3.6
中危
40 个模型检测该样本为恶意!
重新分析
更多

f072b971950ba8a2e12c85501f0d63160f833df8411c5fa1cda8ac6261b27a2d

aeaacc4da7ea15de0224d4c3e3456ce0.exe

分析耗时

52s

最近分析

文件大小

240.0KB
静态报毒 动态报毒 100% AGEN AI SCORE=82 AIDETECT CASUR CLOUD CONFIDENCE DRIDEX EJPK ELDORADO EMOTET EQLH GENCIRC GENKRYPTIK HEOF HIGH CONFIDENCE HXQBFGIA KRYPTIK MALICIOUS PE MALWARE2 MALWARE@#36KMVISHL3AIB PC0@AMHIKT2S SCORE STATIC AI SUSGEN TROJANX TSCOPE UNSAFE ZENPAK ZEXAF 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee 20210310 6.0.6.653
Baidu 20190318 1.0.0.2
Avast 20210310 21.1.5827.0
Alibaba Backdoor:Win32/Dridex.4d4a33fa 20190527 0.3.0.5
Kingsoft 20210310 2017.9.26.565
Tencent Malware.Win32.Gencirc.116f93ce 20210309 1.0.0.1
CrowdStrike win/malicious_confidence_100% (W) 20210203 1.0
静态指标
The executable contains unknown PE section names indicative of a packer (could be a false positive) (3 个事件)
section .qdata
section CODE
section data
One or more processes crashed (50 out of 65536 个事件)
Time & API Arguments Status Return Repeated
1619826885.025139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf73 @ 0x1000cf73
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637804
registers.edi: 0
registers.eax: 2010505254
registers.ebp: 1638236
registers.edx: 66080
registers.ebx: 260
registers.esi: 1983119360
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.025139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x186cc @ 0x100186cc
aeaacc4da7ea15de0224d4c3e3456ce0+0xb81a @ 0x1000b81a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf73 @ 0x1000cf73
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637764
registers.edi: 37423056
registers.eax: 2010505254
registers.ebp: 1637800
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.025139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x186cc @ 0x100186cc
aeaacc4da7ea15de0224d4c3e3456ce0+0xb81a @ 0x1000b81a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf73 @ 0x1000cf73
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637764
registers.edi: 37423072
registers.eax: 2010505254
registers.ebp: 1637800
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.025139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x186cc @ 0x100186cc
aeaacc4da7ea15de0224d4c3e3456ce0+0xb81a @ 0x1000b81a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf73 @ 0x1000cf73
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637764
registers.edi: 37423088
registers.eax: 2010505254
registers.ebp: 1637800
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.025139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x186cc @ 0x100186cc
aeaacc4da7ea15de0224d4c3e3456ce0+0xb81a @ 0x1000b81a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf73 @ 0x1000cf73
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637764
registers.edi: 37423104
registers.eax: 2010505254
registers.ebp: 1637800
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.025139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x186cc @ 0x100186cc
aeaacc4da7ea15de0224d4c3e3456ce0+0xb81a @ 0x1000b81a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf73 @ 0x1000cf73
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637764
registers.edi: 37423120
registers.eax: 2010505254
registers.ebp: 1637800
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.025139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x186cc @ 0x100186cc
aeaacc4da7ea15de0224d4c3e3456ce0+0xb81a @ 0x1000b81a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf73 @ 0x1000cf73
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637764
registers.edi: 37423136
registers.eax: 2010505254
registers.ebp: 1637800
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.025139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x186cc @ 0x100186cc
aeaacc4da7ea15de0224d4c3e3456ce0+0xb81a @ 0x1000b81a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf73 @ 0x1000cf73
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637764
registers.edi: 37423152
registers.eax: 2010505254
registers.ebp: 1637800
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.025139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x186cc @ 0x100186cc
aeaacc4da7ea15de0224d4c3e3456ce0+0xb81a @ 0x1000b81a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf73 @ 0x1000cf73
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637764
registers.edi: 37423168
registers.eax: 2010505254
