Name: | 5A67B4365B569C43.SharpUp.exe.avira.exe |
Size: | 38,912 bytes |
Type: | EXE PE.NET |
MD5: | 320349c343b691b41cbbebf6eb3461ca |
Scanner Name: | avira |
Appraisal: | Fragile (AND) based |
Scan Debug: | Duration: 2s / Chunks: 175 / Matches: 29 |
Scan date: | 2023-07-21 23:59:33 |
# | Iteration | Offset | Size | Section | Detail | SectionType | Conclusion |
---|---|---|---|---|---|---|---|
17 | 1 | 12046 | 5 | .text #~ | DATA | Dominant. Modify this to make file undetected | |
18 | 1 | 12531 | 6 | .text #~ | TypeRef | DATA | Dominant. Modify this to make file undetected |
Dominant. Modify this to make file undetected |
00002F0E 00 00 01 00 00 .....
Dominant. Modify this to make file undetected |
000030F3 00 15 09 5A 0C 06 ...Z..
Test # | MatchOrder | ModifyPosition |
Match#0 methods 3b |
Match#1 methods 3b |
Match#2 methods 5b |
Match#3 methods 8b |
Match#4 methods 8b |
Match#5 methods 3b |
Match#6 methods 6b |
Match#7 methods 3b |
Match#8 methods 8b |
Match#9 methods 3b |
Match#10 methods 3b |
Match#11 methods 5b |
Match#12 methods 6b |
Match#13 methods 5b |
Match#14 methods 11b |
Match#15 #~ 5b |
Match#16 #~ 10b |
Match#17 #~ 5b |
Match#18 #~ 6b |
Match#19 #~ 5b |
Match#20 #~ 3b |
Match#21 #~ 5b |
Match#22 #~ 3b |
Match#23 #~ 5b |
0 | ISOLATED | MIDDLE8 | ||||||||||||||||||||||||
1 | ISOLATED | THIRDS4 | ||||||||||||||||||||||||
2 | ISOLATED | FULL | ||||||||||||||||||||||||
3 | ISOLATED | FULLB | ||||||||||||||||||||||||
4 | INCREMENTAL | MIDDLE8 | ||||||||||||||||||||||||
5 | INCREMENTAL | FULL | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 |
6 | DECREMENTAL | FULL | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
7 | ALL | MIDDLE8 | ||||||||||||||||||||||||
8 | ALL | THIRDS4 | ||||||||||||||||||||||||
9 | ALL | FULL | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Result |
[INFO ][2023-07-21 23:59:33,170] main() :: Using file: app/upload/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-07-21 23:59:33,170] handleFile() :: Handle file: app/upload/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-07-21 23:59:33,171] handleFile() :: Using parser for file type DOTNET [INFO ][2023-07-21 23:59:33,202] getDotNetSections() :: Offset: 7680 [INFO ][2023-07-21 23:59:33,203] handleFile() :: Using scanner from command line: avira [INFO ][2023-07-21 23:59:33,203] load() :: Loading HashCache [INFO ][2023-07-21 23:59:33,290] load() :: 68200 hashes loaded [INFO ][2023-07-21 23:59:33,639] handleFile() :: QuickCheck: 5A67B4365B569C43.SharpUp.exe.avira.exe is detected by avira and not hash based [INFO ][2023-07-21 23:59:33,639] handleFile() :: Scanning for matches... [INFO ][2023-07-21 23:59:33,639] scanForMatchesInPe() :: Section Detection: Zero section (leave all others intact) [INFO ][2023-07-21 23:59:33,709] findDetectedSections() :: Hide: .text -> Detected: False [INFO ][2023-07-21 23:59:33,710] findDetectedSections() :: Hide: .rsrc -> Detected: True [INFO ][2023-07-21 23:59:33,710] findDetectedSections() :: Hide: .reloc -> Detected: True [INFO ][2023-07-21 23:59:33,782] findDetectedSections() :: Hide: Header -> Detected: False [INFO ][2023-07-21 23:59:33,875] findDetectedSections() :: Hide: DotNet Header -> Detected: True [INFO ][2023-07-21 23:59:34,001] findDetectedSections() :: Hide: Metadata Header -> Detected: True [INFO ][2023-07-21 23:59:34,001] findDetectedSections() :: Hide: methods -> Detected: False [INFO ][2023-07-21 23:59:34,132] findDetectedSections() :: Hide: #~ Stream Header -> Detected: True [INFO ][2023-07-21 23:59:34,232] findDetectedSections() :: Hide: #Strings Stream Header -> Detected: True [INFO ][2023-07-21 23:59:34,351] findDetectedSections() :: Hide: #US Stream Header -> Detected: True [INFO ][2023-07-21 23:59:34,573] findDetectedSections() :: Hide: #GUID Stream Header -> Detected: True [INFO ][2023-07-21 23:59:34,673] findDetectedSections() :: Hide: #Blob Stream Header -> Detected: True [INFO ][2023-07-21 23:59:34,674] findDetectedSections() :: Hide: #~ -> Detected: False [INFO ][2023-07-21 23:59:34,674] findDetectedSections() :: Hide: #Strings -> Detected: True [INFO ][2023-07-21 23:59:34,674] findDetectedSections() :: Hide: #US -> Detected: True [INFO ][2023-07-21 23:59:34,675] findDetectedSections() :: Hide: #GUID -> Detected: True [INFO ][2023-07-21 23:59:34,675] findDetectedSections() :: Hide: #Blob -> Detected: True [INFO ][2023-07-21 23:59:34,675] scanForMatchesInPe() :: 2 section(s) trigger the antivirus independantly [INFO ][2023-07-21 23:59:34,675] scanForMatchesInPe() :: section: methods [INFO ][2023-07-21 23:59:34,675] scanForMatchesInPe() :: section: #~ [INFO ][2023-07-21 23:59:34,815] scanForMatchesInPe() :: Launching bytes analysis on section: methods (584-11872) [INFO ][2023-07-21 23:59:34,815] scan() :: Reducer Start: ScanSpeed:Normal Iteration:0 MinChunkSize:2 MinMatchSize:4 [INFO ][2023-07-21 23:59:34,815] _printStatus() :: Reducing: 1 chunks done, found 0 matches (0 added) [INFO ][2023-07-21 23:59:34,816] _scanDataPart() :: Result: 6544-6547 (3b minChunk:2 X) 00001990 FF FF DE ... [INFO ][2023-07-21 23:59:34,818] _scanDataPart() :: Result: 7379-7382 (3b minChunk:2 X) 00001CD3 49 FF FF I.. [INFO ][2023-07-21 23:59:34,818] _scanDataPart() :: Result: 7396-7401 (5b minChunk:2 X) 00001CE4 3F F5 FE FF FF ?.... [INFO ][2023-07-21 23:59:34,819] _scanDataPart() :: Result: 7705-7710 (5b minChunk:2 X) 00001E19 00 0A 3A 4C FF ..:L. [INFO ][2023-07-21 23:59:34,819] _scanDataPart() :: Result: 7710-7713 (3b minChunk:2 X) 00001E1E FF FF DE ... [INFO ][2023-07-21 23:59:34,820] _scanDataPart() :: Result: 8079-8084 (5b minChunk:2 X) 00001F8F 69 3F 07 FF FF i?... [INFO ][2023-07-21 23:59:34,820] _scanDataPart() :: Result: 8084-8087 (3b minChunk:2 X) 00001F94 FF 2A 00 .*. [INFO ][2023-07-21 23:59:34,821] _scanDataPart() :: Result: 8238-8241 (3b minChunk:2 X) 0000202E 20 FF 01 .. [INFO ][2023-07-21 23:59:34,822] _scanDataPart() :: Result: 8679-8682 (3b minChunk:2 X) 000021E7 3F 4E FF ?N. [INFO ][2023-07-21 23:59:34,823] _scanDataPart() :: Result: 8682-8685 (3b minChunk:2 X) 000021EA FF FF 11 ... [INFO ][2023-07-21 23:59:34,823] _scanDataPart() :: Result: 8694-8697 (3b minChunk:2 X) 000021F6 FF FF DE ... [INFO ][2023-07-21 23:59:34,824] _scanDataPart() :: Result: 8741-8746 (5b minChunk:2 X) 00002225 69 3F 15 FE FF i?... [INFO ][2023-07-21 23:59:34,824] _scanDataPart() :: Result: 8746-8749 (3b minChunk:2 X) 0000222A FF 2A 41 .