File D3363A09CA1AA83F.PetitPotam.exe.avg.exe

Name: D3363A09CA1AA83F.PetitPotam.exe.avg.exe
Size: 109,568 bytes
Type: EXE PE32
MD5: 453b923b556ae6fd03a59e37e3797011
Scanner Name: avg
Appraisal: Fragile (AND) based
Scan Debug: Duration: 4s / Chunks: 156 / Matches: 69
Scan date: 2023-07-21 23:18:13

Matches

# Iteration Offset Size Section Detail SectionType Conclusion
0 0 1024 527 .text CODE Dominant. Modify this to make file undetected
1 0 3319 527 .text CODE Dominant. Modify this to make file undetected
2 0 4322 527 .text CODE Dominant. Modify this to make file undetected

Match 0: 1024 (size: 527)

Dominant. Modify this to make file undetected

.text 

00000400   55 8B EC 51 8D 45 08 50 B9 01 00 00 00 6B D1 00    U..Q.E.P.....k..
00000410   81 C2 92 7C 41 00 52 68 88 85 41 00 FF 15 18 21    ...|A.Rh..A....!
00000420   41 00 83 C4 0C 89 45 FC 8B 45 FC 8B E5 5D C3 CC    A.....E..E...]..
00000430   55 8B EC 51 8D 45 08 50 B9 01 00 00 00 69 D1 B8    U..Q.E.P.....i..
00000440   00 00 00 81 C2 92 7C 41 00 52 68 88 85 41 00 FF    ......|A.Rh..A..
00000450   15 18 21 41 00 83 C4 0C 89 45 FC 8B 45 FC 8B E5    ..!A.....E..E...
00000460   5D C3 CC CC CC CC CC CC CC CC CC CC CC CC CC CC    ]...............
00000470   55 8B EC 51 8D 45 08 50 B9 01 00 00 00 69 D1 E0    U..Q.E.P.....i..
00000480   00 00 00 81 C2 92 7C 41 00 52 68 88 85 41 00 FF    ......|A.Rh..A..
00000490   15 18 21 41 00 83 C4 0C 89 45 FC 8B 45 FC 8B E5    ..!A.....E..E...
000004A0   5D C3 CC CC CC CC CC CC CC CC CC CC CC CC CC CC    ]...............
000004B0   55 8B EC 51 8D 45 08 50 B9 01 00 00 00 69 D1 0E    U..Q.E.P.....i..
000004C0   01 00 00 81 C2 92 7C 41 00 52 68 88 85 41 00 FF    ......|A.Rh..A..
000004D0   15 18 21 41 00 83 C4 0C 89 45 FC 8B 45 FC 8B E5    ..!A.....E..E...
000004E0   5D C3 CC CC CC CC CC CC CC CC CC CC CC CC CC CC    ]...............
000004F0   55 8B EC 51 8D 45 08 50 B9 01 00 00 00 69 D1 3C    U..Q.E.P.....i.<
00000500   01 00 00 81 C2 92 7C 41 00 52 68 88 85 41 00 FF    ......|A.Rh..A..
00000510   15 18 21 41 00 83 C4 0C 89 45 FC 8B 45 FC 8B E5    ..!A.....E..E...
00000520   5D C3 CC CC CC CC CC CC CC CC CC CC CC CC CC CC    ]...............
00000530   55 8B EC 51 8D 45 08 50 B9 01 00 00 00 69 D1 6A    U..Q.E.P.....i.j
00000540   01 00 00 81 C2 92 7C 41 00 52 68 88 85 41 00 FF    ......|A.Rh..A..
00000550   15 18 21 41 00 83 C4 0C 89 45 FC 8B 45 FC 8B E5    ..!A.....E..E...
00000560   5D C3 CC CC CC CC CC CC CC CC CC CC CC CC CC CC    ]...............
00000570   55 8B EC 51 8D 45 08 50 B9 01 00 00 00 69 D1 98    U..Q.E.P.....i..
00000580   01 00 00 81 C2 92 7C 41 00 52 68 88 85 41 00 FF    ......|A.Rh..A..
00000590   15 18 21 41 00 83 C4 0C 89 45 FC 8B 45 FC 8B E5    ..!A.....E..E...
000005A0   5D C3 CC CC CC CC CC CC CC CC CC CC CC CC CC CC    ]...............
000005B0   B8 E0 B3 41 00 C3 CC CC CC CC CC CC CC CC CC CC    ...A............
000005C0   55 8B EC 83 E4 F8 51 56 8B 75 08 6A 01 E8 36 20    U.....QV.u.j..6 
000005D0   00 00 83 C4 04 8D 4D 0C 51 6A 00 56 50 E8 CE FF    ......M.Qj.VP...
000005E0   FF FF FF 70 04 FF 30 E8 D4 3C 00 00 83 C4 18 5E    ...p..0..<.....^
000005F0   8B E5 5D C3 CC CC CC CC CC CC CC CC CC CC CC CC    ..].............
00000600   55 8B EC 83 E4 F8 8B 45 08 8D 4D 14 51 6A 00       U......E..M.Qj.

Match 1: 3319 (size: 527)

Dominant. Modify this to make file undetected

.text 

00000CF7   75 05 E8 42 41 00 00 C7 45 FC FE FF FF FF 8B 45    u..BA...E......E
00000D07   E0 8B 4D F0 64 89 0D 00 00 00 00 59 5F 5E 5B C9    ..M.d......Y_^[.
00000D17   C3 6A 07 E8 9F 04 00 00 56 E8 75 41 00 00 FF 75    .j......V.uA...u
00000D27   E0 E8 31 41 00 00 CC E8 C5 03 00 00 E9 74 FE FF    ..1A.........t..
00000D37   FF 55 8B EC 6A 00 FF 15 10 20 41 00 FF 75 08 FF    .U..j.... A..u..
00000D47   15 0C 20 41 00 68 09 04 00 C0 FF 15 14 20 41 00    .. A.h....... A.
00000D57   50 FF 15 18 20 41 00 5D C3 55 8B EC 81 EC 24 03    P... A.].U....$.
00000D67   00 00 6A 17 FF 15 1C 20 41 00 85 C0 74 05 6A 02    ..j.... A...t.j.
00000D77   59 CD 29 A3 C0 A9 41 00 89 0D BC A9 41 00 89 15    Y.)...A.....A...
00000D87   B8 A9 41 00 89 1D B4 A9 41 00 89 35 B0 A9 41 00    ..A.....A..5..A.
00000D97   89 3D AC A9 41 00 66 8C 15 D8 A9 41 00 66 8C 0D    .=..A.f....A.f..
00000DA7   CC A9 41 00 66 8C 1D A8 A9 41 00 66 8C 05 A4 A9    ..A.f....A.f....
00000DB7   41 00 66 8C 25 A0 A9 41 00 66 8C 2D 9C A9 41 00    A.f.%..A.f.-..A.
00000DC7   9C 8F 05 D0 A9 41 00 8B 45 00 A3 C4 A9 41 00 8B    .....A..E....A..
00000DD7   45 04 A3 C8 A9 41 00 8D 45 08 A3 D4 A9 41 00 8B    E....A..E....A..
00000DE7   85 DC FC FF FF C7 05 10 A9 41 00 01 00 01 00 A1    .........A......
00000DF7   C8 A9 41 00 A3 CC A8 41 00 C7 05 C0 A8 41 00 09    ..A....A.....A..
00000E07   04 00 C0 C7 05 C4 A8 41 00 01 00 00 00 C7 05 D0    .......A........
00000E17   A8 41 00 01 00 00 00 6A 04 58 6B C0 00 C7 80 D4    .A.....j.Xk.....
00000E27   A8 41 00 02 00 00 00 6A 04 58 6B C0 00 8B 0D 04    .A.....j.Xk.....
00000E37   A0 41 00 89 4C 05 F8 6A 04 58 C1 E0 00 8B 0D 00    .A..L..j.X......
00000E47   A0 41 00 89 4C 05 F8 68 70 21 41 00 E8 E0 FE FF    .A..L..hp!A.....
00000E57   FF C9 C3 55 8B EC 8B 45 08 56 8B 48 3C 03 C8 0F    ...U...E.V.H<...
00000E67   B7 41 14 8D 51 18 03 D0 0F B7 41 06 6B F0 28 03    .A..Q.....A.k.(.
00000E77   F2 3B D6 74 19 8B 4D 0C 3B 4A 0C 72 0A 8B 42 08    .;.t..M.;J.r..B.
00000E87   03 42 0C 3B C8 72 0C 83 C2 28 3B D6 75 EA 33 C0    .B.;.r...(;.u.3.
00000E97   5E 5D C3 8B C2 EB F9 56 E8 62 07 00 00 85 C0 74    ^].....V.b.....t
00000EA7   20 64 A1 18 00 00 00 BE E0 AB 41 00 8B 50 04 EB     d........A..P..
00000EB7   04 3B D0 74 10 33 C0 8B CA F0 0F B1 0E 85 C0 75    .;.t.3.........u
00000EC7   F0 32 C0 5E C3 B0 01 5E C3 55 8B EC 83 7D 08 00    .2.^...^.U...}..
00000ED7   75 07 C6 05 E4 AB 41 00 01 E8 50 05 00 00 E8 D4    u.....A...P.....
00000EE7   08 00 00 84 C0 75 04 32 C0 5D C3 E8 AC 45 00 00    .....u.2.]...E..
00000EF7   84 C0 75 0A 6A 00 E8 DB 08 00 00 59 EB E9 B0       ..u.j......Y...