registers.ebp: 1637800
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.025139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x186cc @ 0x100186cc
aeaacc4da7ea15de0224d4c3e3456ce0+0xb81a @ 0x1000b81a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf73 @ 0x1000cf73
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637764
registers.edi: 37423184
registers.eax: 2010505254
registers.ebp: 1637800
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.025139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x186cc @ 0x100186cc
aeaacc4da7ea15de0224d4c3e3456ce0+0xb81a @ 0x1000b81a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf73 @ 0x1000cf73
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637764
registers.edi: 37423200
registers.eax: 2010505254
registers.ebp: 1637800
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.025139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x186cc @ 0x100186cc
aeaacc4da7ea15de0224d4c3e3456ce0+0xb81a @ 0x1000b81a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf73 @ 0x1000cf73
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637764
registers.edi: 37423216
registers.eax: 2010505254
registers.ebp: 1637800
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.025139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x186cc @ 0x100186cc
aeaacc4da7ea15de0224d4c3e3456ce0+0xb81a @ 0x1000b81a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf73 @ 0x1000cf73
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637764
registers.edi: 37423232
registers.eax: 2010505254
registers.ebp: 1637800
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.025139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x186cc @ 0x100186cc
aeaacc4da7ea15de0224d4c3e3456ce0+0xb81a @ 0x1000b81a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf73 @ 0x1000cf73
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637764
registers.edi: 37423248
registers.eax: 2010505254
registers.ebp: 1637800
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.025139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x186cc @ 0x100186cc
aeaacc4da7ea15de0224d4c3e3456ce0+0xb81a @ 0x1000b81a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf73 @ 0x1000cf73
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637764
registers.edi: 37423264
registers.eax: 2010505254
registers.ebp: 1637800
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.025139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x186cc @ 0x100186cc
aeaacc4da7ea15de0224d4c3e3456ce0+0xb81a @ 0x1000b81a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf73 @ 0x1000cf73
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637764
registers.edi: 37423280
registers.eax: 2010505254
registers.ebp: 1637800
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.025139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x186cc @ 0x100186cc
aeaacc4da7ea15de0224d4c3e3456ce0+0xb81a @ 0x1000b81a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf73 @ 0x1000cf73
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637764
registers.edi: 37423296
registers.eax: 2010505254
registers.ebp: 1637800
registers.edx: 0
registers.ebx: 128
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.041139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0xb9f1 @ 0x1000b9f1
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf9b @ 0x1000cf9b
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637004
registers.edi: 1638080
registers.eax: 2010505254
registers.ebp: 1638060
registers.edx: 0
registers.ebx: 1024
registers.esi: 23
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.041139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf9b @ 0x1000cf9b
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1638044
registers.edi: 0
registers.eax: 2010505254
registers.ebp: 1638232
registers.edx: 0
registers.ebx: 388
registers.esi: 1983119360
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.041139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x1845c @ 0x1001845c
aeaacc4da7ea15de0224d4c3e3456ce0+0xbb0a @ 0x1000bb0a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf9b @ 0x1000cf9b
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1638004
registers.edi: 37426536
registers.eax: 2010505254
registers.ebp: 1638040
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.041139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x1845c @ 0x1001845c
