F:\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\antivirusfalsepositivetest3\antivirusfalsepositivetest3\obj\Debug\antivirusfalsepositivetest3.pdb
Overview
overview
10Static
static
3AntivirusD...t3.exe
windows7-x64
6AntivirusD...t3.exe
windows10-2004-x64
6AntivirusD...t4.exe
windows7-x64
10AntivirusD...t4.exe
windows10-2004-x64
10AntivirusD...te.exe
windows7-x64
1AntivirusD...te.exe
windows10-2004-x64
1AntivirusD...er.exe
windows7-x64
10AntivirusD...er.exe
windows10-2004-x64
AntivirusD...er.exe
windows7-x64
10AntivirusD...er.exe
windows10-2004-x64
10AntivirusD...er.exe
windows7-x64
AntivirusD...er.exe
windows10-2004-x64
AntivirusD....2.bat
windows7-x64
10AntivirusD....2.bat
windows10-2004-x64
8AntivirusD...re.exe
windows7-x64
1AntivirusD...re.exe
windows10-2004-x64
10AntivirusD...st.exe
windows7-x64
1AntivirusD...st.exe
windows10-2004-x64
1AntivirusD...re.exe
windows7-x64
10AntivirusD...re.exe
windows10-2004-x64
10AntivirusD...t3.exe
windows7-x64
6AntivirusD...t3.exe
windows10-2004-x64
6AntivirusD...t3.exe
windows7-x64
6AntivirusD...t3.exe
windows10-2004-x64
6AntivirusD...re.exe
windows7-x64
10AntivirusD...re.exe
windows10-2004-x64
10AntivirusD...us.exe
windows7-x64
9AntivirusD...us.exe
windows10-2004-x64
9AntivirusD.../c.exe
windows7-x64
1AntivirusD.../c.exe
windows10-2004-x64
1AntivirusD.../f.exe
windows7-x64
1AntivirusD.../f.exe
windows10-2004-x64
1Static task
static1
Behavioral task
behavioral1
Sample
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Resources/antivirusfalsepositivetest3.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Resources/antivirusfalsepositivetest3.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral3
Sample
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Resources/antivirusfalsepositivetest4.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Resources/antivirusfalsepositivetest4.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral5
Sample
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Resources/usbwrite.exe
Resource
win7-20240215-en
Behavioral task
behavioral6
Sample
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Resources/usbwrite.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/bin/Debug/AntivirusDefender.exe
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/bin/Debug/AntivirusDefender.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral9
Sample
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/bin/Debug/defender.exe
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/bin/Debug/defender.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral11
Sample
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/obj/Debug/AntivirusDefender.exe
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/obj/Debug/AntivirusDefender.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral13
Sample
AntivirusDefender-main/AntivirusDefender3.2.bat
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
AntivirusDefender-main/AntivirusDefender3.2.bat
Resource
win10v2004-20240419-en
Behavioral task
behavioral15
Sample
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/bin/Release/JigsawRansomware.exe
Resource
win7-20240215-en
Behavioral task
behavioral16
Sample
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/bin/Release/JigsawRansomware.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral17
Sample
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/bin/Release/JigsawRansomware.vshost.exe
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/bin/Release/JigsawRansomware.vshost.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral19
Sample
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Release/JigsawRansomware.exe
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Release/JigsawRansomware.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral21
Sample
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/bin/Debug/antivirusfalsepositivetest3.exe
Resource
win7-20240220-en
Behavioral task
behavioral22
Sample
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/bin/Debug/antivirusfalsepositivetest3.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral23
Sample
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/obj/Debug/antivirusfalsepositivetest3.exe
Resource
win7-20231129-en
Behavioral task
behavioral24
Sample
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/obj/Debug/antivirusfalsepositivetest3.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral25
Sample
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/JigsawRansomware.exe
Resource
win7-20240215-en
Behavioral task
behavioral26
Sample
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/JigsawRansomware.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral27
Sample
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/blacklotus.exe
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/blacklotus.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral29
Sample
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/c.exe
Resource
win7-20240220-en
Behavioral task
behavioral30
Sample
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/c.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral31
Sample
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/f.exe
Resource
win7-20231129-en
Behavioral task
behavioral32
Sample
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/f.exe
Resource
win10v2004-20240419-en
General
-
Target
AntivirusDefender-main.zip
-
Size
89.3MB
-
MD5
d557d3b4ec2ccc6b183389b36bcb2f10
-
SHA1
a8807ccce532ac4944a1a59793de204322acf9b6
-
SHA256
1786d9bdb752a866bba3beaa27f0b6e635e4c6449bcc32105539551758186492
-
SHA512
a811cf3a4996de89bfb599d6415f0658293e0ffaefa2b960b3444cacdc50b539c8f8dc9388a41882809976ecd93fc7ca89a8a1474d7a0160ebc7e7e7e2955487
-
SSDEEP
1572864:4KjLIi6HRu6GHRu63iHOES1EHRu6Dtqytrknx5ateij2KjLIK/i8lKjLIuqs1o0M:xR6H8zH8NuFEH8yvJknuLbur/5o0cT
Malware Config
Signatures
-
Unsigned PE 54 IoCs
Checks for missing Authenticode signature.
resource unpack001/AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Resources/antivirusfalsepositivetest3.exe unpack001/AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Resources/antivirusfalsepositivetest4.exe unpack001/AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Resources/usbwrite.exe unpack001/AntivirusDefender-main/AntivirusDefender/AntivirusDefender/bin/Debug/AntivirusDefender.exe unpack001/AntivirusDefender-main/AntivirusDefender/AntivirusDefender/bin/Debug/defender.exe unpack001/AntivirusDefender-main/AntivirusDefender/AntivirusDefender/obj/Debug/AntivirusDefender.exe unpack001/AntivirusDefender-main/AntivirusDefender/AntivirusDefender/obj/Debug/TempPE/Properties.Resources.Designer.cs.dll unpack001/AntivirusDefender-main/BIOS_Message/MBR - Note Builder.exe unpack001/AntivirusDefender-main/BIOS_Message/of.exe unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/bin/Release/JigsawRansomware.exe unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/bin/Release/Newtonsoft.Json.dll unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Debug/TempPE/Properties.Resources.Designer.cs.dll unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Release/JigsawRansomware.exe unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Release/TempPE/Properties.Resources.Designer.cs.dll unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Costura.Fody.1.3.3.0/Costura.Fody.dll unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/Fody.dll unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/FodyCommon.dll unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/FodyIsolated.dll unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/Mono.Cecil.Mdb.dll unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/Mono.Cecil.Pdb.dll unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/Mono.Cecil.Rocks.dll unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/Mono.Cecil.dll unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/net20/Newtonsoft.Json.dll unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/net35/Newtonsoft.Json.dll unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/net40/Newtonsoft.Json.dll unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/net45/Newtonsoft.Json.dll unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/netstandard1.0/Newtonsoft.Json.dll unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/netstandard1.3/Newtonsoft.Json.dll unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/portable-net40+sl5+win8+wp8+wpa81/Newtonsoft.Json.dll unpack001/AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/portable-net45+win8+wp8+wpa81/Newtonsoft.Json.dll unpack001/AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/bin/Debug/antivirusfalsepositivetest3.exe unpack001/AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/obj/Debug/TempPE/Properties.Resources.Designer.cs.dll unpack001/AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/obj/Debug/antivirusfalsepositivetest3.exe unpack001/AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/JigsawRansomware.exe unpack001/AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/b.exe