Name: | 89EFCEFA3CF6A4DF.SharpView.exe |
Size: | 736,256 bytes |
Type: | EXE PE.NET |
MD5: | db0eaad52465d5a2b86fdd6a6aa869a5 |
Scanner Name: | defender |
Appraisal: | One based |
Scan Debug: | Duration: 631s / Chunks: 158 / Matches: 27 |
Scan date: | 2023-07-07 02:26:56 |
# | Iteration | Offset | Size | Section | Detail | SectionType | Conclusion |
---|---|---|---|---|---|---|---|
5 | 1 | 495839 | 38 | .text #~ | DATA | Dominant. Modify this to make file undetected |
Dominant. Modify this to make file undetected |
000790DF 0A 57 3F A2 1D 09 0F 00 00 00 FA 01 33 00 16 C4 .W?.........3... 000790EF 00 01 00 00 00 03 01 00 00 D5 00 00 00 C2 05 00 ................ 000790FF 00 44 0C 00 00 03 .D....
Test # | MatchOrder | ModifyPosition |
Match#0 methods 8b |
Match#1 methods 7b |
Match#2 methods 4b |
Match#3 methods 4b |
Match#4 methods 15b |
Match#5 #~ 38b |
Match#6 #~ 7b |
Match#7 #~ 19b |
Match#8 #~ 4b |
Match#9 #Strings 19b |
Match#10 #Strings 19b |
Match#11 #Strings 38b |
Match#12 #Strings 19b |
Match#13 #Strings 14b |
0 | ISOLATED | MIDDLE8 | ||||||||||||||
1 | ISOLATED | THIRDS4 | ||||||||||||||
2 | ISOLATED | FULL | ||||||||||||||
3 | ISOLATED | FULLB | ||||||||||||||
4 | INCREMENTAL | MIDDLE8 | 5 | 7 | 9 | 10 | 11 | 12 | ||||||||
5 | INCREMENTAL | FULL | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 |
6 | DECREMENTAL | FULL | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
7 | ALL | MIDDLE8 | 0 | 0 | 0 | 0 | 0 | 0 | ||||||||
8 | ALL | THIRDS4 | 0 | 0 | 0 | 0 | 0 | 0 | ||||||||
9 | ALL | FULL | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Result |
[INFO ][2023-07-07 02:26:50,232] main() :: Using file: app/upload/89EFCEFA3CF6A4DF.SharpView.exe [INFO ][2023-07-07 02:26:50,232] handleFile() :: Handle file: app/upload/89EFCEFA3CF6A4DF.SharpView.exe [INFO ][2023-07-07 02:26:50,233] handleFile() :: Using parser for file type DOTNET [INFO ][2023-07-07 02:26:50,577] getDotNetSections() :: Offset: 7680 [INFO ][2023-07-07 02:26:50,579] load() :: Loading HashCache [INFO ][2023-07-07 02:26:50,584] load() :: 5778 hashes loaded [INFO ][2023-07-07 02:26:56,538] handleFile() :: QuickCheck: 89EFCEFA3CF6A4DF.SharpView.exe is detected by defender and not hash based [INFO ][2023-07-07 02:26:56,538] handleFile() :: Scanning for matches... [INFO ][2023-07-07 02:26:56,538] scanForMatchesInPe() :: Section Detection: Zero section (leave all others intact) [INFO ][2023-07-07 02:26:59,188] findDetectedSections() :: Hide: .rsrc -> Detected: True [INFO ][2023-07-07 02:27:01,177] findDetectedSections() :: Hide: .reloc -> Detected: True [INFO ][2023-07-07 02:27:02,116] findDetectedSections() :: Hide: methods -> Detected: False [INFO ][2023-07-07 02:27:04,283] findDetectedSections() :: Hide: #~ -> Detected: False [INFO ][2023-07-07 02:27:06,395] findDetectedSections() :: Hide: #Strings -> Detected: False [INFO ][2023-07-07 02:27:08,345] findDetectedSections() :: Hide: #US -> Detected: True [INFO ][2023-07-07 02:27:10,387] findDetectedSections() :: Hide: #GUID -> Detected: True [INFO ][2023-07-07 02:27:12,111] findDetectedSections() :: Hide: #Blob -> Detected: True [INFO ][2023-07-07 02:27:12,111] scanForMatchesInPe() :: 3 section(s) trigger the antivirus independantly [INFO ][2023-07-07 02:27:12,111] scanForMatchesInPe() :: section: methods [INFO ][2023-07-07 02:27:12,111] scanForMatchesInPe() :: section: #~ [INFO ][2023-07-07 02:27:12,111] scanForMatchesInPe() :: section: #Strings [INFO ][2023-07-07 02:27:12,111] scanForMatchesInPe() :: Launching bytes analysis on section: methods (584-495724) [INFO ][2023-07-07 02:27:12,111] _printStatus() :: Reducing: 1 chunks done, found 0 matches (0 added) [INFO ][2023-07-07 02:27:14,741] _printStatus() :: Reducing: 2 chunks done, found 0 matches (0 added) [INFO ][2023-07-07 02:27:18,171] _printStatus() :: Reducing: 3 chunks done, found 0 matches (0 added) [INFO ][2023-07-07 02:27:21,982] _printStatus() :: Reducing: 4 chunks done, found 0 matches (0 added) [INFO ][2023-07-07 02:27:25,950] _printStatus() :: Reducing: 5 chunks done, found 0 matches (0 added) [INFO ][2023-07-07 02:27:29,902] _printStatus() :: Reducing: 6 chunks done, found 0 matches (0 added) [INFO ][2023-07-07 02:27:33,890] _printStatus() :: Reducing: 7 chunks done, found 0 matches (0 added) [INFO ][2023-07-07 02:27:38,114] _printStatus() :: Reducing: 8 chunks done, found 0 matches (0 added) [INFO ][2023-07-07 02:27:42,739] _printStatus() :: Reducing: 9 chunks done, found 0 matches (0 added) [INFO ][2023-07-07 02:27:47,457] _printStatus() :: Reducing: 10 chunks done, found 0 matches (0 added) [INFO ][2023-07-07 02:27:52,028] _printStatus() :: Reducing: 11 chunks done, found 0 matches (0 added) [INFO ][2023-07-07 02:27:56,753] _printStatus() :: Reducing: 12 chunks done, found 0 matches (0 added) [INFO ][2023-07-07 02:28:01,632] _printStatus() :: Reducing: 13 chunks done, found 0 matches (0 added) [INFO ][2023-07-07 02:28:06,377] _printStatus() :: Reducing: 14 chunks done, found 0 matches (0 added) [INFO ][2023-07-07 02:28:11,107] _printStatus() :: Reducing: 15 chunks done, found 0 matches (0 added) [INFO ][2023-07-07 02:28:16,670] _printStatus() :: Reducing: 16 chunks done, found 0 matches (0 added) [INFO ][2023-07-07 02:28:21,279] _printStatus() :: Reducing: 17 chunks done, found 0 matches (0 added) [INFO ][2023-07-07 02:28:26,085] _printStatus() :: Reducing: 18 chunks done, found 0 matches (0 added) [INFO ][2023-07-07 02:28:26,085] _scanDataPart() :: Result: 926-930 (4 bytes) 0000039E 00 00 13 30 ...0 [INFO ][2023-07-07 02:28:30,983] _printStatus() :: Reducing: 20 chunks done, found 1 matches (1 added) [INFO ][2023-07-07 02:28:35,999] _printStatus() :: Reducing: 21 chunks done, found 1 matches (1 added) [INFO ][2023-07-07 02:28:35,999] _scanDataPart() :: Result: 930-934 (4 bytes) 000003A2 06 00 20 04 .. . [INFO ][2023-07-07 02:28:40,171] _printStatus() :: Reducing: 23 chunks done, found 1 matches (2 added) [INFO ][2023-07-07 02:28:44,290] _printStatus() :: Reducing: 24 chunks done, found 1 matches (2 added) [INFO ][2023-07-07 02:28:48,175] _printStatus() :: Reducing: 25 chunks done, found 1 matches (2 added) [INFO ][2023-07-07 02:28:52,267] _printStatus() :: Reducing: 26 chunks done, found 1 matches (2 added) [INFO ][2023-07-07 02:28:56,566] _printStatus() :: Reducing: 27 chunks done, found 1 matches (2 added) [INFO ][2023-07-07 02:29:00,858] _printStatus() :: Reducing: 