aeaacc4da7ea15de0224d4c3e3456ce0+0xbb0a @ 0x1000bb0a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf9b @ 0x1000cf9b
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1638004
registers.edi: 37426560
registers.eax: 2010505254
registers.ebp: 1638040
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.041139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x1845c @ 0x1001845c
aeaacc4da7ea15de0224d4c3e3456ce0+0xbb0a @ 0x1000bb0a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf9b @ 0x1000cf9b
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1638004
registers.edi: 37426584
registers.eax: 2010505254
registers.ebp: 1638040
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.041139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x1845c @ 0x1001845c
aeaacc4da7ea15de0224d4c3e3456ce0+0xbb0a @ 0x1000bb0a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf9b @ 0x1000cf9b
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1638004
registers.edi: 37426608
registers.eax: 2010505254
registers.ebp: 1638040
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.041139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x1845c @ 0x1001845c
aeaacc4da7ea15de0224d4c3e3456ce0+0xbb0a @ 0x1000bb0a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf9b @ 0x1000cf9b
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1638004
registers.edi: 37426632
registers.eax: 2010505254
registers.ebp: 1638040
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.041139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x1845c @ 0x1001845c
aeaacc4da7ea15de0224d4c3e3456ce0+0xbb0a @ 0x1000bb0a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf9b @ 0x1000cf9b
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1638004
registers.edi: 37426656
registers.eax: 2010505254
registers.ebp: 1638040
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.041139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x1845c @ 0x1001845c
aeaacc4da7ea15de0224d4c3e3456ce0+0xbb0a @ 0x1000bb0a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf9b @ 0x1000cf9b
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1638004
registers.edi: 37426680
registers.eax: 2010505254
registers.ebp: 1638040
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.041139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x1845c @ 0x1001845c
aeaacc4da7ea15de0224d4c3e3456ce0+0xbb0a @ 0x1000bb0a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf9b @ 0x1000cf9b
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1638004
registers.edi: 37426704
registers.eax: 2010505254
registers.ebp: 1638040
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.041139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x1845c @ 0x1001845c
aeaacc4da7ea15de0224d4c3e3456ce0+0xbb0a @ 0x1000bb0a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf9b @ 0x1000cf9b
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1638004
registers.edi: 37426728
registers.eax: 2010505254
registers.ebp: 1638040
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.041139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x1845c @ 0x1001845c
aeaacc4da7ea15de0224d4c3e3456ce0+0xbb0a @ 0x1000bb0a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf9b @ 0x1000cf9b
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1638004
registers.edi: 37426752
registers.eax: 2010505254
registers.ebp: 1638040
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.041139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x1845c @ 0x1001845c
aeaacc4da7ea15de0224d4c3e3456ce0+0xbb0a @ 0x1000bb0a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf9b @ 0x1000cf9b
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1638004
registers.edi: 37426776
registers.eax: 2010505254
registers.ebp: 1638040
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.056139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x1845c @ 0x1001845c
aeaacc4da7ea15de0224d4c3e3456ce0+0xbb0a @ 0x1000bb0a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf9b @ 0x1000cf9b
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1638004
registers.edi: 37426800
registers.eax: 2010505254
registers.ebp: 1638040
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.056139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x1845c @ 0x1001845c