Match 2: 4322 (size: 527)

Dominant. Modify this to make file undetected

.text 

000010E2   FF 15 20 20 41 00 8B 45 F0 8D 4D FC 33 45 EC 33    ..  A..E..M.3E.3
000010F2   45 FC 33 C1 C9 C3 8B 0D 04 A0 41 00 56 57 BF 4E    E.3.......A.VW.N
00001102   E6 40 BB BE 00 00 FF FF 3B CF 74 04 85 CE 75 26    .@......;.t...u&
00001112   E8 94 FF FF FF 8B C8 3B CF 75 07 B9 4F E6 40 BB    .......;.u..O.@.
00001122   EB 0E 85 CE 75 0A 0D 11 47 00 00 C1 E0 10 0B C8    ....u...G.......
00001132   89 0D 04 A0 41 00 F7 D1 5F 89 0D 00 A0 41 00 5E    ....A..._....A.^
00001142   C3 33 C0 C3 33 C0 40 C3 B8 00 40 00 00 C3 68 00    .3..3.@...@...h.
00001152   AC 41 00 FF 15 30 20 41 00 C3 B0 01 C3 68 00 00    .A...0 A.....h..
00001162   03 00 68 00 00 01 00 6A 00 E8 75 43 00 00 83 C4    ..h....j..uC....
00001172   0C 85 C0 75 01 C3 6A 07 E8 3F 00 00 00 CC C2 00    ...u..j..?......
00001182   00 B8 08 AC 41 00 C3 E8 22 F4 FF FF 8B 48 04 83    ....A..."....H..
00001192   08 24 89 48 04 E8 E7 FF FF FF 8B 48 04 83 08 02    .$.H.......H....
000011A2   89 48 04 C3 33 C0 39 05 0C A0 41 00 0F 94 C0 C3    .H..3.9...A.....
000011B2   B8 F0 B3 41 00 C3 B8 EC B3 41 00 C3 55 8B EC 81    ...A.....A..U...
000011C2   EC 24 03 00 00 53 6A 17 FF 15 1C 20 41 00 85 C0    .$...Sj.... A...
000011D2   74 05 8B 4D 08 CD 29 6A 03 E8 A3 01 00 00 C7 04    t..M..)j........
000011E2   24 CC 02 00 00 8D 85 DC FC FF FF 6A 00 50 E8 1B    $..........j.P..
000011F2   07 00 00 83 C4 0C 89 85 8C FD FF FF 89 8D 88 FD    ................
00001202   FF FF 89 95 84 FD FF FF 89 9D 80 FD FF FF 89 B5    ................
00001212   7C FD FF FF 89 BD 78 FD FF FF 66 8C 95 A4 FD FF    |.....x...f.....
00001222   FF 66 8C 8D 98 FD FF FF 66 8C 9D 74 FD FF FF 66    .f......f..t...f
00001232   8C 85 70 FD FF FF 66 8C A5 6C FD FF FF 66 8C AD    ..p...f..l...f..
00001242   68 FD FF FF 9C 8F 85 9C FD FF FF 8B 45 04 89 85    h...........E...
00001252   94 FD FF FF 8D 45 04 89 85 A0 FD FF FF C7 85 DC    .....E..........
00001262   FC FF FF 01 00 01 00 8B 40 FC 6A 50 89 85 90 FD    ........@.jP....
00001272   FF FF 8D 45 A8 6A 00 50 E8 91 06 00 00 8B 45 04    ...E.j.P......E.
00001282   83 C4 0C C7 45 A8 15 00 00 40 C7 45 AC 01 00 00    ....E....@.E....
00001292   00 89 45 B4 FF 15 34 20 41 00 6A 00 8D 58 FF F7    ..E...4 A.j..X..
000012A2   DB 8D 45 A8 89 45 F8 8D 85 DC FC FF FF 1A DB 89    ..E..E..........
000012B2   45 FC FE C3 FF 15 10 20 41 00 8D 45 F8 50 FF 15    E...... A..E.P..
000012C2   0C 20 41 00 85 C0 75 0C 84 DB 75 08 6A 03 E8 AE    . A...u...u.j...
000012D2   00 00 00 59 5B C9 C3 E9 65 FE FF FF 6A 00 FF 15    ...Y[...e...j...
000012E2   3C 20 41 00 85 C0 74 34 B9 4D 5A 00 00 66 39       < A...t4.MZ..f9

Test # MatchOrder ModifyPosition Match#0
.text 527b 		Match#1
.text 527b 		Match#2
.text 527b
0 ISOLATED MIDDLE8
1 ISOLATED THIRDS4
2 ISOLATED FULL
3 ISOLATED FULLB
4 INCREMENTAL MIDDLE8 0 1 2
5 INCREMENTAL FULL 0 1 2
6 DECREMENTAL FULL 2 1 0
7 ALL MIDDLE8 0 0 0
8 ALL THIRDS4 0 0 0
9 ALL FULL 0 0 0
Result

Explanation

Colors

  • Green: Not detected
  • Red: Detected by AV

Match Order

  • Isolated: Test each match individually, by themselves. At most one match is modified per scan
  • Incremental: Modify each match after another, additive. At the end, all matches are modified
  • Decremental: Modify each match after another, additive, downwards (last first)

