Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	July 20, 2023, 9:33 a.m.	July 20, 2023, 9:39 a.m.

Size	9.8MB
Type	PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5	`b938598941bc685645ce1a2f7ae93e86`
SHA256	`544e42d33423d4dc27edf3acb6edc56c77346e833a71b353c393e5bb7f8ccf85`
CRC32	`24D0714C`
ssdeep	`196608:jgULpiWPCJcHhcdEkCu9g2LCseyu1WjUee7DJiSn616R/K:jt/icHhcd1C8ayu18U961r`
Yara	UPX_Zero - UPX packed file IsPE64 - (no description) anti_vm_detect - Possibly employs anti-virtualization techniques Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature themida_packer - themida packer Generic_Malware_Zero - Generic Malware

rdpcllp.exe "C:\Users\test22\AppData\Local\Temp\rdpcllp.exe"
2056

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

The executable contains unknown PE section names indicative of a packer (could be a false positive) (3 events)

section
section	.themida
section	.boot

The file contains an unknown PE resource name possibly indicative of a packer (4 events)

resource name	AVI
resource name	SVG
resource name	TIS
resource name	XML

One or more processes crashed (50 out of 65536 events)

Time & API	Arguments	Status
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: RaiseException+0x3d FreeEnvironmentStringsW-0x373 kernelbase+0xa49d @ 0x7fefdbfa49d rdpcllp+0xdb6aa4 @ 0x140ab6aa4 rdpcllp+0xde54cc @ 0x140ae54cc HeapWalk-0x1ce0 kernel32+0x0 @ 0x76fc0000 0x34f898 0x34f898 0x34f898 exception.instruction_r: 48 81 c4 c8 00 00 00 c3 48 85 f6 74 08 83 3b 00 exception.symbol: RaiseException+0x3d FreeEnvironmentStringsW-0x373 kernelbase+0xa49d exception.instruction: add rsp, 0xc8 exception.module: KERNELBASE.dll exception.exception_code: 0xc000008e exception.offset: 42141 exception.address: 0x7fefdbfa49d registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1
__exception__ July 20, 2023, 9:26 a.m.	stacktrace: exception.symbol: exception.exception_code: 0xc0000005 exception.address: 0x0 registers.r14: 0 registers.r15: 0 registers.rcx: 3469712 registers.rsi: 2004499152 registers.r10: 0 registers.rbx: 0 registers.rsp: 3471520 registers.r11: 514 registers.r8: 0 registers.r9: 0 registers.rdx: 0 registers.r12: 0 registers.rbp: 3471544 registers.rdi: 5376139264 registers.rax: 2001397645 registers.r13: 0	1

Foreign language identified in PE resource (2 events)

name

RT_VERSION

language

LANG_CHINESE

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x00a11284

size

0x00000298

name

RT_VERSION

language

LANG_CHINESE

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x00a11284

size

0x00000298

The binary likely contains encrypted or compressed data indicative of a packer (7 events)

section

{u'size_of_data': u'0x0000d400', u'virtual_address': u'0x00001000', u'entropy': 7.979989158589741, u'name': u' ', u'virtual_size': u'0x0001ebb0'}

entropy

7.97998915859

description