aeaacc4da7ea15de0224d4c3e3456ce0+0xbb0a @ 0x1000bb0a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf9b @ 0x1000cf9b
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1638004
registers.edi: 37426824
registers.eax: 2010505254
registers.ebp: 1638040
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.056139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x1845c @ 0x1001845c
aeaacc4da7ea15de0224d4c3e3456ce0+0xbb0a @ 0x1000bb0a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf9b @ 0x1000cf9b
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1638004
registers.edi: 37426848
registers.eax: 2010505254
registers.ebp: 1638040
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.056139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x1845c @ 0x1001845c
aeaacc4da7ea15de0224d4c3e3456ce0+0xbb0a @ 0x1000bb0a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf9b @ 0x1000cf9b
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1638004
registers.edi: 37426872
registers.eax: 2010505254
registers.ebp: 1638040
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.056139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x1845c @ 0x1001845c
aeaacc4da7ea15de0224d4c3e3456ce0+0xbb0a @ 0x1000bb0a
aeaacc4da7ea15de0224d4c3e3456ce0+0xcf9b @ 0x1000cf9b
aeaacc4da7ea15de0224d4c3e3456ce0+0x62ee @ 0x100062ee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1638004
registers.edi: 37426896
registers.eax: 2010505254
registers.ebp: 1638040
registers.edx: 0
registers.ebx: 64
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.056139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x6398 @ 0x10006398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637888
registers.edi: 0
registers.eax: 1983867560
registers.ebp: 1638264
registers.edx: 3167336696
registers.ebx: 0
registers.esi: 0
registers.ecx: 37427018
exception.instruction_r: cc c3 89 1d 96 91 02 10 89 1d 8e 91 02 10 89 1d
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x5bae
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 23470
exception.address: 0x10005bae
success 0 0
1619826885.056139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x210a7 @ 0x100210a7
aeaacc4da7ea15de0224d4c3e3456ce0+0x19017 @ 0x10019017
aeaacc4da7ea15de0224d4c3e3456ce0+0x5be5 @ 0x10005be5
aeaacc4da7ea15de0224d4c3e3456ce0+0x6398 @ 0x10006398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637784
registers.edi: 4
registers.eax: 1985273620
registers.ebp: 1637816
registers.edx: 2914277257
registers.ebx: 1637832
registers.esi: 0
registers.ecx: 1637812
exception.instruction_r: cc c3 85 c0 75 1b e8 52 a5 fe ff 85 c0 74 12 57
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x21023
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 135203
exception.address: 0x10021023
success 0 0
1619826885.072139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x210a7 @ 0x100210a7
aeaacc4da7ea15de0224d4c3e3456ce0+0x19017 @ 0x10019017
aeaacc4da7ea15de0224d4c3e3456ce0+0x5be5 @ 0x10005be5
aeaacc4da7ea15de0224d4c3e3456ce0+0x6398 @ 0x10006398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637788
registers.edi: 4
registers.eax: 1985273800
registers.ebp: 1637816
registers.edx: 648997826
registers.ebx: 1637832
registers.esi: 6041336
registers.ecx: 37427165
exception.instruction_r: cc c3 85 f6 74 1d 83 fe ff 74 18 68 b3 f6 62 59
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x2105e
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 135262
exception.address: 0x1002105e
success 0 0
1619826885.072139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x210a7 @ 0x100210a7
aeaacc4da7ea15de0224d4c3e3456ce0+0x19017 @ 0x10019017
aeaacc4da7ea15de0224d4c3e3456ce0+0x5be5 @ 0x10005be5
aeaacc4da7ea15de0224d4c3e3456ce0+0x6398 @ 0x10006398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637792
registers.edi: 4
registers.eax: 1985274148
registers.ebp: 1637816
registers.edx: 1499657907
registers.ebx: 1637832
registers.esi: 6041336
registers.ecx: 37427242
exception.instruction_r: cc c3 5e 5f 5b 8b e5 5d c3 cc cc cc cc cc cc cc
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x2107f
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 135295
exception.address: 0x1002107f
success 0 0
1619826885.072139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x19033 @ 0x10019033
aeaacc4da7ea15de0224d4c3e3456ce0+0x5be5 @ 0x10005be5
aeaacc4da7ea15de0224d4c3e3456ce0+0x6398 @ 0x10006398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637796