*A [INFO ][2023-07-21 23:59:34,825] _scanDataPart() :: Result: 9286-9289 (3b minChunk:2 X) 00002446 0F FF FF ... [INFO ][2023-07-21 23:59:34,826] _scanDataPart() :: Result: 9330-9333 (3b minChunk:2 X) 00002472 FF FF 2A ..* [INFO ][2023-07-21 23:59:34,827] _scanDataPart() :: Result: 10063-10068 (5b minChunk:2 X) 0000274F 4F FF FF FF 2A O...* [INFO ][2023-07-21 23:59:34,827] _scanDataPart() :: Doubling: minChunkSize: 2 minMatchSize: 4 [INFO ][2023-07-21 23:59:34,829] _scanDataPart() :: Result: 10510-10516 (6b minChunk:4 X) 0000290E 3F 1E FF FF FF 07 ?..... [INFO ][2023-07-21 23:59:34,830] _scanDataPart() :: Result: 11463-11468 (5b minChunk:4 X) 00002CC7 3C FF FF FF 07 <.... [INFO ][2023-07-21 23:59:34,830] _scanDataPart() :: Result: 11474-11485 (11 bytes) 00002CD2 69 3F 01 FE FF FF 2A 2E 73 3C 00 i?....*.s<. [INFO ][2023-07-21 23:59:34,830] scan() :: Reducer Result: Time:0 Chunks:119 MatchesAdded:19 MatchesFinal:15 [INFO ][2023-07-21 23:59:35,198] scanForMatchesInPe() :: Launching bytes analysis on section: #~ (11980-17272) [INFO ][2023-07-21 23:59:35,198] scan() :: Reducer Start: ScanSpeed:Normal Iteration:1 MinChunkSize:2 MinMatchSize:4 [INFO ][2023-07-21 23:59:35,198] _printStatus() :: Reducing: 120 chunks done, found 0 matches (19 added) [INFO ][2023-07-21 23:59:35,199] _scanDataPart() :: Result: 11985-11990 (5b minChunk:2 X) 00002ED1 00 00 01 57 BF ...W. [INFO ][2023-07-21 23:59:35,200] _scanDataPart() :: Result: 12000-12005 (5b minChunk:2 X) 00002EE0 00 16 00 00 01 ..... [INFO ][2023-07-21 23:59:35,200] _scanDataPart() :: Result: 12005-12010 (5b minChunk:2 X) 00002EE5 00 00 00 7A 00 ...z. [INFO ][2023-07-21 23:59:35,200] _scanDataPart() :: Result: 12046-12051 (5b minChunk:2 X) 00002F0E 00 00 01 00 00 ..... [INFO ][2023-07-21 23:59:35,201] _scanDataPart() :: Result: 12531-12537 (6 bytes) 000030F3 00 15 09 5A 0C 06 ...Z.. [INFO ][2023-07-21 23:59:35,202] _scanDataPart() :: Result: 12868-12873 (5b minChunk:2 X) 00003244 02 00 07 00 81 ..... [INFO ][2023-07-21 23:59:35,202] _scanDataPart() :: Result: 12886-12889 (3b minChunk:2 X) 00003256 81 01 10 ... [INFO ][2023-07-21 23:59:35,203] _scanDataPart() :: Result: 12899-12904 (5b minChunk:2 X) 00003263 00 81 01 10 00 ..... [INFO ][2023-07-21 23:59:35,204] _scanDataPart() :: Result: 12927-12930 (3b minChunk:2 X) 0000327F 00 81 00 ... [INFO ][2023-07-21 23:59:35,205] _scanDataPart() :: Result: 16878-16883 (5b minChunk:2 X) 000041EE 01 00 20 00 00 .. .. [INFO ][2023-07-21 23:59:35,205] scan() :: Reducer Result: Time:0 Chunks:175 MatchesAdded:29 MatchesFinal:9 [INFO ][2023-07-21 23:59:35,205] handleFile() :: Result: 24 matches [INFO ][2023-07-21 23:59:35,205] saveToFile() :: Saving results to: app/upload/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-07-21 23:59:35,205] save() :: Saving HashCache (68216) [INFO ][2023-07-21 23:59:35,288] verifyFile() :: Perform verification of matches [INFO ][2023-07-21 23:59:35,288] runVerifications() :: Verify 24 matches [INFO ][2023-07-21 23:59:35,289] runVerifications() :: Verification run: 0 MIDDLE8 ISOLATED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED [INFO ][2023-07-21 23:59:35,289] runVerifications() :: Verification run: 1 THIRDS4 ISOLATED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED [INFO ][2023-07-21 23:59:35,296] runVerifications() :: Verification run: 2 FULL ISOLATED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.NOT_DETECTED result: ScanResult.NOT_DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED [INFO ][2023-07-21 23:59:35,304] runVerifications() :: Verification run: 3 FULLB ISOLATED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.NOT_DETECTED result: ScanResult.NOT_DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED [INFO ][2023-07-21 23:59:35,305] runVerifications() :: Verification run: 4 MIDDLE8 INCREMENTAL result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED [INFO ][2023-07-21 23:59:35,307] runVerifications() :: Verification run: 5 FULL INCREMENTAL Idx: 0 result: ScanResult.DETECTED Idx: 1 result: ScanResult.DETECTED Idx: 2 result: ScanResult.DETECTED Idx: 3 result: ScanResult.DETECTED Idx: 4 result: ScanResult.DETECTED Idx: 5 result: ScanResult.DETECTED Idx: 6 result: ScanResult.DETECTED Idx: 7 result: ScanResult.DETECTED Idx: 8 result: ScanResult.DETECTED Idx: 9 result: ScanResult.DETECTED Idx: 10 result: ScanResult.DETECTED Idx: 11 result: ScanResult.DETECTED Idx: 12 result: ScanResult.DETECTED Idx: 13 result: ScanResult.NOT_DETECTED Idx: 14 result: ScanResult.NOT_DETECTED Idx: 15 result: ScanResult.DETECTED Idx: 16 result: ScanResult.DETECTED Idx: 17 result: ScanResult.DETECTED Idx: 18 result: ScanResult.DETECTED Idx: 19 result: ScanResult.DETECTED Idx: 20 result: ScanResult.DETECTED Idx: 21 result: ScanResult.DETECTED Idx: 22 result: ScanResult.NOT_DETECTED Idx: 23 result: ScanResult.NOT_DETECTED [INFO ][2023-07-21 23:59:35,308] runVerifications() :: Verification run: 6 FULL DECREMENTAL Idx: 23 result: ScanResult.NOT_DETECTED Idx: 22 result: ScanResult.NOT_DETECTED Idx: 21 result: ScanResult.NOT_DETECTED Idx: 20 result: ScanResult.NOT_DETECTED Idx: 19 result: ScanResult.NOT_DETECTED Idx: 18 result: ScanResult.NOT_DETECTED Idx: 17 result: ScanResult.NOT_DETECTED Idx: 16 result: ScanResult.NOT_DETECTED Idx: 15 result: ScanResult.NOT_DETECTED Idx: 14 result: ScanResult.NOT_DETECTED Idx: 13 result: ScanResult.NOT_DETECTED Idx: 12 result: ScanResult.NOT_DETECTED Idx: 11 result: ScanResult.NOT_DETECTED Idx: 10 result: ScanResult.NOT_DETECTED Idx: 9 result: ScanResult.NOT_DETECTED Idx: 8 result: ScanResult.NOT_DETECTED Idx: 7 result: ScanResult.NOT_DETECTED Idx: 6 result: ScanResult.NOT_DETECTED Idx: 5 result: ScanResult.NOT_DETECTED Idx: 4 result: ScanResult.DETECTED Idx: 3 result: ScanResult.DETECTED Idx: 2 result: ScanResult.DETECTED Idx: 1 result: ScanResult.DETECTED Idx: 0 result: ScanResult.DETECTED [INFO ][2023-07-21 23:59:35,309] runVerifications() :: Verification run: 7 MIDDLE8 ALL result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED [INFO ][2023-07-21 