3.6
中危
54 个模型检测该样本为恶意!
重新分析
更多

5b4e56b4e7f014e7b4febd123e4876b2af4c23a74c17b7986969f07798a089cb

3760e6d34e747479189f4ac2584d5688.exe

分析耗时

58s

最近分析

文件大小

212.0KB
静态报毒 动态报毒 100% AI SCORE=82 AIDETECT CMRTAZQAYZLC6WSMZF6+JOAPFTT+ CONFIDENCE DOPPELPAYMER DOPPLEPAYMER DRIDEX ENESTEDEL GENERICRXKK HDEJ HHVS HIGH CONFIDENCE HXMBANUA IMGABV KRYPTIK LJTW MALICIOUS PE MALWARE1 MALWARE@#1IA1N16ZJM8AA NC0@AGPIMMIG R367173 RAZY RDMK SAVE SCORE SSIP246NQJS STATIC AI SUSGEN UNSAFE WACATAC ZENPAK ZEXAF 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
Alibaba Ransom:Win32/Dopplepaymer.600e5c5a 20190527 0.3.0.5
Avast Win32:Malware-gen 20210309 21.1.5827.0
Tencent Win32.Trojan.Zenpak.Ljtw 20210309 1.0.0.1
Baidu 20190318 1.0.0.2
Kingsoft 20210309 2017.9.26.565
McAfee GenericRXKK-WZ!3760E6D34E74 20210309 6.0.6.653
CrowdStrike win/malicious_confidence_100% (W) 20210203 1.0
静态指标
The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 个事件)
section .rp
One or more processes crashed (50 out of 65536 个事件)
Time & API Arguments Status Return Repeated
1619345033.98285
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0xcf73 @ 0x11acf73
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686360
registers.edi: 0
registers.eax: 2010505254
registers.ebp: 2686792
registers.edx: 66080
registers.ebx: 260
registers.esi: 1983119360
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345033.98285
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x186cc @ 0x11b86cc
3760e6d34e747479189f4ac2584d5688+0xb81a @ 0x11ab81a
3760e6d34e747479189f4ac2584d5688+0xcf73 @ 0x11acf73
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686320
registers.edi: 14026704
registers.eax: 2010505254
registers.ebp: 2686356
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345033.98285
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x186cc @ 0x11b86cc
3760e6d34e747479189f4ac2584d5688+0xb81a @ 0x11ab81a
3760e6d34e747479189f4ac2584d5688+0xcf73 @ 0x11acf73
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686320
registers.edi: 14026720
registers.eax: 2010505254
registers.ebp: 2686356
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345033.99885
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x186cc @ 0x11b86cc
3760e6d34e747479189f4ac2584d5688+0xb81a @ 0x11ab81a
3760e6d34e747479189f4ac2584d5688+0xcf73 @ 0x11acf73
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686320
registers.edi: 14026736
registers.eax: 2010505254
registers.ebp: 2686356
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345033.99885
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x186cc @ 0x11b86cc
3760e6d34e747479189f4ac2584d5688+0xb81a @ 0x11ab81a
3760e6d34e747479189f4ac2584d5688+0xcf73 @ 0x11acf73
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686320
registers.edi: 14026752
registers.eax: 2010505254
registers.ebp: 2686356
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345033.99885
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x186cc @ 0x11b86cc
3760e6d34e747479189f4ac2584d5688+0xb81a @ 0x11ab81a
3760e6d34e747479189f4ac2584d5688+0xcf73 @ 0x11acf73
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686320
registers.edi: 14026768
registers.eax: 2010505254
registers.ebp: 2686356
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345033.99885
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x186cc @ 0x11b86cc
3760e6d34e747479189f4ac2584d5688+0xb81a @ 0x11ab81a
3760e6d34e747479189f4ac2584d5688+0xcf73 @ 0x11acf73
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686320
registers.edi: 14026784
registers.eax: 2010505254
registers.ebp: 2686356
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345033.99885
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x186cc @ 0x11b86cc
3760e6d34e747479189f4ac2584d5688+0xb81a @ 0x11ab81a
3760e6d34e747479189f4ac2584d5688+0xcf73 @ 0x11acf73
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686320
registers.edi: 14026800
registers.eax: 2010505254
registers.ebp: 2686356
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345033.99885
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x186cc @ 0x11b86cc
3760e6d34e747479189f4ac2584d5688+0xb81a @ 0x11ab81a
3760e6d34e747479189f4ac2584d5688+0xcf73 @ 0x11acf73
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686320
registers.edi: 14026816