registers.edi: 1637856
registers.eax: 2010505254
registers.ebp: 1637832
registers.edx: 37426536
registers.ebx: 64
registers.esi: 64
registers.ecx: 37421056
exception.instruction_r: cc c3 5b c3 33 c0 5b c3 cc cc cc cc cc cc 56 8b
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x1b7a2
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 112546
exception.address: 0x1001b7a2
success 0 0
1619826885.072139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x210a7 @ 0x100210a7
aeaacc4da7ea15de0224d4c3e3456ce0+0x1904c @ 0x1001904c
aeaacc4da7ea15de0224d4c3e3456ce0+0x5be5 @ 0x10005be5
aeaacc4da7ea15de0224d4c3e3456ce0+0x6398 @ 0x10006398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637784
registers.edi: 4
registers.eax: 1985273620
registers.ebp: 1637816
registers.edx: 37426536
registers.ebx: 1637832
registers.esi: 127
registers.ecx: 1637812
exception.instruction_r: cc c3 85 c0 75 1b e8 52 a5 fe ff 85 c0 74 12 57
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x21023
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 135203
exception.address: 0x10021023
success 0 0
1619826885.072139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x210a7 @ 0x100210a7
aeaacc4da7ea15de0224d4c3e3456ce0+0x1904c @ 0x1001904c
aeaacc4da7ea15de0224d4c3e3456ce0+0x5be5 @ 0x10005be5
aeaacc4da7ea15de0224d4c3e3456ce0+0x6398 @ 0x10006398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637788
registers.edi: 4
registers.eax: 1985273800
registers.ebp: 1637816
registers.edx: 37426536
registers.ebx: 1637832
registers.esi: 6042296
registers.ecx: 37426616
exception.instruction_r: cc c3 85 f6 74 1d 83 fe ff 74 18 68 b3 f6 62 59
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x2105e
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 135262
exception.address: 0x1002105e
success 0 0
1619826885.072139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x210a7 @ 0x100210a7
aeaacc4da7ea15de0224d4c3e3456ce0+0x1904c @ 0x1001904c
aeaacc4da7ea15de0224d4c3e3456ce0+0x5be5 @ 0x10005be5
aeaacc4da7ea15de0224d4c3e3456ce0+0x6398 @ 0x10006398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637792
registers.edi: 4
registers.eax: 1985274148
registers.ebp: 1637816
registers.edx: 37426536
registers.ebx: 1637832
registers.esi: 6042296
registers.ecx: 37426640
exception.instruction_r: cc c3 5e 5f 5b 8b e5 5d c3 cc cc cc cc cc cc cc
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x2107f
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 135295
exception.address: 0x1002107f
success 0 0
1619826885.072139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x210a7 @ 0x100210a7
aeaacc4da7ea15de0224d4c3e3456ce0+0x1904c @ 0x1001904c
aeaacc4da7ea15de0224d4c3e3456ce0+0x5be5 @ 0x10005be5
aeaacc4da7ea15de0224d4c3e3456ce0+0x6398 @ 0x10006398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637784
registers.edi: 4
registers.eax: 1985273620
registers.ebp: 1637816
registers.edx: 37426536
registers.ebx: 1637832
registers.esi: 127
registers.ecx: 1637812
exception.instruction_r: cc c3 85 c0 75 1b e8 52 a5 fe ff 85 c0 74 12 57
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x21023
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 135203
exception.address: 0x10021023
success 0 0
1619826885.072139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x210a7 @ 0x100210a7
aeaacc4da7ea15de0224d4c3e3456ce0+0x1904c @ 0x1001904c
aeaacc4da7ea15de0224d4c3e3456ce0+0x5be5 @ 0x10005be5
aeaacc4da7ea15de0224d4c3e3456ce0+0x6398 @ 0x10006398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637788
registers.edi: 4
registers.eax: 1985273800
registers.ebp: 1637816
registers.edx: 37426536
registers.ebx: 1637832
registers.esi: 6042296
registers.ecx: 37426616
exception.instruction_r: cc c3 85 f6 74 1d 83 fe ff 74 18 68 b3 f6 62 59
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x2105e
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 135262
exception.address: 0x1002105e
success 0 0
1619826885.072139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x210a7 @ 0x100210a7
aeaacc4da7ea15de0224d4c3e3456ce0+0x1904c @ 0x1001904c
aeaacc4da7ea15de0224d4c3e3456ce0+0x5be5 @ 0x10005be5
aeaacc4da7ea15de0224d4c3e3456ce0+0x6398 @ 0x10006398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637792
registers.edi: 4
registers.eax: 1985274148
registers.ebp: 1637816
registers.edx: 37426536
registers.ebx: 1637832
registers.esi: 6042296