Position

  • ModifyPosition FULL: Overwrite complete match: MMMMMMMMMMMM
  • ModifyPosition MIDDLE8: Overwrite 8 bytes in the middle of the match (partial): aaaaMMMMMMMMaaaa
  • ModifyPosition THIRD8: Overwrite 8 bytes in the first and second third of the match (partial): aaaaMMMMMMMMaaaaMMMMMMMMaaaa
[INFO    ][2023-07-21 23:18:09,862] main() :: Using file: app/upload/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-07-21 23:18:09,862] handleFile() :: Handle file: app/upload/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-07-21 23:18:09,862] handleFile() :: Using parser for file type EXE
[INFO    ][2023-07-21 23:18:09,886] handleFile() :: Using scanner from command line: avg
[INFO    ][2023-07-21 23:18:09,887] load() :: Loading HashCache
[INFO    ][2023-07-21 23:18:09,976] load() ::   65968 hashes loaded
[INFO    ][2023-07-21 23:18:13,019] handleFile() :: QuickCheck: D3363A09CA1AA83F.PetitPotam.exe.avg.exe is detected by avg and not hash based
[INFO    ][2023-07-21 23:18:13,020] handleFile() :: Scanning for matches...
[INFO    ][2023-07-21 23:18:13,020] scanForMatchesInPe() :: Section Detection: Zero section (leave all others intact)
[INFO    ][2023-07-21 23:18:13,020] findDetectedSections() :: Hide: .text -> Detected: False
[INFO    ][2023-07-21 23:18:13,021] findDetectedSections() :: Hide: .rdata -> Detected: True
[INFO    ][2023-07-21 23:18:13,021] findDetectedSections() :: Hide: .data -> Detected: True
[INFO    ][2023-07-21 23:18:13,022] findDetectedSections() :: Hide: .rsrc -> Detected: True
[INFO    ][2023-07-21 23:18:13,022] findDetectedSections() :: Hide: .reloc -> Detected: True
[INFO    ][2023-07-21 23:18:13,304] findDetectedSections() :: Hide: Header -> Detected: False
[INFO    ][2023-07-21 23:18:13,304] scanForMatchesInPe() :: 1 section(s) trigger the antivirus independantly
[INFO    ][2023-07-21 23:18:13,304] scanForMatchesInPe() ::   section: .text
[INFO    ][2023-07-21 23:18:17,437] scanForMatchesInPe() :: Launching bytes analysis on section: .text (1024-70656)
[INFO    ][2023-07-21 23:18:17,437] scan() :: Reducer Start: ScanSpeed:Normal Iteration:0 MinChunkSize:8 MinMatchSize:16
[INFO    ][2023-07-21 23:18:17,438] _printStatus() :: Reducing: 1 chunks done, found 0 matches (0 added)
[INFO    ][2023-07-21 23:18:17,443] _scanDataPart() :: Result: 1024-1041 (17b minChunk:8 X)
00000400   55 8B EC 51 8D 45 08 50 B9 01 00 00 00 6B D1 00    U..Q.E.P.....k..
00000410   81                                                 .
[INFO    ][2023-07-21 23:18:17,443] _scanDataPart() :: Result: 1041-1058 (17b minChunk:8 X)
00000411   C2 92 7C 41 00 52 68 88 85 41 00 FF 15 18 21 41    ..|A.Rh..A....!A
00000421   00                                                 .
[INFO    ][2023-07-21 23:18:17,443] _scanDataPart() :: Result: 1058-1075 (17b minChunk:8 X)
00000422   83 C4 0C 89 45 FC 8B 45 FC 8B E5 5D C3 CC 55 8B    ....E..E...]..U.
00000432   EC                                                 .
[INFO    ][2023-07-21 23:18:17,443] _scanDataPart() :: Result: 1075-1092 (17b minChunk:8 X)
00000433   51 8D 45 08 50 B9 01 00 00 00 69 D1 B8 00 00 00    Q.E.P.....i.....
00000443   81                                                 .
[INFO    ][2023-07-21 23:18:17,444] _scanDataPart() :: Result: 1092-1109 (17b minChunk:8 X)
00000444   C2 92 7C 41 00 52 68 88 85 41 00 FF 15 18 21 41    ..|A.Rh..A....!A
00000454   00                                                 .
[INFO    ][2023-07-21 23:18:17,444] _scanDataPart() :: Result: 1109-1126 (17b minChunk:8 X)
00000455   83 C4 0C 89 45 FC 8B 45 FC 8B E5 5D C3 CC CC CC    ....E..E...]....
00000465   CC                                                 .
[INFO    ][2023-07-21 23:18:17,445] _scanDataPart() :: Result: 1126-1143 (17b minChunk:8 X)
00000466   CC CC CC CC CC CC CC CC CC CC 55 8B EC 51 8D 45    ..........U..Q.E
00000476   08                                                 .
[INFO    ][2023-07-21 23:18:17,445] _scanDataPart() :: Result: 1143-1160 (17b minChunk:8 X)
00000477   50 B9 01 00 00 00 69 D1 E0 00 00 00 81 C2 92 7C    P.....i........|
00000487   41                                                 A
[INFO    ][2023-07-21 23:18:17,446] _scanDataPart() :: Result: 1160-1177 (17b minChunk:8 X)
00000488   00 52 68 88 85 41 00 FF 15 18 21 41 00 83 C4 0C    .Rh..A....!A....
00000498   89                                                 .
[INFO    ][2023-07-21 23:18:17,446] _scanDataPart() :: Result: 1177-1194 (17b minChunk:8 X)
00000499   45 FC 8B 45 FC 8B E5 5D C3 CC CC CC CC CC CC CC    E..E...]........
000004A9   CC                                                 .
[INFO    ][2023-07-21 23:18:17,447] _scanDataPart() :: Result: 1194-1211 (17b minChunk:8 X)
000004AA   CC CC CC CC CC CC 55 8B EC 51 8D 45 08 50 B9 01    ......U..Q.E.P..
000004BA   00                                                 .
[INFO    ][2023-07-21 23:18:17,447] _scanDataPart() :: Result: 1211-1228 (17b minChunk:8 X)
000004BB   00 00 69 D1 0E 01 00 00 81 C2 92 7C 41 00 52 68    ..i........|A.Rh
000004CB   88                                                 .
[INFO    ][2023-07-21 23:18:17,447] _scanDataPart() :: Result: 1228-1245 (17b minChunk:8 X)
000004CC   85 41 00 FF 15 18 21 41 00 83 C4 0C 89 45 FC 8B    .A....!A.....E..
000004DC   45                                                 E
[INFO    ][2023-07-21 23:18:17,448] _scanDataPart() :: Result: 1245-1262 (17b minChunk:8 X)
000004DD   FC 8B E5 5D C3 CC CC CC CC CC CC CC CC CC CC CC    ...]............
000004ED   CC                                                 .
[INFO    ][2023-07-21 23:18:17,448] _scanDataPart() :: Result: 1262-1279 (17b minChunk:8 X)
000004EE   CC CC 55 8B EC 51 8D 45 08 50 B9 01 00 00 00 69    ..U..Q.E.P.....i
000004FE   D1                                                 .
[INFO    ][2023-07-21 23:18:17,448] _scanDataPart() :: Result: 1279-1296 (17b minChunk:8 X)
000004FF   3C 01 00 00 81 C2 92 7C 41 00 52 68 88 85 41 00    <......|A.Rh..A.
0000050F   FF                                                 .
[INFO    ][2023-07-21 23:18:17,450] _scanDataPart() :: Result: 1296-1313 (17b minChunk:8 X)
00000510   15 18 21 41 00 83 C4 0C 89 45 FC 8B 45 FC 8B E5    ..!A.....E..E...
00000520   5D                                                 ]
[INFO    ][2023-07-21 23:18:17,450] _scanDataPart() :: Result: 1313-1330 (17b minChunk:8 X)
00000521   C3 CC CC CC CC CC CC CC CC CC CC CC CC CC CC 55    ...............U
00000531   8B                                                 .
[INFO    ][2023-07-21 23:18:17,450] _scanDataPart() :: Result: 1330-1347 (17b minChunk:8 X)
00000532   EC 51 8D 45 08 50 B9 01 00 00 00 69 D1 6A 01 00    .Q.E.P.....i.j..
00000542   00                                                 .
[INFO    ][2023-07-21 23:18:17,450] _scanDataPart() :: Result: 1347-1364 (17b minChunk:8 X)
00000543   81 C2 92 7C 41 00 52 68 88 85 41 00 FF 15 18 21    ...|A.Rh..A....!
00000553   41                                                 A
[INFO    ][2023-07-21 23:18:17,451] _scanDataPart() :: Result: 1364-1381 (17b minChunk:8 X)
