Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Oct. 28, 2022, 4:58 p.m.	Oct. 28, 2022, 5:32 p.m.

Size	841.0KB
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`79a24a331ec7b5d3b1cf688cc64d995a`
SHA256	`3d568dc9ee07bf5ebe9314d2aea822b1bf4de89110e7c027e151bde134b35ba5`
CRC32	`26714013`
ssdeep	`24576:AFejHjpj47GLpGLMMMHMMMvMMZMMMKzbKXOMMHMMMvMMZMMMKzbKX7GLMMMHMMM3:AEjDpj4qMMHMMMvMMZMMMFOMMHMMMvMf`
Yara	IsPE32 - (no description) Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT Is_DotNET_EXE - (no description) PE_Header_Zero - PE File Signature UPX_Zero - UPX packed file

qqq.exe "C:\Users\test22\AppData\Local\Temp\qqq.exe"
2556
- vbc.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe"
  2732
  - 22windows_64.exe "C:\Users\test22\AppData\Local\Temp\22windows_64.exe"
    1264

Name	Response	Post-Analysis Lookup
api.ip.sb	CNAME api.ip.sb.cdn.cloudflare.net A 104.26.13.31 A 104.26.12.31 A 172.67.75.172	172.67.75.172

IP Address	Status	Action
164.124.101.2	Active	Moloch
172.67.75.172	Active	Moloch
194.36.177.60	Active	Moloch
31.41.244.146	Active	Moloch

Suricata Alerts

Flow	SID	Signature	Category
TCP 192.168.56.101:49169 -> 172.67.75.172:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.101:49171 -> 31.41.244.146:80	2016141	ET INFO Executable Download from dotted-quad Host	A Network Trojan was detected
TCP 31.41.244.146:80 -> 192.168.56.101:49171	2014819	ET INFO Packed Executable Download	Misc activity
TCP 31.41.244.146:80 -> 192.168.56.101:49171	2018959	ET POLICY PE EXE or DLL Windows file download HTTP	Potential Corporate Privacy Violation
TCP 31.41.244.146:80 -> 192.168.56.101:49171	2016538	ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download	Potentially Bad Traffic
TCP 31.41.244.146:80 -> 192.168.56.101:49171	2021076	ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	Potentially Bad Traffic

Suricata TLS

Flow	Issuer	Subject	Fingerprint
TLSv1 192.168.56.101:49169 172.67.75.172:443	C=US, O=Cloudflare, Inc., CN=Cloudflare Inc RSA CA-2	C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com	8b:21:8f:0f:6e:2d:53:34:b7:d3:f5:58:58:99:01:63:93:81:e6:f1

Queries for the computername (12 events)

Time & API	Arguments	Status	Return
GetComputerNameW Oct. 28, 2022, 4:58 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Oct. 28, 2022, 4:58 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Oct. 28, 2022, 4:58 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Oct. 28, 2022, 4:58 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Oct. 28, 2022, 4:58 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Oct. 28, 2022, 4:58 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Oct. 28, 2022, 4:58 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Oct. 28, 2022, 4:58 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Oct. 28, 2022, 4:58 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Oct. 28, 2022, 4:58 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Oct. 28, 2022, 4:58 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Oct. 28, 2022, 4:58 p.m.	computer_name: TEST22-PC	1	1

Checks if process is being debugged by a debugger (4 events)

Time & API	Arguments	Status	Return	Repeated
IsDebuggerPresent Oct. 28, 2022, 4:58 p.m.			0	0
IsDebuggerPresent Oct. 28, 2022, 4:58 p.m.			0	0
IsDebuggerPresent Oct. 28, 2022, 4:58 p.m.			0	0
IsDebuggerPresent Oct. 28, 2022, 4:58 p.m.			0	0

Uses Windows APIs to generate a cryptographic key (31 events)

Time & API	Arguments	Status	Return
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x006d7e90 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x006d7e90 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x006d7e90 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x006d7f90 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x006d7f90 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x006d7f90 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x006d8150 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x006d8150 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x006d8150 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x006d8150 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x006d81d0 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x006d81d0 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x006d81d0 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x006d81d0 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x00cfb1b0 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x00cfb1b0 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x00cfb1b0 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x00cfb1b0 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x00cfb230 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x00cfb230 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x00cfb130 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x00cfb130 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x00cfb130 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x00cfb130 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x00cfb130 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x00daa828 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x00daa828 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x00daa9a8 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x00cfbdb0 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x00cfbdb0 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey Oct. 28, 2022, 4:58 p.m.	buffer: <INVALID POINTER> crypto_handle: 0x00cfb8b0 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1

Tries to locate where the browsers are installed (3 events)

file	C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
file	C:\Program Files\Mozilla Firefox\firefox.exe
registry	HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome

Checks amount of memory in system, this can be used to detect virtual machines that have a low amount of memory available (1 event)

Time & API	Arguments	Status	Return	Repeated
GlobalMemoryStatusEx Oct. 28, 2022, 4:58 p.m.		1	1	0

The file contains an unknown PE resource name possibly indicative of a packer (2 events)

resource name	EDPENLIGHTENEDAPPINFOID
resource name	GOOGLEUPDATEAPPLICATIONCOMMANDS

One or more processes crashed (50 out of 501 events)

