Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Dec. 11, 2023, 3:20 p.m.	Dec. 11, 2023, 3:26 p.m.

Size	10.0MB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`80933f1574b52fe27bfc085779bd2552`
SHA256	`336cfabdf9d36499b40352dbd06b0da24a31bbb7e6e57ac6bf04aa96de305da7`
CRC32	`E11279D7`
ssdeep	`196608:KzFTg0HXBfrnm3nioFmRy18VfxZ4QauGo3Pq+vcnBw0G5BGiw:KzFTPNm3icwyiVoQ4Z+UnynQp`
Yara	IsPE32 - (no description) PE_Header_Zero - PE File Signature UPX_Zero - UPX packed file mzp_file_format - MZP(Delphi) file format EnigmaProtector_IN - EnigmaProtector

BraveCrashHandler64.exe "C:\Users\test22\AppData\Local\Temp\BraveCrashHandler64.exe"
2088
- cmd.exe cmd.exe /c ""C:\Users\test22\AppData\Local\Temp\2088820A.bat" "C:\Users\test22\AppData\Local\Temp\BraveCrashHandler64.exe" "
  2152
  - chcp.com chcp 1252
    2212
  - findstr.exe FINDSTR /I "RuntimeBrooker.exe"
    2316
  - tasklist.exe TASKLIST
    2280
  - timeout.exe TIMEOUT /T 10
    2424
  - tasklist.exe TASKLIST
    2788
  - findstr.exe FINDSTR /I "RuntimeBrooker.exe"
    2824
  - RuntimeBrooker.exe "C:\Users\test22\AppData\Local\Temp\RuntimeBrooker.exe" -email=smithhoward232@gmail.com -password=Kamus@1993 -device-name=Machine -accept-tos
    2896
  - timeout.exe TIMEOUT /T 10
    2964
  - tasklist.exe TASKLIST
    1708
  - findstr.exe FINDSTR /I "RuntimeBrooker.exe"
    2124
  - timeout.exe TIMEOUT /T 10
    2216
  - tasklist.exe TASKLIST
    2376
  - findstr.exe FINDSTR /I "RuntimeBrooker.exe"
    2444
  - RuntimeBrooker.exe "C:\Users\test22\AppData\Local\Temp\RuntimeBrooker.exe" -email=smithhoward232@gmail.com -password=Kamus@1993 -device-name=Machine -accept-tos
    2564
  - timeout.exe TIMEOUT /T 10
    2892
  - tasklist.exe TASKLIST
    2908
  - findstr.exe FINDSTR /I "RuntimeBrooker.exe"
    1684
  - timeout.exe TIMEOUT /T 10
    1372
  - tasklist.exe TASKLIST
    2496
  - findstr.exe FINDSTR /I "RuntimeBrooker.exe"
    1704
  - RuntimeBrooker.exe "C:\Users\test22\AppData\Local\Temp\RuntimeBrooker.exe" -email=smithhoward232@gmail.com -password=Kamus@1993 -device-name=Machine -accept-tos
    2292
  - timeout.exe TIMEOUT /T 10
    2276
  - tasklist.exe TASKLIST
    2476
  - findstr.exe FINDSTR /I "RuntimeBrooker.exe"
    1780
  - timeout.exe TIMEOUT /T 10
    368
  - tasklist.exe TASKLIST
    528
  - findstr.exe FINDSTR /I "RuntimeBrooker.exe"
    2804
  - RuntimeBrooker.exe "C:\Users\test22\AppData\Local\Temp\RuntimeBrooker.exe" -email=smithhoward232@gmail.com -password=Kamus@1993 -device-name=Machine -accept-tos
    1168
  - timeout.exe TIMEOUT /T 10
    3028
  - tasklist.exe TASKLIST
    2180
  - findstr.exe FINDSTR /I "RuntimeBrooker.exe"
    1520
  - timeout.exe TIMEOUT /T 10
    1680

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Queries for the computername (14 events)

Time & API	Arguments	Status	Return
GetComputerNameA Dec. 11, 2023, 3:20 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Dec. 11, 2023, 3:20 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Dec. 11, 2023, 3:20 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameA Dec. 11, 2023, 3:20 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Dec. 11, 2023, 3:25 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Dec. 11, 2023, 3:25 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameA Dec. 11, 2023, 3:18 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Dec. 11, 2023, 3:25 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Dec. 11, 2023, 3:25 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameA Dec. 11, 2023, 3:18 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Dec. 11, 2023, 3:26 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Dec. 11, 2023, 3:26 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameA Dec. 11, 2023, 3:19 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameW Dec. 11, 2023, 3:26 p.m.	computer_name: TEST22-PC	1	1

