popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Pk52FX0q62R4XoO.dll

Malicious Packer Malicious Library PE32 PE File DLL
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 Aug. 23, 2021, 6:58 p.m. Aug. 23, 2021, 7:01 p.m.
Size 188.0KB
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 f0242add3e62b4bda6a1f3e38e98a73d
SHA256 18b60baa2088c1d38889054818f767eaa9098f1371b01e1fbbb6941395bbd85b
CRC32 F5BFC6B4
ssdeep 3072:ZhYiCQXKgH7xFjsDlyk+AZ6cGdgwQDDu15/aE8t7grkVCuLnT:z7xFGlyfAZ5DDuLyTzT
Yara
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • Malicious_Packer_Zero - Malicious Packer

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18d pk52fx0q62r4xoo+0x7071
exception.address: 0x73fb7071
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 1
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18c pk52fx0q62r4xoo+0x7072
exception.address: 0x73fb7072
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 1
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18b pk52fx0q62r4xoo+0x7073
exception.address: 0x73fb7073
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 1
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08 eb
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18a pk52fx0q62r4xoo+0x7074
exception.address: 0x73fb7074
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 1
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18d pk52fx0q62r4xoo+0x7071
exception.address: 0x73fb7071
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 2
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18c pk52fx0q62r4xoo+0x7072
exception.address: 0x73fb7072
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 2
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18b pk52fx0q62r4xoo+0x7073
exception.address: 0x73fb7073
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 2
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08 eb
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18a pk52fx0q62r4xoo+0x7074
exception.address: 0x73fb7074
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 2
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18d pk52fx0q62r4xoo+0x7071
exception.address: 0x73fb7071
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 3
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18c pk52fx0q62r4xoo+0x7072
exception.address: 0x73fb7072
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 3
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18b pk52fx0q62r4xoo+0x7073
exception.address: 0x73fb7073
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 3
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08 eb
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18a pk52fx0q62r4xoo+0x7074
exception.address: 0x73fb7074
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 3
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18d pk52fx0q62r4xoo+0x7071
exception.address: 0x73fb7071
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 4
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18c pk52fx0q62r4xoo+0x7072
exception.address: 0x73fb7072
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 4
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18b pk52fx0q62r4xoo+0x7073
exception.address: 0x73fb7073
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 4
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08 eb
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18a pk52fx0q62r4xoo+0x7074
exception.address: 0x73fb7074
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 4
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18d pk52fx0q62r4xoo+0x7071
exception.address: 0x73fb7071
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 5
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18c pk52fx0q62r4xoo+0x7072
exception.address: 0x73fb7072
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 5
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18b pk52fx0q62r4xoo+0x7073
exception.address: 0x73fb7073
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 5
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08 eb
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18a pk52fx0q62r4xoo+0x7074
exception.address: 0x73fb7074
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 5
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18d pk52fx0q62r4xoo+0x7071
exception.address: 0x73fb7071
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 6
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18c pk52fx0q62r4xoo+0x7072
exception.address: 0x73fb7072
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 6
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18b pk52fx0q62r4xoo+0x7073
exception.address: 0x73fb7073
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 6
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08 eb
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18a pk52fx0q62r4xoo+0x7074
exception.address: 0x73fb7074
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 6
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18d pk52fx0q62r4xoo+0x7071
exception.address: 0x73fb7071
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 7
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18c pk52fx0q62r4xoo+0x7072
exception.address: 0x73fb7072
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 7
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18b pk52fx0q62r4xoo+0x7073
exception.address: 0x73fb7073
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 7
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08 eb
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18a pk52fx0q62r4xoo+0x7074
exception.address: 0x73fb7074
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 7
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18d pk52fx0q62r4xoo+0x7071
exception.address: 0x73fb7071
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 8
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18c pk52fx0q62r4xoo+0x7072
exception.address: 0x73fb7072
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 8
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18b pk52fx0q62r4xoo+0x7073
exception.address: 0x73fb7073
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 8
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08 eb
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18a pk52fx0q62r4xoo+0x7074
exception.address: 0x73fb7074
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 8
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18d pk52fx0q62r4xoo+0x7071
exception.address: 0x73fb7071
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 9
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18c pk52fx0q62r4xoo+0x7072
exception.address: 0x73fb7072
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 9
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18b pk52fx0q62r4xoo+0x7073
exception.address: 0x73fb7073
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 9
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08 eb
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18a pk52fx0q62r4xoo+0x7074
exception.address: 0x73fb7074
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 9
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18d pk52fx0q62r4xoo+0x7071
exception.address: 0x73fb7071
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 10
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18c pk52fx0q62r4xoo+0x7072
exception.address: 0x73fb7072
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 10
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18b pk52fx0q62r4xoo+0x7073
exception.address: 0x73fb7073
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 10
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08 eb
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18a pk52fx0q62r4xoo+0x7074
exception.address: 0x73fb7074
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 10
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18d pk52fx0q62r4xoo+0x7071
exception.address: 0x73fb7071
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 11
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18c pk52fx0q62r4xoo+0x7072
exception.address: 0x73fb7072
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 11
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18b pk52fx0q62r4xoo+0x7073
exception.address: 0x73fb7073
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 11
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08 eb
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18a pk52fx0q62r4xoo+0x7074
exception.address: 0x73fb7074
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 11
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18d pk52fx0q62r4xoo+0x7071
exception.address: 0x73fb7071
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 12
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18c pk52fx0q62r4xoo+0x7072
exception.address: 0x73fb7072
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 12
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18b pk52fx0q62r4xoo+0x7073
exception.address: 0x73fb7073
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 12
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4 08 eb
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18a pk52fx0q62r4xoo+0x7074
exception.address: 0x73fb7074
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 12
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18d pk52fx0q62r4xoo+0x7071
exception.address: 0x73fb7071
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 13
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0