28 chunks done, found 1 matches (2 added) [INFO ][2023-07-07 02:29:05,171] _printStatus() :: Reducing: 29 chunks done, found 1 matches (2 added) [INFO ][2023-07-07 02:29:09,491] _printStatus() :: Reducing: 30 chunks done, found 1 matches (2 added) [INFO ][2023-07-07 02:29:13,531] _printStatus() :: Reducing: 31 chunks done, found 1 matches (2 added) [INFO ][2023-07-07 02:29:17,715] _printStatus() :: Reducing: 32 chunks done, found 1 matches (2 added) [INFO ][2023-07-07 02:29:21,986] _printStatus() :: Reducing: 33 chunks done, found 1 matches (2 added) [INFO ][2023-07-07 02:29:26,006] _printStatus() :: Reducing: 34 chunks done, found 1 matches (2 added) [INFO ][2023-07-07 02:29:30,055] _printStatus() :: Reducing: 35 chunks done, found 1 matches (2 added) [INFO ][2023-07-07 02:29:30,055] _scanDataPart() :: Result: 36334-36337 (3 bytes) 00008DEE 7A 72 29 zr) [INFO ][2023-07-07 02:29:30,055] _scanDataPart() :: Result: 36337-36341 (4 bytes) 00008DF1 6A 00 70 17 j.p. [INFO ][2023-07-07 02:29:34,160] _printStatus() :: Reducing: 38 chunks done, found 2 matches (4 added) [INFO ][2023-07-07 02:29:34,160] _scanDataPart() :: Result: 36345-36349 (4 bytes) 00008DF9 06 2A 00 1B .*.. [INFO ][2023-07-07 02:29:38,625] _printStatus() :: Reducing: 40 chunks done, found 3 matches (5 added) [INFO ][2023-07-07 02:29:42,774] _printStatus() :: Reducing: 41 chunks done, found 3 matches (5 added) [INFO ][2023-07-07 02:29:42,774] _scanDataPart() :: Result: 36353-36357 (4 bytes) 00008E01 03 00 00 29 ...) [INFO ][2023-07-07 02:29:46,949] _printStatus() :: Reducing: 43 chunks done, found 4 matches (6 added) [INFO ][2023-07-07 02:29:51,658] _printStatus() :: Reducing: 44 chunks done, found 4 matches (6 added) [INFO ][2023-07-07 02:29:55,835] _printStatus() :: Reducing: 45 chunks done, found 4 matches (6 added) [INFO ][2023-07-07 02:29:59,863] _printStatus() :: Reducing: 46 chunks done, found 4 matches (6 added) [INFO ][2023-07-07 02:30:03,966] _printStatus() :: Reducing: 47 chunks done, found 4 matches (6 added) [INFO ][2023-07-07 02:30:08,367] _printStatus() :: Reducing: 48 chunks done, found 4 matches (6 added) [INFO ][2023-07-07 02:30:12,647] _scanDataPart() :: Result: 36575-36590 (15 bytes) 00008EDF 09 11 08 6F 0B 01 00 0A 13 09 11 09 39 34 02 ...o........94. [INFO ][2023-07-07 02:30:12,648] scan() :: Scan Result: Time:181 Chunks:48 MatchesAdded:7 MatchesFinal:5 [INFO ][2023-07-07 02:30:12,648] scanForMatchesInPe() :: Launching bytes analysis on section: #~ (495832-619844) [INFO ][2023-07-07 02:30:12,648] _printStatus() :: Reducing: 49 chunks done, found 0 matches (7 added) [INFO ][2023-07-07 02:30:16,096] _printStatus() :: Reducing: 50 chunks done, found 0 matches (7 added) [INFO ][2023-07-07 02:30:19,885] _printStatus() :: Reducing: 51 chunks done, found 0 matches (7 added) [INFO ][2023-07-07 02:30:23,357] _printStatus() :: Reducing: 52 chunks done, found 0 matches (7 added) [INFO ][2023-07-07 02:30:26,835] _printStatus() :: Reducing: 53 chunks done, found 0 matches (7 added) [INFO ][2023-07-07 02:30:30,729] _printStatus() :: Reducing: 54 chunks done, found 0 matches (7 added) [INFO ][2023-07-07 02:30:34,697] _printStatus() :: Reducing: 55 chunks done, found 0 matches (7 added) [INFO ][2023-07-07 02:30:38,445] _printStatus() :: Reducing: 56 chunks done, found 0 matches (7 added) [INFO ][2023-07-07 02:30:42,137] _printStatus() :: Reducing: 57 chunks done, found 0 matches (7 added) [INFO ][2023-07-07 02:30:45,898] _printStatus() :: Reducing: 58 chunks done, found 0 matches (7 added) [INFO ][2023-07-07 02:30:49,848] _printStatus() :: Reducing: 59 chunks done, found 0 matches (7 added) [INFO ][2023-07-07 02:30:53,973] _printStatus() :: Reducing: 60 chunks done, found 0 matches (7 added) [INFO ][2023-07-07 02:30:57,539] _printStatus() :: Reducing: 61 chunks done, found 0 matches (7 added) [INFO ][2023-07-07 02:31:01,330] _printStatus() :: Reducing: 62 chunks done, found 0 matches (7 added) [INFO ][2023-07-07 02:31:05,232] _printStatus() :: Reducing: 63 chunks done, found 0 matches (7 added) [INFO ][2023-07-07 02:31:08,695] _scanDataPart() :: Result: 495839-495847 (8 bytes) 000790DF 0A 57 3F A2 1D 09 0F 00 .W?..... [INFO ][2023-07-07 02:31:08,695] _printStatus() :: Reducing: 64 chunks done, found 1 matches (8 added) [INFO ][2023-07-07 02:31:12,997] _printStatus() :: Reducing: 65 chunks done, found 1 matches (8 added) [INFO ][2023-07-07 02:31:16,805] _printStatus() :: Reducing: 66 chunks done, found 1 matches (8 added) [INFO ][2023-07-07 02:31:16,805] _scanDataPart() :: Result: 495847-495850 (3 bytes) 000790E7 00 00 FA ... [INFO ][2023-07-07 02:31:16,806] _scanDataPart() :: Result: 495850-495854 (4 bytes) 000790EA 01 33 00 16 .3.. [INFO ][2023-07-07 02:31:20,739] _scanDataPart() :: Result: 495854-495862 (8 bytes) 000790EE C4 00 01 00 00 00 03 01 ........ [INFO ][2023-07-07 02:31:20,739] _printStatus() :: Reducing: 69 chunks done, found 1 matches (11 added) [INFO ][2023-07-07 02:31:24,742] _printStatus() :: Reducing: 70 chunks done, found 1 matches (11 added) [INFO ][2023-07-07 02:31:28,472] _scanDataPart() :: Result: 495862-495877 (15 bytes) 000790F6 00 00 D5 00 00 00 C2 05 00 00 44 0C 00 00 03 ..........D.... [INFO ][2023-07-07 02:31:28,472] _printStatus() :: Reducing: 71 chunks done, found 1 matches (12 added) [INFO ][2023-07-07 02:31:32,247] _printStatus() :: Reducing: 72 chunks done, found 1 matches (12 added) [INFO ][2023-07-07 02:31:36,393] _printStatus() :: Reducing: 73 chunks done, found 1 matches (12 added) [INFO ][2023-07-07 02:31:40,428] _printStatus() :: Reducing: 74 chunks done, found 1 matches (12 added) [INFO ][2023-07-07 02:31:44,593] _printStatus() :: Reducing: 75 chunks done, found 1 matches (12 added) [INFO ][2023-07-07 02:31:48,834] _printStatus() :: Reducing: 76 chunks done, found 1 matches (12 added) [INFO ][2023-07-07 02:31:53,400] _printStatus() :: Reducing: 77 chunks done, found 1 matches (12 added) [INFO ][2023-07-07 02:31:57,780] _printStatus() :: Reducing: 78 chunks done, found 1 matches (12 added) [INFO ][2023-07-07 02:32:02,040] _printStatus() :: Reducing: 79 chunks done, found 1 matches (12 added) [INFO ][2023-07-07 02:32:06,342] _printStatus() :: Reducing: 80 chunks done, found 1 matches (12 added) [INFO ][2023-07-07 02:32:10,369] _printStatus() :: Reducing: 81 chunks done, found 1 matches (12 added) [INFO ][2023-07-07 02:32:12,273] _scanDataPart() :: Result: 509440-509443 (3 bytes) 0007C600 90 21 00 .!. [INFO ][2023-07-07 02:32:12,273] _scanDataPart() :: Result: 509443-509447 (4 bytes) 0007C603 00 00 00 96 .... [INFO ][2023-07-07 02:32:16,276] _printStatus() :: Reducing: 85 chunks done, found 2 matches (14 added) [INFO ][2023-07-07 02:32:16,276] _scanDataPart() :: Result: 509451-509455 (4 bytes) 0007C60B 00 04 00 A0 .... [INFO ][2023-07-07 02:32:20,492] _printStatus() :: Reducing: 87 chunks done, found 3 matches (15 added) [INFO ][2023-07-07 02:32:24,753] _printStatus() :: Reducing: 88 chunks done, found 3 matches (15 added) [INFO ][2023-07-07 02:32:28,892] _scanDataPart() :: Result: 509455-509470 (15 bytes) 0007C60F 21 00 00 00 00 91 00 AC 75 A1 01 05 00 CC 25 !.......u.....