Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	June 17, 2021, 1:42 p.m.	June 17, 2021, 1:44 p.m.

Size	386.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`dbf34c56d244279f0e989540fbd6cda2`
SHA256	`9d5fcdce98c1941ed2f933cd3aaf579176c02efffd86e99b19bbd3e85ed8326a`
CRC32	`02445EE7`
ssdeep	`12288:UORnE20Wj63mL9i+AByvxTltZfs7B5DE:vE201mimvxTh0zE`
PDB Path	C:\gamog-nalirupo84\fareladewon\dey_94 ler.pdb
Yara	Raccoon_Stealer_1_Zero - Raccoon Stealer PE_Header_Zero - PE File Signature OS_Processor_Check_Zero - OS Processor Check IsPE32 - (no description)

gfers.exe "C:\Users\test22\AppData\Local\Temp\gfers.exe"
2232

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

C:\gamog-nalirupo84\fareladewon\dey_94 ler.pdb

One or more processes crashed (50 out of 65536 events)

Time & API	Arguments	Status
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1
__exception__ June 17, 2021, 1:42 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 _CallPattern@8+0x47e gfers+0x3ff7e @ 0x43ff7e _CallPattern@8+0x13f0 gfers+0x40ef0 @ 0x440ef0 _hiduk@8-0x3e32b gfers+0x17a5 @ 0x4017a5 _hiduk@8-0x3e4a1 gfers+0x162f @ 0x40162f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1628868 registers.edi: 2883584 registers.eax: 4294967288 registers.ebp: 1628912 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 2883584	1

Allocates read-write-execute memory (usually to unpack itself) (1 event)

Time & API	Arguments	Status	Return	Repeated
NtProtectVirtualMemory June 17, 2021, 1:42 p.m.	process_identifier: 2232 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 length: 139264 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x002dc000 process_handle: 0xffffffff	1	0	0

The binary likely contains encrypted or compressed data indicative of a packer (2 events)

section

{u'size_of_data': u'0x00048c00', u'virtual_address': u'0x00001000', u'entropy': 7.407933636405, u'name': u'.text', u'virtual_size': u'0x00048a70'}

entropy

7.4079336364

description

A section with a high entropy has been found

entropy

0.755844155844

description

Overall entropy of this PE file is high

Tries to unhook Windows functions monitored by Cuckoo (1 event)

Time & API	Arguments	Status	Return	Repeated
__anomaly__ June 17, 2021, 1:42 p.m.	tid: 1108 message: Encountered 65537 exceptions, quitting. subcategory: exception function_name:	1	0	0

File has been identified by 30 AntiVirus engines on VirusTotal as malicious (30 events)

Bkav	W32.AIDetect.malware1
Elastic	malicious (high confidence)
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
Cybereason	malicious.3e3e47
BitDefenderTheta	Gen:NN.ZexaF.34738.yuW@a8eWCyKG
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.HLKA
Avast	Win32:PWSX-gen [Trj]
Kaspersky	UDS:Trojan-Spy.Win32.Stealer.gen
Paloalto	generic.ml
AegisLab	Trojan.Win32.Malicious.4!c
APEX	Malicious
Sophos	ML/PE-A + Troj/Kryptik-TR
McAfee-GW-Edition	BehavesLike.Win32.Trojan.fc
FireEye	Generic.mg.dbf34c56d244279f
Emsisoft	Trojan.Agent (A)
Ikarus	Trojan.Win32.Ranumbot
Jiangmin	Trojan.PSW.Racealer.cln
Webroot	W32.Trojan.Gen
Microsoft	Trojan:Win32/Azorult.RW!MTB
Gridinsoft	Trojan.Win32.Packed.lu!heur
GData	MSIL.Trojan-Stealer.NetSteal.0MF35T
Cynet	Malicious (score: 100)
Acronis	suspicious
McAfee	RDN/Generic.grp
SentinelOne	Static AI - Suspicious PE
MaxSecure	Trojan.Malware.300983.susgen
AVG	Win32:PWSX-gen [Trj]
CrowdStrike	win/malicious_confidence_100% (W)

gfers.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All