Checks if process is being debugged by a debugger (4 events)

Time & API	Arguments	Status	Return	Repeated
IsDebuggerPresent Dec. 11, 2023, 3:20 p.m.			0	0
IsDebuggerPresent Dec. 11, 2023, 3:18 p.m.			0	0
IsDebuggerPresent Dec. 11, 2023, 3:18 p.m.			0	0
IsDebuggerPresent Dec. 11, 2023, 3:19 p.m.			0	0

Command line console output was observed (31 events)

Time & API	Arguments	Status	Return
WriteConsoleW Dec. 11, 2023, 3:20 p.m.	buffer: C:\Users\test22\AppData\Local\Temp> console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:20 p.m.	buffer: chcp console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:20 p.m.	buffer: "RuntimeBrooker.exe" console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:20 p.m.	buffer: '"C:\Windows\TEMP\RuntimeBrooker.exe"' is not recognized as an internal or external command, operable program or batch file. console_handle: 0x0000000b	1	1
WriteConsoleW Dec. 11, 2023, 3:21 p.m.	buffer: "RuntimeBrooker.exe" console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:21 p.m.	buffer: '"C:\Windows\TEMP\RuntimeBrooker.exe"' is not recognized as an internal or external command, operable program or batch file. console_handle: 0x0000000b	1	1
WriteConsoleW Dec. 11, 2023, 3:21 p.m.	buffer: "RuntimeBrooker.exe" console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:21 p.m.	buffer: '"C:\Windows\TEMP\RuntimeBrooker.exe"' is not recognized as an internal or external command, operable program or batch file. console_handle: 0x0000000b	1	1
WriteConsoleW Dec. 11, 2023, 3:21 p.m.	buffer: "RuntimeBrooker.exe" console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:21 p.m.	buffer: '"C:\Windows\TEMP\RuntimeBrooker.exe"' is not recognized as an internal or external command, operable program or batch file. console_handle: 0x0000000b	1	1
WriteConsoleW Dec. 11, 2023, 3:22 p.m.	buffer: "RuntimeBrooker.exe" console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:22 p.m.	buffer: '"C:\Windows\TEMP\RuntimeBrooker.exe"' is not recognized as an internal or external command, operable program or batch file. console_handle: 0x0000000b	1	1
WriteConsoleW Dec. 11, 2023, 3:20 p.m.	buffer: Active code page: 1252 console_handle: 0x00000013	1	1
WriteConsoleW Dec. 11, 2023, 3:20 p.m.	buffer: Waiting for 10 console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:20 p.m.	buffer: seconds, press a key to continue ... console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:25 p.m.	buffer: Waiting for 10 console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:25 p.m.	buffer: seconds, press a key to continue ... console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:25 p.m.	buffer: Waiting for 10 console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:25 p.m.	buffer: seconds, press a key to continue ... console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:25 p.m.	buffer: Waiting for 10 console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:25 p.m.	buffer: seconds, press a key to continue ... console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:25 p.m.	buffer: Waiting for 10 console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:25 p.m.	buffer: seconds, press a key to continue ... console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:26 p.m.	buffer: Waiting for 10 console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:26 p.m.	buffer: seconds, press a key to continue ... console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:26 p.m.	buffer: Waiting for 10 console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:26 p.m.	buffer: seconds, press a key to continue ... console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:26 p.m.	buffer: Waiting for 10 console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:26 p.m.	buffer: seconds, press a key to continue ... console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:26 p.m.	buffer: Waiting for 10 console_handle: 0x00000007	1	1
WriteConsoleW Dec. 11, 2023, 3:26 p.m.	buffer: seconds, press a key to continue ... console_handle: 0x00000007	1	1

The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 event)

section

One or more processes crashed (50 out of 262235 events)