23:59:35,309] runVerifications() :: Verification run: 8 THIRDS4 ALL result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED [INFO ][2023-07-21 23:59:35,310] runVerifications() :: Verification run: 9 FULL ALL Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED [INFO ][2023-07-21 23:59:35,310] saveToFile() :: Saving results to: app/upload/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-07-21 23:59:35,310] augmentFile() :: Perform augmentation of matches [INFO ][2023-07-21 23:59:35,329] getDotNetSections() :: Offset: 7680 [INFO ][2023-07-21 23:59:35,432] disassembleDotNet() :: Match physical 6544/0x1990, method disassemblies found: 1 [INFO ][2023-07-21 23:59:35,433] disassembleDotNet() :: Match physical 7379/0x1CD3, method disassemblies found: 1 [INFO ][2023-07-21 23:59:35,433] disassembleDotNet() :: Match physical 7396/0x1CE4, method disassemblies found: 1 [INFO ][2023-07-21 23:59:35,433] disassembleDotNet() :: Match physical 7705/0x1E19, method disassemblies found: 1 [INFO ][2023-07-21 23:59:35,433] disassembleDotNet() :: Match physical 8079/0x1F8F, method disassemblies found: 1 [INFO ][2023-07-21 23:59:35,433] disassembleDotNet() :: Match physical 8238/0x202E, method disassemblies found: 1 [INFO ][2023-07-21 23:59:35,433] disassembleDotNet() :: Match physical 8679/0x21E7, method disassemblies found: 1 [INFO ][2023-07-21 23:59:35,433] disassembleDotNet() :: Match physical 8694/0x21F6, method disassemblies found: 1 [INFO ][2023-07-21 23:59:35,433] disassembleDotNet() :: Match physical 8741/0x2225, method disassemblies found: 1 [INFO ][2023-07-21 23:59:35,433] disassembleDotNet() :: Match physical 9286/0x2446, method disassemblies found: 1 [INFO ][2023-07-21 23:59:35,434] disassembleDotNet() :: Match physical 9330/0x2472, method disassemblies found: 1 [INFO ][2023-07-21 23:59:35,434] disassembleDotNet() :: Match physical 10063/0x274F, method disassemblies found: 1 [INFO ][2023-07-21 23:59:35,434] disassembleDotNet() :: Match physical 10510/0x290E, method disassemblies found: 1 [INFO ][2023-07-21 23:59:35,434] disassembleDotNet() :: Match physical 11463/0x2CC7, method disassemblies found: 1 [INFO ][2023-07-21 23:59:35,434] disassembleDotNet() :: Match physical 11474/0x2CD2, method disassemblies found: 2 [INFO ][2023-07-21 23:59:35,435] saveToFile() :: Saving results to: app/upload/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-07-21 23:59:35,435] outflankFile() :: Attempt to outflank the file [INFO ][2023-07-21 23:59:35,435] outflankDotnet() :: Outflank failed with attempted 0 patches [INFO ][2023-07-21 23:59:35,435] saveToFile() :: Saving results to: app/upload/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-07-21 23:59:35,436] save() :: Saving HashCache (68216) [INFO ][2023-08-04 18:25:36,406] main() :: Using file: app/upload/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-08-04 18:25:36,406] handleFile() :: Handle file: app/upload/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-08-04 18:25:36,406] handleFile() :: Using parser for file type DOTNET [INFO ][2023-08-04 18:25:36,438] getDotNetSections() :: Offset: 7680 [WARNING ][2023-08-04 18:25:36,439] handleFile() :: Using scanner as defined in outcome: avira [INFO ][2023-08-04 18:25:36,439] load() :: Loading HashCache [INFO ][2023-08-04 18:25:36,533] load() :: 77569 hashes loaded [INFO ][2023-08-04 18:25:36,534] save() :: Saving HashCache (77569) [INFO ][2023-08-04 18:25:36,610] augmentFile() :: Perform augmentation of matches [INFO ][2023-08-04 18:25:36,629] getDotNetSections() :: Offset: 7680 [INFO ][2023-08-04 18:25:36,871] init() :: DotnetData entries: 739 [INFO ][2023-08-04 18:25:36,871] disassembleDotNet() :: Match physical 6544/0x1990, method disassemblies found: 1 [INFO ][2023-08-04 18:25:36,871] disassembleDotNet() :: Match physical 7379/0x1CD3, method disassemblies found: 1 [INFO ][2023-08-04 18:25:36,871] disassembleDotNet() :: Match physical 7396/0x1CE4, method disassemblies found: 1 [INFO ][2023-08-04 18:25:36,872] disassembleDotNet() :: Match physical 7705/0x1E19, method disassemblies found: 1 [INFO ][2023-08-04 18:25:36,872] disassembleDotNet() :: Match physical 8079/0x1F8F, method disassemblies found: 1 [INFO ][2023-08-04 18:25:36,872] disassembleDotNet() :: Match physical 8238/0x202E, method disassemblies found: 1 [INFO ][2023-08-04 18:25:36,872] disassembleDotNet() :: Match physical 8679/0x21E7, method disassemblies found: 1 [INFO ][2023-08-04 18:25:36,872] disassembleDotNet() :: Match physical 8694/0x21F6, method disassemblies found: 1 [INFO ][2023-08-04 18:25:36,872] disassembleDotNet() :: Match physical 8741/0x2225, method disassemblies found: 1 [INFO ][2023-08-04 18:25:36,872] disassembleDotNet() :: Match physical 9286/0x2446, method disassemblies found: 1 [INFO ][2023-08-04 18:25:36,872] disassembleDotNet() :: Match physical 9330/0x2472, method disassemblies found: 1 [INFO ][2023-08-04 18:25:36,873] disassembleDotNet() :: Match physical 10063/0x274F, method disassemblies found: 1 [INFO ][2023-08-04 18:25:36,873] disassembleDotNet() :: Match physical 10510/0x290E, method disassemblies found: 1 [INFO ][2023-08-04 18:25:36,873] disassembleDotNet() :: Match physical 11463/0x2CC7, method disassemblies found: 1 [INFO ][2023-08-04 18:25:36,873] disassembleDotNet() :: Match physical 11474/0x2CD2, method disassemblies found: 2 [INFO ][2023-08-04 18:25:36,874] saveToFile() :: Saving results to: app/upload/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-08-04 18:25:36,875] save() :: Saving HashCache (77569) [INFO ][2023-08-06 16:51:16,993] main() :: Using file: app/upload/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-08-06 16:51:16,994] handleFile() :: Handle file: app/upload/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-08-06 16:51:16,994] handleFile() :: Using parser for file type DOTNET [INFO ][2023-08-06 16:51:17,027] getDotNetSections() :: Offset: 7680 [WARNING ][2023-08-06 16:51:17,027] handleFile() :: Using scanner as defined in outcome: avira [INFO ][2023-08-06 16:51:17,027] load() :: Loading HashCache [INFO ][2023-08-06 16:51:17,119] load() :: 77569 hashes loaded [INFO ][2023-08-06 16:51:17,119] save() :: Saving HashCache (77569) [INFO ][2023-08-06 16:51:17,196] augmentFile() :: Perform