registers.eax: 2010505254
registers.ebp: 2686356
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345033.99885
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x186cc @ 0x11b86cc
3760e6d34e747479189f4ac2584d5688+0xb81a @ 0x11ab81a
3760e6d34e747479189f4ac2584d5688+0xcf73 @ 0x11acf73
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686320
registers.edi: 14026832
registers.eax: 2010505254
registers.ebp: 2686356
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345033.99885
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x186cc @ 0x11b86cc
3760e6d34e747479189f4ac2584d5688+0xb81a @ 0x11ab81a
3760e6d34e747479189f4ac2584d5688+0xcf73 @ 0x11acf73
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686320
registers.edi: 14026848
registers.eax: 2010505254
registers.ebp: 2686356
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345033.99885
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x186cc @ 0x11b86cc
3760e6d34e747479189f4ac2584d5688+0xb81a @ 0x11ab81a
3760e6d34e747479189f4ac2584d5688+0xcf73 @ 0x11acf73
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686320
registers.edi: 14026864
registers.eax: 2010505254
registers.ebp: 2686356
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345033.99885
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x186cc @ 0x11b86cc
3760e6d34e747479189f4ac2584d5688+0xb81a @ 0x11ab81a
3760e6d34e747479189f4ac2584d5688+0xcf73 @ 0x11acf73
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686320
registers.edi: 14026880
registers.eax: 2010505254
registers.ebp: 2686356
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345033.99885
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x186cc @ 0x11b86cc
3760e6d34e747479189f4ac2584d5688+0xb81a @ 0x11ab81a
3760e6d34e747479189f4ac2584d5688+0xcf73 @ 0x11acf73
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686320
registers.edi: 14026896
registers.eax: 2010505254
registers.ebp: 2686356
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.01385
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x186cc @ 0x11b86cc
3760e6d34e747479189f4ac2584d5688+0xb81a @ 0x11ab81a
3760e6d34e747479189f4ac2584d5688+0xcf73 @ 0x11acf73
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686320
registers.edi: 14026912
registers.eax: 2010505254
registers.ebp: 2686356
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.01385
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x186cc @ 0x11b86cc
3760e6d34e747479189f4ac2584d5688+0xb81a @ 0x11ab81a
3760e6d34e747479189f4ac2584d5688+0xcf73 @ 0x11acf73
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686320
registers.edi: 14026928
registers.eax: 2010505254
registers.ebp: 2686356
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.01385
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x186cc @ 0x11b86cc
3760e6d34e747479189f4ac2584d5688+0xb81a @ 0x11ab81a
3760e6d34e747479189f4ac2584d5688+0xcf73 @ 0x11acf73
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686320
registers.edi: 14026944
registers.eax: 2010505254
registers.ebp: 2686356
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.01385
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0xb9f1 @ 0x11ab9f1
3760e6d34e747479189f4ac2584d5688+0xcf9b @ 0x11acf9b
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2685560
registers.edi: 2686636
registers.eax: 2010505254
registers.ebp: 2686616
registers.edx: 0
registers.ebx: 1024
registers.esi: 23
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.01385
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0xcf9b @ 0x11acf9b
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686600
registers.edi: 0
registers.eax: 2010505254
registers.ebp: 2686788
registers.edx: 0
registers.ebx: 388
registers.esi: 1983119360
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.01385
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x1845c @ 0x11b845c
3760e6d34e747479189f4ac2584d5688+0xbb0a @ 0x11abb0a
3760e6d34e747479189f4ac2584d5688+0xcf9b @ 0x11acf9b
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686560
registers.edi: 14030184
registers.eax: 2010505254
registers.ebp: 2686596
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.01385
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x1845c @ 0x11b845c
3760e6d34e747479189f4ac2584d5688+0xbb0a @ 0x11abb0a