Time & API	Arguments	Status
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1abab3 @ 0x5abab3 bravecrashhandler64+0x1b5391 @ 0x5b5391 bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: f7 f0 e8 44 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf96d5 exception.instruction: div eax exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc0000094 exception.offset: 1021653 exception.address: 0x4f96d5 registers.esp: 2686684 registers.edi: 6889712 registers.eax: 0 registers.ebp: 2686712 registers.edx: 0 registers.ebx: 2482338606 registers.esi: 4296704 registers.ecx: 37763760	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1abab3 @ 0x5abab3 bravecrashhandler64+0x1b5391 @ 0x5b5391 bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: 0f 0b e8 19 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf9700 exception.instruction: ud2 exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc000001d exception.offset: 1021696 exception.address: 0x4f9700 registers.esp: 2686684 registers.edi: 2686684 registers.eax: 0 registers.ebp: 2686712 registers.edx: 2 registers.ebx: 5215979 registers.esi: 0 registers.ecx: 2686720	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1abab3 @ 0x5abab3 bravecrashhandler64+0x1b5391 @ 0x5b5391 bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: f7 f0 e8 44 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf96d5 exception.instruction: div eax exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc0000094 exception.offset: 1021653 exception.address: 0x4f96d5 registers.esp: 2686684 registers.edi: 2686684 registers.eax: 0 registers.ebp: 2686712 registers.edx: 0 registers.ebx: 5216022 registers.esi: 0 registers.ecx: 2686720	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b1bae @ 0x5b1bae bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: f7 f0 e8 44 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf96d5 exception.instruction: div eax exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc0000094 exception.offset: 1021653 exception.address: 0x4f96d5 registers.esp: 2686620 registers.edi: 5683876 registers.eax: 0 registers.ebp: 2686648 registers.edx: 0 registers.ebx: 102400 registers.esi: 4296704 registers.ecx: 4296704	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b1bae @ 0x5b1bae bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: f7 f0 e8 44 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf96d5 exception.instruction: div eax exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc0000094 exception.offset: 1021653 exception.address: 0x4f96d5 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 0 registers.ebx: 5215979 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b1bae @ 0x5b1bae bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: f7 f0 e8 44 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf96d5 exception.instruction: div eax exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc0000094 exception.offset: 1021653 exception.address: 0x4f96d5 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 0 registers.ebx: 5215979 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b1bae @ 0x5b1bae bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: f7 f0 e8 44 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf96d5 exception.instruction: div eax exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc0000094 exception.offset: 1021653 exception.address: 0x4f96d5 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 0 registers.ebx: 5215979 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b1bae @ 0x5b1bae bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: f7 f0 e8 44 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf96d5 exception.instruction: div eax exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc0000094 exception.offset: 1021653 exception.address: 0x4f96d5 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 0 registers.ebx: 5215979 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b1bae @ 0x5b1bae bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: f7 f0 e8 44 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf96d5 exception.instruction: div eax exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc0000094 exception.offset: 1021653 exception.address: 0x4f96d5 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 0 registers.ebx: 5215979 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b1bae @ 0x5b1bae bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: 0f 0b e8 19 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf9700 exception.instruction: ud2 exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc000001d exception.offset: 1021696 exception.address: 0x4f9700 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 2 registers.ebx: 5215979 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b1e7c @ 0x5b1e7c bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: 0f 0b e8 19 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf9700 exception.instruction: ud2 exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc000001d exception.offset: 1021696 exception.address: 0x4f9700 registers.esp: 2686620 registers.edi: 5683876 registers.eax: 0 registers.ebp: 2686648 registers.edx: 2 registers.ebx: 4 registers.esi: 4294967295 registers.ecx: 0	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b1e7c @ 0x5b1e7c bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: f7 f0 e8 44 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf96d5 exception.instruction: div eax exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc0000094 exception.offset: 1021653 exception.address: 0x4f96d5 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 0 registers.ebx: 5216022 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b1e7c @ 0x5b1e7c bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: f7 f0 e8 44 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf96d5 exception.instruction: div eax exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc0000094 exception.offset: 1021653 exception.address: 0x4f96d5 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 0 registers.ebx: 5215979 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b1e7c @ 0x5b1e7c bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: f7 f0 e8 44 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf96d5 exception.instruction: div eax exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc0000094 exception.offset: 1021653 exception.address: 0x4f96d5 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 0 registers.ebx: 5215979 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b1ea0 @ 0x5b1ea0 bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: cc 68 fd 57 5a e9 e9 df 59 ff ff 40 63 fc af 47 exception.symbol: bravecrashhandler64+0x1a79fe exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1735166 exception.address: 0x5a79fe registers.esp: 2686620 registers.edi: 