augmentation of matches [INFO ][2023-08-06 16:51:17,214] getDotNetSections() :: Offset: 7680 [INFO ][2023-08-06 16:51:17,463] init() :: DotnetData entries: 739 [INFO ][2023-08-06 16:51:17,464] disassembleDotNet() :: Match physical 6544/0x1990, method disassemblies found: 1 [INFO ][2023-08-06 16:51:17,464] disassembleDotNet() :: Match physical 7379/0x1CD3, method disassemblies found: 1 [INFO ][2023-08-06 16:51:17,464] disassembleDotNet() :: Match physical 7396/0x1CE4, method disassemblies found: 1 [INFO ][2023-08-06 16:51:17,464] disassembleDotNet() :: Match physical 7705/0x1E19, method disassemblies found: 1 [INFO ][2023-08-06 16:51:17,464] disassembleDotNet() :: Match physical 8079/0x1F8F, method disassemblies found: 1 [INFO ][2023-08-06 16:51:17,464] disassembleDotNet() :: Match physical 8238/0x202E, method disassemblies found: 1 [INFO ][2023-08-06 16:51:17,464] disassembleDotNet() :: Match physical 8679/0x21E7, method disassemblies found: 1 [INFO ][2023-08-06 16:51:17,464] disassembleDotNet() :: Match physical 8694/0x21F6, method disassemblies found: 1 [INFO ][2023-08-06 16:51:17,465] disassembleDotNet() :: Match physical 8741/0x2225, method disassemblies found: 1 [INFO ][2023-08-06 16:51:17,465] disassembleDotNet() :: Match physical 9286/0x2446, method disassemblies found: 1 [INFO ][2023-08-06 16:51:17,465] disassembleDotNet() :: Match physical 9330/0x2472, method disassemblies found: 1 [INFO ][2023-08-06 16:51:17,465] disassembleDotNet() :: Match physical 10063/0x274F, method disassemblies found: 1 [INFO ][2023-08-06 16:51:17,465] disassembleDotNet() :: Match physical 10510/0x290E, method disassemblies found: 1 [INFO ][2023-08-06 16:51:17,465] disassembleDotNet() :: Match physical 11463/0x2CC7, method disassemblies found: 1 [INFO ][2023-08-06 16:51:17,465] disassembleDotNet() :: Match physical 11474/0x2CD2, method disassemblies found: 2 [INFO ][2023-08-06 16:51:17,467] saveToFile() :: Saving results to: app/upload/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-08-06 16:51:17,467] save() :: Saving HashCache (77569) [INFO ][2023-08-06 17:25:28,850] main() :: Using file: app/upload/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-08-06 17:25:28,850] handleFile() :: Handle file: app/upload/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-08-06 17:25:28,851] handleFile() :: Using parser for file type DOTNET [INFO ][2023-08-06 17:25:28,882] getDotNetSections() :: Offset: 7680 [WARNING ][2023-08-06 17:25:28,883] handleFile() :: Using scanner as defined in outcome: avira [INFO ][2023-08-06 17:25:28,883] load() :: Loading HashCache [INFO ][2023-08-06 17:25:28,978] load() :: 77569 hashes loaded [INFO ][2023-08-06 17:25:28,978] save() :: Saving HashCache (77569) [INFO ][2023-08-06 17:25:29,053] augmentFile() :: Perform augmentation of matches [INFO ][2023-08-06 17:25:29,071] getDotNetSections() :: Offset: 7680 [INFO ][2023-08-06 17:25:29,315] init() :: DotnetData entries: 739 [INFO ][2023-08-06 17:25:29,315] disassembleDotNet() :: Match physical 6544/0x1990, method disassemblies found: 1 [INFO ][2023-08-06 17:25:29,316] disassembleDotNet() :: Match physical 7379/0x1CD3, method disassemblies found: 1 [INFO ][2023-08-06 17:25:29,316] disassembleDotNet() :: Match physical 7396/0x1CE4, method disassemblies found: 1 [INFO ][2023-08-06 17:25:29,316] disassembleDotNet() :: Match physical 7705/0x1E19, method disassemblies found: 1 [INFO ][2023-08-06 17:25:29,316] disassembleDotNet() :: Match physical 8079/0x1F8F, method disassemblies found: 1 [INFO ][2023-08-06 17:25:29,316] disassembleDotNet() :: Match physical 8238/0x202E, method disassemblies found: 1 [INFO ][2023-08-06 17:25:29,316] disassembleDotNet() :: Match physical 8679/0x21E7, method disassemblies found: 1 [INFO ][2023-08-06 17:25:29,316] disassembleDotNet() :: Match physical 8694/0x21F6, method disassemblies found: 1 [INFO ][2023-08-06 17:25:29,316] disassembleDotNet() :: Match physical 8741/0x2225, method disassemblies found: 1 [INFO ][2023-08-06 17:25:29,317] disassembleDotNet() :: Match physical 9286/0x2446, method disassemblies found: 1 [INFO ][2023-08-06 17:25:29,317] disassembleDotNet() :: Match physical 9330/0x2472, method disassemblies found: 1 [INFO ][2023-08-06 17:25:29,317] disassembleDotNet() :: Match physical 10063/0x274F, method disassemblies found: 1 [INFO ][2023-08-06 17:25:29,317] disassembleDotNet() :: Match physical 10510/0x290E, method disassemblies found: 1 [INFO ][2023-08-06 17:25:29,317] disassembleDotNet() :: Match physical 11463/0x2CC7, method disassemblies found: 1 [INFO ][2023-08-06 17:25:29,317] disassembleDotNet() :: Match physical 11474/0x2CD2, method disassemblies found: 2 [INFO ][2023-08-06 17:25:29,318] saveToFile() :: Saving results to: app/upload/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-08-06 17:25:29,319] save() :: Saving HashCache (77569) [INFO ][2023-09-01 05:26:45,030] main() :: Using file: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-09-01 05:26:45,030] handleFile() :: Handle file: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-09-01 05:26:45,031] handleFile() :: Using parser for file type DOTNET [INFO ][2023-09-01 05:26:45,062] getDotNetSections() :: Offset: 7680 [WARNING ][2023-09-01 05:26:45,063] handleFile() :: Using scanner as defined in outcome: avira [INFO ][2023-09-01 05:26:45,064] saveToFile() :: Saving results to: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-09-01 05:26:45,064] load() :: Loading HashCache [INFO ][2023-09-01 05:26:45,161] load() :: 85943 hashes loaded [INFO ][2023-09-01 05:26:45,161] save() :: Saving HashCache (85943) [INFO ][2023-09-01 05:26:45,243] save() :: Saving HashCache (85943) [INFO ][2023-09-24 19:21:27,422] main() :: Using file: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-09-24 19:21:27,422] handleFile() :: Handle file: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-09-24 19:21:27,423] handleFile() :: Using parser for file type DOTNET [INFO ][2023-09-24 19:21:27,423] parseFile() :: FilePe: Parse File [INFO ][2023-09-24 19:21:27,426] parsePeSections() :: FilePe: Parse PE Sections [INFO ][2023-09-24 19:21:27,427] parsePeRegions() :: FilePe: Parse PE Regions [WARNING ][2023-09-24 19:21:27,427] parsePeRegions() :: Data