3760e6d34e747479189f4ac2584d5688+0xcf9b @ 0x11acf9b
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686560
registers.edi: 14030208
registers.eax: 2010505254
registers.ebp: 2686596
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.01385
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x1845c @ 0x11b845c
3760e6d34e747479189f4ac2584d5688+0xbb0a @ 0x11abb0a
3760e6d34e747479189f4ac2584d5688+0xcf9b @ 0x11acf9b
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686560
registers.edi: 14030232
registers.eax: 2010505254
registers.ebp: 2686596
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.01385
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x1845c @ 0x11b845c
3760e6d34e747479189f4ac2584d5688+0xbb0a @ 0x11abb0a
3760e6d34e747479189f4ac2584d5688+0xcf9b @ 0x11acf9b
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686560
registers.edi: 14030256
registers.eax: 2010505254
registers.ebp: 2686596
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.01385
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x1845c @ 0x11b845c
3760e6d34e747479189f4ac2584d5688+0xbb0a @ 0x11abb0a
3760e6d34e747479189f4ac2584d5688+0xcf9b @ 0x11acf9b
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686560
registers.edi: 14030280
registers.eax: 2010505254
registers.ebp: 2686596
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.01385
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x1845c @ 0x11b845c
3760e6d34e747479189f4ac2584d5688+0xbb0a @ 0x11abb0a
3760e6d34e747479189f4ac2584d5688+0xcf9b @ 0x11acf9b
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686560
registers.edi: 14030304
registers.eax: 2010505254
registers.ebp: 2686596
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.01385
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x1845c @ 0x11b845c
3760e6d34e747479189f4ac2584d5688+0xbb0a @ 0x11abb0a
3760e6d34e747479189f4ac2584d5688+0xcf9b @ 0x11acf9b
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686560
registers.edi: 14030328
registers.eax: 2010505254
registers.ebp: 2686596
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.01385
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x1845c @ 0x11b845c
3760e6d34e747479189f4ac2584d5688+0xbb0a @ 0x11abb0a
3760e6d34e747479189f4ac2584d5688+0xcf9b @ 0x11acf9b
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686560
registers.edi: 14030352
registers.eax: 2010505254
registers.ebp: 2686596
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.01385
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x1845c @ 0x11b845c
3760e6d34e747479189f4ac2584d5688+0xbb0a @ 0x11abb0a
3760e6d34e747479189f4ac2584d5688+0xcf9b @ 0x11acf9b
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686560
registers.edi: 14030376
registers.eax: 2010505254
registers.ebp: 2686596
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.01385
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x1845c @ 0x11b845c
3760e6d34e747479189f4ac2584d5688+0xbb0a @ 0x11abb0a
3760e6d34e747479189f4ac2584d5688+0xcf9b @ 0x11acf9b
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686560
registers.edi: 14030400
registers.eax: 2010505254
registers.ebp: 2686596
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.01385
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x1845c @ 0x11b845c
3760e6d34e747479189f4ac2584d5688+0xbb0a @ 0x11abb0a
3760e6d34e747479189f4ac2584d5688+0xcf9b @ 0x11acf9b
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686560
registers.edi: 14030424
registers.eax: 2010505254
registers.ebp: 2686596
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.02985
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x1845c @ 0x11b845c
3760e6d34e747479189f4ac2584d5688+0xbb0a @ 0x11abb0a
3760e6d34e747479189f4ac2584d5688+0xcf9b @ 0x11acf9b
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686560
registers.edi: 14030448
registers.eax: 2010505254
registers.ebp: 2686596
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.02985
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x1845c @ 0x11b845c
3760e6d34e747479189f4ac2584d5688+0xbb0a @ 0x11abb0a
3760e6d34e747479189f4ac2584d5688+0xcf9b @ 0x11acf9b
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686560
registers.edi: 14030472
registers.eax: 2010505254
registers.ebp: 2686596
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.02985