unpack001/AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/blacklotus.exe unpack001/AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/c.exe unpack001/AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/jigsaw.exe unpack001/AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/l.exe unpack001/AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/m.exe unpack001/AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/of.exe unpack001/AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/rebcoana.exe unpack001/AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/thirdpartyclamavinstaller.exe unpack001/AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/thirdpartyclamavinstaller0.exe unpack001/AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/z.exe unpack001/AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/bin/Debug/antivirusfalsepositivetest4.exe unpack001/AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/obj/Debug/TempPE/Properties.Resources.Designer.cs.dll unpack001/AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/obj/Debug/antivirusfalsepositivetest4.exe unpack001/AntivirusDefender-main/batch/Bat virüs oluşturucu v1.6.00.exe unpack001/AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/bin/Debug/thirdpartyclamavinstaller.exe unpack001/AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/obj/Debug/thirdpartyclamavinstaller.exe unpack001/AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/bin/Debug/thirdpartyclamavinstaller0.exe unpack001/AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/obj/Debug/thirdpartyclamavinstaller0.exe unpack001/AntivirusDefender-main/usbwrite/x64/Debug/usbwrite.exe
Files
-
AntivirusDefender-main.zip.zip
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender.sln
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/AntivirusDefender.csproj
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/App.config
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Form1.Designer.cs
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Form1.cs.js
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Form1.resx.vbs
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Program.cs
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Properties/AssemblyInfo.cs
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Properties/Resources.Designer.cs.vbs
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Properties/Resources.resx.vbs
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Properties/Settings.Designer.cs
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Properties/Settings.settings
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Resources/antivirusfalsepositivetest3.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Resources/antivirusfalsepositivetest4.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
F:\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\antivirusfalsepositivetest4\antivirusfalsepositivetest4\obj\Debug\antivirusfalsepositivetest4.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 10.1MB - Virtual size: 10.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/Resources/usbwrite.exe.exe windows:6 windows x64 arch:x64
5935883850718c302b878d9e00ef20be
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\victim\source\repos\usbwrite\x64\Debug\usbwrite.pdb
Imports
kernel32
CreateFileA
CreateFileW
DeleteFileW
GetLogicalDriveStringsW
ReadFile
WriteFile
GetTempPathW
CloseHandle
GetLastError
Sleep
IsDebuggerPresent
RaiseException
MultiByteToWideChar
WideCharToMultiByte
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetProcAddress
FreeLibrary
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
GetModuleHandleW
GetStartupInfoW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
GetCurrentThreadId
user32
MessageBeep
vcruntime140d
__vcrt_GetModuleHandleW
__C_specific_handler_noexcept
__C_specific_handler
__current_exception
__current_exception_context
__vcrt_GetModuleFileNameW
__std_type_info_destroy_list
__vcrt_LoadLibraryExW
memcpy
ucrtbased
_register_thread_local_exe_atexit_callback
_configthreadlocale
_set_new_mode
__p__commode
strcpy_s
strcat_s
__stdio_common_vsprintf_s
_seh_filter_dll
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
terminate
_wmakepath_s
_wsplitpath_s
wcscpy_s
_c_exit
__p___argv
__p___argc
_set_fmode
_exit
exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
__setusermatherr
_set_app_type
_seh_filter_exe
_CrtDbgReportW
_CrtDbgReport
__stdio_common_vfprintf
fclose
__stdio_common_vswprintf_s
__stdio_common_vfwprintf
_wfopen_s
fputws
__acrt_iob_func
_wsystem
wcscat_s
_cexit
Sections
.textbss Size: - Virtual size: 64KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 35KB - Virtual size: 35KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.msvcjmc Size: 512B - Virtual size: 463B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 373B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 689B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/alternativelogo.ico
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/app.manifest
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/bin/Debug/AntivirusDefender.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
F:\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\AntivirusDefender\AntivirusDefender\obj\Debug\AntivirusDefender.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 10.2MB - Virtual size: 10.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 406KB - Virtual size: 405KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/bin/Debug/AntivirusDefender.exe.config
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/bin/Debug/AntivirusDefender.pdb
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/bin/Debug/defender.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
F:\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\AntivirusDefender\AntivirusDefender\obj\Debug\AntivirusDefender.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 10.2MB - Virtual size: 10.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 406KB - Virtual size: 405KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/obj/Debug/AntivirusDefender.Form1.resources
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/obj/Debug/AntivirusDefender.Properties.Resources.resources
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/obj/Debug/AntivirusDefender.csproj.AssemblyReference.cache
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/obj/Debug/AntivirusDefender.csproj.CoreCompileInputs.cache
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/obj/Debug/AntivirusDefender.csproj.FileListAbsolute.txt
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/obj/Debug/AntivirusDefender.csproj.GenerateResource.cache
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/obj/Debug/AntivirusDefender.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
F:\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\AntivirusDefender\AntivirusDefender\obj\Debug\AntivirusDefender.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 10.2MB - Virtual size: 10.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 406KB - Virtual size: 405KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/obj/Debug/AntivirusDefender.pdb
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/obj/Debug/DesignTimeResolveAssemblyReferences.cache
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache
-
AntivirusDefender-main/AntivirusDefender/AntivirusDefender/obj/Debug/TempPE/Properties.Resources.Designer.cs.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/AntivirusDefender3.2.bat
-
AntivirusDefender-main/BIOS_Message/MBR - Note Builder.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
Size: - Virtual size: 832KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 429KB - Virtual size: 432KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 118KB - Virtual size: 120KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
AntivirusDefender-main/BIOS_Message/of.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 31KB - Virtual size: 31KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 5KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: - Virtual size: 8B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 79KB - Virtual size: 79KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/EmirhanUcan.yar
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware.sln
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware.v12.suo
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/Config.cs.js
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/FodyWeavers.xml
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/FormBackground.Designer.cs
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/FormBackground.cs
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/FormEncryptedFiles.Designer.cs
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/FormEncryptedFiles.cs
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/FormGame.Designer.cs
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/FormGame.cs.js
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/FormGame.resx.vbs