Directory Section 0 has address 0, skipping [WARNING ][2023-09-24 19:21:27,427] parsePeRegions() :: Data Directory Section 3 has address 0, skipping [WARNING ][2023-09-24 19:21:27,427] parsePeRegions() :: Data Directory Section 4 has address 0, skipping [WARNING ][2023-09-24 19:21:27,427] parsePeRegions() :: Data Directory Section 6 has address 0, skipping [WARNING ][2023-09-24 19:21:27,427] parsePeRegions() :: Data Directory Section 7 has address 0, skipping [WARNING ][2023-09-24 19:21:27,427] parsePeRegions() :: Data Directory Section 8 has address 0, skipping [WARNING ][2023-09-24 19:21:27,427] parsePeRegions() :: Data Directory Section 9 has address 0, skipping [WARNING ][2023-09-24 19:21:27,427] parsePeRegions() :: Data Directory Section 10 has address 0, skipping [WARNING ][2023-09-24 19:21:27,427] parsePeRegions() :: Data Directory Section 11 has address 0, skipping [WARNING ][2023-09-24 19:21:27,427] parsePeRegions() :: Data Directory Section 13 has address 0, skipping [WARNING ][2023-09-24 19:21:27,427] parsePeRegions() :: Data Directory Section 15 has address 0, skipping [INFO ][2023-09-24 19:21:27,427] parseDotNetSections() :: FilePe: Parse DotNet Sections [INFO ][2023-09-24 19:21:27,455] parseDotNetRegions() :: FilePe: Parse DotNet Regions [WARNING ][2023-09-24 19:21:27,474] handleFile() :: Using scanner as defined in outcome: avira [INFO ][2023-09-24 19:21:27,475] saveToFile() :: Saving results to: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-09-24 19:21:27,476] load() :: Loading HashCache [INFO ][2023-09-24 19:21:27,608] load() :: 101712 hashes loaded [INFO ][2023-09-24 19:21:27,608] save() :: Saving HashCache (101712) [INFO ][2023-09-24 19:21:27,702] augmentFile() :: Perform augmentation of matches [INFO ][2023-09-24 19:21:27,919] init() :: DotnetData entries: 739 [INFO ][2023-09-24 19:21:27,920] disassembleDotNet() :: Match physical 6544/0x1990, method disassemblies found: 1 [INFO ][2023-09-24 19:21:27,920] disassembleDotNet() :: Match physical 7379/0x1CD3, method disassemblies found: 1 [INFO ][2023-09-24 19:21:27,920] disassembleDotNet() :: Match physical 7396/0x1CE4, method disassemblies found: 1 [INFO ][2023-09-24 19:21:27,920] disassembleDotNet() :: Match physical 7705/0x1E19, method disassemblies found: 1 [INFO ][2023-09-24 19:21:27,920] disassembleDotNet() :: Match physical 8079/0x1F8F, method disassemblies found: 1 [INFO ][2023-09-24 19:21:27,920] disassembleDotNet() :: Match physical 8238/0x202E, method disassemblies found: 1 [INFO ][2023-09-24 19:21:27,920] disassembleDotNet() :: Match physical 8679/0x21E7, method disassemblies found: 1 [INFO ][2023-09-24 19:21:27,920] disassembleDotNet() :: Match physical 8694/0x21F6, method disassemblies found: 1 [INFO ][2023-09-24 19:21:27,921] disassembleDotNet() :: Match physical 8741/0x2225, method disassemblies found: 1 [INFO ][2023-09-24 19:21:27,921] disassembleDotNet() :: Match physical 9286/0x2446, method disassemblies found: 1 [INFO ][2023-09-24 19:21:27,921] disassembleDotNet() :: Match physical 9330/0x2472, method disassemblies found: 1 [INFO ][2023-09-24 19:21:27,921] disassembleDotNet() :: Match physical 10063/0x274F, method disassemblies found: 1 [INFO ][2023-09-24 19:21:27,921] disassembleDotNet() :: Match physical 10510/0x290E, method disassemblies found: 1 [INFO ][2023-09-24 19:21:27,921] disassembleDotNet() :: Match physical 11463/0x2CC7, method disassemblies found: 1 [INFO ][2023-09-24 19:21:27,921] disassembleDotNet() :: Match physical 11474/0x2CD2, method disassemblies found: 2 [INFO ][2023-09-24 19:21:27,922] saveToFile() :: Saving results to: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-09-24 19:21:27,923] save() :: Saving HashCache (101712) [INFO ][2023-09-25 18:14:44,828] main() :: Using file: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-09-25 18:14:44,828] handleFile() :: Handle file: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-09-25 18:14:44,829] handleFile() :: Using parser for file type DOTNET [INFO ][2023-09-25 18:14:44,829] parseFile() :: FilePe: Parse File [INFO ][2023-09-25 18:14:44,832] parsePeSections() :: FilePe: Parse PE Sections [INFO ][2023-09-25 18:14:44,832] parsePeRegions() :: FilePe: Parse PE Regions [WARNING ][2023-09-25 18:14:44,832] parsePeRegions() :: Data Directory Section 0 has address 0, skipping [WARNING ][2023-09-25 18:14:44,832] parsePeRegions() :: Data Directory Section 3 has address 0, skipping [WARNING ][2023-09-25 18:14:44,832] parsePeRegions() :: Data Directory Section 4 has address 0, skipping [WARNING ][2023-09-25 18:14:44,832] parsePeRegions() :: Data Directory Section 6 has address 0, skipping [WARNING ][2023-09-25 18:14:44,832] parsePeRegions() :: Data Directory Section 7 has address 0, skipping [WARNING ][2023-09-25 18:14:44,832] parsePeRegions() :: Data Directory Section 8 has address 0, skipping [WARNING ][2023-09-25 18:14:44,832] parsePeRegions() :: Data Directory Section 9 has address 0, skipping [WARNING ][2023-09-25 18:14:44,832] parsePeRegions() :: Data Directory Section 10 has address 0, skipping [WARNING ][2023-09-25 18:14:44,832] parsePeRegions() :: Data Directory Section 11 has address 0, skipping [WARNING ][2023-09-25 18:14:44,832] parsePeRegions() :: Data Directory Section 13 has address 0, skipping [WARNING ][2023-09-25 18:14:44,832] parsePeRegions() :: Data Directory Section 15 has address 0, skipping [INFO ][2023-09-25 18:14:44,832] parseDotNetSections() :: FilePe: Parse DotNet Sections [INFO ][2023-09-25 18:14:44,851] parseDotNetRegions() :: FilePe: Parse DotNet Regions [WARNING ][2023-09-25 18:14:44,878] handleFile() :: Using scanner as defined in outcome: avira [INFO ][2023-09-25 18:14:44,879] saveToFile() :: Saving results to: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-09-25 18:14:44,879] load() :: Loading HashCache [INFO ][2023-09-25 18:14:45,004] load() :: 101712 hashes loaded [INFO ][2023-09-25 18:14:45,004] save() :: Saving HashCache (101712) [INFO ][2023-09-25 18:14:45,099] augmentFile() :: Perform augmentation of matches [INFO ][2023-09-25 18:14:45,321] init() :: DotnetData entries: 739 [INFO ][2023-09-25 18:14:45,321] disassembleDotNet() :: Match physical 6544/0x1990, method disassemblies found: 1 [INFO ][2023-09-25 18:14:45,321] disassembleDotNet() :: Match physical 7379/0x1CD3, method disassemblies found: 1 [INFO ][2023-09-25 18:14:45,322] disassembleDotNet() :: Match physical 7396/0x1CE4, method disassemblies found: 1 [INFO ][2023-09-25 18:14:45,322] disassembleDotNet() :: Match physical 7705/0x1E19, method disassemblies found: 1 [INFO ][2023-09-25 18:14:45,322] disassembleDotNet() :: Match physical 8079/0x1F8F, method disassemblies found: 1 [INFO ][2023-09-25 18:14:45,322] disassembleDotNet() :: Match physical 8238/0x202E, method disassemblies found: 1 [INFO ][2023-09-25 18:14:45,322] disassembleDotNet() :: Match physical 8679/0x21E7, method disassemblies found: 1 [INFO ][2023-09-25 18:14:45,322] disassembleDotNet() :: Match physical 8694/0x21F6, method disassemblies found: 1 [INFO ][2023-09-25 18:14:45,322] disassembleDotNet() :: Match physical 8741/0x2225, method disassemblies found: 1 [INFO ][2023-09-25 18:14:45,322] disassembleDotNet() :: Match physical 9286/0x2446, method disassemblies found: 1 [INFO ][2023-09-25 18:14:45,323] disassembleDotNet() :: Match physical 9330/0x2472, method disassemblies found: 1 [INFO ][2023-09-25 18:14:45,323] disassembleDotNet() :: Match physical 10063/0x274F, method disassemblies found: 1 [INFO ][2023-09-25 18:14:45,323] disassembleDotNet() :: Match physical 10510/0x290E, method disassemblies found: 1 [INFO ][2023-09-25 18:14:45,323] disassembleDotNet() :: Match physical 11463/0x2CC7, method disassemblies found: 1 [INFO ][2023-09-25 18:14:45,323] disassembleDotNet() :: Match physical 11474/0x2CD2, method disassemblies found: 2 [INFO ][2023-09-25 18:14:45,324] saveToFile() :: Saving results to: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-09-25 18:14:45,325] save() :: Saving HashCache (101712) [INFO ][2023-09-25 18:21:46,567] main() :: Using file: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-09-25 18:21:46,567] handleFile() :: Handle file: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-09-25 18:21:46,568] handleFile() :: Using parser for file type DOTNET [INFO ][2023-09-25 18:21:46,568] parseFile() :: FilePe: Parse File [INFO ][2023-09-25 18:21:46,571] parsePeSections() :: FilePe: Parse PE Sections [INFO ][2023-09-25 18:21:46,571] parsePeRegions() :: FilePe: Parse PE Regions [WARNING ][2023-09-25 18:21:46,571] parsePeRegions() :: Data Directory Section 0 has address 0, skipping [WARNING ][2023-09-25 18:21:46,571] parsePeRegions() :: Data Directory Section 3 has address 0, skipping [WARNING ][2023-09-25 18:21:46,571] parsePeRegions() :: Data Directory Section 4 has address 0, skipping [WARNING ][2023-09-25 18:21:46,571] parsePeRegions() :: Data Directory Section 6 has address 0, skipping [WARNING ][2023-09-25 18:21:46,571] parsePeRegions() :: Data Directory Section 7 has address 0, skipping [WARNING ][2023-09-25 18:21:46,571] parsePeRegions() :: Data Directory Section 8 has address 0, skipping [WARNING ][2023-09-25 18:21:46,571] parsePeRegions() :: Data Directory Section 9 has address 0, skipping [WARNING ][2023-09-25 18:21:46,571] parsePeRegions() :: Data Directory Section 10 has address 0, skipping [WARNING ][2023-09-25 18:21:46,571] parsePeRegions() :: Data Directory Section 11 has address 0, skipping [WARNING ][2023-09-25 18:21:46,571] parsePeRegions() :: Data Directory Section 13 has address 0, skipping [WARNING ][2023-09-25 18:21:46,571] parsePeRegions() :: Data Directory Section 15 has address 0, skipping [INFO ][2023-09-25 18:21:46,571] parseDotNetSections() :: FilePe: Parse DotNet Sections [INFO ][2023-09-25 18:21:46,590] parseDotNetRegions() :: FilePe: Parse DotNet Regions [WARNING ][2023-09-25 18:21:46,617] handleFile() :: Using scanner as defined in outcome: avira [INFO ][2023-09-25 18:21:46,617] saveToFile() :: Saving results to: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-09-25 18:21:46,618] load() :: Loading HashCache [INFO ][2023-09-25 18:21:46,743] load() :: 101712 hashes loaded [INFO ][2023-09-25 18:21:46,743] save() :: Saving HashCache (101712) [INFO ][2023-09-25 18:21:46,839] augmentFile() :: Perform augmentation of matches [INFO ][2023-09-25 18:21:47,062] init() :: DotnetData entries: 739 [INFO ][2023-09-25 18:21:47,062] disassembleDotNet() :: Match physical 6544/0x1990, method disassemblies found: 1 [INFO ][2023-09-25 18:21:47,062] disassembleDotNet() :: Match physical 7379/0x1CD3, method disassemblies found: 1 [INFO ][2023-09-25 18:21:47,062] disassembleDotNet() :: Match physical 7396/0x1CE4, method disassemblies found: 1 [INFO ][2023-09-25 18:21:47,062] disassembleDotNet() :: Match physical 7705/0x1E19, method disassemblies found: 1 [INFO ][2023-09-25 18:21:47,062] disassembleDotNet() :: Match physical 8079/0x1F8F, method disassemblies found: 1 [INFO ][2023-09-25 18:21:47,062] disassembleDotNet() :: Match physical 8238/0x202E, method disassemblies found: 1 [INFO ][2023-09-25 18:21:47,063] disassembleDotNet() :: Match physical 8679/0x21E7, method disassemblies found: 1 [INFO ][2023-09-25 18:21:47,063] disassembleDotNet() :: Match physical 8694/0x21F6, method disassemblies found: 1 [INFO ][2023-09-25 18:21:47,063] disassembleDotNet() :: Match physical 8741/0x2225, method disassemblies found: 1 [INFO ][2023-09-25 18:21:47,063] disassembleDotNet() :: Match physical 9286/0x2446, method disassemblies found: 1 [INFO ][2023-09-25 18:21:47,063] disassembleDotNet() :: Match physical 9330/0x2472, method disassemblies found: 1 [INFO ][2023-09-25 18:21:47,063] disassembleDotNet() :: Match physical 10063/0x274F, method disassemblies found: 1 [INFO ][2023-09-25 18:21:47,063] disassembleDotNet() :: Match physical 10510/0x290E, method disassemblies found: 1 [INFO ][2023-09-25 18:21:47,063] disassembleDotNet() :: Match physical 11463/0x2CC7, method disassemblies found: 1 [INFO ][2023-09-25 18:21:47,064] disassembleDotNet() :: Match physical 11474/0x2CD2, method disassemblies found: 2 [INFO ][2023-09-25 18:21:47,065] saveToFile() :: Saving results to: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-09-25 18:21:47,065] save() :: Saving HashCache (101712) [INFO ][2023-09-29 10:07:20,364] main() :: Using file: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-09-29 10:07:20,365] handleFile() :: Handle