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x1845c @ 0x11b845c
3760e6d34e747479189f4ac2584d5688+0xbb0a @ 0x11abb0a
3760e6d34e747479189f4ac2584d5688+0xcf9b @ 0x11acf9b
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686560
registers.edi: 14030496
registers.eax: 2010505254
registers.ebp: 2686596
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.02985
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x1845c @ 0x11b845c
3760e6d34e747479189f4ac2584d5688+0xbb0a @ 0x11abb0a
3760e6d34e747479189f4ac2584d5688+0xcf9b @ 0x11acf9b
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686560
registers.edi: 14030520
registers.eax: 2010505254
registers.ebp: 2686596
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.02985
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x1845c @ 0x11b845c
3760e6d34e747479189f4ac2584d5688+0xbb0a @ 0x11abb0a
3760e6d34e747479189f4ac2584d5688+0xcf9b @ 0x11acf9b
3760e6d34e747479189f4ac2584d5688+0x62ee @ 0x11a62ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686560
registers.edi: 14030544
registers.eax: 2010505254
registers.ebp: 2686596
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.02985
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x6398 @ 0x11a6398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686444
registers.edi: 0
registers.eax: 1983867560
registers.ebp: 2686820
registers.edx: 3167336696
registers.ebx: 0
registers.esi: 0
registers.ecx: 14030666
exception.instruction_r: cc c3 89 1d 96 91 1c 01 89 1d 8e 91 1c 01 89 1d
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x5bae
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 23470
exception.address: 0x11a5bae
success 0 0
1619345034.02985
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x210a7 @ 0x11c10a7
3760e6d34e747479189f4ac2584d5688+0x19017 @ 0x11b9017
3760e6d34e747479189f4ac2584d5688+0x5be5 @ 0x11a5be5
3760e6d34e747479189f4ac2584d5688+0x6398 @ 0x11a6398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686340
registers.edi: 4
registers.eax: 1985273620
registers.ebp: 2686372
registers.edx: 2914277257
registers.ebx: 2686388
registers.esi: 0
registers.ecx: 2686368
exception.instruction_r: cc c3 85 c0 75 1b e8 52 a5 fe ff 85 c0 74 12 57
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x21023
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 135203
exception.address: 0x11c1023
success 0 0
1619345034.06085
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x210a7 @ 0x11c10a7
3760e6d34e747479189f4ac2584d5688+0x19017 @ 0x11b9017
3760e6d34e747479189f4ac2584d5688+0x5be5 @ 0x11a5be5
3760e6d34e747479189f4ac2584d5688+0x6398 @ 0x11a6398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686344
registers.edi: 4
registers.eax: 1985273800
registers.ebp: 2686372
registers.edx: 648997826
registers.ebx: 2686388
registers.esi: 2882304
registers.ecx: 14030813
exception.instruction_r: cc c3 85 f6 74 1d 83 fe ff 74 18 68 b3 f6 62 59
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x2105e
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 135262
exception.address: 0x11c105e
success 0 0
1619345034.06085
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x210a7 @ 0x11c10a7
3760e6d34e747479189f4ac2584d5688+0x19017 @ 0x11b9017
3760e6d34e747479189f4ac2584d5688+0x5be5 @ 0x11a5be5
3760e6d34e747479189f4ac2584d5688+0x6398 @ 0x11a6398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686348
registers.edi: 4
registers.eax: 1985274148
registers.ebp: 2686372
registers.edx: 1499657907
registers.ebx: 2686388
registers.esi: 2882304
registers.ecx: 14030890
exception.instruction_r: cc c3 5e 5f 5b 8b e5 5d c3 cc cc cc cc cc cc cc
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x2107f
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 135295
exception.address: 0x11c107f
success 0 0
1619345034.06085
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x19033 @ 0x11b9033
3760e6d34e747479189f4ac2584d5688+0x5be5 @ 0x11a5be5
3760e6d34e747479189f4ac2584d5688+0x6398 @ 0x11a6398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686352
registers.edi: 2686412
registers.eax: 2010505254
registers.ebp: 2686388
registers.edx: 14030184
registers.ebx: 64
registers.esi: 64
registers.ecx: 14024704
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x1b7a2