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/JigsawRansomware.csproj
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/Program.cs
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/Properties/AssemblyInfo.cs
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/Properties/Resources.Designer.cs.vbs
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/Properties/Resources.resx.vbs
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/Properties/Settings.Designer.cs
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/Properties/Settings.settings
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/Resources/ExtensionsToEncrypt.txt
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/Resources/Jigsaw.jpg.jpg
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/Resources/vanityAddresses.txt
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/Tools/Blockr.cs.js
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/Tools/Hacking.cs.js
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/Tools/Locker.cs.js
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/Tools/Windows.cs.js
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/app.config.xml
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/bin/Debug/JigsawRansomware.vshost.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Code Sign
33:00:00:00:33:e5:27:86:a3:0e:4a:2a:80:00:00:00:00:00:33Certificate
IssuerCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before27-03-2013 20:08Not After27-06-2014 20:08SubjectCN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0Certificate
IssuerCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before24-01-2013 22:33Not After24-04-2014 22:33SubjectCN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:33:26:1a:00:00:00:00:00:31Certificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before31-08-2010 22:19Not After31-08-2020 22:29SubjectCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:16:68:34:00:00:00:00:00:1cCertificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before03-04-2007 12:53Not After03-04-2021 13:03SubjectCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1aCertificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before24-09-2013 17:41Not After24-12-2014 17:41SubjectCN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08-07-2011 20:59Not After08-07-2026 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
7d:03:6e:f3:c7:46:48:24:7d:32:c7:c0:d5:bc:f8:05:85:ec:8e:e8:02:d4:e0:a6:92:45:ac:38:42:d1:38:30Signer
Actual PE Digest7d:03:6e:f3:c7:46:48:24:7d:32:c7:c0:d5:bc:f8:05:85:ec:8e:e8:02:d4:e0:a6:92:45:ac:38:42:d1:38:30Digest Algorithmsha256PE Digest Matchestrueaa:70:a3:15:46:0c:04:35:ef:4c:30:ff:43:b3:58:16:02:1a:c4:38Signer
Actual PE Digestaa:70:a3:15:46:0c:04:35:ef:4c:30:ff:43:b3:58:16:02:1a:c4:38Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
f:\binaries\Intermediate\vsproject\vshostneutral-clr2.csproj__1974420004\objr\x86\vshost-clr2.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/bin/Debug/JigsawRansomware.vshost.exe.manifest
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/bin/Release/JigsawRansomware.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\victim\Desktop\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\JigsawRansomware\JigsawRansomware\JigsawRansomware\obj\Release\JigsawRansomware.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 57KB - Virtual size: 56KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/bin/Release/JigsawRansomware.exe.config.xml
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/bin/Release/JigsawRansomware.pdb
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/bin/Release/JigsawRansomware.vshost.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Code Sign
33:00:00:00:33:e5:27:86:a3:0e:4a:2a:80:00:00:00:00:00:33Certificate
IssuerCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before27-03-2013 20:08Not After27-06-2014 20:08SubjectCN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0Certificate
IssuerCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before24-01-2013 22:33Not After24-04-2014 22:33SubjectCN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:33:26:1a:00:00:00:00:00:31Certificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before31-08-2010 22:19Not After31-08-2020 22:29SubjectCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:16:68:34:00:00:00:00:00:1cCertificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before03-04-2007 12:53Not After03-04-2021 13:03SubjectCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1aCertificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before24-09-2013 17:41Not After24-12-2014 17:41SubjectCN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08-07-2011 20:59Not After08-07-2026 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
7d:03:6e:f3:c7:46:48:24:7d:32:c7:c0:d5:bc:f8:05:85:ec:8e:e8:02:d4:e0:a6:92:45:ac:38:42:d1:38:30Signer
Actual PE Digest7d:03:6e:f3:c7:46:48:24:7d:32:c7:c0:d5:bc:f8:05:85:ec:8e:e8:02:d4:e0:a6:92:45:ac:38:42:d1:38:30Digest Algorithmsha256PE Digest Matchestrueaa:70:a3:15:46:0c:04:35:ef:4c:30:ff:43:b3:58:16:02:1a:c4:38Signer
Actual PE Digestaa:70:a3:15:46:0c:04:35:ef:4c:30:ff:43:b3:58:16:02:1a:c4:38Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
f:\binaries\Intermediate\vsproject\vshostneutral-clr2.csproj__1974420004\objr\x86\vshost-clr2.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/bin/Release/JigsawRansomware.vshost.exe.manifest
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/bin/Release/Newtonsoft.Json.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Development\Releases\Json\Working\Newtonsoft.Json\Working-Signed\Src\Newtonsoft.Json\obj\Release\net35\Newtonsoft.Json.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 447KB - Virtual size: 447KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/bin/Release/Newtonsoft.Json.xml.xml
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Debug/DesignTimeResolveAssemblyReferences.cache
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Debug/TempPE/Properties.Resources.Designer.cs.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 776B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Release/DesignTimeResolveAssemblyReferences.cache
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Release/DesignTimeResolveAssemblyReferencesInput.cache
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Release/JigsawRansomware.csproj.AssemblyReference.cache
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Release/JigsawRansomware.csproj.CoreCompileInputs.cache
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Release/JigsawRansomware.csproj.FileListAbsolute.txt
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Release/JigsawRansomware.csproj.GenerateResource.cache
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Release/JigsawRansomware.csprojResolveAssemblyReference.cache
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Release/JigsawRansomware.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\victim\Desktop\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\JigsawRansomware\JigsawRansomware\JigsawRansomware\obj\Release\JigsawRansomware.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 57KB - Virtual size: 56KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Release/JigsawRansomware.pdb
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Release/Main.FormGame.resources
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Release/Main.Properties.Resources.resources
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/obj/Release/TempPE/Properties.Resources.Designer.cs.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/packages.config
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Costura.Fody.1.3.3.0/Content/FodyWeavers.xml.install.xdt
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Costura.Fody.1.3.3.0/Content/FodyWeavers.xml.uninstall.xdt
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Costura.Fody.1.3.3.0/Costura.Fody.1.3.3.0.nupkg.nupkg
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Costura.Fody.1.3.3.0/Costura.Fody.dll.dll .js windows:4 windows x86 arch:x86 polyglot
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
C:\TeamCity\buildAgent\work\c596b706194e070d\Fody\obj\Release\Costura.Fody.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 91KB - Virtual size: 90KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Costura.Fody.1.3.3.0/Costura.Fody.pdb
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Costura.Fody.1.3.3.0/Costura.nuspec.xml
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Costura.Fody.1.3.3.0/Tools/commands.psm1.js
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Costura.Fody.1.3.3.0/Tools/init.ps1
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/Content/FodyWeavers.xml.xml
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/Fody.1.28.3.nupkg.nupkg
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/Fody.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
