Summary | ZeroBOX

2.1.0ff.exe

Raccoon Stealer PE32 PE File
Category Machine Started Completed
FILE s1_win7_x6401 March 29, 2023, 2:09 p.m. March 29, 2023, 2:10 p.m.
Size 110.5KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 bc338e23e5411697561306eabb29bd9c
SHA256 fc89f7167628e95935070f6a72c859da69a91655e72c4d8c8e31fbac73c2d379
CRC32 7E4756EE
ssdeep 1536:/ja4qX8uFJQvccqJ4QFn8XwcWwH7Yq8BG8TcdayFtvhV732+oOl8s4PBqZ1zObEg:/jYPQRQmr8YLNL6dzjPAvZjy5g
Yara
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • Raccoon_Stealer_1_Zero - Raccoon Stealer

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x89b8 @ 0x4089b8
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x89d4 @ 0x4089d4
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x89f2 @ 0x4089f2
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x89ff @ 0x4089ff
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8a2f @ 0x408a2f
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8a33 @ 0x408a33
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8a51 @ 0x408a51
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8a6a @ 0x408a6a
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8a6e @ 0x408a6e
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8a7f @ 0x408a7f
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8adb @ 0x408adb
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8af1 @ 0x408af1
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8af5 @ 0x408af5
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8b0f @ 0x408b0f
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8b1b @ 0x408b1b
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8b1f @ 0x408b1f
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8b4f @ 0x408b4f
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8b5b @ 0x408b5b
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8ba1 @ 0x408ba1
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8bad @ 0x408bad
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8bb1 @ 0x408bb1
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8bd4 @ 0x408bd4
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8bd8 @ 0x408bd8
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8bee @ 0x408bee
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8bf6 @ 0x408bf6
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8c10 @ 0x408c10
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8c14 @ 0x408c14
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8c18 @ 0x408c18
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8c24 @ 0x408c24
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8c28 @ 0x408c28
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8c35 @ 0x408c35
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8c39 @ 0x408c39
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8c46 @ 0x408c46
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8c5f @ 0x408c5f
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8c63 @ 0x408c63
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8c67 @ 0x408c67
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8c74 @ 0x408c74
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8c96 @ 0x408c96
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8c9e @ 0x408c9e
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8d0a @ 0x408d0a
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8d1b @ 0x408d1b
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8d1f @ 0x408d1f
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8d23 @ 0x408d23
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8d2b @ 0x408d2b
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8d38 @ 0x408d38
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8d3c @ 0x408d3c
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8d44 @ 0x408d44
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8d4c @ 0x408d4c
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8d60 @ 0x408d60
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 6
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0

__exception__

stacktrace:
LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x755de825
2+0x8d8e @ 0x408d8e
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84
exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf
exception.instruction: cmp byte ptr [eax + 7], 5
exception.module: ntdll.dll
exception.exception_code: 0xc0000005
exception.offset: 425151
exception.address: 0x76f77cbf
registers.esp: 1638044
registers.edi: 3080192
registers.eax: 4294967288
registers.ebp: 1638096
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 2568
1 0 0
Time & API Arguments Status Return Repeated

__anomaly__

tid: 2568
message: Encountered 65537 exceptions, quitting.
subcategory: exception
function_name:
1 0 0
Lionic Trojan.Win32.Raccoon.4!c
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.Agiala.32
FireEye Generic.mg.bc338e23e5411697
Malwarebytes Spyware.PasswordStealer
VIPRE Gen:Variant.Agiala.32
Sangfor Infostealer.Win32.Agent.Veee
CrowdStrike win/malicious_confidence_100% (W)
Alibaba TrojanPSW:Win32/Raccoon.803bcd10
K7GW Trojan ( 005a11931 )
K7AntiVirus Trojan ( 005a11931 )
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win32/Kryptik.HTAJ
Cynet Malicious (score: 100)
APEX Malicious
Paloalto generic.ml
Kaspersky Trojan-PSW.Win32.Raccoon.mh
BitDefender Gen:Variant.Agiala.32
ViRobot Trojan.Win.Z.Agiala.113152
Avast Win32:Trojan-gen
Tencent Win32.Trojan-QQPass.QQRob.Zfow
Emsisoft Gen:Variant.Agiala.32 (B)
DrWeb Trojan.PWS.Stealer.35956
Zillya Trojan.Agent.Win32.3282763
McAfee-GW-Edition Artemis!Trojan
Trapmine malicious.high.ml.score
Sophos Mal/EncPk-ACO
Avira HEUR/AGEN.1316309
MAX malware (ai score=85)
Antiy-AVL Trojan/Win32.Kryptik
Microsoft Trojan:Win32/Wacatac.B!ml
Gridinsoft Trojan.Win32.Kryptik.cl
Arcabit Trojan.Agiala.32
ZoneAlarm Trojan-PSW.Win32.Raccoon.mh
GData Gen:Variant.Agiala.32
Google Detected
AhnLab-V3 Trojan/Win.Generic.C5395639
McAfee Artemis!BC338E23E541
Cylance unsafe
Rising Stealer.Agent!8.C2 (TFE:4:UEeylJZ8YgL)
MaxSecure Trojan.Malware.203060456.susgen
Fortinet W32/Kryptik.HTAJ!tr
BitDefenderTheta AI:Packer.D836A3B01F
AVG Win32:Trojan-gen
Panda Trj/Genetic.gen