00000554   00 83 C4 0C 89 45 FC 8B 45 FC 8B E5 5D C3 CC CC    .....E..E...]...
00000564   CC                                                 .
[INFO    ][2023-07-21 23:18:17,451] _scanDataPart() :: Result: 1381-1398 (17b minChunk:8 X)
00000565   CC CC CC CC CC CC CC CC CC CC CC 55 8B EC 51 8D    ...........U..Q.
00000575   45                                                 E
[INFO    ][2023-07-21 23:18:17,452] _scanDataPart() :: Result: 1398-1415 (17b minChunk:8 X)
00000576   08 50 B9 01 00 00 00 69 D1 98 01 00 00 81 C2 92    .P.....i........
00000586   7C                                                 |
[INFO    ][2023-07-21 23:18:17,452] _scanDataPart() :: Result: 1415-1432 (17b minChunk:8 X)
00000587   41 00 52 68 88 85 41 00 FF 15 18 21 41 00 83 C4    A.Rh..A....!A...
00000597   0C                                                 .
[INFO    ][2023-07-21 23:18:17,453] _scanDataPart() :: Result: 1432-1449 (17b minChunk:8 X)
00000598   89 45 FC 8B 45 FC 8B E5 5D C3 CC CC CC CC CC CC    .E..E...].......
000005A8   CC                                                 .
[INFO    ][2023-07-21 23:18:17,453] _scanDataPart() :: Result: 1449-1466 (17b minChunk:8 X)
000005A9   CC CC CC CC CC CC CC B8 E0 B3 41 00 C3 CC CC CC    ..........A.....
000005B9   CC                                                 .
[INFO    ][2023-07-21 23:18:17,454] _scanDataPart() :: Result: 1466-1483 (17b minChunk:8 X)
000005BA   CC CC CC CC CC CC 55 8B EC 83 E4 F8 51 56 8B 75    ......U.....QV.u
000005CA   08                                                 .
[INFO    ][2023-07-21 23:18:17,454] _scanDataPart() :: Result: 1483-1500 (17b minChunk:8 X)
000005CB   6A 01 E8 36 20 00 00 83 C4 04 8D 4D 0C 51 6A 00    j..6 ......M.Qj.
000005DB   56                                                 V
[INFO    ][2023-07-21 23:18:17,454] _scanDataPart() :: Result: 1500-1517 (17b minChunk:8 X)
000005DC   50 E8 CE FF FF FF FF 70 04 FF 30 E8 D4 3C 00 00    P......p..0..<..
000005EC   83                                                 .
[INFO    ][2023-07-21 23:18:17,455] _scanDataPart() :: Result: 1517-1534 (17b minChunk:8 X)
000005ED   C4 18 5E 8B E5 5D C3 CC CC CC CC CC CC CC CC CC    ..^..]..........
000005FD   CC                                                 .
[INFO    ][2023-07-21 23:18:17,455] _scanDataPart() :: Result: 1534-1551 (17b minChunk:8 X)
000005FE   CC CC 55 8B EC 83 E4 F8 8B 45 08 8D 4D 14 51 6A    ..U......E..M.Qj
0000060E   00                                                 .
[INFO    ][2023-07-21 23:18:17,457] _scanDataPart() :: Result: 3319-3336 (17b minChunk:8 X)
00000CF7   75 05 E8 42 41 00 00 C7 45 FC FE FF FF FF 8B 45    u..BA...E......E
00000D07   E0                                                 .
[INFO    ][2023-07-21 23:18:17,458] _scanDataPart() :: Result: 3336-3353 (17b minChunk:8 X)
00000D08   8B 4D F0 64 89 0D 00 00 00 00 59 5F 5E 5B C9 C3    .M.d......Y_^[..
00000D18   6A                                                 j
[INFO    ][2023-07-21 23:18:17,458] _scanDataPart() :: Result: 3353-3370 (17b minChunk:8 X)
00000D19   07 E8 9F 04 00 00 56 E8 75 41 00 00 FF 75 E0 E8    ......V.uA...u..
00000D29   31                                                 1
[INFO    ][2023-07-21 23:18:17,459] _scanDataPart() :: Result: 3370-3387 (17b minChunk:8 X)
00000D2A   41 00 00 CC E8 C5 03 00 00 E9 74 FE FF FF 55 8B    A.........t...U.
00000D3A   EC                                                 .
[INFO    ][2023-07-21 23:18:17,459] _scanDataPart() :: Result: 3387-3404 (17b minChunk:8 X)
00000D3B   6A 00 FF 15 10 20 41 00 FF 75 08 FF 15 0C 20 41    j.... A..u.... A
00000D4B   00                                                 .
[INFO    ][2023-07-21 23:18:17,460] _scanDataPart() :: Result: 3404-3421 (17b minChunk:8 X)
00000D4C   68 09 04 00 C0 FF 15 14 20 41 00 50 FF 15 18 20    h....... A.P... 
00000D5C   41                                                 A
[INFO    ][2023-07-21 23:18:17,460] _scanDataPart() :: Result: 3421-3438 (17b minChunk:8 X)
00000D5D   00 5D C3 55 8B EC 81 EC 24 03 00 00 6A 17 FF 15    .].U....$...j...
00000D6D   1C                                                 .
[INFO    ][2023-07-21 23:18:17,460] _scanDataPart() :: Result: 3438-3455 (17b minChunk:8 X)
00000D6E   20 41 00 85 C0 74 05 6A 02 59 CD 29 A3 C0 A9 41     A...t.j.Y.)...A
00000D7E   00                                                 .
[INFO    ][2023-07-21 23:18:17,460] _scanDataPart() :: Result: 3455-3472 (17b minChunk:8 X)
00000D7F   89 0D BC A9 41 00 89 15 B8 A9 41 00 89 1D B4 A9    ....A.....A.....
00000D8F   41                                                 A
[INFO    ][2023-07-21 23:18:17,462] _scanDataPart() :: Result: 3472-3489 (17b minChunk:8 X)
00000D90   00 89 35 B0 A9 41 00 89 3D AC A9 41 00 66 8C 15    ..5..A..=..A.f..
00000DA0   D8                                                 .
[INFO    ][2023-07-21 23:18:17,462] _scanDataPart() :: Result: 3489-3506 (17b minChunk:8 X)
00000DA1   A9 41 00 66 8C 0D CC A9 41 00 66 8C 1D A8 A9 41    .A.f....A.f....A
00000DB1   00                                                 .
[INFO    ][2023-07-21 23:18:17,462] _scanDataPart() :: Doubling: minChunkSize: 8  minMatchSize: 16
[INFO    ][2023-07-21 23:18:17,462] _scanDataPart() :: Result: 3506-3523 (17b minChunk:16 X)
00000DB2   66 8C 05 A4 A9 41 00 66 8C 25 A0 A9 41 00 66 8C    f....A.f.%..A.f.
00000DC2   2D                                                 -
[INFO    ][2023-07-21 23:18:17,462] _scanDataPart() :: Result: 3523-3540 (17b minChunk:16 X)
00000DC3   9C A9 41 00 9C 8F 05 D0 A9 41 00 8B 45 00 A3 C4    ..A......A..E...
00000DD3   A9                                                 .
[INFO    ][2023-07-21 23:18:17,463] _scanDataPart() :: Result: 3540-3574 (34 bytes)
00000DD4   41 00 8B 45 04 A3 C8 A9 41 00 8D 45 08 A3 D4 A9    A..E....A..E....
00000DE4   41 00 8B 85 DC FC FF FF C7 05 10 A9 41 00 01 00    A...........A...
00000DF4   01 00                                              ..
[INFO    ][2023-07-21 23:18:17,463] _scanDataPart() :: Result: 3574-3608 (34 bytes)
00000DF6   A1 C8 A9 41 00 A3 CC A8 41 00 C7 05 C0 A8 41 00    ...A....A.....A.
00000E06   09 04 00 C0 C7 05 C4 A8 41 00 01 00 00 00 C7 05    ........A.......
00000E16   D0 A8                                              ..
[INFO    ][2023-07-21 23:18:17,464] _scanDataPart() :: Result: 3608-3642 (34 bytes)
00000E18   41 00 01 00 00 00 6A 04 58 6B C0 00 C7 80 D4 A8    A.....j.Xk......
00000E28   41 00 02 00 00 00 6A 04 58 6B C0 00 8B 0D 04 A0    A.....j.Xk......
00000E38   41 00                                              A.
[INFO    ][2023-07-21 23:18:17,465] _scanDataPart() :: Result: 3642-3676 (34 bytes)
00000E3A   89 4C 05 F8 6A 04 58 C1 E0 00 8B 0D 00 A0 41 00    .L..j.X.......A.
00000E4A   89 4C 05 F8 68 70 21 41 00 E8 E0 FE FF FF C9 C3    .L..hp!A........
00000E5A   55 8B                                              U.
[INFO    ][2023-07-21 23:18:17,466] _scanDataPart() :: Result: 3676-3710 (34 bytes)