c:\ConsoleBuildAgent\work\ed448661dbb30d2e\Fody\obj\Release\Fody.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 29KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 720B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/Fody.pdb
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/FodyCommon.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
c:\ConsoleBuildAgent\work\ed448661dbb30d2e\FodyCommon\obj\Release\FodyCommon.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 744B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/FodyCommon.pdb
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/FodyIsolated.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
c:\ConsoleBuildAgent\work\ed448661dbb30d2e\FodyIsolated\obj\Release\FodyIsolated.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 752B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/FodyIsolated.pdb
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/Mono.Cecil.Mdb.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
c:\Code\Fody\cecil\symbols\mdb\obj\net_4_0_Release\Mono.Cecil.Mdb.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 848B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/Mono.Cecil.Pdb.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
c:\Code\Fody\cecil\symbols\pdb\obj\net_4_0_Release\Mono.Cecil.Pdb.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 80KB - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 848B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/Mono.Cecil.Rocks.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
c:\Code\Fody\cecil\rocks\obj\net_4_0_Release\Mono.Cecil.Rocks.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 21KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 864B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/Mono.Cecil.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
c:\Code\Fody\cecil\obj\net_4_0_Release\Mono.Cecil.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 273KB - Virtual size: 272KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 824B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/Tools/install.ps1.ps1
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/Tools/uninstall.ps1
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Fody.1.28.3/build/Fody.targets
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/LICENSE.md
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/Newtonsoft.Json.10.0.3.nupkg.nupkg
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/net20/Newtonsoft.Json.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Development\Releases\Json\Working\Newtonsoft.Json\Working-Signed\Src\Newtonsoft.Json\obj\Release\net20\Newtonsoft.Json.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 484KB - Virtual size: 484KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/net20/Newtonsoft.Json.xml.xml
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/net35/Newtonsoft.Json.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Development\Releases\Json\Working\Newtonsoft.Json\Working-Signed\Src\Newtonsoft.Json\obj\Release\net35\Newtonsoft.Json.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 447KB - Virtual size: 447KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/net35/Newtonsoft.Json.xml.xml
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/net40/Newtonsoft.Json.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Development\Releases\Json\Working\Newtonsoft.Json\Working-Signed\Src\Newtonsoft.Json\obj\Release\net40\Newtonsoft.Json.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 511KB - Virtual size: 510KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/net40/Newtonsoft.Json.xml.xml
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/net45/Newtonsoft.Json.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Development\Releases\Json\Working\Newtonsoft.Json\Working-Signed\Src\Newtonsoft.Json\obj\Release\net45\Newtonsoft.Json.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 636KB - Virtual size: 635KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/net45/Newtonsoft.Json.xml.xml
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/netstandard1.0/Newtonsoft.Json.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Development\Releases\Json\Working\Newtonsoft.Json\Working-Signed\Src\Newtonsoft.Json\obj\Release\netstandard1.0\Newtonsoft.Json.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 607KB - Virtual size: 606KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/netstandard1.0/Newtonsoft.Json.xml.xml
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/netstandard1.3/Newtonsoft.Json.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Development\Releases\Json\Working\Newtonsoft.Json\Working-Signed\Src\Newtonsoft.Json\obj\Release\netstandard1.3\Newtonsoft.Json.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 622KB - Virtual size: 621KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/netstandard1.3/Newtonsoft.Json.xml.xml
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/portable-net40+sl5+win8+wp8+wpa81/Newtonsoft.Json.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Development\Releases\Json\Working\Newtonsoft.Json\Working-Signed\Src\Newtonsoft.Json\obj\Release\portable-net40+win8+wpa81+wp8+sl5\Newtonsoft.Json.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 421KB - Virtual size: 420KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/portable-net40+sl5+win8+wp8+wpa81/Newtonsoft.Json.xml.xml
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/portable-net45+win8+wp8+wpa81/Newtonsoft.Json.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Development\Releases\Json\Working\Newtonsoft.Json\Working-Signed\Src\Newtonsoft.Json\obj\Release\portable-net45+win8+wpa81+wp8\Newtonsoft.Json.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 606KB - Virtual size: 606KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/lib/portable-net45+win8+wp8+wpa81/Newtonsoft.Json.xml.xml
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/Newtonsoft.Json.10.0.3/tools/install.ps1
-
AntivirusDefender-main/JigsawRansomware/JigsawRansomware/packages/repositories.config
-
AntivirusDefender-main/README.md
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3.sln
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/App.config.xml
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/Form1.Designer.cs
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/Form1.cs.js
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/Form1.resx.vbs
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/Program.cs
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/Properties/AssemblyInfo.cs
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/Properties/Resources.Designer.cs.vbs
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/Properties/Resources.resx.vbs
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/Properties/Settings.Designer.cs
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/Properties/Settings.settings
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/antivirusfalsepositivetest3.csproj
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/app.manifest
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/bin/Debug/antivirusfalsepositivetest3.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
F:\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\antivirusfalsepositivetest3\antivirusfalsepositivetest3\obj\Debug\antivirusfalsepositivetest3.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/bin/Debug/antivirusfalsepositivetest3.exe.config.xml
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/bin/Debug/antivirusfalsepositivetest3.pdb
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/obj/Debug/DesignTimeResolveAssemblyReferences.cache
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/obj/Debug/TempPE/Properties.Resources.Designer.cs.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/obj/Debug/antivirusfalsepositivetest3.Form1.resources
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/obj/Debug/antivirusfalsepositivetest3.Properties.Resources.resources
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/obj/Debug/antivirusfalsepositivetest3.csproj.AssemblyReference.cache
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/obj/Debug/antivirusfalsepositivetest3.csproj.CoreCompileInputs.cache
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/obj/Debug/antivirusfalsepositivetest3.csproj.FileListAbsolute.txt
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/obj/Debug/antivirusfalsepositivetest3.csproj.GenerateResource.cache
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/obj/Debug/antivirusfalsepositivetest3.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
F:\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\antivirusfalsepositivetest3\antivirusfalsepositivetest3\obj\Debug\antivirusfalsepositivetest3.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/antivirusfalsepositivetest3/antivirusfalsepositivetest3/obj/Debug/antivirusfalsepositivetest3.pdb
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4.sln
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/App.config