Time & API	Arguments	Status
__exception__ Oct. 28, 2022, 4:58 p.m.	stacktrace: 0x60807c 0x607f9e 0x602af3 0x60271e 0x600603 0x60006c DllUnregisterServerInternal-0x7aa2 clr+0x2652 @ 0x72102652 DllRegisterServerInternal+0x243 CoUninitializeEE-0xd1f5 clr+0x1264f @ 0x7211264f DllRegisterServerInternal+0xa89 CoUninitializeEE-0xc9af clr+0x12e95 @ 0x72112e95 DllGetClassObjectInternal+0x2473 CorDllMainForThunk-0x8a088 clr+0xc74ec @ 0x721c74ec DllGetClassObjectInternal+0x2597 CorDllMainForThunk-0x89f64 clr+0xc7610 @ 0x721c7610 CorDllMainForThunk+0x850 _CorExeMain-0x238a clr+0x151dc4 @ 0x72251dc4 CorDllMainForThunk+0x8f3 _CorExeMain-0x22e7 clr+0x151e67 @ 0x72251e67 CorDllMainForThunk+0xa06 _CorExeMain-0x21d4 clr+0x151f7a @ 0x72251f7a _CorExeMain+0x1c ClrCreateManagedInstance-0x35cd clr+0x15416a @ 0x7225416a _CorExeMain+0x71 GetFileVersion-0x293a mscoreei+0xf5a3 @ 0x73faf5a3 CreateConfigStream+0x13f GetProcessExecutableHeap-0xad6 mscoree+0x7f16 @ 0x741d7f16 _CorExeMain+0x8 CreateConfigStream-0x2ff4 mscoree+0x4de3 @ 0x741d4de3 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: 8b 01 8b 40 28 ff 10 89 45 c8 8b 45 c8 89 45 c4 exception.instruction: mov eax, dword ptr [ecx] exception.exception_code: 0xc0000005 exception.symbol: exception.address: 0x608170 registers.esp: 1896256 registers.edi: 1896308 registers.eax: 0 registers.ebp: 1896320 registers.edx: 13712824 registers.ebx: 1897348 registers.esi: 40821372 registers.ecx: 0	1
__exception__ Oct. 28, 2022, 4:58 p.m.	stacktrace: 0x60e896 0x60e757 0x60e655 0x60dcdf 0x60d538 0x60825a 0x602b3d 0x60271e 0x600603 0x60006c DllUnregisterServerInternal-0x7aa2 clr+0x2652 @ 0x72102652 DllRegisterServerInternal+0x243 CoUninitializeEE-0xd1f5 clr+0x1264f @ 0x7211264f DllRegisterServerInternal+0xa89 CoUninitializeEE-0xc9af clr+0x12e95 @ 0x72112e95 DllGetClassObjectInternal+0x2473 CorDllMainForThunk-0x8a088 clr+0xc74ec @ 0x721c74ec DllGetClassObjectInternal+0x2597 CorDllMainForThunk-0x89f64 clr+0xc7610 @ 0x721c7610 CorDllMainForThunk+0x850 _CorExeMain-0x238a clr+0x151dc4 @ 0x72251dc4 CorDllMainForThunk+0x8f3 _CorExeMain-0x22e7 clr+0x151e67 @ 0x72251e67 CorDllMainForThunk+0xa06 _CorExeMain-0x21d4 clr+0x151f7a @ 0x72251f7a _CorExeMain+0x1c ClrCreateManagedInstance-0x35cd clr+0x15416a @ 0x7225416a _CorExeMain+0x71 GetFileVersion-0x293a mscoreei+0xf5a3 @ 0x73faf5a3 CreateConfigStream+0x13f GetProcessExecutableHeap-0xad6 mscoree+0x7f16 @ 0x741d7f16 _CorExeMain+0x8 CreateConfigStream-0x2ff4 mscoree+0x4de3 @ 0x741d4de3 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: 39 09 ff 15 60 1a 88 06 89 85 4c ff ff ff 8b 85 exception.instruction: cmp dword ptr [ecx], ecx exception.exception_code: 0xc0000005 exception.symbol: exception.address: 0x60f19e registers.esp: 1895120 registers.edi: 1895344 registers.eax: 0 registers.ebp: 1895356 registers.edx: 109582576 registers.ebx: 1897348 registers.esi: 42888812 registers.ecx: 0	1
__exception__ Oct. 28, 2022, 4:58 p.m.	stacktrace: 0x60e896 0x60e757 0x60e66d 0x60dcdf 0x60d538 0x60825a 0x602b3d 0x60271e 0x600603 0x60006c DllUnregisterServerInternal-0x7aa2 clr+0x2652 @ 0x72102652 DllRegisterServerInternal+0x243 CoUninitializeEE-0xd1f5 clr+0x1264f @ 0x7211264f DllRegisterServerInternal+0xa89 CoUninitializeEE-0xc9af clr+0x12e95 @ 0x72112e95 DllGetClassObjectInternal+0x2473 CorDllMainForThunk-0x8a088 clr+0xc74ec @ 0x721c74ec DllGetClassObjectInternal+0x2597 CorDllMainForThunk-0x89f64 clr+0xc7610 @ 0x721c7610 CorDllMainForThunk+0x850 _CorExeMain-0x238a clr+0x151dc4 @ 0x72251dc4 CorDllMainForThunk+0x8f3 _CorExeMain-0x22e7 clr+0x151e67 @ 0x72251e67 CorDllMainForThunk+0xa06 _CorExeMain-0x21d4 clr+0x151f7a @ 0x72251f7a _CorExeMain+0x1c ClrCreateManagedInstance-0x35cd clr+0x15416a @ 0x7225416a _CorExeMain+0x71 GetFileVersion-0x293a mscoreei+0xf5a3 @ 0x73faf5a3 CreateConfigStream+0x13f GetProcessExecutableHeap-0xad6 mscoree+0x7f16 @ 0x741d7f16 _CorExeMain+0x8 CreateConfigStream-0x2ff4 mscoree+0x4de3 @ 0x741d4de3 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: 39 09 ff 15 60 1a 88 06 89 85 4c ff ff ff 8b 85 exception.instruction: cmp dword ptr [ecx], ecx exception.exception_code: 0xc0000005 exception.symbol: exception.address: 0x60f19e registers.esp: 1895120 registers.edi: 1895344 registers.eax: 0 registers.ebp: 1895356 registers.edx: 109582576 registers.ebx: 1897348 registers.esi: 40349488 registers.ecx: 0	1
__exception__ Oct. 28, 2022, 4:58 p.m.	stacktrace: 0x60e896 0x60e757 0x60e66d 0x60dcdf 0x60d538 0x60825a 0x602b3d 0x60271e 0x600603 0x60006c DllUnregisterServerInternal-0x7aa2 clr+0x2652 @ 0x72102652 DllRegisterServerInternal+0x243 CoUninitializeEE-0xd1f5 clr+0x1264f @ 0x7211264f DllRegisterServerInternal+0xa89 CoUninitializeEE-0xc9af clr+0x12e95 @ 0x72112e95 DllGetClassObjectInternal+0x2473 CorDllMainForThunk-0x8a088 clr+0xc74ec @ 0x721c74ec DllGetClassObjectInternal+0x2597 CorDllMainForThunk-0x89f64 clr+0xc7610 @ 0x721c7610 CorDllMainForThunk+0x850 _CorExeMain-0x238a clr+0x151dc4 @ 0x72251dc4 CorDllMainForThunk+0x8f3 _CorExeMain-0x22e7 clr+0x151e67 @ 0x72251e67 CorDllMainForThunk+0xa06 _CorExeMain-0x21d4 clr+0x151f7a @ 0x72251f7a _CorExeMain+0x1c ClrCreateManagedInstance-0x35cd clr+0x15416a @ 0x7225416a _CorExeMain+0x71 GetFileVersion-0x293a mscoreei+0xf5a3 @ 0x73faf5a3 CreateConfigStream+0x13f GetProcessExecutableHeap-0xad6 mscoree+0x7f16 @ 0x741d7f16 _CorExeMain+0x8 CreateConfigStream-0x2ff4 mscoree+0x4de3 @ 0x741d4de3 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: 39 09 ff 15 60 1a 88 06 89 85 4c ff ff ff 8b 85 exception.instruction: cmp dword ptr [ecx], ecx exception.exception_code: 0xc0000005 exception.symbol: exception.address: 0x60f19e registers.esp: 1895120 registers.edi: 1895344 registers.eax: 0 registers.ebp: 1895356 registers.edx: 109582576 registers.ebx: 1897348 registers.esi: 40349488 registers.ecx: 0	1
__exception__ Oct. 28, 2022, 4:58 p.m.	stacktrace: 0x6d22e8c 0x6d22d38 0x60e655 0x60df7d 0x60d538 0x60825a 0x602b3d 0x60271e 0x600603 0x60006c DllUnregisterServerInternal-0x7aa2 clr+0x2652 @ 0x72102652 DllRegisterServerInternal+0x243 CoUninitializeEE-0xd1f5 clr+0x1264f @ 0x7211264f DllRegisterServerInternal+0xa89 CoUninitializeEE-0xc9af clr+0x12e95 @ 0x72112e95 DllGetClassObjectInternal+0x2473 CorDllMainForThunk-0x8a088 clr+0xc74ec @ 0x721c74ec DllGetClassObjectInternal+0x2597 CorDllMainForThunk-0x89f64 clr+0xc7610 @ 0x721c7610 CorDllMainForThunk+0x850 _CorExeMain-0x238a clr+0x151dc4 @ 0x72251dc4 CorDllMainForThunk+0x8f3 _CorExeMain-0x22e7 clr+0x151e67 @ 0x72251e67 CorDllMainForThunk+0xa06 _CorExeMain-0x21d4 clr+0x151f7a @ 0x72251f7a _CorExeMain+0x1c ClrCreateManagedInstance-0x35cd clr+0x15416a @ 0x7225416a _CorExeMain+0x71 GetFileVersion-0x293a mscoreei+0xf5a3 @ 0x73faf5a3 CreateConfigStream+0x13f GetProcessExecutableHeap-0xad6 mscoree+0x7f16 @ 0x741d7f16 _CorExeMain+0x8 CreateConfigStream-0x2ff4 mscoree+0x4de3 @ 0x741d4de3 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: 39 09 ff 15 60 1a 88 06 89 85 4c ff ff ff 8b 85 exception.instruction: cmp dword ptr [ecx], ecx exception.exception_code: 0xc0000005 exception.symbol: exception.address: 0x60f19e registers.esp: 1895124 registers.edi: 1895348 registers.eax: 0 registers.ebp: 1895360 registers.edx: 109582576 registers.ebx: 1897348 registers.esi: 40334812 registers.ecx: 0	1
__exception__ Oct. 28, 2022, 4:58 p.m.	stacktrace: 0x6d22e8c 0x6d22d38 0x60e66d 0x60df7d 0x60d538 0x60825a 0x602b3d 0x60271e 0x600603 0x60006c DllUnregisterServerInternal-0x7aa2 clr+0x2652 @ 0x72102652 DllRegisterServerInternal+0x243 CoUninitializeEE-0xd1f5 clr+0x1264f @ 0x7211264f DllRegisterServerInternal+0xa89 CoUninitializeEE-0xc9af clr+0x12e95 @ 0x72112e95 DllGetClassObjectInternal+0x2473 CorDllMainForThunk-0x8a088 clr+0xc74ec @ 0x721c74ec DllGetClassObjectInternal+0x2597 CorDllMainForThunk-0x89f64 clr+0xc7610 @ 0x721c7610 CorDllMainForThunk+0x850 _CorExeMain-0x238a clr+0x151dc4 @ 0x72251dc4 CorDllMainForThunk+0x8f3 _CorExeMain-0x22e7 clr+0x151e67 @ 0x72251e67 CorDllMainForThunk+0xa06 _CorExeMain-0x21d4 clr+0x151f7a @ 0x72251f7a _CorExeMain+0x1c ClrCreateManagedInstance-0x35cd clr+0x15416a @ 0x7225416a _CorExeMain+0x71 GetFileVersion-0x293a mscoreei+0xf5a3 @ 0x73faf5a3 CreateConfigStream+0x13f GetProcessExecutableHeap-0xad6 mscoree+0x7f16 @ 0x741d7f16 _CorExeMain+0x8 CreateConfigStream-0x2ff4 mscoree+0x4de3 @ 0x741d4de3 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: 39 09 ff 15 60 1a 88 06 89 85 4c ff ff ff 8b 85 exception.instruction: cmp dword ptr [ecx], ecx exception.exception_code: 0xc0000005 exception.symbol: exception.address: 0x60f19e registers.esp: 1895124 registers.edi: 1895348 registers.eax: 0 registers.ebp: 1895360 registers.edx: 109582576 registers.ebx: 1897348 registers.esi: 40334812 registers.ecx: 0	1
__exception__ Oct. 28, 2022, 4:58 p.m.	stacktrace: 0x6d22e8c 0x6d22d38 0x60e66d 0x60df7d 0x60d538 0x60825a 0x602b3d 0x60271e 0x600603 0x60006c DllUnregisterServerInternal-0x7aa2 clr+0x2652 @ 0x72102652 DllRegisterServerInternal+0x243 CoUninitializeEE-0xd1f5 clr+0x1264f @ 0x7211264f DllRegisterServerInternal+0xa89 CoUninitializeEE-0xc9af clr+0x12e95 @ 0x72112e95 DllGetClassObjectInternal+0x2473 CorDllMainForThunk-0x8a088 clr+0xc74ec @ 0x721c74ec DllGetClassObjectInternal+0x2597 CorDllMainForThunk-0x89f64 clr+0xc7610 @ 0x721c7610 CorDllMainForThunk+0x850 _CorExeMain-0x238a clr+0x151dc4 @ 0x72251dc4 CorDllMainForThunk+0x8f3 _CorExeMain-0x22e7 clr+0x151e67 @ 0x72251e67 CorDllMainForThunk+0xa06 _CorExeMain-0x21d4 clr+0x151f7a @ 0x72251f7a _CorExeMain+0x1c ClrCreateManagedInstance-0x35cd clr+0x15416a @ 0x7225416a _CorExeMain+0x71 GetFileVersion-0x293a mscoreei+0xf5a3 @ 0x73faf5a3 CreateConfigStream+0x13f GetProcessExecutableHeap-0xad6 mscoree+0x7f16 @ 0x741d7f16 _CorExeMain+0x8 CreateConfigStream-0x2ff4 mscoree+0x4de3 @ 0x741d4de3 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: 39 09 ff 15 60 1a 88 06 89 85 4c ff ff ff 8b 85 exception.instruction: cmp dword ptr [ecx], ecx exception.exception_code: 0xc0000005 exception.symbol: exception.address: 0x60f19e registers.esp: 1895124 registers.edi: 1895348 registers.eax: 0 registers.ebp: 1895360 registers.edx: 109582576 registers.ebx: 1897348 registers.esi: 40334812 registers.ecx: 0	1
__exception__ Oct. 28, 2022, 4:58 p.m.	stacktrace: 0x6d2356b 0x6d233f0 0x60e655 0x60e07c 0x60d538 0x60825a 0x602b3d 0x60271e 0x600603 0x60006c DllUnregisterServerInternal-0x7aa2 clr+0x2652 @ 0x72102652 DllRegisterServerInternal+0x243 CoUninitializeEE-0xd1f5 clr+0x1264f @ 0x7211264f DllRegisterServerInternal+0xa89 CoUninitializeEE-0xc9af clr+0x12e95 @ 0x72112e95 DllGetClassObjectInternal+0x2473 CorDllMainForThunk-0x8a088 clr+0xc74ec @ 0x721c74ec DllGetClassObjectInternal+0x2597 CorDllMainForThunk-0x89f64 clr+0xc7610 @ 0x721c7610 CorDllMainForThunk+0x850 _CorExeMain-0x238a clr+0x151dc4 @ 0x72251dc4 CorDllMainForThunk+0x8f3 _CorExeMain-0x22e7 clr+0x151e67 @ 0x72251e67 CorDllMainForThunk+0xa06 _CorExeMain-0x21d4 clr+0x151f7a @ 0x72251f7a _CorExeMain+0x1c ClrCreateManagedInstance-0x35cd clr+0x15416a @ 0x7225416a _CorExeMain+0x71 GetFileVersion-0x293a mscoreei+0xf5a3 @ 0x73faf5a3 CreateConfigStream+0x13f GetProcessExecutableHeap-0xad6 mscoree+0x7f16 @ 0x741d7f16 _CorExeMain+0x8 CreateConfigStream-0x2ff4 mscoree+0x4de3 @ 0x741d4de3 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: 39 09 ff 15 60 1a 88 06 89 85 4c ff ff ff 8b 85 exception.instruction: cmp dword ptr [ecx], ecx exception.exception_code: 0xc0000005 exception.symbol: exception.address: 0x60f19e registers.esp: 1895136 registers.edi: 1895360 registers.eax: 0 registers.ebp: 1895372 registers.edx: 109582576 registers.ebx: 1897348 registers.esi: 40334812 registers.ecx: 0	1
__exception__ Oct. 28, 2022, 4:58 p.m.	stacktrace: 0x6d2356b 0x6d233f0 0x60e66d 0x60e07c 0x60d538 0x60825a 0x602b3d 0x60271e 0x600603 0x60006c DllUnregisterServerInternal-0x7aa2 clr+0x2652 @ 0x72102652 DllRegisterServerInternal+0x243 CoUninitializeEE-0xd1f5 clr+0x1264f @ 0x7211264f DllRegisterServerInternal+0xa89 CoUninitializeEE-0xc9af