00000E5C   EC 8B 45 08 56 8B 48 3C 03 C8 0F B7 41 14 8D 51    ..E.V.H<....A..Q
00000E6C   18 03 D0 0F B7 41 06 6B F0 28 03 F2 3B D6 74 19    .....A.k.(..;.t.
00000E7C   8B 4D                                              .M
[INFO    ][2023-07-21 23:18:17,466] _scanDataPart() :: Result: 3710-3744 (34 bytes)
00000E7E   0C 3B 4A 0C 72 0A 8B 42 08 03 42 0C 3B C8 72 0C    .;J.r..B..B.;.r.
00000E8E   83 C2 28 3B D6 75 EA 33 C0 5E 5D C3 8B C2 EB F9    ..(;.u.3.^].....
00000E9E   56 E8                                              V.
[INFO    ][2023-07-21 23:18:17,468] _scanDataPart() :: Result: 3744-3778 (34 bytes)
00000EA0   62 07 00 00 85 C0 74 20 64 A1 18 00 00 00 BE E0    b.....t d.......
00000EB0   AB 41 00 8B 50 04 EB 04 3B D0 74 10 33 C0 8B CA    .A..P...;.t.3...
00000EC0   F0 0F                                              ..
[INFO    ][2023-07-21 23:18:17,468] _scanDataPart() :: Result: 3778-3812 (34 bytes)
00000EC2   B1 0E 85 C0 75 F0 32 C0 5E C3 B0 01 5E C3 55 8B    ....u.2.^...^.U.
00000ED2   EC 83 7D 08 00 75 07 C6 05 E4 AB 41 00 01 E8 50    ..}..u.....A...P
00000EE2   05 00                                              ..
[INFO    ][2023-07-21 23:18:17,469] _scanDataPart() :: Result: 3812-3846 (34 bytes)
00000EE4   00 E8 D4 08 00 00 84 C0 75 04 32 C0 5D C3 E8 AC    ........u.2.]...
00000EF4   45 00 00 84 C0 75 0A 6A 00 E8 DB 08 00 00 59 EB    E....u.j......Y.
00000F04   E9 B0                                              ..
[INFO    ][2023-07-21 23:18:17,471] _scanDataPart() :: Result: 4322-4356 (34 bytes)
000010E2   FF 15 20 20 41 00 8B 45 F0 8D 4D FC 33 45 EC 33    ..  A..E..M.3E.3
000010F2   45 FC 33 C1 C9 C3 8B 0D 04 A0 41 00 56 57 BF 4E    E.3.......A.VW.N
00001102   E6 40                                              .@
[INFO    ][2023-07-21 23:18:17,472] _scanDataPart() :: Result: 4356-4390 (34 bytes)
00001104   BB BE 00 00 FF FF 3B CF 74 04 85 CE 75 26 E8 94    ......;.t...u&..
00001114   FF FF FF 8B C8 3B CF 75 07 B9 4F E6 40 BB EB 0E    .....;.u..O.@...
00001124   85 CE                                              ..
[INFO    ][2023-07-21 23:18:17,472] _scanDataPart() :: Result: 4390-4424 (34 bytes)
00001126   75 0A 0D 11 47 00 00 C1 E0 10 0B C8 89 0D 04 A0    u...G...........
00001136   41 00 F7 D1 5F 89 0D 00 A0 41 00 5E C3 33 C0 C3    A..._....A.^.3..
00001146   33 C0                                              3.
[INFO    ][2023-07-21 23:18:17,473] _scanDataPart() :: Result: 4424-4458 (34 bytes)
00001148   40 C3 B8 00 40 00 00 C3 68 00 AC 41 00 FF 15 30    @...@...h..A...0
00001158   20 41 00 C3 B0 01 C3 68 00 00 03 00 68 00 00 01     A.....h....h...
00001168   00 6A                                              .j
[INFO    ][2023-07-21 23:18:17,473] _scanDataPart() :: Result: 4458-4492 (34 bytes)
0000116A   00 E8 75 43 00 00 83 C4 0C 85 C0 75 01 C3 6A 07    ..uC.......u..j.
0000117A   E8 3F 00 00 00 CC C2 00 00 B8 08 AC 41 00 C3 E8    .?..........A...
0000118A   22 F4                                              ".
[INFO    ][2023-07-21 23:18:17,474] _scanDataPart() :: Result: 4492-4526 (34 bytes)
0000118C   FF FF 8B 48 04 83 08 24 89 48 04 E8 E7 FF FF FF    ...H...$.H......
0000119C   8B 48 04 83 08 02 89 48 04 C3 33 C0 39 05 0C A0    .H.....H..3.9...
000011AC   41 00                                              A.
[INFO    ][2023-07-21 23:18:17,475] _scanDataPart() :: Result: 4526-4560 (34 bytes)
000011AE   0F 94 C0 C3 B8 F0 B3 41 00 C3 B8 EC B3 41 00 C3    .......A.....A..
000011BE   55 8B EC 81 EC 24 03 00 00 53 6A 17 FF 15 1C 20    U....$...Sj.... 
000011CE   41 00                                              A.
[INFO    ][2023-07-21 23:18:17,476] _scanDataPart() :: Result: 4560-4594 (34 bytes)
000011D0   85 C0 74 05 8B 4D 08 CD 29 6A 03 E8 A3 01 00 00    ..t..M..)j......
000011E0   C7 04 24 CC 02 00 00 8D 85 DC FC FF FF 6A 00 50    ..$..........j.P
000011F0   E8 1B                                              ..
[INFO    ][2023-07-21 23:18:17,477] _scanDataPart() :: Result: 4594-4628 (34 bytes)
000011F2   07 00 00 83 C4 0C 89 85 8C FD FF FF 89 8D 88 FD    ................
00001202   FF FF 89 95 84 FD FF FF 89 9D 80 FD FF FF 89 B5    ................
00001212   7C FD                                              |.
[INFO    ][2023-07-21 23:18:17,478] _scanDataPart() :: Result: 4628-4662 (34 bytes)
00001214   FF FF 89 BD 78 FD FF FF 66 8C 95 A4 FD FF FF 66    ....x...f......f
00001224   8C 8D 98 FD FF FF 66 8C 9D 74 FD FF FF 66 8C 85    ......f..t...f..
00001234   70 FD                                              p.
[INFO    ][2023-07-21 23:18:17,478] _scanDataPart() :: Result: 4662-4696 (34 bytes)
00001236   FF FF 66 8C A5 6C FD FF FF 66 8C AD 68 FD FF FF    ..f..l...f..h...
00001246   9C 8F 85 9C FD FF FF 8B 45 04 89 85 94 FD FF FF    ........E.......
00001256   8D 45                                              .E
[INFO    ][2023-07-21 23:18:17,479] _scanDataPart() :: Result: 4696-4730 (34 bytes)
00001258   04 89 85 A0 FD FF FF C7 85 DC FC FF FF 01 00 01    ................
00001268   00 8B 40 FC 6A 50 89 85 90 FD FF FF 8D 45 A8 6A    ..@.jP.......E.j
00001278   00 50                                              .P
[INFO    ][2023-07-21 23:18:17,480] _scanDataPart() :: Result: 4730-4764 (34 bytes)
0000127A   E8 91 06 00 00 8B 45 04 83 C4 0C C7 45 A8 15 00    ......E.....E...
0000128A   00 40 C7 45 AC 01 00 00 00 89 45 B4 FF 15 34 20    .@.E......E...4 
0000129A   41 00                                              A.
[INFO    ][2023-07-21 23:18:17,480] _scanDataPart() :: Result: 4764-4798 (34 bytes)
0000129C   6A 00 8D 58 FF F7 DB 8D 45 A8 89 45 F8 8D 85 DC    j..X....E..E....
000012AC   FC FF FF 1A DB 89 45 FC FE C3 FF 15 10 20 41 00    ......E...... A.
000012BC   8D 45                                              .E
[INFO    ][2023-07-21 23:18:17,481] _scanDataPart() :: Result: 4798-4832 (34 bytes)
000012BE   F8 50 FF 15 0C 20 41 00 85 C0 75 0C 84 DB 75 08    .P... A...u...u.
000012CE   6A 03 E8 AE 00 00 00 59 5B C9 C3 E9 65 FE FF FF    j......Y[...e...
000012DE   6A 00                                              j.
[INFO    ][2023-07-21 23:18:17,482] _scanDataPart() :: Result: 4832-4849 (17b minChunk:16 X)
000012E0   FF 15 3C 20 41 00 85 C0 74 34 B9 4D 5A 00 00 66    ..< A...t4.MZ..f
000012F0   39                                                 9
[INFO    ][2023-07-21 23:18:17,483] scan() :: Reducer Result: Time:0 Chunks:156 MatchesAdded:69 MatchesFinal:3
[INFO    ][2023-07-21 23:18:17,483] handleFile() :: Result: 3 matches
[INFO    ][2023-07-21 23:18:17,483] saveToFile() :: Saving results to: app/upload/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-07-21 23:18:17,794] save() :: Saving HashCache (65977)
[INFO    ][2023-07-21 23:18:17,868] verifyFile() :: Perform verification of matches
[INFO    ][2023-07-21 23:18:17,868] runVerifications() :: Verify 3 matches
[INFO    ][2023-07-21 23:18:18,836] runVerifications() :: Verification run: 0 MIDDLE8 ISOLATED
  result: ScanResult.NOT_DETECTED
  result: ScanResult.NOT_DETECTED
  result: ScanResult.NOT_DETECTED