file: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-09-29 10:07:20,365] handleFile() :: Using parser for file type DOTNET [INFO ][2023-09-29 10:07:20,365] parseFile() :: FilePe: Parse File [INFO ][2023-09-29 10:07:20,368] parsePeSections() :: FilePe: Parse PE Sections [INFO ][2023-09-29 10:07:20,368] parsePeRegions() :: FilePe: Parse PE Regions [WARNING ][2023-09-29 10:07:20,368] parsePeRegions() :: Data Directory Section 0 has address 0, skipping [WARNING ][2023-09-29 10:07:20,368] parsePeRegions() :: Data Directory Section 3 has address 0, skipping [WARNING ][2023-09-29 10:07:20,369] parsePeRegions() :: Data Directory Section 4 has address 0, skipping [WARNING ][2023-09-29 10:07:20,369] parsePeRegions() :: Data Directory Section 6 has address 0, skipping [WARNING ][2023-09-29 10:07:20,369] parsePeRegions() :: Data Directory Section 7 has address 0, skipping [WARNING ][2023-09-29 10:07:20,369] parsePeRegions() :: Data Directory Section 8 has address 0, skipping [WARNING ][2023-09-29 10:07:20,369] parsePeRegions() :: Data Directory Section 9 has address 0, skipping [WARNING ][2023-09-29 10:07:20,369] parsePeRegions() :: Data Directory Section 10 has address 0, skipping [WARNING ][2023-09-29 10:07:20,369] parsePeRegions() :: Data Directory Section 11 has address 0, skipping [WARNING ][2023-09-29 10:07:20,369] parsePeRegions() :: Data Directory Section 13 has address 0, skipping [WARNING ][2023-09-29 10:07:20,369] parsePeRegions() :: Data Directory Section 15 has address 0, skipping [INFO ][2023-09-29 10:07:20,369] parseDotNetSections() :: FilePe: Parse DotNet Sections [WARNING ][2023-09-29 10:07:20,388] handleFile() :: Using scanner as defined in outcome: avira [INFO ][2023-09-29 10:07:20,389] saveToFile() :: Saving results to: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-09-29 10:07:20,390] load() :: Loading HashCache [INFO ][2023-09-29 10:07:20,526] load() :: 102070 hashes loaded [INFO ][2023-09-29 10:07:20,526] save() :: Saving HashCache (102070) [INFO ][2023-09-29 10:07:20,621] augmentFile() :: Perform augmentation of matches [INFO ][2023-09-29 10:07:20,844] init() :: DotnetData entries: 739 [INFO ][2023-09-29 10:07:20,845] disassembleDotNet() :: Match physical 6544/0x1990, method disassemblies found: 1 [INFO ][2023-09-29 10:07:20,845] disassembleDotNet() :: Match physical 7379/0x1CD3, method disassemblies found: 1 [INFO ][2023-09-29 10:07:20,845] disassembleDotNet() :: Match physical 7396/0x1CE4, method disassemblies found: 1 [INFO ][2023-09-29 10:07:20,845] disassembleDotNet() :: Match physical 7705/0x1E19, method disassemblies found: 1 [INFO ][2023-09-29 10:07:20,845] disassembleDotNet() :: Match physical 8079/0x1F8F, method disassemblies found: 1 [INFO ][2023-09-29 10:07:20,845] disassembleDotNet() :: Match physical 8238/0x202E, method disassemblies found: 1 [INFO ][2023-09-29 10:07:20,845] disassembleDotNet() :: Match physical 8679/0x21E7, method disassemblies found: 1 [INFO ][2023-09-29 10:07:20,845] disassembleDotNet() :: Match physical 8694/0x21F6, method disassemblies found: 1 [INFO ][2023-09-29 10:07:20,845] disassembleDotNet() :: Match physical 8741/0x2225, method disassemblies found: 1 [INFO ][2023-09-29 10:07:20,846] disassembleDotNet() :: Match physical 9286/0x2446, method disassemblies found: 1 [INFO ][2023-09-29 10:07:20,846] disassembleDotNet() :: Match physical 9330/0x2472, method disassemblies found: 1 [INFO ][2023-09-29 10:07:20,846] disassembleDotNet() :: Match physical 10063/0x274F, method disassemblies found: 1 [INFO ][2023-09-29 10:07:20,846] disassembleDotNet() :: Match physical 10510/0x290E, method disassemblies found: 1 [INFO ][2023-09-29 10:07:20,846] disassembleDotNet() :: Match physical 11463/0x2CC7, method disassemblies found: 1 [INFO ][2023-09-29 10:07:20,846] disassembleDotNet() :: Match physical 11474/0x2CD2, method disassemblies found: 2 [INFO ][2023-09-29 10:07:20,847] saveToFile() :: Saving results to: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-09-29 10:07:20,848] save() :: Saving HashCache (102070) [INFO ][2023-09-29 12:11:53,740] main() :: Using file: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-09-29 12:11:53,740] handleFile() :: Handle file: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-09-29 12:11:53,741] handleFile() :: Using parser for file type DOTNET [INFO ][2023-09-29 12:11:53,741] parseFile() :: FilePe: Parse File [INFO ][2023-09-29 12:11:53,743] parsePeSections() :: FilePe: Parse PE Sections [INFO ][2023-09-29 12:11:53,744] parsePeRegions() :: FilePe: Parse PE Regions [WARNING ][2023-09-29 12:11:53,744] parsePeRegions() :: Data Directory Section 0 has address 0, skipping [WARNING ][2023-09-29 12:11:53,744] parsePeRegions() :: Data Directory Section 3 has address 0, skipping [WARNING ][2023-09-29 12:11:53,744] parsePeRegions() :: Data Directory Section 4 has address 0, skipping [WARNING ][2023-09-29 12:11:53,744] parsePeRegions() :: Data Directory Section 6 has address 0, skipping [WARNING ][2023-09-29 12:11:53,744] parsePeRegions() :: Data Directory Section 7 has address 0, skipping [WARNING ][2023-09-29 12:11:53,744] parsePeRegions() :: Data Directory Section 8 has address 0, skipping [WARNING ][2023-09-29 12:11:53,744] parsePeRegions() :: Data Directory Section 9 has address 0, skipping [WARNING ][2023-09-29 12:11:53,744] parsePeRegions() :: Data Directory Section 10 has address 0, skipping [WARNING ][2023-09-29 12:11:53,744] parsePeRegions() :: Data Directory Section 11 has address 0, skipping [WARNING ][2023-09-29 12:11:53,744] parsePeRegions() :: Data Directory Section 13 has address 0, skipping [WARNING ][2023-09-29 12:11:53,744] parsePeRegions() :: Data Directory Section 15 has address 0, skipping [INFO ][2023-09-29 12:11:53,744] parseDotNetSections() :: FilePe: Parse DotNet Sections [WARNING ][2023-09-29 12:11:53,764] handleFile() :: Using scanner as defined in outcome: avira [INFO ][2023-09-29 12:11:53,764] saveToFile() :: Saving results to: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-09-29 12:11:53,765] load() :: Loading HashCache [INFO ][2023-09-29 12:11:53,901] load() :: 102070 hashes loaded [INFO ][2023-09-29 12:11:53,901] save() :: Saving HashCache (102070) [INFO ][2023-09-29 12:11:53,999] augmentFile() :: Perform