clr+0x12e95 @ 0x72112e95 DllGetClassObjectInternal+0x2473 CorDllMainForThunk-0x8a088 clr+0xc74ec @ 0x721c74ec DllGetClassObjectInternal+0x2597 CorDllMainForThunk-0x89f64 clr+0xc7610 @ 0x721c7610 CorDllMainForThunk+0x850 _CorExeMain-0x238a clr+0x151dc4 @ 0x72251dc4 CorDllMainForThunk+0x8f3 _CorExeMain-0x22e7 clr+0x151e67 @ 0x72251e67 CorDllMainForThunk+0xa06 _CorExeMain-0x21d4 clr+0x151f7a @ 0x72251f7a _CorExeMain+0x1c ClrCreateManagedInstance-0x35cd clr+0x15416a @ 0x7225416a _CorExeMain+0x71 GetFileVersion-0x293a mscoreei+0xf5a3 @ 0x73faf5a3 CreateConfigStream+0x13f GetProcessExecutableHeap-0xad6 mscoree+0x7f16 @ 0x741d7f16 _CorExeMain+0x8 CreateConfigStream-0x2ff4 mscoree+0x4de3 @ 0x741d4de3 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: 39 09 ff 15 60 1a 88 06 89 85 4c ff ff ff 8b 85 exception.instruction: cmp dword ptr [ecx], ecx exception.exception_code: 0xc0000005 exception.symbol: exception.address: 0x60f19e registers.esp: 1895136 registers.edi: 1895360 registers.eax: 0 registers.ebp: 1895372 registers.edx: 109582576 registers.ebx: 1897348 registers.esi: 40334812 registers.ecx: 0	1
__exception__ Oct. 28, 2022, 4:58 p.m.	stacktrace: 0x6d2356b 0x6d233f0 0x60e66d 0x60e07c 0x60d538 0x60825a 0x602b3d 0x60271e 0x600603 0x60006c DllUnregisterServerInternal-0x7aa2 clr+0x2652 @ 0x72102652 DllRegisterServerInternal+0x243 CoUninitializeEE-0xd1f5 clr+0x1264f @ 0x7211264f DllRegisterServerInternal+0xa89 CoUninitializeEE-0xc9af clr+0x12e95 @ 0x72112e95 DllGetClassObjectInternal+0x2473 CorDllMainForThunk-0x8a088 clr+0xc74ec @ 0x721c74ec DllGetClassObjectInternal+0x2597 CorDllMainForThunk-0x89f64 clr+0xc7610 @ 0x721c7610 CorDllMainForThunk+0x850 _CorExeMain-0x238a clr+0x151dc4 @ 0x72251dc4 CorDllMainForThunk+0x8f3 _CorExeMain-0x22e7 clr+0x151e67 @ 0x72251e67 CorDllMainForThunk+0xa06 _CorExeMain-0x21d4 clr+0x151f7a @ 0x72251f7a _CorExeMain+0x1c ClrCreateManagedInstance-0x35cd clr+0x15416a @ 0x7225416a _CorExeMain+0x71 GetFileVersion-0x293a mscoreei+0xf5a3 @ 0x73faf5a3 CreateConfigStream+0x13f GetProcessExecutableHeap-0xad6 mscoree+0x7f16 @ 0x741d7f16 _CorExeMain+0x8 CreateConfigStream-0x2ff4 mscoree+0x4de3 @ 0x741d4de3 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: 39 09 ff 15 60 1a 88 06 89 85 4c ff ff ff 8b 85 exception.instruction: cmp dword ptr [ecx], ecx exception.exception_code: 0xc0000005 exception.symbol: exception.address: 0x60f19e registers.esp: 1895136 registers.edi: 1895360 registers.eax: 0 registers.ebp: 1895372 registers.edx: 109582576 registers.ebx: 1897348 registers.esi: 40334812 registers.ecx: 0	1
__exception__ Oct. 28, 2022, 4:58 p.m.	stacktrace: 0x6d23c9b 0x6d23b68 0x60e655 0x60e169 0x60d538 0x60825a 0x602b3d 0x60271e 0x600603 0x60006c DllUnregisterServerInternal-0x7aa2 clr+0x2652 @ 0x72102652 DllRegisterServerInternal+0x243 CoUninitializeEE-0xd1f5 clr+0x1264f @ 0x7211264f DllRegisterServerInternal+0xa89 CoUninitializeEE-0xc9af clr+0x12e95 @ 0x72112e95 DllGetClassObjectInternal+0x2473 CorDllMainForThunk-0x8a088 clr+0xc74ec @ 0x721c74ec DllGetClassObjectInternal+0x2597 CorDllMainForThunk-0x89f64 clr+0xc7610 @ 0x721c7610 CorDllMainForThunk+0x850 _CorExeMain-0x238a clr+0x151dc4 @ 0x72251dc4 CorDllMainForThunk+0x8f3 _CorExeMain-0x22e7 clr+0x151e67 @ 0x72251e67 CorDllMainForThunk+0xa06 _CorExeMain-0x21d4 clr+0x151f7a @ 0x72251f7a _CorExeMain+0x1c ClrCreateManagedInstance-0x35cd clr+0x15416a @ 0x7225416a _CorExeMain+0x71 GetFileVersion-0x293a mscoreei+0xf5a3 @ 0x73faf5a3 CreateConfigStream+0x13f GetProcessExecutableHeap-0xad6 mscoree+0x7f16 @ 0x741d7f16 _CorExeMain+0x8 CreateConfigStream-0x2ff4 mscoree+0x4de3 @ 0x741d4de3 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: 39 09 ff 15 60 1a 88 06 89 85 4c ff ff ff 8b 85 exception.instruction: cmp dword ptr [ecx], ecx exception.exception_code: 0xc0000005 exception.symbol: exception.address: 0x60f19e registers.esp: 1895220 registers.edi: 1895444 registers.eax: 0 registers.ebp: 1895456 registers.edx: 109582576 registers.ebx: 1897348 registers.esi: 40334812 registers.ecx: 0	1
__exception__ Oct. 28, 2022, 4:58 p.m.	stacktrace: 0x6d23c9b 0x6d23b68 0x60e66d 0x60e169 0x60d538 0x60825a 0x602b3d 0x60271e 0x600603 0x60006c DllUnregisterServerInternal-0x7aa2 clr+0x2652 @ 0x72102652 DllRegisterServerInternal+0x243 CoUninitializeEE-0xd1f5 clr+0x1264f @ 0x7211264f DllRegisterServerInternal+0xa89 CoUninitializeEE-0xc9af clr+0x12e95 @ 0x72112e95 DllGetClassObjectInternal+0x2473 CorDllMainForThunk-0x8a088 clr+0xc74ec @ 0x721c74ec DllGetClassObjectInternal+0x2597 CorDllMainForThunk-0x89f64 clr+0xc7610 @ 0x721c7610 CorDllMainForThunk+0x850 _CorExeMain-0x238a clr+0x151dc4 @ 0x72251dc4 CorDllMainForThunk+0x8f3 _CorExeMain-0x22e7 clr+0x151e67 @ 0x72251e67 CorDllMainForThunk+0xa06 _CorExeMain-0x21d4 clr+0x151f7a @ 0x72251f7a _CorExeMain+0x1c ClrCreateManagedInstance-0x35cd clr+0x15416a @ 0x7225416a _CorExeMain+0x71 GetFileVersion-0x293a mscoreei+0xf5a3 @ 0x73faf5a3 CreateConfigStream+0x13f GetProcessExecutableHeap-0xad6 mscoree+0x7f16 @ 0x741d7f16 _CorExeMain+0x8 CreateConfigStream-0x2ff4 mscoree+0x4de3 @ 0x741d4de3 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: 39 09 ff 15 60 1a 88 06 89 85 4c ff ff ff 8b 85 exception.instruction: cmp dword ptr [ecx], ecx exception.exception_code: 0xc0000005 exception.symbol: exception.address: 0x60f19e registers.esp: 1895220 registers.edi: 1895444 registers.eax: 0 registers.ebp: 1895456 registers.edx: 109582576 registers.ebx: 1897348 registers.esi: 40334812 registers.ecx: 0	1
__exception__ Oct. 28, 2022, 4:58 p.m.	stacktrace: 0x6d23c9b 0x6d23b68 0x60e66d 0x60e169 0x60d538 0x60825a 0x602b3d 0x60271e 0x600603 0x60006c DllUnregisterServerInternal-0x7aa2 clr+0x2652 @ 0x72102652 DllRegisterServerInternal+0x243 CoUninitializeEE-0xd1f5 clr+0x1264f @ 0x7211264f DllRegisterServerInternal+0xa89 CoUninitializeEE-0xc9af clr+0x12e95 @ 0x72112e95 DllGetClassObjectInternal+0x2473 CorDllMainForThunk-0x8a088 clr+0xc74ec @ 0x721c74ec DllGetClassObjectInternal+0x2597 CorDllMainForThunk-0x89f64 clr+0xc7610 @ 0x721c7610 CorDllMainForThunk+0x850 _CorExeMain-0x238a clr+0x151dc4 @ 0x72251dc4 CorDllMainForThunk+0x8f3 _CorExeMain-0x22e7 clr+0x151e67 @ 0x72251e67 CorDllMainForThunk+0xa06 _CorExeMain-0x21d4 clr+0x151f7a @ 0x72251f7a _CorExeMain+0x1c ClrCreateManagedInstance-0x35cd clr+0x15416a @ 0x7225416a _CorExeMain+0x71 GetFileVersion-0x293a mscoreei+0xf5a3 @ 0x73faf5a3 CreateConfigStream+0x13f GetProcessExecutableHeap-0xad6 mscoree+0x7f16 @ 0x741d7f16 _CorExeMain+0x8 CreateConfigStream-0x2ff4 mscoree+0x4de3 @ 0x741d4de3 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: 39 09 ff 15 60 1a 88 06 89 85 4c ff ff ff 8b 85 exception.instruction: cmp dword ptr [ecx], ecx exception.exception_code: 0xc0000005 exception.symbol: exception.address: 0x60f19e registers.esp: 1895220 registers.edi: 1895444 registers.eax: 0 registers.ebp: 1895456 registers.edx: 109582576 registers.ebx: 1897348 registers.esi: 40334812 registers.ecx: 0	1
__exception__ Oct. 28, 2022, 4:58 p.m.	stacktrace: CopyPDBs+0x1b552 DllCanUnloadNowInternal-0x25a85 clr+0x1b1194 @ 0x722b1194 LogHelp_TerminateOnAssert+0x14061 GetPrivateContextsPerfCounters-0x53e1 clr+0x82ba1 @ 0x72182ba1 mscorlib+0x36dd51 @ 0x714add51 mscorlib+0x32fea6 @ 0x7146fea6 mscorlib+0x30ab40 @ 0x7144ab40 0x60f74a 0x6d262ad 0x6d25a29 0x6d24eb6 0x60825a 0x602b3d 0x60271e 0x600603 0x60006c DllUnregisterServerInternal-0x7aa2 clr+0x2652 @ 0x72102652 DllRegisterServerInternal+0x243 CoUninitializeEE-0xd1f5 clr+0x1264f @ 0x7211264f DllRegisterServerInternal+0xa89 CoUninitializeEE-0xc9af clr+0x12e95 @ 0x72112e95 DllGetClassObjectInternal+0x2473 CorDllMainForThunk-0x8a088 clr+0xc74ec @ 0x721c74ec DllGetClassObjectInternal+0x2597 CorDllMainForThunk-0x89f64 clr+0xc7610 @ 0x721c7610 CorDllMainForThunk+0x850 _CorExeMain-0x238a clr+0x151dc4 @ 0x72251dc4 CorDllMainForThunk+0x8f3 _CorExeMain-0x22e7 clr+0x151e67 @ 0x72251e67 CorDllMainForThunk+0xa06 _CorExeMain-0x21d4 clr+0x151f7a @ 0x72251f7a _CorExeMain+0x1c ClrCreateManagedInstance-0x35cd clr+0x15416a @ 0x7225416a _CorExeMain+0x71 GetFileVersion-0x293a mscoreei+0xf5a3 @ 0x73faf5a3 CreateConfigStream+0x13f GetProcessExecutableHeap-0xad6 mscoree+0x7f16 @ 0x741d7f16 _CorExeMain+0x8 CreateConfigStream-0x2ff4 mscoree+0x4de3 @ 0x741d4de3 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xe0434f4e exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1895300 registers.edi: 0 registers.eax: 1895300 registers.ebp: 1895380 registers.edx: 0 registers.ebx: 13690848 registers.esi: 13712824 registers.ecx: 923150738	1
__exception__ Oct. 28, 2022, 4:58 p.m.	stacktrace: CopyPDBs+0x1b552 DllCanUnloadNowInternal-0x25a85 clr+0x1b1194 @ 0x722b1194 LogHelp_TerminateOnAssert+0x14061 GetPrivateContextsPerfCounters-0x53e1 clr+0x82ba1 @ 0x72182ba1 mscorlib+0x36dd44 @ 0x714add44 mscorlib+0x32fea6 @ 0x7146fea6 mscorlib+0x30ab40 @ 0x7144ab40 0x60f74a 0x6d262ad 0x6d25a29 0x6d24eb6 0x60825a 0x602b3d 0x60271e 0x600603 0x60006c DllUnregisterServerInternal-0x7aa2 clr+0x2652 @ 0x72102652 DllRegisterServerInternal+0x243 CoUninitializeEE-0xd1f5 clr+0x1264f @ 0x7211264f DllRegisterServerInternal+0xa89 CoUninitializeEE-0xc9af clr+0x12e95 @ 0x72112e95 DllGetClassObjectInternal+0x2473 CorDllMainForThunk-0x8a088 clr+0xc74ec @ 0x721c74ec DllGetClassObjectInternal+0x2597 CorDllMainForThunk-0x89f64 clr+0xc7610 @ 0x721c7610 CorDllMainForThunk+0x850 _CorExeMain-0x238a clr+0x151dc4 @ 0x72251dc4 CorDllMainForThunk+0x8f3 _CorExeMain-0x22e7 clr+0x151e67 @ 0x72251e67 CorDllMainForThunk+0xa06 _CorExeMain-0x21d4 clr+0x151f7a @ 0x72251f7a _CorExeMain+0x1c ClrCreateManagedInstance-0x35cd clr+0x15416a @ 0x7225416a _CorExeMain+0x71 GetFileVersion-0x293a mscoreei+0xf5a3 @ 0x73faf5a3 CreateConfigStream+0x13f GetProcessExecutableHeap-0xad6 mscoree+0x7f16 @ 0x741d7f16 _CorExeMain+0x8 CreateConfigStream-0x2ff4 mscoree+0x4de3 @ 0x741d4de3 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xe0434f4e exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1895300 registers.edi: 0 registers.eax: 1895300 registers.ebp: 1895380 registers.edx: 0 registers.ebx: 13690848 registers.esi: 13712824 registers.ecx: 923150738	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd hook_in_monitor+0x45 lde-0x133 @ 0x739742ea New_ntdll_LdrGetProcedureAddress+0x43 New_ntdll_LdrLoadDll-0x156 @ 0x7398f7f3 GetProcAddress+0x60 GetModuleHandleA-0x80 kernelbase+0x4190 @ 0x7fefd4f4190 callbackTrampoline-0x4752d2 22windows_64+0x5d53e @ 0xf8d53e preUpdateHookTrampoline+0x8d63c8 _cgo_dummy_export-0x652d8 22windows_64+0xda8f38 @ 0x1cd8f38 RtlAddVectoredExceptionHandler+0x10 RtlConvertToAutoInheritSecurityObject-0x940 ntdll+0xe3ae0 @ 0x76e13ae0 exception.instruction_r: 48 8b 01 4a 89 44 c6 78 4d 85 e4 74 08 4b 89 8c exception.symbol: RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a exception.instruction: mov rax, qword ptr [rcx] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 105050 exception.address: 0x76d49a5a registers.r14: 30246624 registers.r15: 0 registers.rcx: 0 registers.rsi: 2882144 registers.r10: 0 registers.rbx: 30248760 registers.rsp: 2881656 registers.r11: 0 registers.r8: 5 registers.r9: 1939994624 registers.rdx: 2 registers.r12: 2882312 registers.rbp: 2882096 registers.rdi: 8796092878848 registers.rax: 1 registers.r13: 5504240	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd hook_in_monitor+0x45 lde-0x133 @ 0x739742ea New_ntdll_LdrGetProcedureAddress+0x43 New_ntdll_LdrLoadDll-0x156 @ 0x7398f7f3 GetProcAddress+0x60 GetModuleHandleA-0x80 kernelbase+0x4190 @ 0x7fefd4f4190 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 30246624 registers.r15: 0 registers.rcx: 0 registers.rsi: 2882144 registers.r10: 0 registers.rbx: 30248760 registers.rsp: 2881632 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2882312 registers.rbp: 2882096 registers.rdi: 8796092878848 registers.rax: 1 registers.r13: 5504240	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 30246624 registers.r15: 0 registers.rcx: 0 registers.rsi: 0 registers.r10: 