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x11bb7a2
success 0 0
1619345034.06085
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x210a7 @ 0x11c10a7
3760e6d34e747479189f4ac2584d5688+0x1904c @ 0x11b904c
3760e6d34e747479189f4ac2584d5688+0x5be5 @ 0x11a5be5
3760e6d34e747479189f4ac2584d5688+0x6398 @ 0x11a6398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686340
registers.edi: 4
registers.eax: 1985273620
registers.ebp: 2686372
registers.edx: 14030184
registers.ebx: 2686388
registers.esi: 127
registers.ecx: 2686368
exception.instruction_r: cc c3 85 c0 75 1b e8 52 a5 fe ff 85 c0 74 12 57
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x21023
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 135203
exception.address: 0x11c1023
success 0 0
1619345034.06085
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x210a7 @ 0x11c10a7
3760e6d34e747479189f4ac2584d5688+0x1904c @ 0x11b904c
3760e6d34e747479189f4ac2584d5688+0x5be5 @ 0x11a5be5
3760e6d34e747479189f4ac2584d5688+0x6398 @ 0x11a6398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686344
registers.edi: 4
registers.eax: 1985273800
registers.ebp: 2686372
registers.edx: 14030184
registers.ebx: 2686388
registers.esi: 2882304
registers.ecx: 14030264
exception.instruction_r: cc c3 85 f6 74 1d 83 fe ff 74 18 68 b3 f6 62 59
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x2105e
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 135262
exception.address: 0x11c105e
success 0 0
1619345034.06085
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x210a7 @ 0x11c10a7
3760e6d34e747479189f4ac2584d5688+0x1904c @ 0x11b904c
3760e6d34e747479189f4ac2584d5688+0x5be5 @ 0x11a5be5
3760e6d34e747479189f4ac2584d5688+0x6398 @ 0x11a6398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686348
registers.edi: 4
registers.eax: 1985274148
registers.ebp: 2686372
registers.edx: 14030184
registers.ebx: 2686388
registers.esi: 2882304
registers.ecx: 14030288
exception.instruction_r: cc c3 5e 5f 5b 8b e5 5d c3 cc cc cc cc cc cc cc
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x2107f
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 135295
exception.address: 0x11c107f
success 0 0
1619345034.06085
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x210a7 @ 0x11c10a7
3760e6d34e747479189f4ac2584d5688+0x1904c @ 0x11b904c
3760e6d34e747479189f4ac2584d5688+0x5be5 @ 0x11a5be5
3760e6d34e747479189f4ac2584d5688+0x6398 @ 0x11a6398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686340
registers.edi: 4
registers.eax: 1985273620
registers.ebp: 2686372
registers.edx: 14030184
registers.ebx: 2686388
registers.esi: 127
registers.ecx: 2686368
exception.instruction_r: cc c3 85 c0 75 1b e8 52 a5 fe ff 85 c0 74 12 57
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x21023
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 135203
exception.address: 0x11c1023
success 0 0
1619345034.06085
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x210a7 @ 0x11c10a7
3760e6d34e747479189f4ac2584d5688+0x1904c @ 0x11b904c
3760e6d34e747479189f4ac2584d5688+0x5be5 @ 0x11a5be5
3760e6d34e747479189f4ac2584d5688+0x6398 @ 0x11a6398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686344
registers.edi: 4
registers.eax: 1985273800
registers.ebp: 2686372
registers.edx: 14030184
registers.ebx: 2686388
registers.esi: 2882304
registers.ecx: 14030264
exception.instruction_r: cc c3 85 f6 74 1d 83 fe ff 74 18 68 b3 f6 62 59
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x2105e
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 135262
exception.address: 0x11c105e
success 0 0
1619345034.06085
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x210a7 @ 0x11c10a7
3760e6d34e747479189f4ac2584d5688+0x1904c @ 0x11b904c
3760e6d34e747479189f4ac2584d5688+0x5be5 @ 0x11a5be5
3760e6d34e747479189f4ac2584d5688+0x6398 @ 0x11a6398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686348
registers.edi: 4
registers.eax: 1985274148
registers.ebp: 2686372
registers.edx: 14030184
registers.ebx: 2686388
registers.esi: 2882304
registers.ecx: 14030288
exception.instruction_r: cc c3 5e 5f 5b 8b e5 5d c3 cc cc cc cc cc cc cc
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x2107f
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 135295
exception.address: 0x11c107f
success 0 0
1619345034.06085
