Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	June 22, 2021, 9:30 a.m.	June 22, 2021, 9:33 a.m.

Size	508.5KB
Type	PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
MD5	`4e5fc6111da7ec4512257864ded2f43b`
SHA256	`9337cbb204dce3fea34177b596716d98f9af75e73c5e35f98254ee22a40383c5`
CRC32	`112DAF7A`
ssdeep	`12288:wn0L1zaGC6aKiUulRnRJRwesnWPyNCNnQ:w0LRFCmu3nGW6NanQ`
Yara	PE_Header_Zero - PE File Signature IsPE64 - (no description) IsDLL - (no description)

rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,StartW
732
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,StartW
  900
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,_cgo_dummy_export
1772
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,_cgo_dummy_export
  2212
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,aekxcpamk
1536
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,aekxcpamk
  1444
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,avugtzedva
2112
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,avugtzedva
  2324
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,baszevtrfyzp
1348
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,baszevtrfyzp
  2412
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,btirtszhsdofa
1240
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,btirtszhsdofa
  2936
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,cdjfyhjjvrs
2020
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,cdjfyhjjvrs
  2680
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,cffrihrojxkmw
1332
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,cffrihrojxkmw
  1940
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,cgxcrnhotwsaglpdx
2656
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,cgxcrnhotwsaglpdx
  1164
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,cmfjrlthtv
1120
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,cmfjrlthtv
  3140
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,cpdiudkvxrelb
1340
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,cpdiudkvxrelb
  3496
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,ctxreelcfjdezjefr
3324
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,ctxreelcfjdezjefr
  3768
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,ddsvfvqn
3472
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,ddsvfvqn
  3840
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,dftkfwtqd
3676
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,dftkfwtqd
  3976
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,djqnbighatygzbyph
3824
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,djqnbighatygzbyph
  3156
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,dkoolzw
3968
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,dkoolzw
  3580
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,elvqsrzdp
3100
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,elvqsrzdp
  3852
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,fgplhvdrjz
3832
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,fgplhvdrjz
  4052
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,fdedputeeqxudssod
3492
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,fdedputeeqxudssod
  3532
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,fkoumwnmwimykbxho
2800
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,fkoumwnmwimykbxho
  3828
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,flviyhl
3880
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,flviyhl
  3540
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,gcjrqzhfi
3752
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,gcjrqzhfi
  4192
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,gixtvbh
3724
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,gixtvbh
  4440
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,gmueieigy
4184
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,gmueieigy
  4552
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,gpixdoyeew
4324
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,gpixdoyeew
  4680
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,grpnpgrwzttkysi
4500
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,grpnpgrwzttkysi
  4812
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,hlkjnzufnw
4672
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,hlkjnzufnw
  5116
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,hmubthrmzz
4892
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,hmubthrmzz
  4264
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,hvtxhlakvi
4984
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,hvtxhlakvi
  4480
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,iuytelpdilpqehp
4136
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,iuytelpdilpqehp
  4912
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,izxobtig
4472
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,izxobtig
  4428
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,jonkqxlonl
4740
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,jonkqxlonl
  4468
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,kbuulczjahek
3720
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,kbuulczjahek
  4168
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,kdwnidb
4700
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,kdwnidb
  4452
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,kgknjas
3428
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,kgknjas
  4752
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,knfxydlhusmf
3896
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,knfxydlhusmf
  4760
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,kqakfnjl
4960
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,kqakfnjl
  5224
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,kylxdtj
4164
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,kylxdtj
  5252
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,lbueqvfvz
5140