0 registers.rbx: 1992359936 registers.rsp: 2880592 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2882312 registers.rbp: 2880720 registers.rdi: 2882326 registers.rax: 1 registers.r13: 5504240	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 30246624 registers.r15: 0 registers.rcx: 0 registers.rsi: 2882144 registers.r10: 0 registers.rbx: 30248760 registers.rsp: 2878768 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2882312 registers.rbp: 0 registers.rdi: 8796092878848 registers.rax: 1 registers.r13: 5504240	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 1939275776 registers.r15: 1939994692 registers.rcx: 0 registers.rsi: 2879280 registers.r10: 0 registers.rbx: 2 registers.rsp: 2874688 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2879024 registers.rbp: 2874816 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939481136	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 1939275776 registers.r15: 1939994692 registers.rcx: 0 registers.rsi: 2876928 registers.r10: 0 registers.rbx: 2 registers.rsp: 2872704 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2874752 registers.rbp: 104 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939481136	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 1939275776 registers.r15: 1939994692 registers.rcx: 0 registers.rsi: 2876928 registers.r10: 0 registers.rbx: 2 registers.rsp: 2870384 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2874752 registers.rbp: 2870592 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939481136	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 1939275776 registers.r15: 1939994692 registers.rcx: 0 registers.rsi: 2872704 registers.r10: 0 registers.rbx: 2 registers.rsp: 2867872 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2870528 registers.rbp: 2868000 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939481136	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 30246624 registers.r15: 0 registers.rcx: 0 registers.rsi: 2882144 registers.r10: 0 registers.rbx: 30248760 registers.rsp: 2866048 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2882312 registers.rbp: 0 registers.rdi: 8796092878848 registers.rax: 1 registers.r13: 5504240	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 1939275776 registers.r15: 1939994692 registers.rcx: 0 registers.rsi: 2868480 registers.r10: 0 registers.rbx: 2 registers.rsp: 2862016 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2866304 registers.rbp: 2862144 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939481136	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 1939275776 registers.r15: 1939994692 registers.rcx: 0 registers.rsi: 2864256 registers.r10: 0 registers.rbx: 2 registers.rsp: 2860032 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2862080 registers.rbp: 104 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939481136	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 1939275776 registers.r15: 1939994692 registers.rcx: 0 registers.rsi: 2864256 registers.r10: 0 registers.rbx: 2 registers.rsp: 2857712 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2862080 registers.rbp: 2857920 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939481136	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 1939275776 registers.r15: 1939994692 registers.rcx: 0 registers.rsi: 2860032 registers.r10: 0 registers.rbx: 2 registers.rsp: 2855200 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2857856 registers.rbp: 2855328 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939481136	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 30246624 registers.r15: 0 registers.rcx: 0 registers.rsi: 2882144 registers.r10: 0 registers.rbx: 30248760 registers.rsp: 2853376 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2882312 registers.rbp: 0 registers.rdi: 8796092878848 registers.rax: 1 registers.r13: 5504240	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 1939275776 registers.r15: 1939994692 registers.rcx: 0 registers.rsi: 2855808 registers.r10: 0 registers.rbx: 2 registers.rsp: 2849344 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2853632 registers.rbp: 2849472 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939481136	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 1939275776 registers.r15: 1939994692 registers.rcx: 0 registers.rsi: 2851584 registers.r10: 0 registers.rbx: 2 registers.rsp: 2847360 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2849408 registers.rbp: 104 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939481136	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 1939275776 registers.r15: 1939994692 registers.rcx: 0 registers.rsi: 2851584 registers.r10: 0 registers.rbx: 2 registers.rsp: 2845040 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2849408 registers.rbp: 2845248 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939481136	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 1939275776 registers.r15: 1939994692 registers.rcx: 0 registers.rsi: 2847360 registers.r10: 0 registers.rbx: 2 registers.rsp: 2842528 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2845184 registers.rbp: 2842656 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939481136	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 30246624 registers.r15: 0 registers.rcx: 0 registers.rsi: 2882144 registers.r10: 0 registers.rbx: 30248760 registers.rsp: 2840704 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2882312 registers.rbp: 0 registers.rdi: 8796092878848 registers.rax: 1 registers.r13: 5504240	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 1939275776 registers.r15: 1939994692 registers.rcx: 0 registers.rsi: 2843136 registers.r10: 0 registers.rbx: 2 registers.rsp: 2836672 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2840960 registers.rbp: 2836800 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939481136	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a RtlVirtualUnwind+0x37 RtlRestoreContext-0x19 kernel32+0x4b5e7 @ 0x76c5b5e7 stacktrace+0x1d1 memdup-0x62 @ 0x739805bd New_ntdll_RtlDispatchException+0xfa New_ntdll_RtlRemoveVectoredContinueHandler-0x8d @ 0x73996d97 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 1939275776 registers.r15: 1939994692 registers.rcx: 0 registers.rsi: 2838912 registers.r10: 0 registers.rbx: 2 registers.rsp: 2834688 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2836736 registers.rbp: 104 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939481136	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlVirtualUnwind+0x14a RtlCheckForOrphanedCriticalSections-0x356 ntdll+0x19a5a @ 0x76d49a5a exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 1939275776 registers.r15: 1939994692 registers.rcx: 0 registers.rsi: 2838912 registers.r10: 0 registers.rbx: 2 registers.rsp: 2832368 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2836736 registers.rbp: 2832576 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939481136	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 1939275776 registers.r15: 1939994692 registers.rcx: 0 registers.rsi: 2834688 registers.r10: 0 registers.rbx: 2 registers.rsp: 2829856 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 2832512 registers.rbp: 2829984 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939481136	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 2831616 registers.r15: 1939275776 registers.rcx: 0 registers.rsi: 104 registers.r10: 0 registers.rbx: 2 registers.rsp: 2825696 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 1939481136 registers.rbp: 2825824 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939994692	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 2827520 registers.r15: 1939275776 registers.rcx: 0 registers.rsi: 104 registers.r10: 0 registers.rbx: 2 registers.rsp: 2821536 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 1939481136 registers.rbp: 2821664 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939994692	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 2823168 registers.r15: 1939275776 registers.rcx: 0 registers.rsi: 104 registers.r10: 0 registers.rbx: 2 registers.rsp: 2817376 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 1939481136 registers.rbp: 2817504 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939994692	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 2819072 registers.r15: 1939275776 registers.rcx: 0 registers.rsi: 104 registers.r10: 0 registers.rbx: 2 registers.rsp: 2813216 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 1939481136 registers.rbp: 2813344 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939994692	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 2814976 registers.r15: 1939275776 registers.rcx: 0 registers.rsi: 104 registers.r10: 0 registers.rbx: 2 registers.rsp: 2809056 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 1939481136 registers.rbp: 2809184 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939994692	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 2810880 registers.r15: 1939275776 registers.rcx: 0 registers.rsi: 104 registers.r10: 0 registers.rbx: 2 registers.rsp: 2804896 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 1939481136 registers.rbp: 2805024 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939994692	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 2806528 registers.r15: 1939275776 registers.rcx: 0 registers.rsi: 104 registers.r10: 0 registers.rbx: 2 registers.rsp: 2800736 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 1939481136 registers.rbp: 2800864 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939994692	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 2802432 registers.r15: 1939275776 registers.rcx: 0 registers.rsi: 104 registers.r10: 0 registers.rbx: 2 registers.rsp: 2796576 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 1939481136 registers.rbp: 2796704 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939994692	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 2798336 registers.r15: 1939275776 registers.rcx: 0 registers.rsi: 104 registers.r10: 0 registers.rbx: 2 registers.rsp: 2792416 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 1939481136 registers.rbp: 2792544 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939994692	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 2794240 registers.r15: 1939275776 registers.rcx: 0 registers.rsi: 104 registers.r10: 0 registers.rbx: 2 registers.rsp: 2788256 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 1939481136 registers.rbp: 2788384 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939994692	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 2789888 registers.r15: 1939275776 registers.rcx: 0 registers.rsi: 104 registers.r10: 0 registers.rbx: 2 registers.rsp: 2784096 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 1939481136 registers.rbp: 2784224 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939994692	1
__exception__ Oct. 28, 2022, 4:59 p.m.	stacktrace: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 New_ntdll_RtlDispatchException+0x154 New_ntdll_RtlRemoveVectoredContinueHandler-0x33 @ 0x73996df1 KiUserExceptionDispatcher+0x2e KiRaiseUserExceptionDispatcher-0x45 ntdll+0x51278 @ 0x76d81278 RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 @ 0x76d48df5 exception.instruction_r: 49 8b 00 4a 89 84 cc 58 01 00 00 4c 8b 84 24 78 exception.symbol: RtlUnwindEx+0x805 RtlRaiseException-0x76b ntdll+0x18df5 exception.instruction: mov rax, qword ptr [r8] exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 101877 exception.address: 0x76d48df5 registers.r14: 2785792 registers.r15: 1939275776 registers.rcx: 0 registers.rsi: 104 registers.r10: 0 registers.rbx: 2 registers.rsp: 2779936 registers.r11: 1939984384 registers.r8: 0 registers.r9: 5 registers.rdx: 1993539584 registers.r12: 1939481136 registers.rbp: 2780064 registers.rdi: 1940006828 registers.rax: 1 registers.r13: 1939994692	1