[INFO    ][2023-07-21 23:18:19,808] runVerifications() :: Verification run: 1 THIRDS4 ISOLATED
  result: ScanResult.NOT_DETECTED
  result: ScanResult.NOT_DETECTED
  result: ScanResult.NOT_DETECTED

[INFO    ][2023-07-21 23:18:20,766] runVerifications() :: Verification run: 2 FULL ISOLATED
  result: ScanResult.NOT_DETECTED
  result: ScanResult.NOT_DETECTED
  result: ScanResult.NOT_DETECTED

[INFO    ][2023-07-21 23:18:21,705] runVerifications() :: Verification run: 3 FULLB ISOLATED
  result: ScanResult.NOT_DETECTED
  result: ScanResult.NOT_DETECTED
  result: ScanResult.NOT_DETECTED

[INFO    ][2023-07-21 23:18:22,348] runVerifications() :: Verification run: 4 MIDDLE8 INCREMENTAL
  Idx: 0  result: ScanResult.NOT_DETECTED
  Idx: 1  result: ScanResult.NOT_DETECTED
  Idx: 2  result: ScanResult.NOT_DETECTED

[INFO    ][2023-07-21 23:18:22,979] runVerifications() :: Verification run: 5 FULL INCREMENTAL
  Idx: 0  result: ScanResult.NOT_DETECTED
  Idx: 1  result: ScanResult.NOT_DETECTED
  Idx: 2  result: ScanResult.NOT_DETECTED

[INFO    ][2023-07-21 23:18:23,299] runVerifications() :: Verification run: 6 FULL DECREMENTAL
  Idx: 2  result: ScanResult.NOT_DETECTED
  Idx: 1  result: ScanResult.NOT_DETECTED
  Idx: 0  result: ScanResult.NOT_DETECTED

[INFO    ][2023-07-21 23:18:23,300] runVerifications() :: Verification run: 7 MIDDLE8 ALL
  Idx: 0  result: ScanResult.NOT_DETECTED
  Idx: 0  result: ScanResult.NOT_DETECTED
  Idx: 0  result: ScanResult.NOT_DETECTED

[INFO    ][2023-07-21 23:18:23,606] runVerifications() :: Verification run: 8 THIRDS4 ALL
  Idx: 0  result: ScanResult.NOT_DETECTED
  Idx: 0  result: ScanResult.NOT_DETECTED
  Idx: 0  result: ScanResult.NOT_DETECTED

[INFO    ][2023-07-21 23:18:23,606] runVerifications() :: Verification run: 9 FULL ALL
  Idx: 0  result: ScanResult.NOT_DETECTED
  Idx: 0  result: ScanResult.NOT_DETECTED
  Idx: 0  result: ScanResult.NOT_DETECTED

