Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	June 24, 2021, 7:06 p.m.	June 24, 2021, 8:18 p.m.

Size	4.5MB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`fd21878da4856b1d35cc873540d7f6f2`
SHA256	`644ac8a4124578b48412c2c5bd65b4be358fc6b1b99b035327fe1a04b41aabc1`
CRC32	`84F75AF1`
ssdeep	`98304:yhVEnPmR4+F2I5dX+SHpoWICIbeMiJ/SZEuQWVpI8ng1y2i:yInPmR/Fn575jIe/puQWzIP1`
PDB Path	C:\levazopuka\hepa.pdb
Yara	PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check IsPE32 - (no description)

proxy-IRXC-setup.exe "C:\Users\test22\AppData\Local\Temp\proxy-IRXC-setup.exe"
2548

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

C:\levazopuka\hepa.pdb

The file contains an unknown PE resource name possibly indicative of a packer (1 event)

resource name

AFX_DIALOG_LAYOUT

One or more processes crashed (50 out of 65536 events)

Time & API	Arguments	Status
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 50379624 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1
__exception__ June 24, 2021, 7:06 p.m.	stacktrace: LocalFlags+0x50 LocalHandle-0xee kernel32+0x831df @ 0x757a31df _CallPattern@8+0x488 proxy-irxc-setup+0x457aa8 @ 0x857aa8 _CallPattern@8+0x13f0 proxy-irxc-setup+0x458a10 @ 0x858a10 _CallPattern@8-0x4560ca proxy-irxc-setup+0x1556 @ 0x401556 _CallPattern@8-0x456241 proxy-irxc-setup+0x13df @ 0x4013df BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1626888 registers.edi: 15073280 registers.eax: 4294967288 registers.ebp: 1626940 registers.edx: 998 registers.ebx: 0 registers.esi: 0 registers.ecx: 1868	1

Allocates read-write-execute memory (usually to unpack itself) (1 event)

Time & API	Arguments	Status	Return	Repeated
NtProtectVirtualMemory June 24, 2021, 7:06 p.m.	process_identifier: 2548 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 length: 4440064 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02bd0000 process_handle: 0xffffffff	1	0	0

The binary likely contains encrypted or compressed data indicative of a packer (2 events)

section

{u'size_of_data': u'0x00460200', u'virtual_address': u'0x00001000', u'entropy': 7.995676788051564, u'name': u'.text', u'virtual_size': u'0x004600e0'}

entropy

7.99567678805

description

A section with a high entropy has been found

entropy

0.964689417591

description

Overall entropy of this PE file is high

Tries to unhook Windows functions monitored by Cuckoo (1 event)

Time & API	Arguments	Status	Return	Repeated
__anomaly__ June 24, 2021, 7:06 p.m.	tid: 1868 message: Encountered 65537 exceptions, quitting. subcategory: exception function_name:	1	0	0

File has been identified by 23 AntiVirus engines on VirusTotal as malicious (23 events)

Elastic	malicious (high confidence)
FireEye	Generic.mg.fd21878da4856b1d
McAfee	Packed-GDT!FD21878DA485
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Riskware ( 0040eff71 )
K7GW	Riskware ( 0040eff71 )
CrowdStrike	win/malicious_confidence_90% (D)
BitDefenderTheta	Gen:NN.ZexaF.34758.@xW@aGbAUXpG
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
Rising	Trojan.Generic@ML.94 (RDML:o+p3io23WIrE178DddkNWg)
McAfee-GW-Edition	BehavesLike.Win32.Lockbit.rc
SentinelOne	Static AI - Suspicious PE
Jiangmin	Trojan.Zenpak.hpk
MaxSecure	Trojan.Malware.300983.susgen
Gridinsoft	Trojan.Win32.Packed.lu!heur
Microsoft	Trojan:Win32/Azorult.RTH!MTB
Cynet	Malicious (score: 100)
VBA32	BScope.Trojan.Crypt
Malwarebytes	Trojan.MalPack.GS
Ikarus	Trojan.Win32.Crypt

proxy-IRXC-setup.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All