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Form1.Designer.cs
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Form1.cs.js
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Form1.resx.vbs
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Program.cs
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Properties/AssemblyInfo.cs
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Properties/Resources.Designer.cs.vbs
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Properties/Resources.resx.vbs
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Properties/Settings.Designer.cs
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Properties/Settings.settings
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/JigsawRansomware.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\victim\Desktop\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\JigsawRansomware\JigsawRansomware\JigsawRansomware\obj\Release\JigsawRansomware.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 57KB - Virtual size: 56KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/b.exe.dll windows:0 windows x64 arch:x64
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Sections
.text Size: 44KB - Virtual size: 44KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PCIDATA_ Size: 64B - Virtual size: 59B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 41KB - Virtual size: 41KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/blacklotus.exe.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2.3MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1024B - Virtual size: 780B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 80B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/c.exe.exe windows:4 windows x86 arch:x86
ca665a1a68881f6e8f4c6994b89aef53
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleFileNameA
CopyFileA
GetSystemDirectoryA
GetWindowsDirectoryA
WriteFile
ReadFile
GetShortPathNameA
GetVersionExA
CloseHandle
CreateFileA
GetModuleHandleA
GetCurrentProcess
GetProcAddress
lstrcpyA
lstrcatA
SetFilePointer
GetEnvironmentVariableA
GetStartupInfoA
advapi32
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
shell32
ShellExecuteA
msvcrt
_initterm
strcat
strcpy
memcpy
memset
strstr
_exit
_XcptFilter
exit
_acmdln
__getmainargs
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
Sections
.text Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/disctrl.reg
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/f.exe.exe windows:5 windows x86 arch:x86
00be6e6c4f9e287672c8301b72bdabf3
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21-12-2012 00:00Not After30-12-2020 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18-10-2012 00:00Not After29-12-2020 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
52:9e:3f:9f:cf:7d:58:d5:20:d6:07:ab:74:39:50:02Certificate
IssuerCN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before02-06-2017 00:00Not After01-06-2020 23:59SubjectCN=win.rar GmbH,O=win.rar GmbH,POSTALCODE=10117,STREET=Marienstrasse 12,L=Berlin,ST=Berlin,C=DEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate
IssuerCN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before09-05-2013 00:00Not After08-05-2028 23:59SubjectCN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
52:9e:3f:9f:cf:7d:58:d5:20:d6:07:ab:74:39:50:02Certificate
IssuerCN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before02-06-2017 00:00Not After01-06-2020 23:59SubjectCN=win.rar GmbH,O=win.rar GmbH,POSTALCODE=10117,STREET=Marienstrasse 12,L=Berlin,ST=Berlin,C=DEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate
IssuerCN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before09-05-2013 00:00Not After08-05-2028 23:59SubjectCN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate
IssuerCN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before12-01-2016 00:00Not After11-01-2031 23:59SubjectCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate
IssuerCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before23-12-2017 00:00Not After22-03-2029 23:59SubjectCN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
ea:8f:02:af:65:29:48:5f:76:03:bf:f8:7d:d1:56:53:17:52:d9:b5:de:51:58:bd:9a:7c:3c:6b:84:4c:93:9aSigner
Actual PE Digestea:8f:02:af:65:29:48:5f:76:03:bf:f8:7d:d1:56:53:17:52:d9:b5:de:51:58:bd:9a:7c:3c:6b:84:4c:93:9aDigest Algorithmsha256PE Digest Matchesfalse38:2b:c7:a0:e2:dc:e5:ba:f4:b6:2b:6a:53:55:e5:2a:f6:e9:61:07Signer
Actual PE Digest38:2b:c7:a0:e2:dc:e5:ba:f4:b6:2b:6a:53:55:e5:2a:f6:e9:61:07Digest Algorithmsha1PE Digest MatchesfalseHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
D:\Projects\WinRAR\sfx\setup\build\sfxrar32\Release\sfxrar.pdb
Imports
kernel32
GetLastError
SetLastError
GetCurrentProcess
DeviceIoControl
SetFileTime
CloseHandle
CreateDirectoryW
RemoveDirectoryW
CreateFileW
DeleteFileW
CreateHardLinkW
GetShortPathNameW
GetLongPathNameW
MoveFileW
GetFileType
GetStdHandle
WriteFile
ReadFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
SetFileAttributesW
GetFileAttributesW
FindClose
FindFirstFileW
FindNextFileW
GetVersionExW
GetCurrentDirectoryW
GetFullPathNameW
FoldStringW
GetModuleFileNameW
GetModuleHandleW
FindResourceW
FreeLibrary
GetProcAddress
GetCurrentProcessId
ExitProcess
SetThreadExecutionState
Sleep
LoadLibraryW
GetSystemDirectoryW
CompareStringW
AllocConsole
FreeConsole
AttachConsole
WriteConsoleW
GetProcessAffinityMask
CreateThread
SetThreadPriority
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventW
CreateSemaphoreW
GetSystemTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
GetCPInfo
IsDBCSLeadByte
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
GetTickCount
LockResource
GlobalLock
GlobalUnlock
GlobalFree
LoadResource
SizeofResource
SetCurrentDirectoryW
GetExitCodeProcess
GetLocalTime
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
GetTempPathW
MoveFileExW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapSize
SetStdHandle
GetProcessHeap
RaiseException
GetSystemInfo
VirtualProtect
VirtualQuery
LoadLibraryExA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
RtlUnwind
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
QueryPerformanceFrequency
GetModuleHandleExW
GetModuleFileNameA
GetACP
HeapFree
HeapAlloc
HeapReAlloc
GetStringTypeW
LCMapStringW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
DecodePointer
gdiplus
GdiplusShutdown
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc
Sections
.text Size: 184KB - Virtual size: 184KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 38KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 512B - Virtual size: 232B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 152KB - Virtual size: 156KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 204KB - Virtual size: 204KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/jigsaw.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\satra\Downloads\Jigsaw-Ransomware-master\Jigsaw-Ransomware-master\Jigsaw\Jigsaw\obj\Debug\Jigsaw.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 101KB - Virtual size: 100KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/l.exe.exe windows:5 windows x86 arch:x86
5dfe98175c81190c8a176e1ce4524726
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
CloseHandle
DeleteFileW
GetFirmwareEnvironmentVariableW
GetTickCount
Sleep
GetProcAddress
GetCurrentDirectoryW
GetLastError
CreateFileW
GetVersionExW
GetSystemWow64DirectoryW
WideCharToMultiByte
GetSystemDirectoryW
WriteFile
GetCurrentProcess
DeviceIoControl
InterlockedDecrement
WriteConsoleW
GetStringTypeW
LCMapStringW
ReadFile
SetEndOfFile
SetFilePointer
MultiByteToWideChar
lstrlenA
LocalFree
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RtlUnwind
EncodePointer
DecodePointer
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetFileType
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
HeapSize
IsProcessorFeaturePresent
FreeLibrary
CreateFileA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetProcessHeap
VirtualQuery
HeapReAlloc
advapi32
QueryServiceStatusEx
StartServiceW
OpenServiceW
OpenSCManagerW
DeleteService
CreateServiceW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
CloseServiceHandle
ControlService
ole32
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoUninitialize
CoCreateInstance
oleaut32
SysFreeString
VariantClear
SysAllocString
Sections
.text Size: 65KB - Virtual size: 64KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 242KB - Virtual size: 249KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/m.exe.dll windows:0 windows x64 arch:x64
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Sections
.text Size: 280KB - Virtual size: 279KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1.0MB - Virtual size: 1.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
text Size: 1024B - Virtual size: 288B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Size: 320KB - Virtual size: 320KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/of.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 31KB - Virtual size: 31KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 5KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: - Virtual size: 8B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 79KB - Virtual size: 79KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/rebcoana.exe.exe windows:6 windows x86 arch:x86