registers.ecx: 37426640
exception.instruction_r: cc c3 5e 5f 5b 8b e5 5d c3 cc cc cc cc cc cc cc
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x2107f
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 135295
exception.address: 0x1002107f
success 0 0
1619826885.072139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x210a7 @ 0x100210a7
aeaacc4da7ea15de0224d4c3e3456ce0+0x1904c @ 0x1001904c
aeaacc4da7ea15de0224d4c3e3456ce0+0x5be5 @ 0x10005be5
aeaacc4da7ea15de0224d4c3e3456ce0+0x6398 @ 0x10006398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637784
registers.edi: 4
registers.eax: 1985273620
registers.ebp: 1637816
registers.edx: 37426536
registers.ebx: 1637832
registers.esi: 127
registers.ecx: 1637812
exception.instruction_r: cc c3 85 c0 75 1b e8 52 a5 fe ff 85 c0 74 12 57
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x21023
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 135203
exception.address: 0x10021023
success 0 0
1619826885.072139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x210a7 @ 0x100210a7
aeaacc4da7ea15de0224d4c3e3456ce0+0x1904c @ 0x1001904c
aeaacc4da7ea15de0224d4c3e3456ce0+0x5be5 @ 0x10005be5
aeaacc4da7ea15de0224d4c3e3456ce0+0x6398 @ 0x10006398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637788
registers.edi: 4
registers.eax: 1985273800
registers.ebp: 1637816
registers.edx: 37426536
registers.ebx: 1637832
registers.esi: 6042296
registers.ecx: 37426616
exception.instruction_r: cc c3 85 f6 74 1d 83 fe ff 74 18 68 b3 f6 62 59
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x2105e
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 135262
exception.address: 0x1002105e
success 0 0
1619826885.072139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x210a7 @ 0x100210a7
aeaacc4da7ea15de0224d4c3e3456ce0+0x1904c @ 0x1001904c
aeaacc4da7ea15de0224d4c3e3456ce0+0x5be5 @ 0x10005be5
aeaacc4da7ea15de0224d4c3e3456ce0+0x6398 @ 0x10006398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637792
registers.edi: 4
registers.eax: 1985274148
registers.ebp: 1637816
registers.edx: 37426536
registers.ebx: 1637832
registers.esi: 6042296
registers.ecx: 37426640
exception.instruction_r: cc c3 5e 5f 5b 8b e5 5d c3 cc cc cc cc cc cc cc
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x2107f
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 135295
exception.address: 0x1002107f
success 0 0
1619826885.072139
__exception__
stacktrace: 
aeaacc4da7ea15de0224d4c3e3456ce0+0x210a7 @ 0x100210a7
aeaacc4da7ea15de0224d4c3e3456ce0+0x1904c @ 0x1001904c
aeaacc4da7ea15de0224d4c3e3456ce0+0x5be5 @ 0x10005be5
aeaacc4da7ea15de0224d4c3e3456ce0+0x6398 @ 0x10006398
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637784
registers.edi: 4
registers.eax: 1985273620
registers.ebp: 1637816
registers.edx: 37426536
registers.ebx: 1637832
registers.esi: 127
registers.ecx: 1637812
exception.instruction_r: cc c3 85 c0 75 1b e8 52 a5 fe ff 85 c0 74 12 57
exception.symbol: aeaacc4da7ea15de0224d4c3e3456ce0+0x21023
exception.instruction: int3
exception.module: aeaacc4da7ea15de0224d4c3e3456ce0.exe
exception.exception_code: 0x80000003
exception.offset: 135203
exception.address: 0x10021023
success 0 0
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (1 个事件)
Time & API Arguments Status Return Repeated
1619826884.963139
NtAllocateVirtualMemory
process_identifier: 3068
region_size: 24576
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x00360000
success 0 0
The binary likely contains encrypted or compressed data indicative of a packer (3 个事件)
entropy 7.9584454229008665 section {'size_of_data': '0x00024000', 'virtual_address': '0x00007000', 'entropy': 7.9584454229008665, 'name': 'CODE', 'virtual_size': '0x0002365d'} description A section with a high entropy has been found
entropy 7.955098734015196 section {'size_of_data': '0x00009000', 'virtual_address': '0x0002b000', 'entropy': 7.955098734015196, 'name': 'data', 'virtual_size': '0x00008fd6'} description A section with a high entropy has been found
entropy 0.7627118644067796 description Overall entropy of this PE file is high
网络通信
Communicates with host for which no DNS query was performed (1 个事件)
host 172.217.24.14
Tries to unhook Windows functions monitored by Cuckoo (1 个事件)
Time & API Arguments Status Return Repeated
1619826922.353139
__anomaly__
subcategory: exception
tid: 1432
message: Encountered 65537 exceptions, quitting.