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,lbueqvfvz
  5548
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,lflbkeapyc
5340
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,lflbkeapyc
  5636
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,lfpqaqkxkegxxwpwr
5464
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,lfpqaqkxkegxxwpwr
  5884
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,lidbsisjybnrgjtkk
5672
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,lidbsisjybnrgjtkk
  6008
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,llpydhwbcbaomldym
5788
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,llpydhwbcbaomldym
  5240
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,lyzgerjrvqhjb
5916
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,lyzgerjrvqhjb
  4644
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,mqvhnafrvmo
6100
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,mqvhnafrvmo
  5700
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,mwnaxnblaajnrhqts
5308
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,mwnaxnblaajnrhqts
  5152
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,nampkebwdggf
5652
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,nampkebwdggf
  4524
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,ofgbvvddun
5856
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,ofgbvvddun
  5476
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,okwtcsvetfefzqsp
6056
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,okwtcsvetfefzqsp
  4308
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,oydjhjeyydtgpxl
5532
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,oydjhjeyydtgpxl
  5372
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,oyokgbqeqjtk
5784
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,oyokgbqeqjtk
  5304
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,pjodfqtkyzvzhqfw
6124
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,pjodfqtkyzvzhqfw
  6080
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,ppscmrccuzylnh
5824
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,ppscmrccuzylnh
  5460
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,prlxglqdatwucmyxh
5984
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,prlxglqdatwucmyxh
  6400
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,pupupatc
4796
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,pupupatc
  6500
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,qrvizuhylmxdk
6256
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,qrvizuhylmxdk
  6660
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,rodvcrhwrmzasg
6348
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,rodvcrhwrmzasg
  6768
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,rwdhplglkilknfvp
6616
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,rwdhplglkilknfvp
  6924
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,ruutqdxl
6492
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,ruutqdxl
  6980
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,sdysqiuo
6756
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,sdysqiuo
  7056
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,sqwmcucwoez
6896
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,sqwmcucwoez
  6272
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,tlxkqgrf
7064
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,tlxkqgrf
  6528
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,tnmrozaqm
5756
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,tnmrozaqm
  6588
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,tzqoerepgnr
6288
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,tzqoerepgnr
  6724
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,uoqzdvihfcepsq
6420
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,uoqzdvihfcepsq
  7016
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,vbsnsxjgwhml
6688
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,vbsnsxjgwhml
  6876
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,vhxtiovrha
6752
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,vhxtiovrha
  6252
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,vscbtycbrow
7032
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,vscbtycbrow
  6696
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,vynypsszqjxyle
6172
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,vynypsszqjxyle
  5228
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,wosivzctwsxaxnfm
6380
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,wosivzctwsxaxnfm
  6284
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,wpiowxx
6956
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,wpiowxx
  6652
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,wqadekkq
6816
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,wqadekkq
  6596
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,xvwozmjipkpl
5772
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,xvwozmjipkpl
  6840
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,yanagsmsseor
4016
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,yanagsmsseor
  6828
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,xyegimmkl
6732
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,xyegimmkl
  5200
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,ycbrjhifxyhovie
6328
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,ycbrjhifxyhovie
  7036
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,ydazjoruuwwgbq
6148
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,ydazjoruuwwgbq
  6644
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,ypgotfngylypaaohq
6560
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,ypgotfngylypaaohq
  6612
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,zhyiamorbu
5452
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,zhyiamorbu
  7216
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\GT2pFbB.dll,
6448