One or more potentially interesting buffers were extracted, these generally contain injected code, configuration data, etc.

HTTP traffic contains suspicious features which may be indicative of malware related traffic (2 events)

suspicious_features	GET method with no useragent header, Connection to IP address				suspicious_request	GET http://31.41.244.146/download/windows_10_64.exe
suspicious_features	GET method with no useragent header				suspicious_request	GET https://api.ip.sb/ip

Performs some HTTP requests (2 events)

request	GET http://31.41.244.146/download/windows_10_64.exe
request	GET https://api.ip.sb/ip

Allocates read-write-execute memory (usually to unpack itself) (50 out of 90 events)

Time & API	Arguments	Status
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 1179648 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00500000 allocation_type: 8192 (MEM_RESERVE) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x005e0000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtProtectVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x727a1000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x727a2000 process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 2031616 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x022d0000 allocation_type: 8192 (MEM_RESERVE) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02480000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x003d2000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00415000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0041b000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00417000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x003ec000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00650000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x003da000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0066f000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00660000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00406000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040a000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00407000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00651000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00652000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x003ea000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2556 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00653000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 1179648 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00430000 allocation_type: 8192 (MEM_RESERVE) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00510000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtProtectVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x72101000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x72102000 process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 786432 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00430000 allocation_type: 8192 (MEM_RESERVE) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x004b0000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00392000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x003c5000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x003cb000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x003c7000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x003ac000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00600000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0039a000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0039c000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00601000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x003b6000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x003ba000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x003b7000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x003bb000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x003aa000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x003bc000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 327680 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0xfff40000 allocation_type: 1056768 (MEM_RESERVE\|MEM_TOP_DOWN) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0xfff40000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0xfff40000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0xfff48000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 65536 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0xfff30000 allocation_type: 1056768 (MEM_RESERVE\|MEM_TOP_DOWN) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0xfff30000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0xfff40000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1

Steals private information from local Internet browsers (6 events)

file	C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Web Data
file	C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Cookies
file	C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies
file	C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
file	C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Login Data
file	C:\Users\test22\AppData\Local\Google\Chrome\User Data\Local State

Creates executable files on the filesystem (1 event)

file	C:\Users\test22\AppData\Local\Temp\22windows_64.exe

Drops a binary and executes it (1 event)

file	C:\Users\test22\AppData\Local\Temp\22windows_64.exe

Checks adapter addresses which can be used to detect virtual network interfaces (1 event)

Time & API	Arguments	Status	Return	Repeated
GetAdaptersAddresses Oct. 28, 2022, 4:58 p.m.	flags: 1158 family: 0	1	0	0

An executable file was downloaded by the process vbc.exe (1 event)