% [INFO ][2023-07-07 02:32:28,892] _printStatus() :: Reducing: 89 chunks done, found 3 matches (16 added) [INFO ][2023-07-07 02:32:33,197] _printStatus() :: Reducing: 90 chunks done, found 3 matches (16 added) [INFO ][2023-07-07 02:32:37,386] _printStatus() :: Reducing: 91 chunks done, found 3 matches (16 added) [INFO ][2023-07-07 02:32:41,582] _printStatus() :: Reducing: 92 chunks done, found 3 matches (16 added) [INFO ][2023-07-07 02:32:45,816] _printStatus() :: Reducing: 93 chunks done, found 3 matches (16 added) [INFO ][2023-07-07 02:32:49,910] _printStatus() :: Reducing: 94 chunks done, found 3 matches (16 added) [INFO ][2023-07-07 02:32:54,113] _printStatus() :: Reducing: 95 chunks done, found 3 matches (16 added) [INFO ][2023-07-07 02:32:58,397] _printStatus() :: Reducing: 96 chunks done, found 3 matches (16 added) [INFO ][2023-07-07 02:33:02,577] _printStatus() :: Reducing: 97 chunks done, found 3 matches (16 added) [INFO ][2023-07-07 02:33:02,577] _scanDataPart() :: Result: 510390-510394 (4 bytes) 0007C9B6 47 00 FC AB G... [INFO ][2023-07-07 02:33:02,579] scan() :: Scan Result: Time:170 Chunks:97 MatchesAdded:17 MatchesFinal:4 [INFO ][2023-07-07 02:33:02,579] scanForMatchesInPe() :: Launching bytes analysis on section: #Strings (619844-658196) [INFO ][2023-07-07 02:33:02,579] _printStatus() :: Reducing: 98 chunks done, found 0 matches (17 added) [INFO ][2023-07-07 02:33:06,918] _printStatus() :: Reducing: 99 chunks done, found 0 matches (17 added) [INFO ][2023-07-07 02:33:11,445] _printStatus() :: Reducing: 100 chunks done, found 0 matches (17 added) [INFO ][2023-07-07 02:33:16,111] _printStatus() :: Reducing: 101 chunks done, found 0 matches (17 added) [INFO ][2023-07-07 02:33:20,901] _printStatus() :: Reducing: 102 chunks done, found 0 matches (17 added) [INFO ][2023-07-07 02:33:25,395] _printStatus() :: Reducing: 103 chunks done, found 0 matches (17 added) [INFO ][2023-07-07 02:33:29,972] _printStatus() :: Reducing: 104 chunks done, found 0 matches (17 added) [INFO ][2023-07-07 02:33:34,356] _printStatus() :: Reducing: 105 chunks done, found 0 matches (17 added) [INFO ][2023-07-07 02:33:38,819] _printStatus() :: Reducing: 106 chunks done, found 0 matches (17 added) [INFO ][2023-07-07 02:33:43,729] _printStatus() :: Reducing: 107 chunks done, found 0 matches (17 added) [INFO ][2023-07-07 02:33:48,217] _printStatus() :: Reducing: 108 chunks done, found 0 matches (17 added) [INFO ][2023-07-07 02:33:53,137] _printStatus() :: Reducing: 109 chunks done, found 0 matches (17 added) [INFO ][2023-07-07 02:33:57,597] _printStatus() :: Reducing: 110 chunks done, found 0 matches (17 added) [INFO ][2023-07-07 02:34:02,017] _printStatus() :: Reducing: 111 chunks done, found 0 matches (17 added) [INFO ][2023-07-07 02:34:02,017] _scanDataPart() :: Result: 649968-649973 (5 bytes) 0009EAF0 47 65 74 5F 44 Get_D [INFO ][2023-07-07 02:34:06,621] _printStatus() :: Reducing: 113 chunks done, found 1 matches (18 added) [INFO ][2023-07-07 02:34:11,283] _scanDataPart() :: Result: 649973-649982 (9 bytes) 0009EAF5 6F 6D 61 69 6E 53 65 61 72 omainSear [INFO ][2023-07-07 02:34:11,284] _printStatus() :: Reducing: 114 chunks done, found 1 matches (19 added) [INFO ][2023-07-07 02:34:15,805] _printStatus() :: Reducing: 115 chunks done, found 1 matches (19 added) [INFO ][2023-07-07 02:34:15,805] _scanDataPart() :: Result: 649982-649987 (5 bytes) 0009EAFE 63 68 65 72 00 cher. [INFO ][2023-07-07 02:34:20,565] _printStatus() :: Reducing: 117 chunks done, found 1 matches (20 added) [INFO ][2023-07-07 02:34:25,075] _printStatus() :: Reducing: 118 chunks done, found 1 matches (20 added) [INFO ][2023-07-07 02:34:29,528] _printStatus() :: Reducing: 119 chunks done, found 1 matches (20 added) [INFO ][2023-07-07 02:34:33,821] _printStatus() :: Reducing: 120 chunks done, found 1 matches (20 added) [WARNING ][2023-07-07 02:34:33,821] _scanDataPart() :: Doubling minMatchSize to 16 [INFO ][2023-07-07 02:34:38,467] _printStatus() :: Reducing: 121 chunks done, found 1 matches (20 added) [INFO ][2023-07-07 02:34:43,071] _scanDataPart() :: Result: 650245-650255 (10 bytes) 0009EC05 00 67 65 74 5F 50 64 63 52 6F .get_PdcRo [INFO ][2023-07-07 02:34:43,071] _printStatus() :: Reducing: 122 chunks done, found 2 matches (21 added) [INFO ][2023-07-07 02:34:47,648] _printStatus() :: Reducing: 123 chunks done, found 2 matches (21 added) [INFO ][2023-07-07 02:34:52,544] _printStatus() :: Reducing: 124 chunks done, found 2 matches (21 added) [INFO ][2023-07-07 02:34:57,377] _printStatus() :: Reducing: 125 chunks done, found 2 matches (21 added) [INFO ][2023-07-07 02:35:02,136] _printStatus() :: Reducing: 126 chunks done, found 2 matches (21 added) [INFO ][2023-07-07 02:35:06,635] _scanDataPart() :: Result: 650255-650264 (9 bytes) 0009EC0F 6C 65 4F 77 6E 65 72 00 47 leOwner.G [INFO ][2023-07-07 02:35:06,635] _printStatus() :: Reducing: 127 chunks done, found 2 matches (22 added) [INFO ][2023-07-07 02:35:11,421] _printStatus() :: Reducing: 128 chunks done, found 2 matches (22 added) [INFO ][2023-07-07 02:35:15,824] _printStatus() :: Reducing: 129 chunks done, found 2 matches (22 added) [INFO ][2023-07-07 02:35:20,713] _printStatus() :: Reducing: 130 chunks done, found 2 matches (22 added) [INFO ][2023-07-07 02:35:25,542] _printStatus() :: Reducing: 131 chunks done, found 2 matches (22 added) [INFO ][2023-07-07 02:35:30,119] _printStatus() :: Reducing: 132 chunks done, found 2 matches (22 added) [INFO ][2023-07-07 02:35:34,927] _printStatus() :: Reducing: 133 chunks done, found 2 matches (22 added) [INFO ][2023-07-07 02:35:39,707] _printStatus() :: Reducing: 134 chunks done, found 2 matches (22 added) [INFO ][2023-07-07 02:35:44,403] _scanDataPart() :: Result: 652989-653008 (19 bytes) 0009F6BD 44 6E 73 00 53 79 73 74 65 6D 2E 49 64 65 6E 74 Dns.System.Ident 0009F6CD 69 74 79 ity [INFO ][2023-07-07 02:35:44,403] _printStatus() :: Reducing: 135 chunks done, found 3 matches (23 added) [INFO ][2023-07-07 02:35:49,251] _scanDataPart() :: Result: 653008-653027 (19 bytes) 0009F6D0 4D 6F 64 65 6C 2E 54 6F 6B 65 6E 73 00 67 65 74 Model.Tokens.get 0009F6E0 5F 44 6F _Do [INFO ][2023-07-07 02:35:49,251] _printStatus() :: Reducing: 136 chunks done, found 3 matches (24 added) [INFO ][2023-07-07 02:35:53,681] _printStatus() :: Reducing: 137 chunks done, found 3 matches (24 added) [INFO ][2023-07-07 02:35:58,098] _printStatus() :: Reducing: 138 chunks done, found 3 matches (24 added) [INFO ][2023-07-07 02:36:02,881] _printStatus() :: Reducing: 139 chunks done, found 3 matches (24 added) [INFO ][2023-07-07 02:36:07,346] _printStatus() :: Reducing: 140 chunks done, found 3 matches (24 added) [INFO ][2023-07-07 02:36:12,139] _printStatus() :: Reducing: 141 chunks done, found 3 matches (24 added) [INFO ][2023-07-07 02:36:16,752] _printStatus() :: Reducing: 142 chunks done, found 3 matches (24 added) [INFO ][2023-07-07 02:36:21,201] _printStatus() :: Reducing: 143 chunks done, found 3 matches (24 added) [INFO ][2023-07-07 02:36:25,847] _printStatus() :: Reducing: 144 chunks done, found 3 matches (24 added) [INFO ][2023-07-07 02:36:30,749] _scanDataPart() :: Result: 656229-656248 (19 bytes) 000A0365 65 73 74 00 47 65 74 52 65 71 75 65 73 74 00 58 est.GetRequest.X 000A0375 6D 6C 4E mlN [INFO ][2023-07-07 02:36:30,750] _printStatus() :: Reducing: 145 chunks done, found 4 matches (25 added) [INFO ][2023-07-07 02:36:35,062] _printStatus() :: Reducing: 146 chunks done, found 4 matches (25 added) [INFO ][2023-07-07 02:36:39,350] _printStatus() :: Reducing: 147 chunks done, found 4 matches (25 added) [INFO ][2023-07-07 02:36:44,034] _printStatus() :: Reducing: 148 chunks done, found 4 matches (25 added) [INFO ][2023-07-07 02:36:48,172] _printStatus() :: Reducing: 149 chunks done, found 4 matches (25 added) [INFO ][2023-07-07 02:36:52,435] _printStatus() :: Reducing: 150 chunks done, found 4 matches (25 added) [INFO ][2023-07-07 02:36:56,772] _printStatus() :: Reducing: 151 chunks done, found 4 matches (25 added) [INFO ][2023-07-07 02:37:01,227] _printStatus() :: Reducing: 152 chunks done, found 4 matches (25 added) [INFO ][2023-07-07 02:37:05,601] _printStatus() :: Reducing: 153 chunks done, found 4 matches (25 added) [INFO ][2023-07-07 02:37:05,601] _scanDataPart() :: Result: 658041-658046 (5 bytes) 000A0A79 4C 44 41 50 50 LDAPP [INFO ][2023-07-07 02:37:09,723] _printStatus() :: Reducing: 155 chunks done, found 5 matches (26 added) [INFO ][2023-07-07 02:37:13,836] _printStatus() :: Reducing: 156 chunks done, found 5 matches (26 added) [INFO ][2023-07-07 02:37:18,036] _printStatus() :: Reducing: 157 chunks done, found 5 matches (26 added) [INFO ][2023-07-07 02:37:22,391] _printStatus() :: Reducing: 158 chunks done, found 5 matches (26 added) [INFO ][2023-07-07 02:37:27,139] _scanDataPart() :: Result: 658046-658055 (9 bytes) 000A0A7E 72 6F 70 65 72 74 79 00 67 roperty.g [INFO ][2023-07-07 02:37:27,140] scan() :: Scan Result: Time:265 Chunks:158 MatchesAdded:27 MatchesFinal:5 [INFO ][2023-07-07 02:37:27,140] handleFile() :: Result: 14 matches [INFO ][2023-07-07 02:37:27,140] saveToFile() :: Saving results to: app/upload/89EFCEFA3CF6A4DF.SharpView.exe.outcome [INFO ][2023-07-07 02:37:29,386] save() :: Saving HashCache (6075) [INFO ][2023-07-07 02:37:29,394] verifyFile() :: Perform verification of matches [INFO ][2023-07-07 02:37:29,395] runVerifications() :: Verify 14 matches [INFO ][2023-07-07 02:37:41,763] runVerifications() :: Verification run: 0 MIDDLE8 ISOLATED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED result: ScanResult.DETECTED result: ScanResult.NOT_SCANNED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.NOT_SCANNED [INFO ][2023-07-07 02:37:55,030] runVerifications() :: Verification run: 1 THIRDS4 ISOLATED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED result: ScanResult.DETECTED result: ScanResult.NOT_SCANNED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.NOT_SCANNED [INFO ][2023-07-07 02:38:24,798] runVerifications() :: Verification run: 2 FULL ISOLATED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.NOT_DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED [INFO ][2023-07-07 02:38:54,751] runVerifications() :: Verification run: 3 FULLB ISOLATED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.NOT_DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED [INFO ][2023-07-07 02:39:04,070] runVerifications() :: Verification run: 4 MIDDLE8 INCREMENTAL result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED Idx: 5 result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED Idx: 7 result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED Idx: 9 result: ScanResult.NOT_DETECTED Idx: 10 result: ScanResult.NOT_DETECTED Idx: 11 result: ScanResult.NOT_DETECTED Idx: 12 result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED [INFO ][2023-07-07 02:39:30,492] runVerifications() :: Verification run: 5 FULL INCREMENTAL Idx: 0 result: ScanResult.DETECTED Idx: 1 result: ScanResult.DETECTED Idx: 2 result: ScanResult.NOT_DETECTED Idx: 3 result: ScanResult.NOT_DETECTED Idx: 4 result: ScanResult.NOT_DETECTED Idx: 5 result: ScanResult.NOT_DETECTED Idx: 6 result: ScanResult.NOT_DETECTED Idx: 7 result: ScanResult.NOT_DETECTED Idx: 8 result: ScanResult.NOT_DETECTED Idx: 9 result: ScanResult.NOT_DETECTED Idx: 10 result: ScanResult.NOT_DETECTED Idx: 11 result: ScanResult.NOT_DETECTED Idx: 12 result: ScanResult.NOT_DETECTED Idx: 13 result: ScanResult.NOT_DETECTED [INFO ][2023-07-07 02:39:55,160] runVerifications() :: Verification run: 6 FULL DECREMENTAL Idx: 13 result: ScanResult.NOT_DETECTED Idx: 12 result: ScanResult.NOT_DETECTED Idx: 11 result: ScanResult.NOT_DETECTED Idx: 10 result: ScanResult.NOT_DETECTED Idx: 9 result: ScanResult.NOT_DETECTED Idx: 8 result: ScanResult.NOT_DETECTED Idx: 7 result: ScanResult.NOT_DETECTED Idx: 6 result: ScanResult.NOT_DETECTED Idx: 5 result: ScanResult.NOT_DETECTED Idx: 4 result: ScanResult.NOT_DETECTED Idx: 3 result: ScanResult.NOT_DETECTED Idx: 2 result: ScanResult.NOT_DETECTED Idx: 1 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.DETECTED [INFO ][2023-07-07 02:39:55,162] runVerifications() :: Verification run: 7 MIDDLE8 ALL result: ScanResult.NOT_SCANNED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED Idx: 0 result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED Idx: 0 result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED [INFO ][2023-07-07 02:39:56,599] runVerifications() :: Verification run: 8 THIRDS4 ALL result: ScanResult.NOT_SCANNED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED Idx: 0 result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED Idx: 0 result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED [INFO ][2023-07-07 02:39:56,601] runVerifications() :: Verification run: 9 FULL ALL Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED [INFO ][2023-07-07 02:39:56,601] saveToFile() :: Saving results to: app/upload/89EFCEFA3CF6A4DF.SharpView.exe.outcome [INFO ][2023-07-07 02:39:56,601] augmentFile() :: Perform augmentation of matches [INFO ][2023-07-07 02:39:56,964] getDotNetSections() :: Offset: 7680 [INFO ][2023-07-07 02:39:58,759] disassembleDotNet() :: Match physical 926/0x39E, method disassemblies found: 1 [INFO ][2023-07-07 02:39:58,759] disassembleDotNet() :: Match physical 36334/0x8DEE, method disassemblies found: 1 [INFO ][2023-07-07 02:39:58,760] disassembleDotNet() :: Match physical 36345/0x8DF9, method disassemblies found: 2 [INFO ][2023-07-07 02:39:58,760] disassembleDotNet() :: Match physical 36353/0x8E01, method disassemblies found: 1 [INFO ][2023-07-07 02:39:58,760] disassembleDotNet() :: Match physical 36575/0x8EDF, method disassemblies found: 1 [INFO ][2023-07-07 02:39:58,768] saveToFile() :: Saving results to: app/upload/89EFCEFA3CF6A4DF.SharpView.exe.outcome [INFO ][2023-07-07 02:39:58,769] outflankFile() :: Attempt to outflank the file [INFO ][2023-07-07 02:39:58,769] outflankDotnet() :: Outflank failed with attempted 0 patches [INFO ][2023-07-07 02:39:58,769] saveToFile() :: Saving results to: app/upload/89EFCEFA3CF6A4DF.SharpView.exe.outcome [INFO ][2023-07-07 02:39:58,770] save() :: Saving HashCache (6146) [INFO ][2023-07-08 08:53:58,973] main() :: Using file: app/upload/89EFCEFA3CF6A4DF.SharpView.exe [INFO ][2023-07-08 08:53:58,974] handleFile() :: Handle file: app/upload/89EFCEFA3CF6A4DF.SharpView.exe [INFO ][2023-07-08 08:53:58,975] handleFile() :: Using parser for file type DOTNET [INFO ][2023-07-08 08:53:59,316] getDotNetSections() :: Offset: 7680 [INFO ][2023-07-08 08:53:59,317] load() :: Loading HashCache [INFO ][2023-07-08 08:53:59,411] load() :: 38427 hashes loaded [INFO ][2023-07-08 08:53:59,411] save() :: Saving HashCache (38427) [INFO ][2023-07-08 08:53:59,450] verifyFile() :: Perform verification of matches [INFO ][2023-07-08 08:53:59,450] runVerifications() :: Verify 14 matches [INFO ][2023-07-08 08:53:59,457] runVerifications() :: Verification run: 0 MIDDLE8 ISOLATED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED result: ScanResult.DETECTED result: ScanResult.NOT_SCANNED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.NOT_SCANNED [INFO ][2023-07-08 08:53:59,465] runVerifications() :: Verification run: 1 THIRDS4 ISOLATED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED result: ScanResult.DETECTED result: ScanResult.NOT_SCANNED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.NOT_SCANNED [INFO ][2023-07-08 08:53:59,481] runVerifications() :: Verification run: 2 FULL ISOLATED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.NOT_DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED [INFO ][2023-07-08 08:53:59,498] runVerifications() :: Verification run: 3 FULLB ISOLATED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.NOT_DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED result: ScanResult.DETECTED [INFO ][2023-07-08 08:53:59,504] runVerifications() :: Verification run: 4 MIDDLE8 INCREMENTAL result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED Idx: 5 result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED Idx: 7 result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED Idx: 9 result: ScanResult.NOT_DETECTED Idx: 10 result: ScanResult.NOT_DETECTED Idx: 11 result: ScanResult.NOT_DETECTED Idx: 12 result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED [INFO ][2023-07-08 08:53:59,518] runVerifications() :: Verification run: 5 FULL INCREMENTAL Idx: 0 result: ScanResult.DETECTED Idx: 1 result: ScanResult.DETECTED Idx: 2 result: ScanResult.NOT_DETECTED Idx: 3 result: ScanResult.NOT_DETECTED Idx: 4 result: ScanResult.NOT_DETECTED Idx: 5 result: ScanResult.NOT_DETECTED Idx: 6 result: ScanResult.NOT_DETECTED Idx: 7 result: ScanResult.NOT_DETECTED Idx: 8 result: ScanResult.NOT_DETECTED Idx: 9 result: ScanResult.NOT_DETECTED Idx: 10 result: ScanResult.NOT_DETECTED Idx: 11 result: ScanResult.NOT_DETECTED Idx: 12 result: ScanResult.NOT_DETECTED Idx: 13 result: ScanResult.NOT_DETECTED [INFO ][2023-07-08 08:53:59,531] runVerifications() :: Verification run: 6 FULL DECREMENTAL Idx: 13 result: ScanResult.NOT_DETECTED Idx: 12 result: ScanResult.NOT_DETECTED Idx: 11 result: ScanResult.NOT_DETECTED Idx: 10 result: ScanResult.NOT_DETECTED Idx: 9 result: ScanResult.NOT_DETECTED Idx: 8 result: ScanResult.NOT_DETECTED Idx: 7 result: ScanResult.NOT_DETECTED Idx: 6 result: ScanResult.NOT_DETECTED Idx: 5 result: ScanResult.NOT_DETECTED Idx: 4 result: ScanResult.NOT_DETECTED Idx: 3 result: ScanResult.NOT_DETECTED Idx: 2 result: ScanResult.NOT_DETECTED Idx: 1 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.DETECTED [INFO ][2023-07-08 08:53:59,532] runVerifications() :: Verification run: 7 MIDDLE8 ALL result: ScanResult.NOT_SCANNED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED Idx: 0 result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED Idx: 0 result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED [INFO ][2023-07-08 08:53:59,534] runVerifications() :: Verification run: 8 THIRDS4 ALL result: ScanResult.NOT_SCANNED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED Idx: 0 result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED Idx: 0 result: ScanResult.NOT_DETECTED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED result: ScanResult.NOT_SCANNED [INFO ][2023-07-08 08:53:59,535] runVerifications() :: Verification run: 9 FULL ALL Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED Idx: 0 result: ScanResult.NOT_DETECTED [INFO ][2023-07-08 08:53:59,535] saveToFile() :: Saving results to: app/upload/89EFCEFA3CF6A4DF.SharpView.exe.outcome [INFO ][2023-07-08 08:53:59,536] save() :: Saving HashCache (38427) [INFO ][2023-09-01 05:26:50,127] main() :: Using file: app/examples/89EFCEFA3CF6A4DF.SharpView.exe [INFO ][2023-09-01 05:26:50,127] handleFile() :: Handle file: app/examples/89EFCEFA3CF6A4DF.SharpView.exe [INFO ][2023-09-01 05:26:50,137] handleFile() :: Using parser for file type DOTNET [INFO ][2023-09-01 05:26:50,481] getDotNetSections() :: Offset: 7680 [WARNING ][2023-09-01 05:26:50,482] handleFile() :: Using scanner as defined in outcome: defender [INFO ][2023-09-01 05:26:50,484] saveToFile() :: Saving results to: app/examples/89EFCEFA3CF6A4DF.SharpView.exe.outcome [INFO ][2023-09-01 05:26:50,484] load() :: Loading HashCache [INFO ][2023-09-01 05:26:50,642] load() :: 85943 hashes loaded [INFO ][2023-09-01 05:26:50,642] save() :: Saving HashCache (85943) [INFO ][2023-09-01 05:26:50,726] save() :: Saving HashCache (85943) [INFO ][2023-09-24 19:21:55,245] main() :: Using file: app/examples/89EFCEFA3CF6A4DF.SharpView.exe [INFO ][2023-09-24 19:21:55,245] handleFile() :: Handle file: app/examples/89EFCEFA3CF6A4DF.SharpView.exe [INFO ][2023-09-24 19:21:55,255] handleFile() :: Using parser for file type DOTNET [INFO ][2023-09-24 19:21:55,255] parseFile() :: FilePe: Parse File [INFO ][2023-09-24 19:21:55,287] parsePeSections() :: FilePe: Parse PE Sections [INFO ][2023-09-24 19:21:55,288] parsePeRegions() :: FilePe: Parse PE Regions [WARNING ][2023-09-24 19:21:55,288] parsePeRegions() :: Data Directory Section 0 has address 0, skipping [WARNING ][2023-09-24 19:21:55,288] parsePeRegions() :: Data Directory Section 3 has address 0, skipping [WARNING ][2023-09-24 19:21:55,288] parsePeRegions() :: Data Directory Section 4 has address 0, skipping [WARNING ][2023-09-24 19:21:55,288] parsePeRegions() :: Data Directory Section 7 has address 0, skipping [WARNING ][2023-09-24 19:21:55,288] parsePeRegions() :: Data Directory Section 8 has address 0, skipping [WARNING ][2023-09-24 19:21:55,288] parsePeRegions() :: Data Directory Section 9 has address 0, skipping [WARNING ][2023-09-24 19:21:55,288] parsePeRegions() :: Data Directory Section 10 has address 0, skipping [WARNING ][2023-09-24 19:21:55,288] parsePeRegions() :: Data Directory Section 11 has address 0, skipping [WARNING ][2023-09-24 19:21:55,288] parsePeRegions() :: Data Directory Section 13 has address 0, skipping [WARNING ][2023-09-24 19:21:55,288] parsePeRegions() :: Data Directory Section 15 has address 0, skipping [INFO ][2023-09-24 19:21:55,288] parseDotNetSections() :: FilePe: Parse DotNet Sections [INFO ][2023-09-24 19:21:55,591] parseDotNetRegions() :: FilePe: Parse DotNet Regions [WARNING ][2023-09-24 19:21:55,959] handleFile() :: Using scanner as defined in outcome: defender [INFO ][2023-09-24 19:21:55,961] saveToFile() :: Saving results to: app/examples/89EFCEFA3CF6A4DF.SharpView.exe.outcome [INFO ][2023-09-24 19:21:55,961] load() :: Loading HashCache [INFO ][2023-09-24 19:21:56,136] load() :: 101712 hashes loaded [INFO ][2023-09-24 19:21:56,136] save() :: Saving HashCache (101712) [INFO ][2023-09-24 19:21:56,234] augmentFile() :: Perform augmentation of matches [INFO ][2023-09-24 19:22:00,753] init() :: DotnetData entries: 15488 [INFO ][2023-09-24 19:22:00,754] disassembleDotNet() :: Match physical 926/0x39E, method disassemblies found: 1 [INFO ][2023-09-24 19:22:00,754] disassembleDotNet() :: Match physical 36334/0x8DEE, method disassemblies found: 1 [INFO ][2023-09-24 19:22:00,754] disassembleDotNet() :: Match physical 36345/0x8DF9, method disassemblies found: 2 [INFO ][2023-09-24 19:22:00,754] disassembleDotNet() :: Match physical 36353/0x8E01, method disassemblies found: 1 [INFO ][2023-09-24 19:22:00,754] disassembleDotNet() :: Match physical 36575/0x8EDF, method disassemblies found: 1 [INFO ][2023-09-24 19:22:00,767] saveToFile() :: Saving results to: app/examples/89EFCEFA3CF6A4DF.SharpView.exe.outcome [INFO ][2023-09-24 19:22:00,768] save() :: Saving HashCache (101712) [INFO ][2023-09-25 18:15:13,391] main() :: Using file: app/examples/89EFCEFA3CF6A4DF.SharpView.exe [INFO ][2023-09-25 18:15:13,391] handleFile() :: Handle file: app/examples/89EFCEFA3CF6A4DF.SharpView.exe [INFO ][2023-09-25 18:15:13,392] handleFile() :: Using parser for file type DOTNET [INFO ][2023-09-25 18:15:13,392] parseFile() :: FilePe: Parse File [INFO ][2023-09-25 18:15:13,421] parsePeSections() :: FilePe: Parse PE Sections [INFO ][2023-09-25 18:15:13,421] parsePeRegions() :: FilePe: Parse PE Regions [WARNING ][2023-09-25 18:15:13,421] parsePeRegions() :: Data Directory Section 0 has address 0, skipping [WARNING ][2023-09-25 18:15:13,421] parsePeRegions() :: Data Directory Section 3 has address 0, skipping [WARNING ][2023-09-25 18:15:13,421] parsePeRegions() :: Data Directory Section 4 has address 0, skipping [WARNING ][2023-09-25 18:15:13,422] parsePeRegions() :: Data Directory Section 7 has address 0, skipping [WARNING ][2023-09-25 18:15:13,422] parsePeRegions() :: Data Directory Section 8 has address 0, skipping [WARNING ][2023-09-25 18:15:13,422] parsePeRegions() :: Data Directory Section 9 has address 0, skipping [WARNING ][2023-09-25 18:15:13,422] parsePeRegions() :: Data Directory Section 10 has address 0, skipping [WARNING ][2023-09-25 18:15:13,422] parsePeRegions() :: Data Directory Section 11 has address 0, skipping [WARNING ][2023-09-25 18:15:13,422] parsePeRegions() :: Data Directory Section 13 has address 0, skipping [WARNING ][2023-09-25 18:15:13,422] parsePeRegions() :: Data Directory Section 15 has address 0, skipping [INFO ][2023-09-25 18:15:13,422] parseDotNetSections() :: FilePe: Parse DotNet Sections [INFO ][2023-09-25 18:15:13,727] parseDotNetRegions() :: FilePe: Parse DotNet Regions [WARNING ][2023-09-25 18:15:14,094] handleFile() :: Using scanner as defined in outcome: defender [INFO ][2023-09-25 18:15:14,095] saveToFile() :: Saving results to: app/examples/89EFCEFA3CF6A4DF.SharpView.exe.outcome [INFO ][2023-09-25 18:15:14,096] load() :: Loading HashCache [INFO ][2023-09-25 18:15:14,267] load() :: 101712 hashes loaded [INFO ][2023-09-25 18:15:14,268] save() :: Saving HashCache (101712) [INFO ][2023-09-25 18:15:14,366] augmentFile() :: Perform augmentation of matches [INFO ][2023-09-25 18:15:19,154] init() :: DotnetData entries: 