Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	June 2, 2023, 5:31 p.m.	June 2, 2023, 5:34 p.m.

Size	4.6MB
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`45d50af2dab49aa0de4894a1bbff7d62`
SHA256	`e84531a3eef229dafb604be21d54c4abfd71efdf132ec141a2ca770d436673d4`
CRC32	`F03D5C1E`
ssdeep	`98304:5l1JDX/FWuaPGwguuBnDgMyb3egMT/ia0ctMl6bSfsoCRES9Hp:jHT/5aPDgfpYuFjRG0wo`
Yara	themida_packer - themida packer Malicious_Library_Zero - Malicious_Library IsPE64 - (no description) PE_Header_Zero - PE File Signature Generic_Malware_Zero - Generic Malware

sp.exe "C:\Users\test22\AppData\Local\Temp\sp.exe"
1372

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

The executable contains unknown PE section names indicative of a packer (could be a false positive) (3 events)

section
section	.themida
section	.boot

One or more processes crashed (50 out of 65536 events)

Time & API	Arguments	Status
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: RaiseException+0x3d FreeEnvironmentStringsW-0x373 kernelbase+0xa49d @ 0x7fefdbfa49d sp+0x525c35 @ 0x140235c35 sp+0x50f64a @ 0x14021f64a HeapWalk-0x1ce0 kernel32+0x0 @ 0x76fc0000 0x2bf778 0x2bf778 0x2bf778 exception.instruction_r: 48 81 c4 c8 00 00 00 c3 48 85 f6 74 08 83 3b 00 exception.symbol: RaiseException+0x3d FreeEnvironmentStringsW-0x373 kernelbase+0xa49d exception.instruction: add rsp, 0xc8 exception.module: KERNELBASE.dll exception.exception_code: 0xc000008e exception.offset: 42141 exception.address: 0x7fefdbfa49d registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1
__exception__ June 2, 2023, 5:24 p.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 2879600 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 2881408 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 2881432 registers.rdi: 5368262656 registers.rax: 2002118620 registers.r13: 0	1

Allocates read-write-execute memory (usually to unpack itself) (2 events)

Time & API	Arguments	Status	Return	Repeated
NtProtectVirtualMemory June 2, 2023, 5:24 p.m.	process_identifier: 1372 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 8192 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00000000777b7000 process_handle: 0xffffffffffffffff	1	0	0
NtProtectVirtualMemory June 2, 2023, 5:24 p.m.	process_identifier: 1372 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 8192 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0000000077710000 process_handle: 0xffffffffffffffff	1	0	0

The binary likely contains encrypted or compressed data indicative of a packer (6 events)

section

{u'size_of_data': u'0x00006800', u'virtual_address': u'0x00001000', u'entropy': 7.961754572566071, u'name': u' ', u'virtual_size': u'0x0000b754'}

entropy

7.96175457257

description