Time & API	Arguments	Status	Return	Repeated
recv Oct. 28, 2022, 4:59 p.m.	buffer: HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 28 Oct 2022 08:30:56 GMT Content-Type: application/octet-stream Content-Length: 4490240 Last-Modified: Fri, 21 Oct 2022 11:31:53 GMT Connection: keep-alive ETag: "63528329-448400" Accept-Ranges: bytes MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $PEd}Rcð."D@ÃãP@àã` ðàYÐãÐpÙ^ÐÐãhÏã(UPX0@àUPX1DPD@àUPX2ÐãD@À3.96UPX! $iûzgVvH¥ã\sDÐÛ/a¬\"øø,J=Q&âdô>8ÜMXyZ+3«íô¨qz^QyIÉS< R¥¶2"·UeÚÏüJ¬¢FfÆüzBCâ~Òyt§åû¯ònW®"òìÎ³ úï ß`\|¦ £¯!¶¼´Ñ.cs^Yæh·ûÃÐ®AjVÿê£AüÞ=µ ðÝ}Ç(Ý2pÉtS.³¹Õ}öÑ<°[ÞtùUï¬õSW¯È¾×àî[»så3Ý:dtrdáÚ1K#XÖsEÝÑ¹3ÇÿÍa<¢61C5OåÂecØwovWÈw§kúæ$¹3x\|\ÒëóL)>ùIL¬héâ~¸z³-ÐÀ>®_"vcì,^«rTY;(uÙaøÍÀK9$$4½Ø×éyêÆÉ¶W©½¸È÷7H¤SX4 -E6TäW [C¸<¬a'ôËÊÖbÂ:ùYk5U3Øf-Z_?ÂÙ me¥\ò 7æÐ+»ó£¬/e^«ñÕTYCSß q>³-'7QÀàvWaÒ´?)0¶$wFbÉ²O¡f°r\|0×w¢Sbt×EjLþÉnZt $WÃ¬Ì¹ËW¡ªW¥`WtW1aì¹o¾¥º´kI ¶À ´Í&ûõ÷~¶¶;°Æ×ý+br¸Xß6¨o¯ ¶Ë_îSe6^\|MAª+ìÞàÝÈji4×ÈÐfk%tQ£zZîÅ^Ê[U»õ]´(ÇÈüXÁ½Ôÿ ÛoRF9l<½4:îFÕªþµ<o½åS áù¼\Õ?Hþámµé[n¬ì@±Çt8ú»Sf²dbÍF»ÖaÏ£ÙvkÞzì=Á8r¿ÚHY¥n7êû=%ãz²ê°$wø_ÕË2gÖÕn&6,e?ÿtõÇ ¦ðy%ú1m³Oo?MÕi¤µ7(ÿvï±«L$Ôà< ·WÄ¦EgCµªYdZ¬¦NñLÎÒIºøÅGyÑ¿6Ç>71Â\r»úzU±¿ÐA_Hlx2\|"xf²bÌPïX,}È9að{ìzÉ~òsaÞQå&b?uáv×ªb Ü·êUoªY3ÝÔ´V^êÀÙÍ¶íÙX ôÆßh©ºéÜ]i÷9xLSÓ~n ªêÂ¹AÂVÕsÑûtÂ> ájïzwÜÒÊ:·Â!ãwöü0³§oohÖWØØsÀÄoÉÅ\|?Ñ± S1à"B!C¼¢#=ß¡Ê]Ôw¶¸Rû<0ÏjúÅ²EG]Å0ÕÍ¸ßñ$<X×;àhÕ® ¢ÉÐ;!Á9JÇÕP®ñc´t>PÎ¨Æ@Sª¦ÌZ%+ åñÎ{ÏEaºª-Ü§¬Bæf3íK>°:¡XC@'ÙìS£dÑ±ÆÍË4§ù¾£¤8×oX%VªW©ºTÒËÜNªþ-¼!kÅùW´¶èNò&s~°Ë#Û%ïõ:jdG2ÚÏë9½gà¥F;spb±\|Å¹Sè£mk·páà§þ a²æ<A\5-ëßðè"Êä»-½Ï8¼pÞèMÃ¯²õg ¥iêö7NTóAYNóÖcñÀÔ2üu¢\îg1AázqDçªå¨G\|,Ù5sàçÜ¼÷~Qv¢8¶áìÞÓ·NÝÕRL÷l>ÉM# <(c¤Óëú@&¹lîÒ0ÛÊõÇ}ºrpÎbáØlsjKø27¸(li3y~^ºwÅ¾âçûÍ`ªM[F0Ò%:rK¡SuÌE0ç Ú£ç®D¹ Zòã®á.i¸`Ø¬l3± ¶IeqYÍe0{ùçÄ[¥àÙ¶è»/ áâ~?Áà,-ÀL ¼Ð>»ÆEÉXéPMp úY-«Ô¢QeVëFõHyømqªjVX´·Ó ²] Zºn×óJ¦«u¿Hð9}êå5hØ6~$B91G"1ÂÚàÎXypzÈ <ipÅ»óÒb¸ ´äS»ºå§ÚÚ'Ò½?ag®ßg÷$@~(2ëzêe½o[É}rÚÄ7þaöoSæ±È-q-;/á¯ÝË\Áçö22ãvpYs¿¾ÂóBÂ"¶úÜP³Ä#b5dXÄ~UyEàfäÇBà+¿äz?Ê©rûÄú¢»ðúÜxJæ8y ÂÇ2T²?ÔaÃ Al%Éwx:pèLN)÷í£MOm\|K;[j-`h%ÆÓ'x¨ ¼¿eH1\|î©ôçì¹0\|=¥1½Òü[¥0,Ý¡JvÃ°Æ¼º§ ¥éÓ_Ì3³ì °"µ·PÖ[Å'M®¯f^Øq·E¾;TÊìrOò^LÈBæ:©wH§ÚMáÇoíJ¸¥)p(ù ªÂÈ©a8ä5 9v^é®nÂ¦s¯LÆ°;.èáïö ÉoÅ!^¼Þ>Uqu*³FZ¥o·ú received: 2920 socket: 608	1	2920	0

The binary likely contains encrypted or compressed data indicative of a packer (1 event)

section

{u'size_of_data': u'0x00028000', u'virtual_address': u'0x00002000', u'entropy': 7.88815728637572, u'name': u'.text', u'virtual_size': u'0x00027e64'}

entropy

7.88815728638

description

A section with a high entropy has been found

Checks for the Locally Unique Identifier on the system for a suspicious privilege (1 event)

Time & API	Arguments	Status	Return	Repeated
LookupPrivilegeValueW Oct. 28, 2022, 4:58 p.m.	system_name: privilege_name: SeDebugPrivilege	1	1	0

Yara rule detected in process memory (10 events)

description	PWS Memory	rule	Generic_PWS_Memory_Zero
description	(no description)	rule	DebuggerCheck__GlobalFlags
description	(no description)	rule	DebuggerCheck__QueryInfo
description	(no description)	rule	DebuggerHiding__Thread
description	(no description)	rule	DebuggerHiding__Active
description	(no description)	rule	ThreadControl__Context
description	(no description)	rule	SEH__vectored
description	Checks if being debugged	rule	anti_dbg
description	Bypass DEP	rule	disable_dep
description	RedLine stealer	rule	RedLine_Stealer_m_Zero

Queries for potentially installed applications (39 events)

Time & API	Arguments	Status
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall base_handle: 0x80000002 key_handle: 0x00000340 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: AddressBook base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: Connection Manager base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: DirectDrawEx base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: EditPlus base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\EditPlus	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: ENTERPRISE base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ENTERPRISE	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: Fontcore base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: Google Chrome base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: Haansoft HWord 80 Korean base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Haansoft HWord 80 Korean	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: IE40 base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IE40	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: IE4Data base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: IE5BAKEX base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: IEData base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IEData	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: MobileOptionPack base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: SchedulingAgent base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: WIC base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WIC	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {01B845D4-B73E-4CF7-A377-94BC7BB4F77B} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{01B845D4-B73E-4CF7-A377-94BC7BB4F77B}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {1D91F7DA-F517-4727-9E62-B7EA978BE980} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1D91F7DA-F517-4727-9E62-B7EA978BE980}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {90120000-0015-0412-0000-0000000FF1CE} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0015-0412-0000-0000000FF1CE}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {90120000-0016-0412-0000-0000000FF1CE} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0016-0412-0000-0000000FF1CE}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {90120000-0018-0412-0000-0000000FF1CE} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0018-0412-0000-0000000FF1CE}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {90120000-0019-0412-0000-0000000FF1CE} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0019-0412-0000-0000000FF1CE}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {90120000-001A-0412-0000-0000000FF1CE} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-001A-0412-0000-0000000FF1CE}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {90120000-001B-0412-0000-0000000FF1CE} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-001B-0412-0000-0000000FF1CE}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {90120000-001F-0409-0000-0000000FF1CE} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-001F-0409-0000-0000000FF1CE}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {90120000-001F-0412-0000-0000000FF1CE} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-001F-0412-0000-0000000FF1CE}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {90120000-0028-0412-0000-0000000FF1CE} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0028-0412-0000-0000000FF1CE}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {90120000-002C-0412-0000-0000000FF1CE} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-002C-0412-0000-0000000FF1CE}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {90120000-0030-0000-0000-0000000FF1CE} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {90120000-0044-0412-0000-0000000FF1CE} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0044-0412-0000-0000000FF1CE}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {90120000-006E-0409-0000-0000000FF1CE} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-006E-0409-0000-0000000FF1CE}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {90120000-006E-0412-0000-0000000FF1CE} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-006E-0412-0000-0000000FF1CE}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {90120000-00A1-0412-0000-0000000FF1CE} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00A1-0412-0000-0000000FF1CE}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {90120000-00BA-0409-0000-0000000FF1CE} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00BA-0409-0000-0000000FF1CE}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {90120000-0114-0412-0000-0000000FF1CE} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0114-0412-0000-0000000FF1CE}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {939659F3-71D2-461F-B24D-91D05A4389B4} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{939659F3-71D2-461F-B24D-91D05A4389B4}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {9B84A461-3B4C-40E2-B44F-CE22E215EE40} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9B84A461-3B4C-40E2-B44F-CE22E215EE40}	1
RegOpenKeyExW Oct. 28, 2022, 4:58 p.m.	regkey_r: {d992c12e-cab2-426f-bde3-fb8c53950b0d} base_handle: 0x00000340 key_handle: 0x00000344 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{d992c12e-cab2-426f-bde3-fb8c53950b0d}	1

Executes one or more WMI queries which can be used to identify virtual machines (1 event)

wmi	SELECT * FROM Win32_Processor

Communicates with host for which no DNS query was performed (2 events)

host	194.36.177.60
host	31.41.244.146

Allocates execute permission to another process indicative of possible code injection (1 event)

Time & API	Arguments	Status	Return	Repeated
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 163840 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00400000 allocation_type: 12288 (MEM_COMMIT\|MEM_RESERVE) process_handle: 0x00000270	1	0	0

Looks for the Windows Idle Time to determine the uptime (1 event)

Time & API	Arguments	Status	Return	Repeated
NtQuerySystemInformation Oct. 28, 2022, 4:58 p.m.	information_class: 8 (SystemProcessorPerformanceInformation)	1	0	0

Harvests credentials from local FTP client softwares (2 events)

file	C:\Users\test22\AppData\Roaming\FileZilla\sitemanager.xml
file	C:\Users\test22\AppData\Roaming\FileZilla\recentservers.xml

Executes one or more WMI queries (8 events)

wmi	SELECT * FROM Win32_VideoController
wmi	SELECT * FROM AntivirusProduct
wmi	SELECT * FROM Win32_OperatingSystem
wmi	SELECT * FROM Win32_Process Where SessionId='1'
wmi	SELECT * FROM AntiSpyWareProduct
wmi	SELECT * FROM FirewallProduct
wmi	SELECT * FROM Win32_DiskDrive
wmi	SELECT * FROM Win32_Processor