79b3362178937bf9559741c46bb9e035
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
GetProcAddress
Sections
.MPRESS1 Size: 1.1MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS2 Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 141KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/thirdpartyclamavinstaller.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
E:\Antivirustest4\Antivirustest\thirdpartyclamavinstaller\thirdpartyclamavinstaller\obj\Debug\thirdpartyclamavinstaller.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/thirdpartyclamavinstaller0.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
E:\Antivirustest4\Antivirustest\thirdpartyclamavinstaller0\thirdpartyclamavinstaller0\obj\Debug\thirdpartyclamavinstaller0.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/Resources/z.exe.exe windows:5 windows x86 arch:x86
e7a2e86f5fdff8fdf85b88f91312940c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetSystemInfo
GetProcAddress
GetModuleHandleA
GetVersionExA
GetComputerNameA
CloseHandle
CreateFileA
CreateFileW
MoveFileExW
DeleteFileW
GetTempFileNameW
GetTempPathW
GetFileSize
VirtualFree
GetSystemDirectoryA
VirtualAlloc
GetLastError
GetModuleFileNameA
CreateProcessA
DeleteFileA
Sleep
MultiByteToWideChar
CreateThread
FlushFileBuffers
HeapReAlloc
GetStringTypeW
GetTickCount
GetLocalTime
SystemTimeToFileTime
lstrlenA
lstrcpyA
lstrcatA
FileTimeToSystemTime
WriteFile
ReadFile
LCMapStringW
WriteConsoleW
SetStdHandle
LoadLibraryW
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetFileAttributesW
RtlUnwind
GetCommandLineA
HeapSetInformation
GetStartupInfoW
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
HeapFree
HeapAlloc
RaiseException
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
InterlockedDecrement
ExitProcess
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
user32
GetMessageA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
wsprintfW
advapi32
RegSetValueExA
GetUserNameA
RegOpenKeyA
RegQueryInfoKeyA
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyA
shell32
SHGetSpecialFolderPathA
winhttp
WinHttpQueryOption
WinHttpSetOption
WinHttpReadData
WinHttpAddRequestHeaders
WinHttpConnect
WinHttpOpen
WinHttpQueryDataAvailable
WinHttpCloseHandle
WinHttpQueryHeaders
WinHttpWriteData
WinHttpOpenRequest
WinHttpCrackUrl
WinHttpSendRequest
WinHttpReceiveResponse
shlwapi
SHRegGetValueW
Sections
.text Size: 56KB - Virtual size: 55KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/antivirusfalsepositivetest4.csproj
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/app.manifest
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/bin/Debug/antivirusfalsepositivetest4.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
F:\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\antivirusfalsepositivetest4\antivirusfalsepositivetest4\obj\Debug\antivirusfalsepositivetest4.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 10.1MB - Virtual size: 10.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/bin/Debug/antivirusfalsepositivetest4.exe.config
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/bin/Debug/antivirusfalsepositivetest4.pdb
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/obj/Debug/DesignTimeResolveAssemblyReferences.cache
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/obj/Debug/TempPE/Properties.Resources.Designer.cs.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/obj/Debug/antivirusfalsepositivetest4.Form1.resources
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/obj/Debug/antivirusfalsepositivetest4.Properties.Resources.resources
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/obj/Debug/antivirusfalsepositivetest4.csproj.AssemblyReference.cache
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/obj/Debug/antivirusfalsepositivetest4.csproj.CoreCompileInputs.cache
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/obj/Debug/antivirusfalsepositivetest4.csproj.FileListAbsolute.txt
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/obj/Debug/antivirusfalsepositivetest4.csproj.GenerateResource.cache
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/obj/Debug/antivirusfalsepositivetest4.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
F:\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\OpenSourceViruses-main\antivirusfalsepositivetest4\antivirusfalsepositivetest4\obj\Debug\antivirusfalsepositivetest4.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 10.1MB - Virtual size: 10.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/antivirusfalsepositivetest4/antivirusfalsepositivetest4/obj/Debug/antivirusfalsepositivetest4.pdb
-
AntivirusDefender-main/batch/Bat virüs oluşturucu v1.6.00.exe.exe windows:5 windows x86 arch:x86
230363beee3a16b40f8fefab5ba42a93
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetModuleHandleW
SetErrorMode
WritePrivateProfileStringA
GlobalFlags
GetCPInfo
GetOEMCP
GetSystemTimeAsFileTime
RtlUnwind
Sleep
ExitProcess
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCommandLineA
GetStartupInfoA
VirtualAlloc
HeapSize
GetACP
IsValidCodePage
TerminateProcess
GlobalHandle
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStdHandle
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetFileType
GetConsoleCP
GetConsoleMode
HeapCreate
VirtualFree
CompareStringW
SetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetFileTime
GetFileSizeEx
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GetCurrentProcessId
GlobalAddAtomA
FreeResource
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryExA
CompareStringA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
LoadLibraryA
lstrcmpA
FreeLibrary
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
MultiByteToWideChar
MulDiv
SetLastError
SetVolumeLabelA
GetCurrentDirectoryA
GetDiskFreeSpaceA
GetDriveTypeA
MoveFileA
CreateDirectoryA
GetFileSize
FormatMessageA
LocalFree
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetTempPathA
GetModuleFileNameA
lstrlenA
lstrcpyA
CreateProcessA
GetLastError
GetExitCodeProcess
SetFileAttributesA
DeleteFileA
RemoveDirectoryA
GetFileAttributesA
GetFullPathNameA
GetVolumeInformationA
InterlockedIncrement
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileA
SetFilePointer
ReadFile
InterlockedExchange
CloseHandle
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
UnhandledExceptionFilter
SizeofResource
user32
UnregisterClassA
GetSysColorBrush
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
PtInRect
DefWindowProcA
CallWindowProcA
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindowThreadProcessId
GetLastActivePopup
SetWindowsHookExA
CallNextHookEx
GetMessageA
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
ReleaseDC
GetDC
CopyRect
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
EndDialog
GetWindowTextA
PostQuitMessage
PeekMessageA
IsWindow
CharUpperA
GetFocus
GetParent
SetWindowPos
SetFocus
IsWindowEnabled
ShowWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
GetWindowLongA
IsDialogMessageA
DestroyMenu
AdjustWindowRectEx
SendMessageA
DrawIcon
PostMessageA
IsIconic
GetClientRect
LoadCursorA
LoadIconA
EnableWindow
GetSystemMetrics
SetCursor
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
wsprintfA
MessageBoxA
OemToCharBuffA
CharToOemBuffA
GetSubMenu
GetMenuItemCount
SendDlgItemMessageA
GetDlgItem
GetWindow
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
gdi32
DeleteDC
GetStockObject
SetWindowExtEx
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
GetDeviceCaps
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
PtVisible
comdlg32
GetFileTitleA
winspool.drv
DocumentPropertiesA
OpenPrinterA
ClosePrinter
advapi32
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
shell32
SHFileOperationA
shlwapi
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathStripToRootA
oleaut32
VariantClear
VariantChangeType
VariantInit
Sections
.text Size: 253KB - Virtual size: 253KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 50KB - Virtual size: 50KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 15KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 173KB - Virtual size: 173KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/batch/antivirusx.bat.bat .vbs
-
AntivirusDefender-main/batch/logo.ico
-
AntivirusDefender-main/panel/Panel.code-workspace
-
AntivirusDefender-main/panel/bots.php.ps1
-
AntivirusDefender-main/panel/commands.php
-
AntivirusDefender-main/panel/gate.php
-
AntivirusDefender-main/panel/inc/common.php
-
AntivirusDefender-main/panel/inc/config.php
-
AntivirusDefender-main/panel/inc/const.php
-
AntivirusDefender-main/panel/inc/db.php.js
-
AntivirusDefender-main/panel/inc/geoip.dat
-
AntivirusDefender-main/panel/inc/geoip.php
-
AntivirusDefender-main/panel/inc/ui.php
-
AntivirusDefender-main/panel/inc/utils.php
-
AntivirusDefender-main/panel/index.php.ps1
-
AntivirusDefender-main/panel/login.php
-
AntivirusDefender-main/panel/logout.php
-
