Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	June 15, 2021, 10:08 p.m.	June 15, 2021, 10:11 p.m.

Size	260.5KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`74084608256e6e4c3434d17217d0993a`
SHA256	`d944f7f322c1ae6f36f76069e6c9351d5b19e108b26460cb903aacd115975dfc`
CRC32	`B69639EB`
ssdeep	`6144:+KUTMcenlwyBfnxtBOL+JHKKQz6MFn6bkT:+DTMPnjfnxtBOL7Pz6A6`
PDB Path	C:\fexibojoxipi\nixumi_96 n.pdb
Yara	PE_Header_Zero - PE File Signature Generic_Malware_Zero - Generic Malware Malicious_Packer_Zero - Malicious Packer OS_Processor_Check_Zero - OS Processor Check IsPE32 - (no description)

covid.exe "C:\Users\test22\AppData\Local\Temp\covid.exe"
3332

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
172.217.25.14	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

C:\fexibojoxipi\nixumi_96 n.pdb

The file contains an unknown PE resource name possibly indicative of a packer (3 events)

resource name	JOM
resource name	RARUNAMA
resource name	ZEJAZUCOBUDILODUZOKO

One or more processes crashed (50 out of 65536 events)

Time & API	Arguments	Status
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1
__exception__ June 15, 2021, 10:08 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x4a3 covid+0x2b913 @ 0x42b913 _CallPattern@8+0x13d2 covid+0x2c842 @ 0x42c842 _CallPattern@8-0x29cfe covid+0x1772 @ 0x401772 _CallPattern@8-0x29e51 covid+0x161f @ 0x40161f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1631784 registers.edi: 6160384 registers.eax: 4294967288 registers.ebp: 1631828 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 6160384	1

Allocates read-write-execute memory (usually to unpack itself) (1 event)

Time & API	Arguments	Status	Return	Repeated
NtProtectVirtualMemory June 15, 2021, 10:08 p.m.	process_identifier: 3332 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 length: 36864 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x005fc000 process_handle: 0xffffffff	1	0	0

The binary likely contains encrypted or compressed data indicative of a packer (2 events)

section

{u'size_of_data': u'0x0002ba00', u'virtual_address': u'0x00001000', u'entropy': 6.863788383885389, u'name': u'.text', u'virtual_size': u'0x0002b95b'}

entropy

6.86378838389

description

A section with a high entropy has been found

entropy

0.672447013487

description

Overall entropy of this PE file is high

Communicates with host for which no DNS query was performed (1 event)

host

172.217.25.14

Tries to unhook Windows functions monitored by Cuckoo (1 event)

Time & API	Arguments	Status	Return	Repeated
__anomaly__ June 15, 2021, 10:09 p.m.	tid: 8564 message: Encountered 65537 exceptions, quitting. subcategory: exception function_name:	1	0	0

File has been identified by 51 AntiVirus engines on VirusTotal as malicious (50 out of 51 events)

Bkav	W32.AIDetect.malware1
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKDZ.75723
CAT-QuickHeal	Trojan.Zenpak
ALYac	Trojan.GenericKDZ.75723
Malwarebytes	Trojan.MalPack.GS
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 0057dbd01 )
BitDefender	Trojan.GenericKDZ.75723
K7GW	Trojan ( 0057dbd01 )
Cybereason	malicious.08ae75
Cyren	W32/Kryptik.EED.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.HLFW
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Malware.Generic-9869449-0
Kaspersky	HEUR:Trojan.Win32.Zenpak.gen
Alibaba	Trojan:Win32/Azorult.415d7950
Ad-Aware	Trojan.GenericKDZ.75723
Sophos	Mal/Generic-R + Troj/Kryptik-TR
TrendMicro	TROJ_GEN.R002C0RF821
McAfee-GW-Edition	BehavesLike.Win32.Generic.dh
FireEye	Generic.mg.74084608256e6e4c
Emsisoft	Trojan.GenericKDZ.75723 (B)
Ikarus	Trojan.Win32.Crypt
Jiangmin	Trojan.PSW.Racealer.cln
Webroot	W32.Trojan.Gen
Avira	TR/Crypt.Agent.msnci
MAX	malware (ai score=83)
Microsoft	Trojan:Win32/Azorult.ML!MTB
Gridinsoft	Trojan.Win32.Packed.lu!heur
Arcabit	Trojan.Generic.D127CB
GData	Trojan.GenericKDZ.75723
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Glupteba.R424682
Acronis	suspicious
McAfee	Packed-GDT!74084608256E
VBA32	BScope.Backdoor.Agent
Cylance	Unsafe
Panda	Trj/GdSda.A
TrendMicro-HouseCall	TROJ_GEN.R002C0RF821
Rising	Trojan.Kryptik!1.D63F (CLASSIC)
SentinelOne	Static AI - Malicious PE
Fortinet	W32/Kryptik.HLFH!tr
BitDefenderTheta	Gen:NN.ZexaF.34738.qqW@aKlyUefG
AVG	Win32:DropperX-gen [Drp]
Avast	Win32:DropperX-gen [Drp]
CrowdStrike	win/malicious_confidence_100% (W)

covid.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All