Creates known Hupigon files, registry keys and/or mutexes (1 event)

file	C:\Users\test22\AppData\Local\Temp\qqq.exe.config

Potential code injection by writing to the memory of another process (4 events)

Time & API	Arguments	Status	Return
WriteProcessMemory Oct. 28, 2022, 4:58 p.m.	buffer: MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $PELiüà0" @@ @´!O@¨ `! H.text\ `.rsrc¨ @@@.reloc` @B base_address: 0x00400000 process_identifier: 2732 process_handle: 0x00000270	1	1
WriteProcessMemory Oct. 28, 2022, 4:58 p.m.	buffer: 0`ÀHðxh¨Ø¨Ah( ÅÉÈÿ 43ÿEmsÿ-9:ÿÿÿ ÿ\vÿÿ (0ÿÿ5RoÿD_qÿ4P_ÿ^¯ÿÔÞàÿ¼À¿ÿ9NGÿxÿ>ÿvÿ}ÿÜÿÿ·ÿlÿ{¢ÿnÿ1yÿ4L]ÿ]¤ÿXÿÊÖ×ÿÅÌÌÿ3TMÿ:E:ÿ«ÂÿëÿÿÚùÿÍöÿ¿ìÿÃñÿ©ËÿÐ÷ÿO«ÿf~¡ÿFtÿ/RFÿË×ØÿÀÇÇÿ#ÿ(nxÿÌòÿàýÿÚùÿ´ìÿ¥ëÿ¼ïÿÑôÿ ¯Üÿ$¿ãÿ0¸ÝÿDndÿ5c_ÿÊÕÙÿÂÈÈÿ ÿC\|ÿ³ìÿÏúÿÑþÿîÿíÿ®íÿÓÿ¤Úÿºéÿÿ9\Tÿ(T[ÿÀÄÅÿÆÈÆÿZmÿxÿÆÿ¿ûÿÌÿyÓÿíÿzÏÿÊÿÉÿÉÿvÿ)Zfÿ)YZÿÀÆÆÿÁÔÓÿOOÿqÿ¶ïÿºÿ 3ÿ #@ÿa¦ÿ~Òÿx½ÿpªÿj ÿt«ÿ'iuÿ2IKÿÆËÐÿÓáâÿ<ZXÿ ÿ£ßÿ 8bÿ#ÿ#ÿ Mÿe»ÿmµÿi¬ÿwµÿ½ÿ ¬ÿ;JÿÄÈÊÿßîíÿ[rjÿ(mrÿo²ÿIÿÿ(ÿ 3ÿKÿ{ÎÿÝÿÐÿ£Ùÿ xÿÿÀÁÄÿÄËÊÿ'!ÿkÿ£äÿUÿ(Rÿ$:ÿ>ÿDÿÔÿàÿÆÿªÿ15ÿÿ¿ÁÅÿ¼Â¿ÿ ÿ©ÿxÿ´ÿÇÿt¹ÿR ÿ_¶ÿyÄÿÐÿ°Þÿ»èÿvÿ#ÿÅÍÍÿÇÐÍÿ;2ÿ%0ÿ$GIÿ hÿÌÿØÿ©ðÿáÿÕÿ¡ÛÿÄëÿÐéÿÇÿC>ÿËÔÑÿ¾ÁÁÿÿ&(ÿ++ÿ(@?ÿ·ÿÕÿ¥äÿËýÿ©Ûÿ¦ÜÿÓÿ 88ÿÿ ÿÃÊÌÿÆÍÍÿ56ÿ&%ÿ2.ÿ(B=ÿ ¤ÿÆÿÊÿªÕÿ¤°ÿÆíÿæÿÿÿ#ÿ54ÿÅÍÍÿÌÚ×ÿ,QMÿ 9@ÿ&?AÿÿfÿW_ÿÿ¨ÕÿI8ÿsiÿª·ÿloÿ:[Nÿ,>BÿÁÀÄÿÂÆÈÿ #ÿ,;Gÿ&9Aÿ27ÿ=?ÿ>REÿ2©ÿ¢Èÿ5/ÿH2ÿYJÿ5TMÿFodÿJkmÿÇÌÑÿxE hE4VS_VERSION_INFO½ïþ ?DVarFileInfo$Translation°lStringFileInfoH000004b0Comments"CompanyName< FileDescription5K Player0FileVersion6.9.0.02 InternalNameSobs.exeHLegalCopyrightCopyright © 2021*LegalTrademarks: OriginalFilenameSobs.exe4 ProductName5K Player4ProductVersion6.9.0.08Assembly Version6.7.0.0¸Hêï»¿<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"> <security> <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3"> <requestedExecutionLevel level="asInvoker" uiAccess="false"/> </requestedPrivileges> </security> </trustInfo> </assembly> base_address: 0x00424000 process_identifier: 2732 process_handle: 0x00000270	1	1
WriteProcessMemory Oct. 28, 2022, 4:58 p.m.	buffer: 2 base_address: 0x00426000 process_identifier: 2732 process_handle: 0x00000270	1	1
WriteProcessMemory Oct. 28, 2022, 4:58 p.m.	buffer: @ base_address: 0xfffde008 process_identifier: 2732 process_handle: 0x00000270	1	1

Code injection by writing an executable or DLL to the memory of another process (1 event)

Time & API	Arguments	Status	Return	Repeated
WriteProcessMemory Oct. 28, 2022, 4:58 p.m.	buffer: MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $PELiüà0" @@ @´!O@¨ `! H.text\ `.rsrc¨ @@@.reloc` @B base_address: 0x00400000 process_identifier: 2732 process_handle: 0x00000270	1	1	0

Collects information about installed applications (27 events)

Time & API	Arguments	Status
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: EditPlus regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\EditPlus\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Office Enterprise 2007 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ENTERPRISE\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Chrome regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: 한컴오피스 한글 2010 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Haansoft HWord 80 Korean\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: HttpWatch Professional 9.3.39 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{01B845D4-B73E-4CF7-A377-94BC7BB4F77B}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: 한컴오피스 한글 2010 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1D91F7DA-F517-4727-9E62-B7EA978BE980}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Google Update Helper regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Office Access MUI (Korean) 2007 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0015-0412-0000-0000000FF1CE}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Office Excel MUI (Korean) 2007 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0016-0412-0000-0000000FF1CE}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Office PowerPoint MUI (Korean) 2007 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0018-0412-0000-0000000FF1CE}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Office Publisher MUI (Korean) 2007 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0019-0412-0000-0000000FF1CE}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Office Outlook MUI (Korean) 2007 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-001A-0412-0000-0000000FF1CE}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Office Word MUI (Korean) 2007 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-001B-0412-0000-0000000FF1CE}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Office Proof (English) 2007 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-001F-0409-0000-0000000FF1CE}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Office Proof (Korean) 2007 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-001F-0412-0000-0000000FF1CE}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Office IME (Korean) 2007 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0028-0412-0000-0000000FF1CE}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Office Proofing (Korean) 2007 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-002C-0412-0000-0000000FF1CE}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Office Enterprise 2007 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0030-0000-0000-0000000FF1CE}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Office InfoPath MUI (Korean) 2007 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0044-0412-0000-0000000FF1CE}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Office Shared MUI (English) 2007 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-006E-0409-0000-0000000FF1CE}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Office Shared MUI (Korean) 2007 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-006E-0412-0000-0000000FF1CE}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Office OneNote MUI (Korean) 2007 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00A1-0412-0000-0000000FF1CE}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Office Groove MUI (English) 2007 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00BA-0409-0000-0000000FF1CE}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Office Groove Setup Metadata MUI (Korean) 2007 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0114-0412-0000-0000000FF1CE}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Adobe Flash Player 13 ActiveX regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{939659F3-71D2-461F-B24D-91D05A4389B4}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Adobe Flash Player 13 NPAPI regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9B84A461-3B4C-40E2-B44F-CE22E215EE40}\DisplayName	1
RegQueryValueExW Oct. 28, 2022, 4:58 p.m.	key_handle: 0x00000344 regkey_r: DisplayName reg_type: 1 (REG_SZ) value: Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{d992c12e-cab2-426f-bde3-fb8c53950b0d}\DisplayName	1

Used NtSetContextThread to modify a thread in a remote process indicative of process injection (2 events)

Time & API	Arguments	Status	Return	Repeated
Process injection	Process 2556 called NtSetContextThread to modify thread in remote process 2732
NtSetContextThread Oct. 28, 2022, 4:58 p.m.	registers.eip: 0 registers.esp: 0 registers.edi: 0 registers.eax: 4334086 registers.ebp: 0 registers.edx: 0 registers.ebx: -139264 registers.esi: 0 registers.ecx: 0 thread_handle: 0x0000026c process_identifier: 2732	1	0	0

Resumed a suspended thread in a remote process potentially indicative of process injection (2 events)

Time & API	Arguments	Status	Return	Repeated
Process injection	Process 2556 resumed a thread in remote process 2732
NtResumeThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x0000026c suspend_count: 1 process_identifier: 2732	1	0	0

Executed a process and injected code into it, probably while unpacking (44 events)

