Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	June 24, 2021, 10:52 p.m.	June 24, 2021, 11:20 p.m.

Size	438.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`790d32b24be33acb84bf56a73fac43cd`
SHA256	`b93f24e7f456357291e285286a12ae79f9b551284757d9050adf6ccac1905ff9`
CRC32	`4C1960CA`
ssdeep	`12288:WdV5jT4PzwwLfy2jQ2EAUCtVF6WkqKtl:WdVF4Pzw8YYF6`
PDB Path	C:\zemavavasum\cagijefe.pdb
Yara	PE_Header_Zero - PE File Signature Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check IsPE32 - (no description)

svch.exe "C:\Users\test22\AppData\Local\Temp\svch.exe"
2948

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
13.225.134.82	Active	Moloch
142.250.196.131	Active	Moloch
142.250.199.77	Active	Moloch
142.250.207.78	Active	Moloch
172.217.161.65	Active	Moloch
172.217.26.35	Active	Moloch
172.217.31.131	Active	Moloch
164.124.101.2	Active	Moloch
216.58.200.78	Active	Moloch
65.8.17.57	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

C:\zemavavasum\cagijefe.pdb

The file contains an unknown PE resource name possibly indicative of a packer (1 event)

resource name

AFX_DIALOG_LAYOUT

One or more processes crashed (50 out of 65536 events)

Time & API	Arguments	Status
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1
__exception__ June 24, 2021, 10:52 p.m.	stacktrace: _vsnprintf+0xa9 strncpy_s-0x79 ntdll+0x79e31 @ 0x77419e31 GetProfileStringW+0x5b74 EnumResourceNamesW-0x40041 kernel32+0x43120 @ 0x75763120 svch+0x3fd9d @ 0x43fd9d svch+0x40d46 @ 0x440d46 svch+0x16a6 @ 0x4016a6 svch+0x152f @ 0x40152f BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757333ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: 80 78 07 05 0f 84 64 8a 01 00 f6 40 07 3f 0f 84 exception.symbol: _vsnprintf+0xd0 strncpy_s-0x52 ntdll+0x79e58 exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 499288 exception.address: 0x77419e58 registers.esp: 1623172 registers.edi: 13697024 registers.eax: 4294967288 registers.ebp: 1623216 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 13697024	1

Allocates read-write-execute memory (usually to unpack itself) (1 event)

Time & API	Arguments	Status	Return	Repeated
NtProtectVirtualMemory June 24, 2021, 10:52 p.m.	process_identifier: 2948 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 length: 151552 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00d2c000 process_handle: 0xffffffff	1	0	0

Foreign language identified in PE resource (12 events)

name

AFX_DIALOG_LAYOUT

language

LANG_LATVIAN

filetype

data

sublanguage

SUBLANG_DEFAULT

offset

0x00503508

size

0x00000002

name

AFX_DIALOG_LAYOUT

language

LANG_LATVIAN

filetype

data

sublanguage

SUBLANG_DEFAULT

offset

0x00503508

size

0x00000002

name

AFX_DIALOG_LAYOUT

language

LANG_LATVIAN

filetype

data

sublanguage

SUBLANG_DEFAULT

offset

0x00503508

size

0x00000002

name

AFX_DIALOG_LAYOUT

language

LANG_LATVIAN

filetype

data

sublanguage

SUBLANG_DEFAULT

offset

0x00503508

size

0x00000002

name

AFX_DIALOG_LAYOUT

language

LANG_LATVIAN

filetype

data

sublanguage

SUBLANG_DEFAULT

offset

0x00503508

size

0x00000002

name

RT_CURSOR

language

LANG_LATVIAN

filetype

data

sublanguage

SUBLANG_DEFAULT

offset

0x00503518

size

0x00000130

name

RT_STRING

language

LANG_LATVIAN

filetype

data

sublanguage

SUBLANG_DEFAULT

offset

0x00504830

size

0x000002ce

name

RT_STRING

language

LANG_LATVIAN

filetype

data

sublanguage

SUBLANG_DEFAULT

offset

0x00504830

size

0x000002ce

name

RT_STRING

language

LANG_LATVIAN

filetype

data

sublanguage

SUBLANG_DEFAULT

offset

0x00504830

size

0x000002ce

name

RT_STRING

language

LANG_LATVIAN

filetype

data

sublanguage

SUBLANG_DEFAULT

offset

0x00504830

size

0x000002ce

name

RT_GROUP_CURSOR

language

LANG_LATVIAN

filetype

data

sublanguage

SUBLANG_DEFAULT

offset

0x00503648

size

0x00000014

name

RT_VERSION

language

LANG_LATVIAN

filetype

PDP-11 pure executable not stripped

sublanguage

SUBLANG_DEFAULT

offset

0x00503660

size

0x00000108

The binary likely contains encrypted or compressed data indicative of a packer (2 events)

section

{u'size_of_data': u'0x00048200', u'virtual_address': u'0x00001000', u'entropy': 7.482042041669013, u'name': u'.text', u'virtual_size': u'0x000480e0'}

entropy

7.48204204167

description

A section with a high entropy has been found

entropy

0.660939289805

description

Overall entropy of this PE file is high

Communicates with host for which no DNS query was performed (9 events)

host	13.225.134.82
host	142.250.196.131
host	142.250.199.77
host	142.250.207.78
host	172.217.161.65
host	172.217.26.35
host	172.217.31.131
host	216.58.200.78
host	65.8.17.57

Tries to unhook Windows functions monitored by Cuckoo (1 event)

Time & API	Arguments	Status	Return	Repeated
__anomaly__ June 24, 2021, 10:52 p.m.	tid: 2972 message: Encountered 65537 exceptions, quitting. subcategory: exception function_name:	1	0	0

File has been identified by 36 AntiVirus engines on VirusTotal as malicious (36 events)

Bkav	W32.AIDetect.malware1
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKDZ.76031
FireEye	Generic.mg.790d32b24be33acb
McAfee	Packed-GDT!790D32B24BE3
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Riskware ( 0040eff71 )
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.864970
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.HLLN
APEX	Malicious
Avast	Win32:PWSX-gen [Trj]
ClamAV	Win.Packed.Pwsx-9874160-0
Kaspersky	UDS:Trojan-Spy.Win32.Noon.gen
BitDefender	Trojan.GenericKDZ.76031
Ad-Aware	Trojan.GenericKDZ.76031
Sophos	ML/PE-A + Troj/Kryptik-TR
Emsisoft	Trojan.GenericKDZ.76031 (B)
GData	Trojan.GenericKDZ.76031
Jiangmin	Trojan.Zenpak.hpk
MAX	malware (ai score=81)
Arcabit	Trojan.Graftor.DEC1CC
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.MalPE.R426917
Acronis	suspicious
VBA32	BScope.Trojan.Crypt
Malwarebytes	Trojan.MalPack.GS
SentinelOne	Static AI - Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Kryptik.HLLN!tr
BitDefenderTheta	Gen:NN.ZexaF.34758.Bu1@aKSRXIdQ
AVG	Win32:PWSX-gen [Trj]
CrowdStrike	win/malicious_confidence_100% (D)

Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) (2 events)

dead_host	65.8.17.57:443
dead_host	13.225.134.82:443

svch.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All