Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Nov. 17, 2021, 7:51 a.m.	Nov. 17, 2021, 8:35 a.m.

Size	4.8MB
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`485931562730550c0dd729d3d2c26434`
SHA256	`4a762e042f09f43e5a6c396e6fd096839a15daf9ce6d8f1438af2527a7b5c1ea`
CRC32	`F0D248D3`
ssdeep	`49152:co4Ds+mq8RlRbgE6gSUeHBKGhVV83MkUxi5y+AOAQLgWo:sY88TeEwUehKGhVgUxGlZ`
Yara	Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) PE_Header_Zero - PE File Signature Generic_Malware_Zero - Generic Malware themida_packer - themida packer

wlanext32.exe "C:\Users\test22\AppData\Local\Temp\wlanext32.exe"
2780

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

The executable contains unknown PE section names indicative of a packer (could be a false positive) (2 events)

section
section	.themida

One or more processes crashed (50 out of 65536 events)

Time & API	Arguments	Status
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: RaiseException+0x3d FreeEnvironmentStringsW-0x373 kernelbase+0xa49d @ 0x7fefda7a49d wlanext32+0x53b65c @ 0x13fe8b65c wlanext32+0x53b627 @ 0x13fe8b627 HeapWalk-0x1ce0 kernel32+0x0 @ 0x76f80000 0x2cf9f8 0x2cf9f8 0x2cf9f8 0x39fc94 0x3730d3 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea 0x39b680774b13ea exception.instruction_r: 48 81 c4 c8 00 00 00 c3 48 85 f6 74 08 83 3b 00 exception.symbol: RaiseException+0x3d FreeEnvironmentStringsW-0x373 kernelbase+0xa49d exception.instruction: add rsp, 0xc8 exception.module: KERNELBASE.dll exception.exception_code: 0xc000008e exception.offset: 42141 exception.address: 0x7fefda7a49d registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 2002008784 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947600 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2947608 registers.rdi: 5363937280 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: RtlRestoreContext+0x293 __chkstk-0x1fe ntdll+0x50bd2 @ 0x774b0bd2 exception.instruction_r: 48 cf 48 83 ec 30 4c 8b c4 48 81 ec d0 04 00 00 exception.symbol: RtlRestoreContext+0x293 __chkstk-0x1fe ntdll+0x50bd2 exception.instruction: iretq exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 330706 exception.address: 0x774b0bd2 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1
__exception__ Nov. 17, 2021, 7:44 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2945776 registers.rsi: 0 registers.r10: 0 registers.rbx: 5366022187 registers.rsp: 2947688 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2001257761 registers.rdi: 0 registers.rax: 2004190352 registers.r13: 0	1

Allocates read-write-execute memory (usually to unpack itself) (2 events)

Time & API	Arguments	Status	Return	Repeated
NtProtectVirtualMemory Nov. 17, 2021, 7:44 a.m.	process_identifier: 2780 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 8192 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0000000077557000 process_handle: 0xffffffffffffffff	1	0	0
NtProtectVirtualMemory Nov. 17, 2021, 7:44 a.m.	process_identifier: 2780 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 8192 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00000000774b0000 process_handle: 0xffffffffffffffff	1	0	0

The binary likely contains encrypted or compressed data indicative of a packer (7 events)

section

{u'size_of_data': u'0x0001c600', u'virtual_address': u'0x00001000', u'entropy': 7.996219135720866, u'name': u' ', u'virtual_size': u'0x000540cc'}

entropy

7.99621913572

description