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x210a7 @ 0x11c10a7
3760e6d34e747479189f4ac2584d5688+0x1904c @ 0x11b904c
3760e6d34e747479189f4ac2584d5688+0x5be5 @ 0x11a5be5
3760e6d34e747479189f4ac2584d5688+0x6398 @ 0x11a6398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686340
registers.edi: 4
registers.eax: 1985273620
registers.ebp: 2686372
registers.edx: 14030184
registers.ebx: 2686388
registers.esi: 127
registers.ecx: 2686368
exception.instruction_r: cc c3 85 c0 75 1b e8 52 a5 fe ff 85 c0 74 12 57
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x21023
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 135203
exception.address: 0x11c1023
success 0 0
1619345034.06085
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x210a7 @ 0x11c10a7
3760e6d34e747479189f4ac2584d5688+0x1904c @ 0x11b904c
3760e6d34e747479189f4ac2584d5688+0x5be5 @ 0x11a5be5
3760e6d34e747479189f4ac2584d5688+0x6398 @ 0x11a6398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686344
registers.edi: 4
registers.eax: 1985273800
registers.ebp: 2686372
registers.edx: 14030184
registers.ebx: 2686388
registers.esi: 2882304
registers.ecx: 14030264
exception.instruction_r: cc c3 85 f6 74 1d 83 fe ff 74 18 68 b3 f6 62 59
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x2105e
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 135262
exception.address: 0x11c105e
success 0 0
1619345034.06085
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x210a7 @ 0x11c10a7
3760e6d34e747479189f4ac2584d5688+0x1904c @ 0x11b904c
3760e6d34e747479189f4ac2584d5688+0x5be5 @ 0x11a5be5
3760e6d34e747479189f4ac2584d5688+0x6398 @ 0x11a6398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686348
registers.edi: 4
registers.eax: 1985274148
registers.ebp: 2686372
registers.edx: 14030184
registers.ebx: 2686388
registers.esi: 2882304
registers.ecx: 14030288
exception.instruction_r: cc c3 5e 5f 5b 8b e5 5d c3 cc cc cc cc cc cc cc
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x2107f
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 135295
exception.address: 0x11c107f
success 0 0
1619345034.06085
__exception__
stacktrace: 
3760e6d34e747479189f4ac2584d5688+0x210a7 @ 0x11c10a7
3760e6d34e747479189f4ac2584d5688+0x1904c @ 0x11b904c
3760e6d34e747479189f4ac2584d5688+0x5be5 @ 0x11a5be5
3760e6d34e747479189f4ac2584d5688+0x6398 @ 0x11a6398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 2686340
registers.edi: 4
registers.eax: 1985273620
registers.ebp: 2686372
registers.edx: 14030184
registers.ebx: 2686388
registers.esi: 127
registers.ecx: 2686368
exception.instruction_r: cc c3 85 c0 75 1b e8 52 a5 fe ff 85 c0 74 12 57
exception.symbol: 3760e6d34e747479189f4ac2584d5688+0x21023
exception.instruction: int3
exception.module: 3760e6d34e747479189f4ac2584d5688.exe
exception.exception_code: 0x80000003
exception.offset: 135203
exception.address: 0x11c1023
success 0 0
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (1 个事件)
Time & API Arguments Status Return Repeated
1619345033.95185
NtAllocateVirtualMemory
process_identifier: 648
region_size: 24576
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x00c30000
success 0 0
The binary likely contains encrypted or compressed data indicative of a packer (4 个事件)
entropy 7.481606102283834 section {'size_of_data': '0x00001000', 'virtual_address': '0x00004000', 'entropy': 7.481606102283834, 'name': '.idata', 'virtual_size': '0x00000e05'} description A section with a high entropy has been found
entropy 7.619196684883332 section {'size_of_data': '0x0000d000', 'virtual_address': '0x00005000', 'entropy': 7.619196684883332, 'name': '.data', 'virtual_size': '0x0000cf2a'} description A section with a high entropy has been found
entropy 7.993209120764245 section {'size_of_data': '0x00020000', 'virtual_address': '0x00013000', 'entropy': 7.993209120764245, 'name': '.rp', 'virtual_size': '0x0001fd9f'} description A section with a high entropy has been found
entropy 0.8846153846153846 description Overall entropy of this PE file is high
网络通信
Communicates with host for which no DNS query was performed (1 个事件)
host 172.217.24.14
Tries to unhook Windows functions monitored by Cuckoo (1 个事件)
Time & API Arguments Status Return Repeated
1619345078.37385
__anomaly__
subcategory: exception
tid: 732
message: Encountered 65537 exceptions, quitting.
