/net/dns/dnsmessage.errResTooLong
vendor/golang.org/x/net/dns/dnsmessage.errTooManyQuestions
vendor/golang.org/x/net/dns/dnsmessage.errTooManyAnswers
vendor/golang.org/x/net/dns/dnsmessage.errTooManyAuthorities
vendor/golang.org/x/net/dns/dnsmessage.errTooManyAdditionals
vendor/golang.org/x/net/dns/dnsmessage.errNonCanonicalName
vendor/golang.org/x/net/dns/dnsmessage.sectionNames
go:itab.*vendor/golang.org/x/net/dns/dnsmessage.nestedError
error
EXEC_METHODSCan Execute Commandsos.StartProcess
os/exec.Command
os/exec.Command.func1
syscall.StartProcess
syscall.StartProcess.deferwrap3
syscall.StartProcess.deferwrap2
syscall.StartProcess.deferwrap1
FILE_IO_READCan Read Filesos.OpenFile
os.openFileNolog
FILE_IO_WRITECan Create and Remove Filesos.Mkdir
os.Mkdir.func1
os.MkdirTemp
os.Remove
os.RemoveAll
os.newFile
os.newFileStatFromGetFileInformationByHandle
HTTP_CLIENT_METHODSInvokes HTTP servicenet/http.doubleCRLF
net/http.Header.sortedKeyValues
net/http.Header.writeSubset
net/http.Header.sortedKeyValues.func1
net/http.headerNewlineToSpace
net/http.headerSorterPool
HTTP_METHODSCan run an HTTP servervendor/golang.org/x/net/http2/hpack.init
vendor/golang.org/x/net/http2/hpack.init.func1
vendor/golang.org/x/net/http2/hpack.NewEncoder
vendor/golang.org/x/net/http2/hpack.(*Encoder).WriteField
vendor/golang.org/x/net/http2/hpack.(*Encoder).searchTable
vendor/golang.org/x/net/http2/hpack.(*Encoder).SetMaxDynamicTableSize
vendor/golang.org/x/net/http2/hpack.appendNewName
vendor/golang.org/x/net/http2/hpack.appendIndexedName
vendor/golang.org/x/net/http2/hpack.appendHpackString
vendor/golang.org/x/net/http2/hpack.DecodingError.Error
vendor/golang.org/x/net/http2/hpack.InvalidIndexError.Error
vendor/golang.org/x/net/http2/hpack.HeaderField.String
vendor/golang.org/x/net/http2/hpack.NewDecoder
vendor/golang.org/x/net/http2/hpack.(*Decoder).SetEmitFunc
vendor/golang.org/x/net/http2/hpack.(*dynamicTable).add
vendor/golang.org/x/net/http2/hpack.(*dynamicTable).evict
vendor/golang.org/x/net/http2/hpack.(*Decoder).Close
vendor/golang.org/x/net/http2/hpack.(*Decoder).Write
vendor/golang.org/x/net/http2/hpack.(*Decoder).parseHeaderFieldRepr
vendor/golang.org/x/net/http2/hpack.(*Decoder).parseFieldIndexed
vendor/golang.org/x/net/http2/hpack.(*Decoder).parseFieldLiteral
vendor/golang.org/x/net/http2/hpack.(*Decoder).callEmit
vendor/golang.org/x/net/http2/hpack.(*Decoder).parseDynamicTableSizeUpdate
vendor/golang.org/x/net/http2/hpack.readVarInt
vendor/golang.org/x/net/http2/hpack.(*Decoder).readString
vendor/golang.org/x/net/http2/hpack.(*Decoder).decodeString
vendor/golang.org/x/net/http2/hpack.huffmanDecode
vendor/golang.org/x/net/http2/hpack.buildRootHuffmanNode
vendor/golang.org/x/net/http2/hpack.AppendHuffmanString
vendor/golang.org/x/net/http2/hpack.(*headerFieldTable).evictOldest
vendor/golang.org/x/net/http2/hpack.(*headerFieldTable).search
vendor/golang.org/x/net/http2/hpack.(*headerFieldTable).idToIndex
vendor/golang.org/x/net/http2/hpack.(*DecodingError).Error
vendor/golang.org/x/net/http2/hpack.(*HeaderField).String
vendor/golang.org/x/net/http2/hpack.(*InvalidIndexError).Error
type:.eq.vendor/golang.org/x/net/http2/hpack.HeaderField
type:.eq.vendor/golang.org/x/net/http2/hpack.pairNameValue
type:.hash.vendor/golang.org/x/net/http2/hpack.pairNameValue
vendor/golang.org/x/net/http2/hpack::inittask
vendor/golang.org/x/net/http2/hpack.ErrStringLength
vendor/golang.org/x/net/http2/hpack.errNeedMore
vendor/golang.org/x/net/http2/hpack.errVarintOverflow
vendor/golang.org/x/net/http2/hpack.bufPool
vendor/golang.org/x/net/http2/hpack.ErrInvalidHuffman
vendor/golang.org/x/net/http2/hpack.buildRootOnce
vendor/golang.org/x/net/http2/hpack.lazyRootHuffmanNode
vendor/golang.org/x/net/http2/hpack.staticTable
vendor/golang.org/x/net/http2/hpack.huffmanCodes
vendor/golang.org/x/net/http2/hpack.huffmanCodeLen
go:itab.vendor/golang.org/x/net/http2/hpack.DecodingError
error
go:itab.vendor/golang.org/x/net/http2/hpack.InvalidIndexError
error
NET_METHODSUses Network to send and receive datasyscall.Bind
net.lookupPortMap
net.lookupPortMapWithNetwork
net.ParseCIDR
net.DialUDP
net.readHosts
net.readHosts.deferwrap1
OS_METHODSCan Execute OS commandsos.chmod
os.chmod.func1
os.Kill
SYSCALL_METHODSCan perform system-level operationssyscall.Chmod
syscall.Listen
syscall.Mkdir
syscall.Open
WEAK_CRYPTOUses Weak Cryptographic Algorithmscrypto/md5.init.0
crypto/md5.(*digest).Reset
crypto/md5.(*digest).MarshalBinary
crypto/md5.(*digest).UnmarshalBinary
crypto/md5.New
crypto/md5.(*digest).Size
crypto/md5.(*digest).BlockSize
crypto/md5.(*digest).Write
crypto/md5.(*digest).Sum
crypto/md5.(*digest).checkSum
crypto/md5.block.abi0
crypto/md5::inittask
go:itab.*crypto/md5.digest
hash.Hash
ZIP_METHODSCan perform Zip archive operationscompress/flate.NewReader

Comments