[INFO    ][2023-07-21 23:18:23,607] saveToFile() :: Saving results to: app/upload/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-07-21 23:18:23,607] augmentFile() :: Perform augmentation of matches
[INFO    ][2023-07-21 23:18:25,074] saveToFile() :: Saving results to: app/upload/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-07-21 23:18:25,075] outflankFile() :: Attempt to outflank the file
[INFO    ][2023-07-21 23:18:25,075] outflankPe() :: Outflank failed with attempted 0 patches
[INFO    ][2023-07-21 23:18:25,075] saveToFile() :: Saving results to: app/upload/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-07-21 23:18:25,075] save() :: Saving HashCache (65995)
[INFO    ][2023-08-04 18:31:22,087] main() :: Using file: app/upload/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-08-04 18:31:22,087] handleFile() :: Handle file: app/upload/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-08-04 18:31:22,088] handleFile() :: Using parser for file type EXE
[WARNING ][2023-08-04 18:31:22,119] handleFile() :: Using scanner as defined in outcome: avg
[INFO    ][2023-08-04 18:31:22,119] load() :: Loading HashCache
[INFO    ][2023-08-04 18:31:22,212] load() ::   77569 hashes loaded
[INFO    ][2023-08-04 18:31:22,212] save() :: Saving HashCache (77569)
[INFO    ][2023-08-04 18:31:22,289] augmentFile() :: Perform augmentation of matches
[INFO    ][2023-08-04 18:31:23,742] saveToFile() :: Saving results to: app/upload/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-08-04 18:31:23,742] save() :: Saving HashCache (77569)
[INFO    ][2023-08-06 16:58:02,656] main() :: Using file: app/upload/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-08-06 16:58:02,656] handleFile() :: Handle file: app/upload/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-08-06 16:58:02,657] handleFile() :: Using parser for file type EXE
[WARNING ][2023-08-06 16:58:02,689] handleFile() :: Using scanner as defined in outcome: avg
[INFO    ][2023-08-06 16:58:02,689] load() :: Loading HashCache
[INFO    ][2023-08-06 16:58:02,781] load() ::   77569 hashes loaded
[INFO    ][2023-08-06 16:58:02,782] save() :: Saving HashCache (77569)
[INFO    ][2023-08-06 16:58:02,858] augmentFile() :: Perform augmentation of matches
[INFO    ][2023-08-06 16:58:04,281] saveToFile() :: Saving results to: app/upload/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-08-06 16:58:04,281] save() :: Saving HashCache (77569)
[INFO    ][2023-08-06 17:32:13,791] main() :: Using file: app/upload/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-08-06 17:32:13,791] handleFile() :: Handle file: app/upload/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-08-06 17:32:13,792] handleFile() :: Using parser for file type EXE
[WARNING ][2023-08-06 17:32:13,823] handleFile() :: Using scanner as defined in outcome: avg
[INFO    ][2023-08-06 17:32:13,823] load() :: Loading HashCache
[INFO    ][2023-08-06 17:32:13,914] load() ::   77569 hashes loaded
[INFO    ][2023-08-06 17:32:13,915] save() :: Saving HashCache (77569)
[INFO    ][2023-08-06 17:32:13,991] augmentFile() :: Perform augmentation of matches
[INFO    ][2023-08-06 17:32:15,428] saveToFile() :: Saving results to: app/upload/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-08-06 17:32:15,428] save() :: Saving HashCache (77569)
[INFO    ][2023-09-01 05:27:00,392] main() :: Using file: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-09-01 05:27:00,393] handleFile() :: Handle file: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-09-01 05:27:00,394] handleFile() :: Using parser for file type EXE
[WARNING ][2023-09-01 05:27:00,426] handleFile() :: Using scanner as defined in outcome: avg
[INFO    ][2023-09-01 05:27:00,427] saveToFile() :: Saving results to: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-09-01 05:27:00,427] load() :: Loading HashCache
[INFO    ][2023-09-01 05:27:00,534] load() ::   85943 hashes loaded
[INFO    ][2023-09-01 05:27:00,534] save() :: Saving HashCache (85943)
[INFO    ][2023-09-01 05:27:00,625] save() :: Saving HashCache (85943)
[INFO    ][2023-09-24 19:22:38,610] main() :: Using file: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-09-24 19:22:38,610] handleFile() :: Handle file: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-09-24 19:22:38,618] handleFile() :: Using parser for file type EXE
[INFO    ][2023-09-24 19:22:38,619] parseFile() :: FilePe: Parse File
[INFO    ][2023-09-24 19:22:38,649] parsePeSections() :: FilePe: Parse PE Sections
[INFO    ][2023-09-24 19:22:38,649] parsePeRegions() :: FilePe: Parse PE Regions
[WARNING ][2023-09-24 19:22:38,649] parsePeRegions() :: Data Directory Section 0 has address 0, skipping
[WARNING ][2023-09-24 19:22:38,649] parsePeRegions() :: Data Directory Section 3 has address 0, skipping
[WARNING ][2023-09-24 19:22:38,649] parsePeRegions() :: Data Directory Section 4 has address 0, skipping
[WARNING ][2023-09-24 19:22:38,649] parsePeRegions() :: Data Directory Section 7 has address 0, skipping
[WARNING ][2023-09-24 19:22:38,649] parsePeRegions() :: Data Directory Section 8 has address 0, skipping
[WARNING ][2023-09-24 19:22:38,649] parsePeRegions() :: Data Directory Section 9 has address 0, skipping
[WARNING ][2023-09-24 19:22:38,649] parsePeRegions() :: Data Directory Section 11 has address 0, skipping
[WARNING ][2023-09-24 19:22:38,649] parsePeRegions() :: Data Directory Section 13 has address 0, skipping
[WARNING ][2023-09-24 19:22:38,650] parsePeRegions() :: Data Directory Section 14 has address 0, skipping
[WARNING ][2023-09-24 19:22:38,650] parsePeRegions() :: Data Directory Section 15 has address 0, skipping
[WARNING ][2023-09-24 19:22:38,650] handleFile() :: Using scanner as defined in outcome: avg
[INFO    ][2023-09-24 19:22:38,650] saveToFile() :: Saving results to: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-09-24 19:22:38,651] load() :: Loading HashCache
[INFO    ][2023-09-24 19:22:38,777] load() ::   101712 hashes loaded
[INFO    ][2023-09-24 19:22:38,777] save() :: Saving HashCache (101712)
[INFO    ][2023-09-24 19:22:38,876] augmentFile() :: Perform augmentation of matches
[INFO    ][2023-09-24 19:22:38,876] augmentFilePe() :: Augment: File PE
[INFO    ][2023-09-24 19:22:39,033] augmentFilePe() :: R2: Analyze
[INFO    ][2023-09-24 19:22:40,265] init() :: R2: Get all strings
[INFO    ][2023-09-24 19:22:40,281] augmentFilePe() :: Augment: Matches
[INFO    ][2023-09-24 19:22:40,282] saveToFile() :: Saving results to: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-09-24 19:22:40,282] save() :: Saving HashCache (101712)
[INFO    ][2023-09-25 18:15:56,759] main() :: Using file: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-09-25 18:15:56,759] handleFile() :: Handle file: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-09-25 18:15:56,760] handleFile() :: Using parser for file type EXE
[INFO    ][2023-09-25 18:15:56,760] parseFile() :: FilePe: Parse File
[INFO    ][2023-09-25 18:15:56,778] parsePeSections() :: FilePe: Parse PE Sections
[INFO    ][2023-09-25 18:15:56,778] parsePeRegions() :: FilePe: Parse PE Regions
[WARNING ][2023-09-25 18:15:56,778] parsePeRegions() :: Data Directory Section 0 has address 0, skipping
[WARNING ][2023-09-25 18:15:56,778] parsePeRegions() :: Data Directory Section 3 has address 0, skipping
[WARNING ][2023-09-25 18:15:56,778] parsePeRegions() :: Data Directory Section 4 has address 0, skipping
[WARNING ][2023-09-25 18:15:56,778] parsePeRegions() :: Data Directory Section 7 has address 0, skipping
[WARNING ][2023-09-25 18:15:56,778] parsePeRegions() :: Data Directory Section 8 has address 0, skipping
[WARNING ][2023-09-25 18:15:56,778] parsePeRegions() :: Data Directory Section 9 has address 0, skipping
[WARNING ][2023-09-25 18:15:56,778] parsePeRegions() :: Data Directory Section 11 has address 0, skipping
[WARNING ][2023-09-25 18:15:56,779] parsePeRegions() :: Data Directory Section 13 has address 0, skipping
[WARNING ][2023-09-25 18:15:56,779] parsePeRegions() :: Data Directory Section 14 has address 0, skipping
[WARNING ][2023-09-25 18:15:56,779] parsePeRegions() :: Data Directory Section 15 has address 0, skipping
[WARNING ][2023-09-25 18:15:56,779] handleFile() :: Using scanner as defined in outcome: avg
[INFO    ][2023-09-25 18:15:56,779] saveToFile() :: Saving results to: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-09-25 18:15:56,780] load() :: Loading HashCache
[INFO    ][2023-09-25 18:15:56,913] load() ::   101712 hashes loaded
[INFO    ][2023-09-25 18:15:56,913] save() :: Saving HashCache (101712)
[INFO    ][2023-09-25 18:15:57,010] augmentFile() :: Perform augmentation of matches
[INFO    ][2023-09-25 18:15:57,010] augmentFilePe() :: Augment: File PE
[INFO    ][2023-09-25 18:15:57,170] augmentFilePe() :: R2: Analyze
[INFO    ][2023-09-25 18:15:58,413] init() :: R2: Get all strings
[INFO    ][2023-09-25 18:15:58,429] augmentFilePe() :: Augment: Matches
[INFO    ][2023-09-25 18:15:58,430] saveToFile() :: Saving results to: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-09-25 18:15:58,430] save() :: Saving HashCache (101712)
[INFO    ][2023-09-25 18:22:58,285] main() :: Using file: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-09-25 18:22:58,285] handleFile() :: Handle file: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-09-25 18:22:58,286] handleFile() :: Using parser for file type EXE
[INFO    ][2023-09-25 18:22:58,286] parseFile() :: FilePe: Parse File
[INFO    ][2023-09-25 18:22:58,304] parsePeSections() :: FilePe: Parse PE Sections
[INFO    ][2023-09-25 18:22:58,304] parsePeRegions() :: FilePe: Parse PE Regions