AntivirusDefender-main/panel/private/db.sql
-
AntivirusDefender-main/panel/settings.php
-
AntivirusDefender-main/panel/style/style.css
-
AntivirusDefender-main/src/Bootkit/Common.h
-
AntivirusDefender-main/src/Bootkit/DrvMain.c
-
AntivirusDefender-main/src/Bootkit/DrvMain.h
-
AntivirusDefender-main/src/Bootkit/EfTbl.h
-
AntivirusDefender-main/src/Bootkit/EfiMain.c
-
AntivirusDefender-main/src/Bootkit/EfiMain.h
-
AntivirusDefender-main/src/Bootkit/ExitBootServices.c
-
AntivirusDefender-main/src/Bootkit/ExitBootServices.h
-
AntivirusDefender-main/src/Bootkit/Native.h
-
AntivirusDefender-main/src/Bootkit/OslArchTransferToKernel.c
-
AntivirusDefender-main/src/Bootkit/OslArchTransferToKernel.h
-
AntivirusDefender-main/src/Bot/Bot.vcxproj
-
AntivirusDefender-main/src/Bot/Bot.vcxproj.filters
-
AntivirusDefender-main/src/Bot/Bot.vcxproj.user
-
AntivirusDefender-main/src/Bot/antidebug.c
-
AntivirusDefender-main/src/Bot/antidebug.h
-
AntivirusDefender-main/src/Bot/command.c
-
AntivirusDefender-main/src/Bot/command.h
-
AntivirusDefender-main/src/Bot/globals.c
-
AntivirusDefender-main/src/Bot/globals.h
-
AntivirusDefender-main/src/Bot/http.c
-
AntivirusDefender-main/src/Bot/http.h
-
AntivirusDefender-main/src/Bot/injection.c
-
AntivirusDefender-main/src/Bot/injection.h
-
AntivirusDefender-main/src/Bot/install.c
-
AntivirusDefender-main/src/Bot/install.h
-
AntivirusDefender-main/src/Bot/nzt.c
-
AntivirusDefender-main/src/Bot/report.c
-
AntivirusDefender-main/src/Bot/report.h
-
AntivirusDefender-main/src/Bot/shared.c
-
AntivirusDefender-main/src/Encryptor/Encryptor.c
-
AntivirusDefender-main/src/Encryptor/Encryptor.vcxproj.xml
-
AntivirusDefender-main/src/Encryptor/Encryptor.vcxproj.filters
-
AntivirusDefender-main/src/Encryptor/Encryptor.vcxproj.user
-
AntivirusDefender-main/src/Encryptor/Release/Encryptor.Build.CppClean.log
-
AntivirusDefender-main/src/Encryptor/Release/Encryptor.log
-
AntivirusDefender-main/src/Encryptor/Release/Encryptor.obj
-
AntivirusDefender-main/src/Encryptor/Release/Encryptor.tlog/CL.command.1.tlog
-
AntivirusDefender-main/src/Encryptor/Release/Encryptor.tlog/CL.read.1.tlog
-
AntivirusDefender-main/src/Encryptor/Release/Encryptor.tlog/CL.write.1.tlog
-
AntivirusDefender-main/src/Encryptor/Release/Encryptor.tlog/Encryptor.lastbuildstate
-
AntivirusDefender-main/src/Encryptor/Release/Encryptor.tlog/Encryptor.write.1u.tlog
-
AntivirusDefender-main/src/Encryptor/Release/Encryptor.tlog/link.command.1.tlog
-
AntivirusDefender-main/src/Encryptor/Release/Encryptor.tlog/link.read.1.tlog
-
AntivirusDefender-main/src/Encryptor/Release/Encryptor.tlog/link.write.1.tlog
-
AntivirusDefender-main/src/Encryptor/Release/vc142.pdb
-
AntivirusDefender-main/src/NzT.sln
-
AntivirusDefender-main/src/Shared/Shared.vcxitems
-
AntivirusDefender-main/src/Shared/Shared.vcxitems.filters
-
AntivirusDefender-main/src/Shared/advapi32_functions.h
-
AntivirusDefender-main/src/Shared/advapi32_hash.h
-
AntivirusDefender-main/src/Shared/api.c
-
AntivirusDefender-main/src/Shared/api.h
-
AntivirusDefender-main/src/Shared/config.c
-
AntivirusDefender-main/src/Shared/config.h
-
AntivirusDefender-main/src/Shared/crt.c
-
AntivirusDefender-main/src/Shared/crt.h
-
AntivirusDefender-main/src/Shared/crypto.c
-
AntivirusDefender-main/src/Shared/crypto.h
-
AntivirusDefender-main/src/Shared/file.c
-
AntivirusDefender-main/src/Shared/file.h
-
AntivirusDefender-main/src/Shared/guid.c
-
AntivirusDefender-main/src/Shared/guid.h
-
AntivirusDefender-main/src/Shared/hashes.h
-
AntivirusDefender-main/src/Shared/hook.c
-
AntivirusDefender-main/src/Shared/hook.h
-
AntivirusDefender-main/src/Shared/injection.c.ps1
-
AntivirusDefender-main/src/Shared/injection.h
-
AntivirusDefender-main/src/Shared/kernel32_functions.h
-
AntivirusDefender-main/src/Shared/kernel32_hash.h
-
AntivirusDefender-main/src/Shared/ntdll.h
-
AntivirusDefender-main/src/Shared/ntdll_functions.h
-
AntivirusDefender-main/src/Shared/ntdll_hash.h
-
AntivirusDefender-main/src/Shared/nzt.h
-
AntivirusDefender-main/src/Shared/registry.c
-
AntivirusDefender-main/src/Shared/registry.h
-
AntivirusDefender-main/src/Shared/shell32_functions.h
-
AntivirusDefender-main/src/Shared/shell32_hash.h
-
AntivirusDefender-main/src/Shared/strings.h
-
AntivirusDefender-main/src/Shared/user32_functions.h
-
AntivirusDefender-main/src/Shared/user32_hash.h
-
AntivirusDefender-main/src/Shared/utils.c
-
AntivirusDefender-main/src/Shared/utils.h
-
AntivirusDefender-main/src/Shared/wininet_functions.h
-
AntivirusDefender-main/src/Shared/wininet_hash.h
-
AntivirusDefender-main/src/Tools/Dbgview.exe.exe windows:5 windows x86 arch:x86
1e1114d83ae11299940afc2459ee7bc5
Code Sign
33:00:00:01:87:72:17:72:15:59:40:c7:09:00:00:00:00:01:87Certificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before04-03-2020 18:39Not After03-03-2021 18:39SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08-07-2011 20:59Not After08-07-2026 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
bf:bd:d8:8d:85:25:84:85:d7:05:41:f2:84:30:c4:5f:a1:40:bf:51:9c:12:76:35:10:ae:0d:48:22:6a:52:20Signer
Actual PE Digestbf:bd:d8:8d:85:25:84:85:d7:05:41:f2:84:30:c4:5f:a1:40:bf:51:9c:12:76:35:10:ae:0d:48:22:6a:52:20Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
C:\agent\_work\86\s\exe\Win32\Release\dbgview.pdb
Imports
ws2_32
connect
listen
inet_ntoa
htonl
getsockname
bind
accept
WSAGetLastError
WSAStartup
gethostbyname
gethostbyaddr
socket
inet_addr
htons
closesocket
mpr
WNetAddConnection2A
WNetCancelConnection2A
comctl32
ord17
CreateToolbarEx
kernel32
GetModuleFileNameA
GetCommandLineA
GetSystemDirectoryA
GetCurrentDirectoryA
GetFullPathNameA
FindFirstFileA
SearchPathA
GetComputerNameA
QueryPerformanceCounter
QueryPerformanceFrequency
GetTimeFormatA
GetOverlappedResult
ResetEvent
WaitForMultipleObjects
WriteFile
ReadFile
LockResource
LoadResource
SizeofResource
FindResourceA
CreateFileA
RaiseException
GetTickCount
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalUnlock
HeapAlloc
HeapFree
GetProcessHeap
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcpyA
lstrcatA
GetDateFormatA
GlobalFree
GetFileSize
WriteFileEx
QueueUserAPC
SleepEx
ExpandEnvironmentStringsA
OutputDebugStringA
FlushFileBuffers
GetConsoleCP
CreateEventA
GetStringTypeW
CreateFileW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetCurrentThread
GetACP
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameW
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
SetConsoleMode
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetConsoleMode
GetModuleHandleExW
ExitProcess
EncodePointer
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
OpenMutexA
CreateMutexA
lstrlenA
lstrcpynA
UnmapViewOfFile
FindFirstFileExW
MapViewOfFile
FormatMessageA
SystemTimeToFileTime
GetSystemTime
CloseHandle
FindClose
DeviceIoControl
WaitForSingleObject
SetEvent
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
SetLastError
TerminateThread
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GlobalMemoryStatus
GetVersion
FreeLibrary
InterlockedIncrement
DeleteFileA
GetEnvironmentVariableA
GetLastError
GetCommandLineW
CreateFileMappingA
GetModuleHandleA
LoadLibraryA
GetStdHandle
GetFileType
LocalFree
LocalAlloc
GetProcAddress
OutputDebugStringW
WaitForSingleObjectEx
FindFirstFileExA
FindNextFileA
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
SetConsoleCtrlHandler
WriteConsoleW
SetFilePointerEx
HeapSize
HeapReAlloc
SetEndOfFile
ReadConsoleW
DecodePointer
user32
CloseClipboard
OpenClipboard
CallWindowProcA
GetParent
DrawFocusRect
GetDialogBaseUnits
IsDlgButtonChecked
CheckRadioButton
RegisterClassExA
GetMessageA
IsDialogMessageA
LoadStringA
LoadIconA
LoadBitmapA
SetClipboardData
GetSysColor
ChildWindowFromPoint
GetCursorPos
GetWindowRect
GetClientRect
GetWindowTextA
InvalidateRgn
InvalidateRect
ReleaseDC
SetForegroundWindow
UpdateWindow
TrackPopupMenu
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EmptyClipboard
GetFocus
EnableWindow
DrawTextA
BeginPaint
EndPaint
ClientToScreen
FindWindowA
DeleteMenu
SetWindowLongA
EnableMenuItem
GetSystemMetrics
TranslateAcceleratorA
LoadAcceleratorsA
KillTimer
SetTimer
MsgWaitForMultipleObjects
ReleaseCapture
SetCapture
SetFocus
SendDlgItemMessageA
GetDlgItemTextA
SetDlgItemTextA
DialogBoxParamA
CreateDialogParamA
IsZoomed
IsIconic
SetWindowPos
MoveWindow
ShowWindow
DestroyWindow
IsWindow
CreateWindowExA
RegisterClassA
PostQuitMessage
DefWindowProcA
AttachThreadInput
PostMessageA
PeekMessageA
DispatchMessageA
TranslateMessage
RegisterWindowMessageA
MessageBoxA
InsertMenuItemA
GetMenuItemCount
GetSubMenu
CheckMenuItem
GetMenu
LoadCursorA
InflateRect
GetSysColorBrush
SetCursor
SetWindowTextA
GetDlgItem
EndDialog
DialogBoxIndirectParamA
SendMessageA
GetWindowThreadProcessId
ScreenToClient
AppendMenuA
CheckDlgButton
GetDC
gdi32
AbortDoc
SetAbortProc
TextOutA
GetTextExtentPointA
CreateFontA
GetTextExtentPoint32A
ExtTextOutA
SetBkColor
GetObjectA
GetTextMetricsA
GetDeviceCaps
SetMapMode
StartDocA
EndDoc
StartPage
EndPage
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
DeleteDC
DeleteObject
GetStockObject
SelectObject
SetBkMode
SetTextColor
StretchBlt
comdlg32
FindTextA