__exception__

 stacktrace: 
WeprmcFosller-0x21a2b pk52fx0q62r4xoo+0x47d3 @ 0x73fb47d3
WeprmcFosller-0x24041 pk52fx0q62r4xoo+0x21bd @ 0x73fb21bd
WeprmcFosller-0x1f4dd pk52fx0q62r4xoo+0x6d21 @ 0x73fb6d21
LdrResSearchResource+0xb4d LdrResFindResourceDirectory-0x16c ntdll+0x3d8a9 @ 0x77b1d8a9
LdrResSearchResource+0xa10 LdrResFindResourceDirectory-0x2a9 ntdll+0x3d76c @ 0x77b1d76c
LdrLoadDll+0x7b _strcmpi-0x304 ntdll+0x3c4b5 @ 0x77b1c4b5
New_ntdll_LdrLoadDll@16+0x7b New_ntdll_LdrUnloadDll@4-0xb7 @ 0x749fd4cf
LoadLibraryExW+0x178 LoadLibraryExA-0x2a kernelbase+0x11d2a @ 0x75671d2a
rundll32+0x14ed @ 0xa914ed
rundll32+0x1baf @ 0xa91baf
rundll32+0x12e8 @ 0xa912e8
rundll32+0x1901 @ 0xa91901
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x76a433ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77b19ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77b19ea5

exception.instruction_r: cc cc cc eb f0 8b 04 24 64 a3 00 00 00 00 83 c4
exception.instruction: int3
exception.exception_code: 0x80000003
exception.symbol: WeprmcFosller-0x1f18c pk52fx0q62r4xoo+0x7072
exception.address: 0x73fb7072
registers.esp: 2289812
registers.edi: 608076999
registers.eax: 13
registers.ebp: 2289856
registers.edx: 603409
registers.ebx: 4294967295
registers.esi: 0
registers.ecx: 0
1 0 0
Time & API Arguments Status Return Repeated

NtProtectVirtualMemory

 process_identifier: 544
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x764a1000
process_handle: 0xffffffff
1 0 0

NtProtectVirtualMemory

 process_identifier: 544
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x73f71000
process_handle: 0xffffffff
1 0 0

NtProtectVirtualMemory

 process_identifier: 544
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x76cc1000
process_handle: 0xffffffff
1 0 0

NtProtectVirtualMemory

 process_identifier: 544
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x75461000
process_handle: 0xffffffff
1 0 0

NtProtectVirtualMemory

 process_identifier: 544
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x771e1000
process_handle: 0xffffffff
1 0 0

NtProtectVirtualMemory

 process_identifier: 544
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x73fe1000
process_handle: 0xffffffff
1 0 0

NtProtectVirtualMemory

 process_identifier: 544
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x73f51000
process_handle: 0xffffffff
1 0 0

NtProtectVirtualMemory

 process_identifier: 544
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x76b61000
process_handle: 0xffffffff
1 0 0
section {u'size_of_data': u'0x0001f000', u'virtual_address': u'0x00008000', u'entropy': 7.679004581664962, u'name': u'.rdata', u'virtual_size': u'0x0001e9be'} entropy 7.67900458166 description A section with a high entropy has been found
entropy 0.673913043478 description Overall entropy of this PE file is high
Time & API Arguments Status Return Repeated

__anomaly__

 tid: 1800
message: Encountered 65537 exceptions, quitting.
subcategory: exception
function_name:
1 0 0
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.Zusy.397939
ALYac Gen:Variant.Zusy.397939
Malwarebytes Trojan.Dridex
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_80% (D)
K7GW Riskware ( 0040eff71 )
K7AntiVirus Riskware ( 0040eff71 )
Arcabit Trojan.Zusy.D61273
Cyren W32/Dridex.EV.gen!Eldorado
Symantec Packed.Generic.517
ESET-NOD32 Win32/Dridex.DT
APEX Malicious
ClamAV Win.Packed.Dridex-9886732-0
Kaspersky VHO:Trojan-Downloader.Win32.Cridex.gen
BitDefender Gen:Variant.Zusy.397939
Avast Win32:BankerX-gen [Trj]
Rising Trojan.Kryptik!1.D8A4 (CLASSIC)
Ad-Aware Gen:Variant.Zusy.397939
Sophos ML/PE-A + Mal/EncPk-APX
McAfee-GW-Edition Drixed-FJX!F0242ADD3E62
FireEye Generic.mg.f0242add3e62b4bd
Emsisoft Gen:Variant.Zusy.397939 (B)
Ikarus Trojan-Banker.Dridex
MAX malware (ai score=80)
Antiy-AVL Trojan/Generic.ASMalwS.346B3EF
Microsoft Trojan:Win32/Dridex.AHB!MTB
GData Gen:Variant.Zusy.397939
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win.Dridex.R437677
McAfee Drixed-FJX!F0242ADD3E62
VBA32 TrojanDownloader.Cridex
Cylance Unsafe
Yandex Trojan.DL.Cridex!Nkj2bujPRYc
SentinelOne Static AI - Suspicious PE
Fortinet W32/Dridex.LSP!tr
BitDefenderTheta Gen:NN.ZedlaF.34088.lu8@aerzJSni
AVG Win32:BankerX-gen [Trj]
Panda Trj/GdSda.A