function_name:
success 0 0
File has been identified by 40 AntiVirus engines on VirusTotal as malicious (40 个事件)
Bkav W32.AIDetect.malware2
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.Agent.EQLH
Cylance Unsafe
K7AntiVirus Trojan ( 00549d461 )
BitDefender Trojan.Agent.EQLH
K7GW Trojan ( 00549d461 )
Cybereason malicious.da7ea1
BitDefenderTheta Gen:NN.ZexaF.34608.pC0@amhIkT2S
Cyren W32/Dridex.AA.gen!Eldorado
Symantec Trojan.Emotet
ESET-NOD32 a variant of Win32/Kryptik.HEOF
APEX Malicious
ClamAV Win.Malware.Agent-7787935-0
Alibaba Backdoor:Win32/Dridex.4d4a33fa
AegisLab Trojan.Win32.Zenpak.4!c
Rising Trojan.Dridex!8.33B (CLOUD)
Ad-Aware Trojan.Agent.EQLH
Comodo Malware@#36kmvishl3aib
FireEye Generic.mg.aeaacc4da7ea15de
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.101117647.susgen
Avira HEUR/AGEN.1138487
MAX malware (ai score=82)
Antiy-AVL Trojan/Win32.Casur
Gridinsoft Trojan.Win32.Kryptik.ba
Arcabit Trojan.Agent.EQLH
GData Trojan.Agent.EQLH
Cynet Malicious (score: 100)
VBA32 TScope.Malware-Cryptor.SB
ALYac Spyware.Banker.Dridex
Malwarebytes Trojan.Crypt
Tencent Malware.Win32.Gencirc.116f93ce
Ikarus Trojan.Win32.Crypt
Fortinet W32/GenKryptik.EJPK!tr
Webroot W32.Trojan.Gen
AVG Win32:TrojanX-gen [Trj]
Paloalto generic.ml
CrowdStrike win/malicious_confidence_100% (W)
Qihoo-360 Win32/Trojan.Zenpak.HxQBfgIA
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-05-11 06:36:05

Imports

Library KERNEL32.dll:
0x10004020 WaitNamedPipeW
0x10004024 CloseHandle
0x10004028 GetModuleFileNameA
0x1000402c LoadLibraryA
0x10004030 GetLastError
Library GDI32.dll:
0x10004010 GetArcDirection
Library SHLWAPI.dll:
0x1000406c SHGetValueA
0x10004070 SHQueryValueExA
Library POWRPROF.dll:
0x10004048 SetActivePwrScheme
Library COMDLG32.dll:
0x10004008 PageSetupDlgA
Library ole32.dll:
0x10004088 CoSwitchCallContext
Library USER32.dll:
0x10004078 SendMessageW
Library IPHLPAPI.DLL:
0x10004018 NotifyAddrChange
Library SHELL32.dll:
0x10004060 SHFormatDrive
0x10004064 ShellExecuteExW
Library OLEAUT32.dll:
0x10004038 VarI2FromDate
0x1000403c SafeArrayPutElement
0x10004040 VarUI2FromStr
Library WS2_32.dll:
0x10004080 WSASetLastError
Library ADVAPI32.dll:
0x10004000 GetInheritanceSourceW
Library SETUPAPI.dll:

Exports

Ordinal Address Name
1 0x100041e8 DfptmfEfG46

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 49235 114.114.114.114 53
192.168.56.101 50534 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 58367 114.114.114.114 53
192.168.56.101 65004 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 55368 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 60123 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 56540 239.255.255.250 3702
192.168.56.101 56807 239.255.255.250 1900
192.168.56.101 58368 239.255.255.250 3702
192.168.56.101 58707 239.255.255.250 3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.