augmentation of matches [INFO ][2023-09-29 12:11:54,221] init() :: DotnetData entries: 739 [INFO ][2023-09-29 12:11:54,221] disassembleDotNet() :: Match physical 6544/0x1990, method disassemblies found: 1 [INFO ][2023-09-29 12:11:54,221] disassembleDotNet() :: Match physical 7379/0x1CD3, method disassemblies found: 1 [INFO ][2023-09-29 12:11:54,221] disassembleDotNet() :: Match physical 7396/0x1CE4, method disassemblies found: 1 [INFO ][2023-09-29 12:11:54,221] disassembleDotNet() :: Match physical 7705/0x1E19, method disassemblies found: 1 [INFO ][2023-09-29 12:11:54,221] disassembleDotNet() :: Match physical 8079/0x1F8F, method disassemblies found: 1 [INFO ][2023-09-29 12:11:54,221] disassembleDotNet() :: Match physical 8238/0x202E, method disassemblies found: 1 [INFO ][2023-09-29 12:11:54,221] disassembleDotNet() :: Match physical 8679/0x21E7, method disassemblies found: 1 [INFO ][2023-09-29 12:11:54,222] disassembleDotNet() :: Match physical 8694/0x21F6, method disassemblies found: 1 [INFO ][2023-09-29 12:11:54,222] disassembleDotNet() :: Match physical 8741/0x2225, method disassemblies found: 1 [INFO ][2023-09-29 12:11:54,222] disassembleDotNet() :: Match physical 9286/0x2446, method disassemblies found: 1 [INFO ][2023-09-29 12:11:54,222] disassembleDotNet() :: Match physical 9330/0x2472, method disassemblies found: 1 [INFO ][2023-09-29 12:11:54,222] disassembleDotNet() :: Match physical 10063/0x274F, method disassemblies found: 1 [INFO ][2023-09-29 12:11:54,222] disassembleDotNet() :: Match physical 10510/0x290E, method disassemblies found: 1 [INFO ][2023-09-29 12:11:54,222] disassembleDotNet() :: Match physical 11463/0x2CC7, method disassemblies found: 1 [INFO ][2023-09-29 12:11:54,222] disassembleDotNet() :: Match physical 11474/0x2CD2, method disassemblies found: 2 [INFO ][2023-09-29 12:11:54,223] saveToFile() :: Saving results to: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-09-29 12:11:54,224] save() :: Saving HashCache (102070) [INFO ][2023-09-30 10:32:48,446] main() :: Using file: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-09-30 10:32:48,446] handleFile() :: Handle file: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe [INFO ][2023-09-30 10:32:48,447] handleFile() :: Using parser for file type DOTNET [INFO ][2023-09-30 10:32:48,447] parseFile() :: FilePe: Parse File [INFO ][2023-09-30 10:32:48,450] parsePeSections() :: FilePe: Parse PE Sections [INFO ][2023-09-30 10:32:48,450] parsePeRegions() :: FilePe: Parse PE Regions [WARNING ][2023-09-30 10:32:48,450] parsePeRegions() :: Data Directory Section 0 has address 0, skipping [WARNING ][2023-09-30 10:32:48,450] parsePeRegions() :: Data Directory Section 3 has address 0, skipping [WARNING ][2023-09-30 10:32:48,450] parsePeRegions() :: Data Directory Section 4 has address 0, skipping [WARNING ][2023-09-30 10:32:48,450] parsePeRegions() :: Data Directory Section 6 has address 0, skipping [WARNING ][2023-09-30 10:32:48,450] parsePeRegions() :: Data Directory Section 7 has address 0, skipping [WARNING ][2023-09-30 10:32:48,450] parsePeRegions() :: Data Directory Section 8 has address 0, skipping [WARNING ][2023-09-30 10:32:48,450] parsePeRegions() :: Data Directory Section 9 has address 0, skipping [WARNING ][2023-09-30 10:32:48,450] parsePeRegions() :: Data Directory Section 10 has address 0, skipping [WARNING ][2023-09-30 10:32:48,450] parsePeRegions() :: Data Directory Section 11 has address 0, skipping [WARNING ][2023-09-30 10:32:48,450] parsePeRegions() :: Data Directory Section 13 has address 0, skipping [WARNING ][2023-09-30 10:32:48,451] parsePeRegions() :: Data Directory Section 15 has address 0, skipping [INFO ][2023-09-30 10:32:48,451] parseDotNetSections() :: FilePe: Parse DotNet Sections [WARNING ][2023-09-30 10:32:48,470] handleFile() :: Using scanner as defined in outcome: avira [INFO ][2023-09-30 10:32:48,471] saveToFile() :: Saving results to: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-09-30 10:32:48,471] load() :: Loading HashCache [INFO ][2023-09-30 10:32:48,605] load() :: 102072 hashes loaded [INFO ][2023-09-30 10:32:48,606] save() :: Saving HashCache (102072) [INFO ][2023-09-30 10:32:48,706] augmentFile() :: Perform augmentation of matches [INFO ][2023-09-30 10:32:48,928] init() :: DotnetData entries: 739 [INFO ][2023-09-30 10:32:48,928] disassembleDotNet() :: Match physical 6544/0x1990, method disassemblies found: 1 [INFO ][2023-09-30 10:32:48,928] disassembleDotNet() :: Match physical 7379/0x1CD3, method disassemblies found: 1 [INFO ][2023-09-30 10:32:48,929] disassembleDotNet() :: Match physical 7396/0x1CE4, method disassemblies found: 1 [INFO ][2023-09-30 10:32:48,929] disassembleDotNet() :: Match physical 7705/0x1E19, method disassemblies found: 1 [INFO ][2023-09-30 10:32:48,929] disassembleDotNet() :: Match physical 8079/0x1F8F, method disassemblies found: 1 [INFO ][2023-09-30 10:32:48,929] disassembleDotNet() :: Match physical 8238/0x202E, method disassemblies found: 1 [INFO ][2023-09-30 10:32:48,929] disassembleDotNet() :: Match physical 8679/0x21E7, method disassemblies found: 1 [INFO ][2023-09-30 10:32:48,929] disassembleDotNet() :: Match physical 8694/0x21F6, method disassemblies found: 1 [INFO ][2023-09-30 10:32:48,929] disassembleDotNet() :: Match physical 8741/0x2225, method disassemblies found: 1 [INFO ][2023-09-30 10:32:48,929] disassembleDotNet() :: Match physical 9286/0x2446, method disassemblies found: 1 [INFO ][2023-09-30 10:32:48,929] disassembleDotNet() :: Match physical 9330/0x2472, method disassemblies found: 1 [INFO ][2023-09-30 10:32:48,930] disassembleDotNet() :: Match physical 10063/0x274F, method disassemblies found: 1 [INFO ][2023-09-30 10:32:48,930] disassembleDotNet() :: Match physical 10510/0x290E, method disassemblies found: 1 [INFO ][2023-09-30 10:32:48,930] disassembleDotNet() :: Match physical 11463/0x2CC7, method disassemblies found: 1 [INFO ][2023-09-30 10:32:48,930] disassembleDotNet() :: Match physical 11474/0x2CD2, method disassemblies found: 2 [INFO ][2023-09-30 10:32:48,931] saveToFile() :: Saving results to: app/examples/5A67B4365B569C43.SharpUp.exe.avira.exe.outcome [INFO ][2023-09-30 10:32:48,932] save() :: Saving HashCache (102072)