[WARNING ][2023-09-25 18:22:58,304] parsePeRegions() :: Data Directory Section 0 has address 0, skipping
[WARNING ][2023-09-25 18:22:58,304] parsePeRegions() :: Data Directory Section 3 has address 0, skipping
[WARNING ][2023-09-25 18:22:58,304] parsePeRegions() :: Data Directory Section 4 has address 0, skipping
[WARNING ][2023-09-25 18:22:58,304] parsePeRegions() :: Data Directory Section 7 has address 0, skipping
[WARNING ][2023-09-25 18:22:58,304] parsePeRegions() :: Data Directory Section 8 has address 0, skipping
[WARNING ][2023-09-25 18:22:58,304] parsePeRegions() :: Data Directory Section 9 has address 0, skipping
[WARNING ][2023-09-25 18:22:58,305] parsePeRegions() :: Data Directory Section 11 has address 0, skipping
[WARNING ][2023-09-25 18:22:58,305] parsePeRegions() :: Data Directory Section 13 has address 0, skipping
[WARNING ][2023-09-25 18:22:58,305] parsePeRegions() :: Data Directory Section 14 has address 0, skipping
[WARNING ][2023-09-25 18:22:58,305] parsePeRegions() :: Data Directory Section 15 has address 0, skipping
[WARNING ][2023-09-25 18:22:58,305] handleFile() :: Using scanner as defined in outcome: avg
[INFO    ][2023-09-25 18:22:58,305] saveToFile() :: Saving results to: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-09-25 18:22:58,306] load() :: Loading HashCache
[INFO    ][2023-09-25 18:22:58,438] load() ::   101712 hashes loaded
[INFO    ][2023-09-25 18:22:58,438] save() :: Saving HashCache (101712)
[INFO    ][2023-09-25 18:22:58,533] augmentFile() :: Perform augmentation of matches
[INFO    ][2023-09-25 18:22:58,533] augmentFilePe() :: Augment: File PE
[INFO    ][2023-09-25 18:22:58,694] augmentFilePe() :: R2: Analyze
[INFO    ][2023-09-25 18:22:59,935] init() :: R2: Get all strings
[INFO    ][2023-09-25 18:22:59,951] augmentFilePe() :: Augment: Matches
[INFO    ][2023-09-25 18:22:59,952] saveToFile() :: Saving results to: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-09-25 18:22:59,952] save() :: Saving HashCache (101712)
[INFO    ][2023-09-29 10:08:27,463] main() :: Using file: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-09-29 10:08:27,463] handleFile() :: Handle file: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-09-29 10:08:27,464] handleFile() :: Using parser for file type EXE
[INFO    ][2023-09-29 10:08:27,464] parseFile() :: FilePe: Parse File
[INFO    ][2023-09-29 10:08:27,482] parsePeSections() :: FilePe: Parse PE Sections
[INFO    ][2023-09-29 10:08:27,482] parsePeRegions() :: FilePe: Parse PE Regions
[WARNING ][2023-09-29 10:08:27,482] parsePeRegions() :: Data Directory Section 0 has address 0, skipping
[WARNING ][2023-09-29 10:08:27,482] parsePeRegions() :: Data Directory Section 3 has address 0, skipping
[WARNING ][2023-09-29 10:08:27,482] parsePeRegions() :: Data Directory Section 4 has address 0, skipping
[WARNING ][2023-09-29 10:08:27,482] parsePeRegions() :: Data Directory Section 7 has address 0, skipping
[WARNING ][2023-09-29 10:08:27,482] parsePeRegions() :: Data Directory Section 8 has address 0, skipping
[WARNING ][2023-09-29 10:08:27,482] parsePeRegions() :: Data Directory Section 9 has address 0, skipping
[WARNING ][2023-09-29 10:08:27,482] parsePeRegions() :: Data Directory Section 11 has address 0, skipping
[WARNING ][2023-09-29 10:08:27,482] parsePeRegions() :: Data Directory Section 13 has address 0, skipping
[WARNING ][2023-09-29 10:08:27,483] parsePeRegions() :: Data Directory Section 14 has address 0, skipping
[WARNING ][2023-09-29 10:08:27,483] parsePeRegions() :: Data Directory Section 15 has address 0, skipping
[WARNING ][2023-09-29 10:08:27,483] handleFile() :: Using scanner as defined in outcome: avg
[INFO    ][2023-09-29 10:08:27,483] saveToFile() :: Saving results to: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-09-29 10:08:27,484] load() :: Loading HashCache
[INFO    ][2023-09-29 10:08:27,621] load() ::   102070 hashes loaded
[INFO    ][2023-09-29 10:08:27,622] save() :: Saving HashCache (102070)
[INFO    ][2023-09-29 10:08:27,718] augmentFile() :: Perform augmentation of matches
[INFO    ][2023-09-29 10:08:27,718] augmentFilePe() :: Augment: File PE
[INFO    ][2023-09-29 10:08:27,884] augmentFilePe() :: R2: Analyze
[INFO    ][2023-09-29 10:08:29,124] init() :: R2: Get all strings
[INFO    ][2023-09-29 10:08:29,140] augmentFilePe() :: Augment: Matches
[INFO    ][2023-09-29 10:08:29,141] saveToFile() :: Saving results to: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-09-29 10:08:29,141] save() :: Saving HashCache (102070)
[INFO    ][2023-09-29 12:13:00,889] main() :: Using file: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-09-29 12:13:00,889] handleFile() :: Handle file: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-09-29 12:13:00,890] handleFile() :: Using parser for file type EXE
[INFO    ][2023-09-29 12:13:00,890] parseFile() :: FilePe: Parse File
[INFO    ][2023-09-29 12:13:00,908] parsePeSections() :: FilePe: Parse PE Sections
[INFO    ][2023-09-29 12:13:00,908] parsePeRegions() :: FilePe: Parse PE Regions
[WARNING ][2023-09-29 12:13:00,909] parsePeRegions() :: Data Directory Section 0 has address 0, skipping
[WARNING ][2023-09-29 12:13:00,909] parsePeRegions() :: Data Directory Section 3 has address 0, skipping
[WARNING ][2023-09-29 12:13:00,909] parsePeRegions() :: Data Directory Section 4 has address 0, skipping
[WARNING ][2023-09-29 12:13:00,909] parsePeRegions() :: Data Directory Section 7 has address 0, skipping
[WARNING ][2023-09-29 12:13:00,909] parsePeRegions() :: Data Directory Section 8 has address 0, skipping
[WARNING ][2023-09-29 12:13:00,909] parsePeRegions() :: Data Directory Section 9 has address 0, skipping
[WARNING ][2023-09-29 12:13:00,909] parsePeRegions() :: Data Directory Section 11 has address 0, skipping
[WARNING ][2023-09-29 12:13:00,909] parsePeRegions() :: Data Directory Section 13 has address 0, skipping
[WARNING ][2023-09-29 12:13:00,909] parsePeRegions() :: Data Directory Section 14 has address 0, skipping
[WARNING ][2023-09-29 12:13:00,909] parsePeRegions() :: Data Directory Section 15 has address 0, skipping
[WARNING ][2023-09-29 12:13:00,909] handleFile() :: Using scanner as defined in outcome: avg
[INFO    ][2023-09-29 12:13:00,910] saveToFile() :: Saving results to: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-09-29 12:13:00,910] load() :: Loading HashCache
[INFO    ][2023-09-29 12:13:01,052] load() ::   102070 hashes loaded
[INFO    ][2023-09-29 12:13:01,052] save() :: Saving HashCache (102070)
[INFO    ][2023-09-29 12:13:01,155] augmentFile() :: Perform augmentation of matches
[INFO    ][2023-09-29 12:13:01,155] augmentFilePe() :: Augment: File PE
[INFO    ][2023-09-29 12:13:01,316] augmentFilePe() :: R2: Analyze
[INFO    ][2023-09-29 12:13:02,564] init() :: R2: Get all strings
[INFO    ][2023-09-29 12:13:02,580] augmentFilePe() :: Augment: Matches
[INFO    ][2023-09-29 12:13:02,581] saveToFile() :: Saving results to: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-09-29 12:13:02,581] save() :: Saving HashCache (102070)
[INFO    ][2023-09-30 10:33:55,641] main() :: Using file: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-09-30 10:33:55,641] handleFile() :: Handle file: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe
[INFO    ][2023-09-30 10:33:55,642] handleFile() :: Using parser for file type EXE
[INFO    ][2023-09-30 10:33:55,642] parseFile() :: FilePe: Parse File
[INFO    ][2023-09-30 10:33:55,660] parsePeSections() :: FilePe: Parse PE Sections
[INFO    ][2023-09-30 10:33:55,660] parsePeRegions() :: FilePe: Parse PE Regions
[WARNING ][2023-09-30 10:33:55,660] parsePeRegions() :: Data Directory Section 0 has address 0, skipping
[WARNING ][2023-09-30 10:33:55,660] parsePeRegions() :: Data Directory Section 3 has address 0, skipping
[WARNING ][2023-09-30 10:33:55,660] parsePeRegions() :: Data Directory Section 4 has address 0, skipping
[WARNING ][2023-09-30 10:33:55,660] parsePeRegions() :: Data Directory Section 7 has address 0, skipping
[WARNING ][2023-09-30 10:33:55,660] parsePeRegions() :: Data Directory Section 8 has address 0, skipping
[WARNING ][2023-09-30 10:33:55,660] parsePeRegions() :: Data Directory Section 9 has address 0, skipping
[WARNING ][2023-09-30 10:33:55,660] parsePeRegions() :: Data Directory Section 11 has address 0, skipping
[WARNING ][2023-09-30 10:33:55,660] parsePeRegions() :: Data Directory Section 13 has address 0, skipping
[WARNING ][2023-09-30 10:33:55,660] parsePeRegions() :: Data Directory Section 14 has address 0, skipping
[WARNING ][2023-09-30 10:33:55,661] parsePeRegions() :: Data Directory Section 15 has address 0, skipping
[WARNING ][2023-09-30 10:33:55,661] handleFile() :: Using scanner as defined in outcome: avg
[INFO    ][2023-09-30 10:33:55,661] saveToFile() :: Saving results to: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-09-30 10:33:55,662] load() :: Loading HashCache
[INFO    ][2023-09-30 10:33:55,799] load() ::   102072 hashes loaded
[INFO    ][2023-09-30 10:33:55,799] save() :: Saving HashCache (102072)
[INFO    ][2023-09-30 10:33:55,898] augmentFile() :: Perform augmentation of matches
[INFO    ][2023-09-30 10:33:55,898] augmentFilePe() :: Augment: File PE
[INFO    ][2023-09-30 10:33:56,057] augmentFilePe() :: R2: Analyze
[INFO    ][2023-09-30 10:33:57,297] init() :: R2: Get all strings
[INFO    ][2023-09-30 10:33:57,312] augmentFilePe() :: Augment: Matches
[INFO    ][2023-09-30 10:33:57,313] saveToFile() :: Saving results to: app/examples/D3363A09CA1AA83F.PetitPotam.exe.avg.exe.outcome
[INFO    ][2023-09-30 10:33:57,313] save() :: Saving HashCache (102072)