Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	Oct. 1, 2021, 1:49 p.m.	Oct. 1, 2021, 1:51 p.m.

Size	7.7MB
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`ee228a1b9d71fc6381e15e9364bf8fb9`
SHA256	`833766f9eaf2d9a80e31d1da7d2e15c41fd5b9b76458716f86e23218f2014ec7`
CRC32	`B556A5FA`
ssdeep	`196608:Q9aZYBt8WuXqGKfgU4p+WYjU6mYejM+iGkbu:icCt8z6lY5pzYrzejrp`
Yara	Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) Admin_Tool_IN_Zero - Admin Tool Sysinternals PE_Header_Zero - PE File Signature Malicious_Library_Zero - Malicious_Library themida_packer - themida packer

Op.gg.exe "C:\Users\test22\AppData\Local\Temp\Op.gg.exe"
896

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

The executable contains unknown PE section names indicative of a packer (could be a false positive) (3 events)

section
section	.themida
section	.boot

One or more processes crashed (50 out of 65536 events)

Time & API	Arguments	Status
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: RaiseException+0x3d FreeEnvironmentStringsW-0x373 kernelbase+0xa49d @ 0x7fefde3a49d op+0xb6b39d @ 0x1406eb39d op+0xbe85a1 @ 0x1407685a1 HeapWalk-0x1ce0 kernel32+0x0 @ 0x77200000 0x3bf908 0x3bf908 0x3bf908 0x440ca4 0x41314f 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa 0x43c34001de14aa exception.instruction_r: 48 81 c4 c8 00 00 00 c3 48 85 f6 74 08 83 3b 00 exception.symbol: RaiseException+0x3d FreeEnvironmentStringsW-0x373 kernelbase+0xa49d exception.instruction: add rsp, 0xc8 exception.module: KERNELBASE.dll exception.exception_code: 0xc000008e exception.offset: 42141 exception.address: 0x7fefde3a49d registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 2006858448 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930400 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3930408 registers.rdi: 5364604928 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: RtlRestoreContext+0x293 __chkstk-0x1fe ntdll+0x50bd2 @ 0x77950bd2 exception.instruction_r: 48 cf 48 83 ec 30 4c 8b c4 48 81 ec d0 04 00 00 exception.symbol: RtlRestoreContext+0x293 __chkstk-0x1fe ntdll+0x50bd2 exception.instruction: iretq exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 330706 exception.address: 0x77950bd2 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1
__exception__ Oct. 1, 2021, 1:42 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3928576 registers.rsi: 0 registers.r10: 0 registers.rbx: 5372051499 registers.rsp: 3930488 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2006107425 registers.rdi: 0 registers.rax: 2005934667 registers.r13: 0	1

Allocates read-write-execute memory (usually to unpack itself) (2 events)

Time & API	Arguments	Status	Return	Repeated
NtProtectVirtualMemory Oct. 1, 2021, 1:42 p.m.	process_identifier: 896 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 8192 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00000000779f7000 process_handle: 0xffffffffffffffff	1	0	0
NtProtectVirtualMemory Oct. 1, 2021, 1:42 p.m.	process_identifier: 896 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 8192 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0000000077950000 process_handle: 0xffffffffffffffff	1	0	0

The binary likely contains encrypted or compressed data indicative of a packer (14 events)

section

{u'size_of_data': u'0x0000ce00', u'virtual_address': u'0x00001000', u'entropy': 7.978728354291742, u'name': u' ', u'virtual_size': u'0x00019c30'}

entropy

7.97872835429

description