ChooseColorA
GetSaveFileNameA
PrintDlgA
ChooseFontA
GetOpenFileNameA
advapi32
InitializeSecurityDescriptor
StartServiceA
QueryServiceStatus
OpenServiceA
OpenSCManagerA
DeleteService
CreateServiceA
ControlService
CloseServiceHandle
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegCreateKeyA
RegOpenKeyA
RegOpenKeyExA
shell32
SHGetSpecialFolderLocation
SHGetMalloc
Shell_NotifyIconA
ShellExecuteExA
CommandLineToArgvW
ShellExecuteA
SHBrowseForFolderA
Sections
.text Size: 375KB - Virtual size: 375KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 77KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 85KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 382KB - Virtual size: 381KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller.sln
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/App.config
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/Form1.Designer.cs
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/Form1.cs.js
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/Form1.resx.vbs
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/Program.cs
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/Properties/AssemblyInfo.cs
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/Properties/Resources.Designer.cs.vbs
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/Properties/Resources.resx.vbs
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/Properties/Settings.Designer.cs
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/Properties/Settings.settings
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/app.manifest
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/bin/Debug/thirdpartyclamavinstaller.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
E:\Antivirustest4\Antivirustest\thirdpartyclamavinstaller\thirdpartyclamavinstaller\obj\Debug\thirdpartyclamavinstaller.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/bin/Debug/thirdpartyclamavinstaller.exe.config
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/bin/Debug/thirdpartyclamavinstaller.pdb
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/obj/Debug/DesignTimeResolveAssemblyReferences.cache
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/obj/Debug/thirdpartyclamavinstaller.Form1.resources
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/obj/Debug/thirdpartyclamavinstaller.Properties.Resources.resources
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/obj/Debug/thirdpartyclamavinstaller.csproj.AssemblyReference.cache
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/obj/Debug/thirdpartyclamavinstaller.csproj.CoreCompileInputs.cache
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/obj/Debug/thirdpartyclamavinstaller.csproj.FileListAbsolute.txt
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/obj/Debug/thirdpartyclamavinstaller.csproj.GenerateResource.cache
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/obj/Debug/thirdpartyclamavinstaller.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
E:\Antivirustest4\Antivirustest\thirdpartyclamavinstaller\thirdpartyclamavinstaller\obj\Debug\thirdpartyclamavinstaller.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/obj/Debug/thirdpartyclamavinstaller.pdb
-
AntivirusDefender-main/thirdpartyclamavinstaller/thirdpartyclamavinstaller/thirdpartyclamavinstaller.csproj
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0.sln
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/App.config
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/Form1.Designer.cs
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/Form1.cs.js
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/Program.cs
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/Properties/AssemblyInfo.cs
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/Properties/Resources.Designer.cs.vbs
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/Properties/Resources.resx.vbs
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/Properties/Settings.Designer.cs
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/Properties/Settings.settings
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/app.manifest
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/bin/Debug/thirdpartyclamavinstaller0.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
E:\Antivirustest4\Antivirustest\thirdpartyclamavinstaller0\thirdpartyclamavinstaller0\obj\Debug\thirdpartyclamavinstaller0.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/bin/Debug/thirdpartyclamavinstaller0.exe.config
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/bin/Debug/thirdpartyclamavinstaller0.pdb
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/obj/Debug/DesignTimeResolveAssemblyReferences.cache
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/obj/Debug/thirdpartyclamavinstaller0.Properties.Resources.resources
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/obj/Debug/thirdpartyclamavinstaller0.csproj.AssemblyReference.cache
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/obj/Debug/thirdpartyclamavinstaller0.csproj.CoreCompileInputs.cache
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/obj/Debug/thirdpartyclamavinstaller0.csproj.FileListAbsolute.txt
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/obj/Debug/thirdpartyclamavinstaller0.csproj.GenerateResource.cache
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/obj/Debug/thirdpartyclamavinstaller0.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
E:\Antivirustest4\Antivirustest\thirdpartyclamavinstaller0\thirdpartyclamavinstaller0\obj\Debug\thirdpartyclamavinstaller0.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/obj/Debug/thirdpartyclamavinstaller0.pdb
-
AntivirusDefender-main/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0/thirdpartyclamavinstaller0.csproj
-
AntivirusDefender-main/usbwrite/usbwrite.sln
-
AntivirusDefender-main/usbwrite/usbwrite/usbwrite.cpp
-
AntivirusDefender-main/usbwrite/usbwrite/usbwrite.vcxproj.xml
-
AntivirusDefender-main/usbwrite/usbwrite/usbwrite.vcxproj.filters
-
AntivirusDefender-main/usbwrite/usbwrite/usbwrite.vcxproj.user
-
AntivirusDefender-main/usbwrite/usbwrite/x64/Debug/usbwrite.exe.recipe
-
AntivirusDefender-main/usbwrite/usbwrite/x64/Debug/usbwrite.ilk
-
AntivirusDefender-main/usbwrite/usbwrite/x64/Debug/usbwrite.log
-
AntivirusDefender-main/usbwrite/usbwrite/x64/Debug/usbwrite.obj
-
AntivirusDefender-main/usbwrite/usbwrite/x64/Debug/usbwrite.tlog/CL.command.1.tlog
-
AntivirusDefender-main/usbwrite/usbwrite/x64/Debug/usbwrite.tlog/CL.read.1.tlog
-
AntivirusDefender-main/usbwrite/usbwrite/x64/Debug/usbwrite.tlog/CL.write.1.tlog
-
AntivirusDefender-main/usbwrite/usbwrite/x64/Debug/usbwrite.tlog/Cl.items.tlog
-
AntivirusDefender-main/usbwrite/usbwrite/x64/Debug/usbwrite.tlog/link.command.1.tlog
-
AntivirusDefender-main/usbwrite/usbwrite/x64/Debug/usbwrite.tlog/link.read.1.tlog
-
AntivirusDefender-main/usbwrite/usbwrite/x64/Debug/usbwrite.tlog/link.write.1.tlog
-
AntivirusDefender-main/usbwrite/usbwrite/x64/Debug/usbwrite.tlog/usbwrite.lastbuildstate
-
AntivirusDefender-main/usbwrite/usbwrite/x64/Debug/vc143.idb
-
AntivirusDefender-main/usbwrite/usbwrite/x64/Debug/vc143.pdb
-
AntivirusDefender-main/usbwrite/x64/Debug/usbwrite.exe.exe windows:6 windows x64 arch:x64
5935883850718c302b878d9e00ef20be
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\victim\source\repos\usbwrite\x64\Debug\usbwrite.pdb
Imports
kernel32
CreateFileA
CreateFileW
DeleteFileW
GetLogicalDriveStringsW
ReadFile
WriteFile
GetTempPathW
CloseHandle
GetLastError
Sleep
IsDebuggerPresent
RaiseException
MultiByteToWideChar
WideCharToMultiByte
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetProcAddress
FreeLibrary
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
GetModuleHandleW
GetStartupInfoW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
GetCurrentThreadId
user32
MessageBeep
vcruntime140d
__vcrt_GetModuleHandleW
__C_specific_handler_noexcept
__C_specific_handler
__current_exception
__current_exception_context
__vcrt_GetModuleFileNameW
__std_type_info_destroy_list
__vcrt_LoadLibraryExW
memcpy
ucrtbased
_register_thread_local_exe_atexit_callback
_configthreadlocale
_set_new_mode
__p__commode
strcpy_s
strcat_s
__stdio_common_vsprintf_s
_seh_filter_dll
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
terminate
_wmakepath_s
_wsplitpath_s
wcscpy_s
_c_exit
__p___argv
__p___argc
_set_fmode
_exit
exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
__setusermatherr
_set_app_type
_seh_filter_exe
_CrtDbgReportW
_CrtDbgReport
__stdio_common_vfprintf
fclose
__stdio_common_vswprintf_s
__stdio_common_vfwprintf
_wfopen_s
fputws
__acrt_iob_func
_wsystem
wcscat_s
_cexit
Sections
.textbss Size: - Virtual size: 64KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 35KB - Virtual size: 35KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.msvcjmc Size: 512B - Virtual size: 463B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 373B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 689B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AntivirusDefender-main/usbwrite/x64/Debug/usbwrite.pdb