Time & API	Arguments	Status	Return
NtResumeThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e0 suspend_count: 1 process_identifier: 2556	1	0
NtResumeThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x00000150 suspend_count: 1 process_identifier: 2556	1	0
NtResumeThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x0000018c suspend_count: 1 process_identifier: 2556	1	0
CreateProcessInternalW Oct. 28, 2022, 4:58 p.m.	thread_identifier: 2736 thread_handle: 0x0000026c process_identifier: 2732 current_directory: filepath: C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe track: 1 command_line: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe" filepath_r: C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe stack_pivoted: 0 creation_flags: 4 (CREATE_SUSPENDED) inherit_handles: 0 process_handle: 0x00000270	1	1
NtGetContextThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x0000026c	1	0
NtAllocateVirtualMemory Oct. 28, 2022, 4:58 p.m.	process_identifier: 2732 region_size: 163840 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00400000 allocation_type: 12288 (MEM_COMMIT\|MEM_RESERVE) process_handle: 0x00000270	1	0
WriteProcessMemory Oct. 28, 2022, 4:58 p.m.	buffer: MZÿÿ¸@º´ Í!¸LÍ!This program cannot be run in DOS mode. $PELiüà0" @@ @´!O@¨ `! H.text\ `.rsrc¨ @@@.reloc` @B base_address: 0x00400000 process_identifier: 2732 process_handle: 0x00000270	1	1
WriteProcessMemory Oct. 28, 2022, 4:58 p.m.	buffer: base_address: 0x00402000 process_identifier: 2732 process_handle: 0x00000270	1	1
WriteProcessMemory Oct. 28, 2022, 4:58 p.m.	buffer: 0`ÀHðxh¨Ø¨Ah( ÅÉÈÿ 43ÿEmsÿ-9:ÿÿÿ ÿ\vÿÿ (0ÿÿ5RoÿD_qÿ4P_ÿ^¯ÿÔÞàÿ¼À¿ÿ9NGÿxÿ>ÿvÿ}ÿÜÿÿ·ÿlÿ{¢ÿnÿ1yÿ4L]ÿ]¤ÿXÿÊÖ×ÿÅÌÌÿ3TMÿ:E:ÿ«ÂÿëÿÿÚùÿÍöÿ¿ìÿÃñÿ©ËÿÐ÷ÿO«ÿf~¡ÿFtÿ/RFÿË×ØÿÀÇÇÿ#ÿ(nxÿÌòÿàýÿÚùÿ´ìÿ¥ëÿ¼ïÿÑôÿ ¯Üÿ$¿ãÿ0¸ÝÿDndÿ5c_ÿÊÕÙÿÂÈÈÿ ÿC\|ÿ³ìÿÏúÿÑþÿîÿíÿ®íÿÓÿ¤Úÿºéÿÿ9\Tÿ(T[ÿÀÄÅÿÆÈÆÿZmÿxÿÆÿ¿ûÿÌÿyÓÿíÿzÏÿÊÿÉÿÉÿvÿ)Zfÿ)YZÿÀÆÆÿÁÔÓÿOOÿqÿ¶ïÿºÿ 3ÿ #@ÿa¦ÿ~Òÿx½ÿpªÿj ÿt«ÿ'iuÿ2IKÿÆËÐÿÓáâÿ<ZXÿ ÿ£ßÿ 8bÿ#ÿ#ÿ Mÿe»ÿmµÿi¬ÿwµÿ½ÿ ¬ÿ;JÿÄÈÊÿßîíÿ[rjÿ(mrÿo²ÿIÿÿ(ÿ 3ÿKÿ{ÎÿÝÿÐÿ£Ùÿ xÿÿÀÁÄÿÄËÊÿ'!ÿkÿ£äÿUÿ(Rÿ$:ÿ>ÿDÿÔÿàÿÆÿªÿ15ÿÿ¿ÁÅÿ¼Â¿ÿ ÿ©ÿxÿ´ÿÇÿt¹ÿR ÿ_¶ÿyÄÿÐÿ°Þÿ»èÿvÿ#ÿÅÍÍÿÇÐÍÿ;2ÿ%0ÿ$GIÿ hÿÌÿØÿ©ðÿáÿÕÿ¡ÛÿÄëÿÐéÿÇÿC>ÿËÔÑÿ¾ÁÁÿÿ&(ÿ++ÿ(@?ÿ·ÿÕÿ¥äÿËýÿ©Ûÿ¦ÜÿÓÿ 88ÿÿ ÿÃÊÌÿÆÍÍÿ56ÿ&%ÿ2.ÿ(B=ÿ ¤ÿÆÿÊÿªÕÿ¤°ÿÆíÿæÿÿÿ#ÿ54ÿÅÍÍÿÌÚ×ÿ,QMÿ 9@ÿ&?AÿÿfÿW_ÿÿ¨ÕÿI8ÿsiÿª·ÿloÿ:[Nÿ,>BÿÁÀÄÿÂÆÈÿ #ÿ,;Gÿ&9Aÿ27ÿ=?ÿ>REÿ2©ÿ¢Èÿ5/ÿH2ÿYJÿ5TMÿFodÿJkmÿÇÌÑÿxE hE4VS_VERSION_INFO½ïþ ?DVarFileInfo$Translation°lStringFileInfoH000004b0Comments"CompanyName< FileDescription5K Player0FileVersion6.9.0.02 InternalNameSobs.exeHLegalCopyrightCopyright © 2021*LegalTrademarks: OriginalFilenameSobs.exe4 ProductName5K Player4ProductVersion6.9.0.08Assembly Version6.7.0.0¸Hêï»¿<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"> <security> <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3"> <requestedExecutionLevel level="asInvoker" uiAccess="false"/> </requestedPrivileges> </security> </trustInfo> </assembly> base_address: 0x00424000 process_identifier: 2732 process_handle: 0x00000270	1	1
WriteProcessMemory Oct. 28, 2022, 4:58 p.m.	buffer: 2 base_address: 0x00426000 process_identifier: 2732 process_handle: 0x00000270	1	1
WriteProcessMemory Oct. 28, 2022, 4:58 p.m.	buffer: @ base_address: 0xfffde008 process_identifier: 2732 process_handle: 0x00000270	1	1
NtSetContextThread Oct. 28, 2022, 4:58 p.m.	registers.eip: 0 registers.esp: 0 registers.edi: 0 registers.eax: 4334086 registers.ebp: 0 registers.edx: 0 registers.ebx: -139264 registers.esi: 0 registers.ecx: 0 thread_handle: 0x0000026c process_identifier: 2732	1	0
NtResumeThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x0000026c suspend_count: 1 process_identifier: 2732	1	0
NtResumeThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000dc suspend_count: 1 process_identifier: 2732	1	0
NtResumeThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x00000154 suspend_count: 1 process_identifier: 2732	1	0
NtResumeThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x00000198 suspend_count: 1 process_identifier: 2732	1	0
NtResumeThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x00000240 suspend_count: 1 process_identifier: 2732	1	0
NtResumeThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x00000258 suspend_count: 1 process_identifier: 2732	1	0
NtResumeThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x00000494 suspend_count: 1 process_identifier: 2732	1	0
NtResumeThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000006fc suspend_count: 1 process_identifier: 2732	1	0
NtGetContextThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4	1	0
NtGetContextThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4	1	0
NtResumeThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4 suspend_count: 1 process_identifier: 2732	1	0
NtGetContextThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4	1	0
NtGetContextThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4	1	0
NtResumeThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4 suspend_count: 1 process_identifier: 2732	1	0
NtGetContextThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4	1	0
NtGetContextThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4	1	0
NtResumeThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4 suspend_count: 1 process_identifier: 2732	1	0
NtGetContextThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4	1	0
NtGetContextThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4	1	0
NtGetContextThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4	1	0
NtSetContextThread Oct. 28, 2022, 4:58 p.m.	registers.eip: 1914186628 registers.esp: 1895508 registers.edi: 58149462 registers.eax: 113836544 registers.ebp: 1895548 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 40335676 thread_handle: 0x000000e4 process_identifier: 2732	1	0
NtResumeThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4 suspend_count: 1 process_identifier: 2732	1	0
NtGetContextThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4	1	0
NtGetContextThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4	1	0
NtGetContextThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4	1	0
NtSetContextThread Oct. 28, 2022, 4:58 p.m.	registers.eip: 1914186628 registers.esp: 1895508 registers.edi: 72022928 registers.eax: 113836544 registers.ebp: 1895548 registers.edx: 0 registers.ebx: 0 registers.esi: 0 registers.ecx: 40335676 thread_handle: 0x000000e4 process_identifier: 2732	1	0
NtResumeThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4 suspend_count: 1 process_identifier: 2732	1	0
NtGetContextThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4	1	0
NtGetContextThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4	1	0
NtResumeThread Oct. 28, 2022, 4:58 p.m.	thread_handle: 0x000000e4 suspend_count: 1 process_identifier: 2732	1	0
NtResumeThread Oct. 28, 2022, 4:59 p.m.	thread_handle: 0x000002fc suspend_count: 1 process_identifier: 2732	1	0
CreateProcessInternalW Oct. 28, 2022, 4:59 p.m.	thread_identifier: 1356 thread_handle: 0x000007d4 process_identifier: 1264 current_directory: C:\Users\test22\AppData\Local\Temp filepath: C:\Users\test22\AppData\Local\Temp\22windows_64.exe track: 1 command_line: "C:\Users\test22\AppData\Local\Temp\22windows_64.exe" filepath_r: C:\Users\test22\AppData\Local\Temp\22windows_64.exe stack_pivoted: 0 creation_flags: 67634192 (CREATE_DEFAULT_ERROR_MODE\|CREATE_NEW_CONSOLE\|CREATE_UNICODE_ENVIRONMENT\|EXTENDED_STARTUPINFO_PRESENT) inherit_handles: 0 process_handle: 0x000007dc	1	1

File has been identified by 58 AntiVirus engines on VirusTotal as malicious (50 out of 58 events)

Bkav	W32.AIDetectNet.01
Lionic	Trojan.MSIL.Stealer.l!c
MicroWorld-eScan	Gen:Variant.Lazy.255857
FireEye	Generic.mg.79a24a331ec7b5d3
CAT-QuickHeal	TrojanSpy.MSIL
ALYac	Gen:Variant.Lazy.255857
Cylance	Unsafe
Zillya	Trojan.Stealer.Win32.28953
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 005995461 )
BitDefender	Gen:Variant.Lazy.255857
K7GW	Trojan ( 005995461 )
Cybereason	malicious.2858f3
VirIT	Trojan.Win32.PSWStealer.CZR
Cyren	W32/ABRisk.NOCK-0602
Symantec	Trojan Horse
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/Kryptik.AGSL
APEX	Malicious
Paloalto	generic.ml
Kaspersky	HEUR:Trojan-Spy.MSIL.Stealer.gen
Alibaba	Trojan:Win32/runner.ali1000123
NANO-Antivirus	Trojan.Win32.Stealer.jtbhlo
Tencent	Msil.Trojan-Spy.Stealer.Qgil
Ad-Aware	Gen:Variant.Lazy.255857
Comodo	Malware@#axfikrfu3otx
DrWeb	Trojan.Siggen18.59144
VIPRE	Gen:Variant.Lazy.255857
TrendMicro	TrojanSpy.Win32.REDLINE.YXCJKZ
McAfee-GW-Edition	RDN/Generic PWS.y
Trapmine	malicious.moderate.ml.score
Emsisoft	Gen:Variant.Lazy.255857 (B)
SentinelOne	Static AI - Malicious PE
Webroot	W32.Trojan.Gen
Google	Detected
Avira	TR/AD.RedLineSteal.gouvw
Antiy-AVL	Trojan/Generic.ASMalwS.3E3F
Kingsoft	Win32.Troj.Undef.(kcloud)
Microsoft	Trojan:MSIL/Redline.R!MTB
Gridinsoft	Ransom.Win32.Sabsik.sa
Arcabit	Trojan.Lazy.D3E771
GData	Gen:Variant.Lazy.255857
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Generic.C5283574
Acronis	suspicious
McAfee	RDN/Generic PWS.y
MAX	malware (ai score=83)
VBA32	TScope.Trojan.MSIL
Malwarebytes	Trojan.RedLineStealer
Panda	Trj/Chgt.AD

qqq.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All