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

The executable contains unknown PE section names indicative of a packer (could be a false positive) (3 events)

section	yxvzqhkd
section	djeplsyp
section	bxldypey

One or more processes crashed (50 out of 79 events)

Time & API	Arguments	Status
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 2679896 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 2685184 registers.r11: 1 registers.r8: 64 registers.r9: 3170528 registers.rdx: 2681240 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 2679576 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1303544 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1308832 registers.r11: 1 registers.r8: 64 registers.r9: 3694816 registers.rdx: 1304888 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1303224 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1959448 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1964736 registers.r11: 1 registers.r8: 64 registers.r9: 3039456 registers.rdx: 1960792 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1959128 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1501960 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1507248 registers.r11: 1 registers.r8: 64 registers.r9: 4219104 registers.rdx: 1503304 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1501640 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 2287368 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 2292656 registers.r11: 1 registers.r8: 64 registers.r9: 4481248 registers.rdx: 2288712 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 2287048 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1173240 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1178528 registers.r11: 1 registers.r8: 64 registers.r9: 5005536 registers.rdx: 1174584 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1172920 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1435080 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1440368 registers.r11: 1 registers.r8: 64 registers.r9: 5333216 registers.rdx: 1436424 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1434760 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 2745784 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 2751072 registers.r11: 1 registers.r8: 64 registers.r9: 7430368 registers.rdx: 2747128 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 2745464 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1436040 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1441328 registers.r11: 1 registers.r8: 64 registers.r9: 2318560 registers.rdx: 1437384 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1435720 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1369832 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1375120 registers.r11: 1 registers.r8: 64 registers.r9: 155872 registers.rdx: 1371176 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1369512 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 2615048 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 2620336 registers.r11: 1 registers.r8: 64 registers.r9: 4153568 registers.rdx: 2616392 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 2614728 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1174152 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1179440 registers.r11: 1 registers.r8: 64 registers.r9: 2253024 registers.rdx: 1175496 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1173832 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1238168 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1243456 registers.r11: 1 registers.r8: 64 registers.r9: 5267680 registers.rdx: 1239512 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1237848 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1828776 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1834064 registers.r11: 1 registers.r8: 64 registers.r9: 2842848 registers.rdx: 1830120 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1828456 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 2679992 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 2685280 registers.r11: 1 registers.r8: 64 registers.r9: 7233760 registers.rdx: 2681336 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 2679672 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1566712 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1572000 registers.r11: 1 registers.r8: 64 registers.r9: 5333216 registers.rdx: 1568056 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1566392 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1041992 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1047280 registers.r11: 1 registers.r8: 64 registers.r9: 3498208 registers.rdx: 1043336 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1041672 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1960200 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1965488 registers.r11: 1 registers.r8: 64 registers.r9: 2384096 registers.rdx: 1961544 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1959880 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 975848 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 981136 registers.r11: 1 registers.r8: 64 registers.r9: 4481248 registers.rdx: 977192 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 975528 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1697432 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1702720 registers.r11: 1 registers.r8: 64 registers.r9: 2056416 registers.rdx: 1698776 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1697112 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 2287896 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 2293184 registers.r11: 1 registers.r8: 64 registers.r9: 1204448 registers.rdx: 2289240 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 2287576 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1631800 registers.rsi: 0 registers.r10: 226 registers.rbx: 0 registers.rsp: 1637088 registers.r11: 1 registers.r8: 64 registers.r9: 5668496 registers.rdx: 1633144 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1631480 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1958904 registers.rsi: 0 registers.r10: 226 registers.rbx: 0 registers.rsp: 1964192 registers.r11: 1 registers.r8: 64 registers.r9: 5734032 registers.rdx: 1960248 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1958584 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 2549032 registers.rsi: 0 registers.r10: 226 registers.rbx: 0 registers.rsp: 2554320 registers.r11: 1 registers.r8: 64 registers.r9: 5996176 registers.rdx: 2550376 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 2548712 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 977368 registers.rsi: 0 registers.r10: 226 registers.rbx: 0 registers.rsp: 982656 registers.r11: 1 registers.r8: 64 registers.r9: 6586000 registers.rdx: 978712 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 977048 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 2156648 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 2161936 registers.r11: 1 registers.r8: 64 registers.r9: 5071072 registers.rdx: 2157992 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 2156328 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 714600 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 719888 registers.r11: 1 registers.r8: 64 registers.r9: 2121952 registers.rdx: 715944 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 714280 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 910664 registers.rsi: 0 registers.r10: 226 registers.rbx: 0 registers.rsp: 915952 registers.r11: 1 registers.r8: 64 registers.r9: 4947600 registers.rdx: 912008 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 910344 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 2156488 registers.rsi: 0 registers.r10: 226 registers.rbx: 0 registers.rsp: 