15488 [INFO ][2023-09-25 18:15:19,154] disassembleDotNet() :: Match physical 926/0x39E, method disassemblies found: 1 [INFO ][2023-09-25 18:15:19,154] disassembleDotNet() :: Match physical 36334/0x8DEE, method disassemblies found: 1 [INFO ][2023-09-25 18:15:19,154] disassembleDotNet() :: Match physical 36345/0x8DF9, method disassemblies found: 2 [INFO ][2023-09-25 18:15:19,154] disassembleDotNet() :: Match physical 36353/0x8E01, method disassemblies found: 1 [INFO ][2023-09-25 18:15:19,154] disassembleDotNet() :: Match physical 36575/0x8EDF, method disassemblies found: 1 [INFO ][2023-09-25 18:15:19,167] saveToFile() :: Saving results to: app/examples/89EFCEFA3CF6A4DF.SharpView.exe.outcome [INFO ][2023-09-25 18:15:19,168] save() :: Saving HashCache (101712) [INFO ][2023-09-25 18:22:15,000] main() :: Using file: app/examples/89EFCEFA3CF6A4DF.SharpView.exe [INFO ][2023-09-25 18:22:15,000] handleFile() :: Handle file: app/examples/89EFCEFA3CF6A4DF.SharpView.exe [INFO ][2023-09-25 18:22:15,001] handleFile() :: Using parser for file type DOTNET [INFO ][2023-09-25 18:22:15,002] parseFile() :: FilePe: Parse File [INFO ][2023-09-25 18:22:15,031] parsePeSections() :: FilePe: Parse PE Sections [INFO ][2023-09-25 18:22:15,031] parsePeRegions() :: FilePe: Parse PE Regions [WARNING ][2023-09-25 18:22:15,031] parsePeRegions() :: Data Directory Section 0 has address 0, skipping [WARNING ][2023-09-25 18:22:15,031] parsePeRegions() :: Data Directory Section 3 has address 0, skipping [WARNING ][2023-09-25 18:22:15,031] parsePeRegions() :: Data Directory Section 4 has address 0, skipping [WARNING ][2023-09-25 18:22:15,031] parsePeRegions() :: Data Directory Section 7 has address 0, skipping [WARNING ][2023-09-25 18:22:15,031] parsePeRegions() :: Data Directory Section 8 has address 0, skipping [WARNING ][2023-09-25 18:22:15,031] parsePeRegions() :: Data Directory Section 9 has address 0, skipping [WARNING ][2023-09-25 18:22:15,031] parsePeRegions() :: Data Directory Section 10 has address 0, skipping [WARNING ][2023-09-25 18:22:15,031] parsePeRegions() :: Data Directory Section 11 has address 0, skipping [WARNING ][2023-09-25 18:22:15,031] parsePeRegions() :: Data Directory Section 13 has address 0, skipping [WARNING ][2023-09-25 18:22:15,031] parsePeRegions() :: Data Directory Section 15 has address 0, skipping [INFO ][2023-09-25 18:22:15,031] parseDotNetSections() :: FilePe: Parse DotNet Sections [INFO ][2023-09-25 18:22:15,335] parseDotNetRegions() :: FilePe: Parse DotNet Regions [WARNING ][2023-09-25 18:22:15,697] handleFile() :: Using scanner as defined in outcome: defender [INFO ][2023-09-25 18:22:15,699] saveToFile() :: Saving results to: app/examples/89EFCEFA3CF6A4DF.SharpView.exe.outcome [INFO ][2023-09-25 18:22:15,699] load() :: Loading HashCache [INFO ][2023-09-25 18:22:15,870] load() :: 101712 hashes loaded [INFO ][2023-09-25 18:22:15,870] save() :: Saving HashCache (101712) [INFO ][2023-09-25 18:22:15,965] augmentFile() :: Perform augmentation of matches [INFO ][2023-09-25 18:22:20,742] init() :: DotnetData entries: 15488 [INFO ][2023-09-25 18:22:20,742] disassembleDotNet() :: Match physical 926/0x39E, method disassemblies found: 1 [INFO ][2023-09-25 18:22:20,742] disassembleDotNet() :: Match physical 36334/0x8DEE, method disassemblies found: 1 [INFO ][2023-09-25 18:22:20,743] disassembleDotNet() :: Match physical 36345/0x8DF9, method disassemblies found: 2 [INFO ][2023-09-25 18:22:20,743] disassembleDotNet() :: Match physical 36353/0x8E01, method disassemblies found: 1 [INFO ][2023-09-25 18:22:20,743] disassembleDotNet() :: Match physical 36575/0x8EDF, method disassemblies found: 1 [INFO ][2023-09-25 18:22:20,756] saveToFile() :: Saving results to: app/examples/89EFCEFA3CF6A4DF.SharpView.exe.outcome [INFO ][2023-09-25 18:22:20,756] save() :: Saving HashCache (101712) [INFO ][2023-09-29 10:07:46,577] main() :: Using file: app/examples/89EFCEFA3CF6A4DF.SharpView.exe [INFO ][2023-09-29 10:07:46,577] handleFile() :: Handle file: app/examples/89EFCEFA3CF6A4DF.SharpView.exe [INFO ][2023-09-29 10:07:46,578] handleFile() :: Using parser for file type DOTNET [INFO ][2023-09-29 10:07:46,579] parseFile() :: FilePe: Parse File [INFO ][2023-09-29 10:07:46,608] parsePeSections() :: FilePe: Parse PE Sections [INFO ][2023-09-29 10:07:46,609] parsePeRegions() :: FilePe: Parse PE Regions [WARNING ][2023-09-29 10:07:46,609] parsePeRegions() :: Data Directory Section 0 has address 0, skipping [WARNING ][2023-09-29 10:07:46,609] parsePeRegions() :: Data Directory Section 3 has address 0, skipping [WARNING ][2023-09-29 10:07:46,609] parsePeRegions() :: Data Directory Section 4 has address 0, skipping [WARNING ][2023-09-29 10:07:46,609] parsePeRegions() :: Data Directory Section 7 has address 0, skipping [WARNING ][2023-09-29 10:07:46,609] parsePeRegions() :: Data Directory Section 8 has address 0, skipping [WARNING ][2023-09-29 10:07:46,609] parsePeRegions() :: Data Directory Section 9 has address 0, skipping [WARNING ][2023-09-29 10:07:46,609] parsePeRegions() :: Data Directory Section 10 has address 0, skipping [WARNING ][2023-09-29 10:07:46,609] parsePeRegions() :: Data Directory Section 11 has address 0, skipping [WARNING ][2023-09-29 10:07:46,609] parsePeRegions() :: Data Directory Section 13 has address 0, skipping [WARNING ][2023-09-29 10:07:46,609] parsePeRegions() :: Data Directory Section 15 has address 0, skipping [INFO ][2023-09-29 10:07:46,609] parseDotNetSections() :: FilePe: Parse DotNet Sections [WARNING ][2023-09-29 10:07:46,916] handleFile() :: Using scanner as defined in outcome: defender [INFO ][2023-09-29 10:07:46,917] saveToFile() :: Saving results to: app/examples/89EFCEFA3CF6A4DF.SharpView.exe.outcome [INFO ][2023-09-29 10:07:46,918] load() :: Loading HashCache [INFO ][2023-09-29 10:07:47,086] load() :: 102070 hashes loaded [INFO ][2023-09-29 10:07:47,086] save() :: Saving HashCache (102070) [INFO ][2023-09-29 10:07:47,186] augmentFile() :: Perform augmentation of matches [INFO ][2023-09-29 10:07:51,913] init() :: DotnetData entries: 15488 [INFO ][2023-09-29 10:07:51,913] disassembleDotNet() :: Match physical 926/0x39E, method disassemblies found: 1 [INFO ][2023-09-29 10:07:51,913] disassembleDotNet() :: Match physical 36334/0x8DEE, method disassemblies found: 1 [INFO ][2023-09-29 10:07:51,914] disassembleDotNet() :: Match physical 36345/0x8DF9, method disassemblies