function_name:
success 0 0
File has been identified by 54 AntiVirus engines on VirusTotal as malicious (50 out of 54 个事件)
Bkav W32.AIDetect.malware1
Elastic malicious (high confidence)
DrWeb Trojan.Dridex.700
MicroWorld-eScan Gen:Variant.Razy.667554
FireEye Generic.mg.3760e6d34e747479
ALYac Spyware.Banker.Dridex
Cylance Unsafe
Zillya Trojan.Kryptik.Win32.2013532
Sangfor Trojan.Win32.Save.a
K7AntiVirus Riskware ( 0040eff71 )
Alibaba Ransom:Win32/Dopplepaymer.600e5c5a
K7GW Riskware ( 0040eff71 )
Cybereason malicious.34e747
Arcabit Trojan.Razy.DA2FA2
BitDefenderTheta Gen:NN.ZexaF.34608.nC0@aGpIMMiG
Symantec Packed.Generic.553
ESET-NOD32 a variant of Win32/Kryptik.HDEJ
Avast Win32:Malware-gen
Kaspersky HEUR:Trojan.Win32.Zenpak.vho
BitDefender Gen:Variant.Razy.667554
NANO-Antivirus Trojan.Win32.Zenpak.imgabv
Paloalto generic.ml
Tencent Win32.Trojan.Zenpak.Ljtw
Ad-Aware Gen:Variant.Razy.667554
Sophos Mal/Generic-S
Comodo Malware@#1ia1n16zjm8aa
VIPRE Trojan.Win32.Generic!BT
McAfee-GW-Edition GenericRXKK-WZ!3760E6D34E74
Emsisoft Gen:Variant.Razy.667554 (B)
SentinelOne Static AI - Malicious PE
MAX malware (ai score=82)
Antiy-AVL Trojan/Win32.Zenpak
Gridinsoft Trojan.Win32.Kryptik.ba
Microsoft Ransom:Win32/Dopplepaymer.KM!MTB
AegisLab Riskware.Win32.Malicious.1!c
ZoneAlarm HEUR:Trojan.Win32.Zenpak.vho
GData Gen:Variant.Razy.667554
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win32.DoppelPaymer.R367173
Acronis suspicious
McAfee GenericRXKK-WZ!3760E6D34E74
VBA32 Trojan.Wacatac
Malwarebytes Trojan.Dridex
APEX Malicious
Rising Ransom.Dopplepaymer!8.1148E (RDMK:cmRtazqAYZLc6WsmZf6+JoApFTt+)
Yandex Trojan.Kryptik!SSip246nQJs
Ikarus Trojan-Ransom.Enestedel
MaxSecure Trojan.Malware.100997397.susgen
Fortinet W32/Kryptik.HHVS!tr
Webroot W32.Trojan.Gen
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-05-06 09:16:07

Imports

Library SETUPAPI.dll:
Library KERNEL32.dll:
0x412000 GetProcAddress
0x412004 LoadLibraryExW
0x412008 LoadLibraryW
0x41200c GetModuleHandleA

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 50534 114.114.114.114 53
192.168.56.101 55368 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 65004 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 49235 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 60123 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 50535 239.255.255.250 3702
192.168.56.101 56540 239.255.255.250 3702
192.168.56.101 56807 239.255.255.250 1900
192.168.56.101 58707 239.255.255.250 3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.