2161776 registers.r11: 1 registers.r8: 64 registers.r9: 5930640 registers.rdx: 2157832 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 2156168 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1434936 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1440224 registers.r11: 1 registers.r8: 64 registers.r9: 5071072 registers.rdx: 1436280 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1434616 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1106824 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1112112 registers.r11: 1 registers.r8: 64 registers.r9: 5464288 registers.rdx: 1108168 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1106504 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1435544 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1440832 registers.r11: 1 registers.r8: 64 registers.r9: 5202144 registers.rdx: 1436888 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1435224 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1697240 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1702528 registers.r11: 1 registers.r8: 64 registers.r9: 5529824 registers.rdx: 1698584 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1696920 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 911208 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 916496 registers.r11: 1 registers.r8: 64 registers.r9: 7168224 registers.rdx: 912552 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 910888 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1435400 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1440688 registers.r11: 1 registers.r8: 64 registers.r9: 6512864 registers.rdx: 1436744 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1435080 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 2614728 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 2620016 registers.r11: 1 registers.r8: 64 registers.r9: 8806624 registers.rdx: 2616072 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 2614408 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1239688 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1244976 registers.r11: 1 registers.r8: 64 registers.r9: 6643936 registers.rdx: 1241032 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1239368 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 715384 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 720672 registers.r11: 1 registers.r8: 64 registers.r9: 3563744 registers.rdx: 716728 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 715064 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1173768 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1179056 registers.r11: 1 registers.r8: 64 registers.r9: 6381792 registers.rdx: 1175112 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1173448 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 977464 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 982752 registers.r11: 1 registers.r8: 64 registers.r9: 5529824 registers.rdx: 978808 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 977144 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 911128 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 916416 registers.r11: 1 registers.r8: 64 registers.r9: 4940000 registers.rdx: 912472 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 910808 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 2091352 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 2096640 registers.r11: 1 registers.r8: 64 registers.r9: 1204448 registers.rdx: 2092696 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 2091032 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 2483656 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 2488944 registers.r11: 1 registers.r8: 64 registers.r9: 1794272 registers.rdx: 2485000 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 2483336 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1829400 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1834688 registers.r11: 1 registers.r8: 64 registers.r9: 4677856 registers.rdx: 1830744 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1829080 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 2417960 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 2423248 registers.r11: 1 registers.r8: 64 registers.r9: 1466592 registers.rdx: 2419304 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 2417640 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 2286936 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 2292224 registers.r11: 1 registers.r8: 64 registers.r9: 6906080 registers.rdx: 2288280 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 2286616 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1696824 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1702112 registers.r11: 1 registers.r8: 64 registers.r9: 1794272 registers.rdx: 1698168 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1696504 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 781080 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 786368 registers.r11: 1 registers.r8: 64 registers.r9: 5267680 registers.rdx: 782424 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 780760 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 1108584 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 1113872 registers.r11: 1 registers.r8: 64 registers.r9: 5464288 registers.rdx: 1109928 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 1108264 registers.r13: 0	1
__exception__ June 22, 2021, 9:23 a.m.	stacktrace: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 @ 0x77210895 stacktrace+0x84 memdup-0x1af @ 0x74420470 hook_in_monitor+0x45 lde-0x133 @ 0x744142ea New_kernel32_CreateThread+0x29 New_kernel32_CreateToolhelp32Snapshot-0x136 @ 0x7442a013 _beginthread+0xab _vcprintf_l-0x12e5 msvcrt+0x4c4db @ 0x7fefdadc4db flviyhl+0xb10 _cgo_dummy_export-0xfa180 gt2pfbb+0x729a0 @ 0x7fef19f29a0 StartW-0xfda2 gt2pfbb+0x608be @ 0x7fef19e08be flviyhl+0x6f79 _cgo_dummy_export-0xf3d17 gt2pfbb+0x78e09 @ 0x7fef19f8e09 flviyhl+0x5d72 _cgo_dummy_export-0xf4f1e gt2pfbb+0x77c02 @ 0x7fef19f7c02 StartW-0x6f39f gt2pfbb+0x12c1 @ 0x7fef19812c1 TpAllocTimer+0xb08 RtlInitializeCriticalSectionEx-0x318 ntdll+0x3b0d8 @ 0x771fb0d8 RtlCreateUnicodeStringFromAsciiz+0xea LdrLoadDll-0x246 ntdll+0x2784a @ 0x771e784a LdrLoadDll+0x9e RtlOpenCurrentUser-0x442 ntdll+0x27b2e @ 0x771e7b2e New_ntdll_LdrLoadDll+0xaf New_ntdll_LdrUnloadDll-0xd9 @ 0x7442f9f8 LoadLibraryExW+0x19c FreeSid-0xa4 kernelbase+0xa05c @ 0x7fefd6da05c rundll32+0x2b50 @ 0xff222b50 rundll32+0x2e6a @ 0xff222e6a rundll32+0x3b7a @ 0xff223b7a BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76e5652d RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x771ec521 exception.instruction_r: 0f ae 81 00 01 00 00 0f 29 81 a0 01 00 00 0f 29 exception.symbol: RtlCaptureContext+0x85 RtlRestoreContext-0xaa ntdll+0x50895 exception.address: 0x77210895 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 329877 registers.r14: 0 registers.r15: 0 registers.rcx: 2745304 registers.rsi: 0 registers.r10: 158 registers.rbx: 0 registers.rsp: 2750592 registers.r11: 1 registers.r8: 64 registers.r9: 5071072 registers.rdx: 2746648 registers.r12: 0 registers.rbp: 0 registers.rdi: 0 registers.rax: 2744984 registers.r13: 0	1

File has been identified by 3 AntiVirus engines on VirusTotal as malicious (3 events)

Paloalto	generic.ml
Gridinsoft	Trojan.Heur!.032120E2
APEX	Malicious

The binary likely contains encrypted or compressed data indicative of a packer (2 events)

section

{u'size_of_data': u'0x0007e600', u'virtual_address': u'0x000fc000', u'entropy': 7.90697385926923, u'name': u'djeplsyp', u'virtual_size': u'0x0007f000'}

entropy

7.90697385927

description

A section with a high entropy has been found

entropy

0.995078740157

description

Overall entropy of this PE file is high

GT2pFbB.dll

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All