found: 2 [INFO ][2023-09-29 10:07:51,914] disassembleDotNet() :: Match physical 36353/0x8E01, method disassemblies found: 1 [INFO ][2023-09-29 10:07:51,914] disassembleDotNet() :: Match physical 36575/0x8EDF, method disassemblies found: 1 [INFO ][2023-09-29 10:07:51,927] saveToFile() :: Saving results to: app/examples/89EFCEFA3CF6A4DF.SharpView.exe.outcome [INFO ][2023-09-29 10:07:51,927] save() :: Saving HashCache (102070) [INFO ][2023-09-29 12:12:19,884] main() :: Using file: app/examples/89EFCEFA3CF6A4DF.SharpView.exe [INFO ][2023-09-29 12:12:19,884] handleFile() :: Handle file: app/examples/89EFCEFA3CF6A4DF.SharpView.exe [INFO ][2023-09-29 12:12:19,885] handleFile() :: Using parser for file type DOTNET [INFO ][2023-09-29 12:12:19,885] parseFile() :: FilePe: Parse File [INFO ][2023-09-29 12:12:19,914] parsePeSections() :: FilePe: Parse PE Sections [INFO ][2023-09-29 12:12:19,915] parsePeRegions() :: FilePe: Parse PE Regions [WARNING ][2023-09-29 12:12:19,915] parsePeRegions() :: Data Directory Section 0 has address 0, skipping [WARNING ][2023-09-29 12:12:19,915] parsePeRegions() :: Data Directory Section 3 has address 0, skipping [WARNING ][2023-09-29 12:12:19,915] parsePeRegions() :: Data Directory Section 4 has address 0, skipping [WARNING ][2023-09-29 12:12:19,915] parsePeRegions() :: Data Directory Section 7 has address 0, skipping [WARNING ][2023-09-29 12:12:19,915] parsePeRegions() :: Data Directory Section 8 has address 0, skipping [WARNING ][2023-09-29 12:12:19,915] parsePeRegions() :: Data Directory Section 9 has address 0, skipping [WARNING ][2023-09-29 12:12:19,915] parsePeRegions() :: Data Directory Section 10 has address 0, skipping [WARNING ][2023-09-29 12:12:19,915] parsePeRegions() :: Data Directory Section 11 has address 0, skipping [WARNING ][2023-09-29 12:12:19,915] parsePeRegions() :: Data Directory Section 13 has address 0, skipping [WARNING ][2023-09-29 12:12:19,915] parsePeRegions() :: Data Directory Section 15 has address 0, skipping [INFO ][2023-09-29 12:12:19,915] parseDotNetSections() :: FilePe: Parse DotNet Sections [WARNING ][2023-09-29 12:12:20,222] handleFile() :: Using scanner as defined in outcome: defender [INFO ][2023-09-29 12:12:20,224] saveToFile() :: Saving results to: app/examples/89EFCEFA3CF6A4DF.SharpView.exe.outcome [INFO ][2023-09-29 12:12:20,224] load() :: Loading HashCache [INFO ][2023-09-29 12:12:20,395] load() :: 102070 hashes loaded [INFO ][2023-09-29 12:12:20,395] save() :: Saving HashCache (102070) [INFO ][2023-09-29 12:12:20,492] augmentFile() :: Perform augmentation of matches [INFO ][2023-09-29 12:12:25,251] init() :: DotnetData entries: 15488 [INFO ][2023-09-29 12:12:25,251] disassembleDotNet() :: Match physical 926/0x39E, method disassemblies found: 1 [INFO ][2023-09-29 12:12:25,252] disassembleDotNet() :: Match physical 36334/0x8DEE, method disassemblies found: 1 [INFO ][2023-09-29 12:12:25,252] disassembleDotNet() :: Match physical 36345/0x8DF9, method disassemblies found: 2 [INFO ][2023-09-29 12:12:25,252] disassembleDotNet() :: Match physical 36353/0x8E01, method disassemblies found: 1 [INFO ][2023-09-29 12:12:25,252] disassembleDotNet() :: Match physical 36575/0x8EDF, method disassemblies found: 1 [INFO ][2023-09-29 12:12:25,265] saveToFile() :: Saving results to: app/examples/89EFCEFA3CF6A4DF.SharpView.exe.outcome [INFO ][2023-09-29 12:12:25,266] save() :: Saving HashCache (102070) [INFO ][2023-09-30 10:33:14,709] main() :: Using file: app/examples/89EFCEFA3CF6A4DF.SharpView.exe [INFO ][2023-09-30 10:33:14,709] handleFile() :: Handle file: app/examples/89EFCEFA3CF6A4DF.SharpView.exe [INFO ][2023-09-30 10:33:14,710] handleFile() :: Using parser for file type DOTNET [INFO ][2023-09-30 10:33:14,711] parseFile() :: FilePe: Parse File [INFO ][2023-09-30 10:33:14,741] parsePeSections() :: FilePe: Parse PE Sections [INFO ][2023-09-30 10:33:14,741] parsePeRegions() :: FilePe: Parse PE Regions [WARNING ][2023-09-30 10:33:14,741] parsePeRegions() :: Data Directory Section 0 has address 0, skipping [WARNING ][2023-09-30 10:33:14,741] parsePeRegions() :: Data Directory Section 3 has address 0, skipping [WARNING ][2023-09-30 10:33:14,741] parsePeRegions() :: Data Directory Section 4 has address 0, skipping [WARNING ][2023-09-30 10:33:14,741] parsePeRegions() :: Data Directory Section 7 has address 0, skipping [WARNING ][2023-09-30 10:33:14,741] parsePeRegions() :: Data Directory Section 8 has address 0, skipping [WARNING ][2023-09-30 10:33:14,741] parsePeRegions() :: Data Directory Section 9 has address 0, skipping [WARNING ][2023-09-30 10:33:14,741] parsePeRegions() :: Data Directory Section 10 has address 0, skipping [WARNING ][2023-09-30 10:33:14,741] parsePeRegions() :: Data Directory Section 11 has address 0, skipping [WARNING ][2023-09-30 10:33:14,741] parsePeRegions() :: Data Directory Section 13 has address 0, skipping [WARNING ][2023-09-30 10:33:14,741] parsePeRegions() :: Data Directory Section 15 has address 0, skipping [INFO ][2023-09-30 10:33:14,741] parseDotNetSections() :: FilePe: Parse DotNet Sections [WARNING ][2023-09-30 10:33:15,053] handleFile() :: Using scanner as defined in outcome: defender [INFO ][2023-09-30 10:33:15,055] saveToFile() :: Saving results to: app/examples/89EFCEFA3CF6A4DF.SharpView.exe.outcome [INFO ][2023-09-30 10:33:15,055] load() :: Loading HashCache [INFO ][2023-09-30 10:33:15,225] load() :: 102072 hashes loaded [INFO ][2023-09-30 10:33:15,225] save() :: Saving HashCache (102072) [INFO ][2023-09-30 10:33:15,325] augmentFile() :: Perform augmentation of matches [INFO ][2023-09-30 10:33:20,128] init() :: DotnetData entries: 15488 [INFO ][2023-09-30 10:33:20,128] disassembleDotNet() :: Match physical 926/0x39E, method disassemblies found: 1 [INFO ][2023-09-30 10:33:20,128] disassembleDotNet() :: Match physical 36334/0x8DEE, method disassemblies found: 1 [INFO ][2023-09-30 10:33:20,128] disassembleDotNet() :: Match physical 36345/0x8DF9, method disassemblies found: 2 [INFO ][2023-09-30 10:33:20,129] disassembleDotNet() :: Match physical 36353/0x8E01, method disassemblies found: 1 [INFO ][2023-09-30 10:33:20,129] disassembleDotNet() :: Match physical 36575/0x8EDF, method disassemblies found: 1 [INFO ][2023-09-30 10:33:20,142] saveToFile() :: Saving results to: app/examples/89EFCEFA3CF6A4DF.SharpView.exe.outcome [INFO ][2023-09-30 10:33:20,143] save() :: Saving HashCache (102072)