5655117 registers.eax: 2324 registers.ebp: 2686648 registers.edx: 2686656 registers.ebx: 4 registers.esi: 4294919751 registers.ecx: 0	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 2686620 registers.edi: 5683876 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 4 registers.esi: 4294967295 registers.ecx: 1354039296	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b2023 @ 0x5b2023 bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: 0f 0b e8 19 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf9700 exception.instruction: ud2 exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc000001d exception.offset: 1021696 exception.address: 0x4f9700 registers.esp: 2686620 registers.edi: 5683876 registers.eax: 0 registers.ebp: 2686648 registers.edx: 2 registers.ebx: 4 registers.esi: 4294967295 registers.ecx: 0	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b2023 @ 0x5b2023 bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: 0f 0b e8 19 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf9700 exception.instruction: ud2 exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc000001d exception.offset: 1021696 exception.address: 0x4f9700 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 2 registers.ebx: 5216022 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b2023 @ 0x5b2023 bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: 0f 0b e8 19 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf9700 exception.instruction: ud2 exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc000001d exception.offset: 1021696 exception.address: 0x4f9700 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 2 registers.ebx: 5216022 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b2023 @ 0x5b2023 bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: 0f 0b e8 19 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf9700 exception.instruction: ud2 exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc000001d exception.offset: 1021696 exception.address: 0x4f9700 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 2 registers.ebx: 5216022 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1a4204 @ 0x5a4204 bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: ed 68 aa 55 5a e9 e9 53 53 ff ff 92 4c f3 40 1d exception.symbol: bravecrashhandler64+0x1a808a exception.instruction: in eax, dx exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc0000096 exception.offset: 1736842 exception.address: 0x5a808a registers.esp: 2686608 registers.edi: 5683876 registers.eax: 1447909480 registers.ebp: 2686636 registers.edx: 22104 registers.ebx: 0 registers.esi: 5682560 registers.ecx: 10	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1a4229 @ 0x5a4229 bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: 0f 3f 68 21 0b 5a e9 e9 c0 7e fe ff b3 7c 68 29 exception.symbol: bravecrashhandler64+0x1b551c exception.address: 0x5b551c exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc000001d exception.offset: 1791260 registers.esp: 2686608 registers.edi: 5683876 registers.eax: 1 registers.ebp: 2686636 registers.edx: 0 registers.ebx: 0 registers.esi: 5682560 registers.ecx: 0	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b2207 @ 0x5b2207 bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: f7 f0 e8 44 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf96d5 exception.instruction: div eax exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc0000094 exception.offset: 1021653 exception.address: 0x4f96d5 registers.esp: 2686620 registers.edi: 5683876 registers.eax: 0 registers.ebp: 2686648 registers.edx: 0 registers.ebx: 4 registers.esi: 4294967295 registers.ecx: 0	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b2207 @ 0x5b2207 bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: f7 f0 e8 44 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf96d5 exception.instruction: div eax exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc0000094 exception.offset: 1021653 exception.address: 0x4f96d5 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 0 registers.ebx: 5215979 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b2207 @ 0x5b2207 bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: f7 f0 e8 44 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf96d5 exception.instruction: div eax exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc0000094 exception.offset: 1021653 exception.address: 0x4f96d5 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 0 registers.ebx: 5215979 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b2207 @ 0x5b2207 bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: 0f 0b e8 19 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf9700 exception.instruction: ud2 exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc000001d exception.offset: 1021696 exception.address: 0x4f9700 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 2 registers.ebx: 5215979 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b2207 @ 0x5b2207 bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: 0f 0b e8 19 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf9700 exception.instruction: ud2 exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc000001d exception.offset: 1021696 exception.address: 0x4f9700 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 2 registers.ebx: 5216022 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b2207 @ 0x5b2207 bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: 0f 0b e8 19 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf9700 exception.instruction: ud2 exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc000001d exception.offset: 1021696 exception.address: 0x4f9700 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 2 registers.ebx: 5216022 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b2207 @ 0x5b2207 bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: f7 f0 e8 44 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf96d5 exception.instruction: div eax exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc0000094 exception.offset: 1021653 exception.address: 0x4f96d5 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 0 registers.ebx: 5216022 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b2207 @ 0x5b2207 bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: f7 f0 e8 44 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf96d5 exception.instruction: div eax exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc0000094 exception.offset: 1021653 exception.address: 0x4f96d5 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 0 registers.ebx: 5215979 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b2207 @ 0x5b2207 bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: 0f 0b e8 19 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf9700 exception.instruction: ud2 exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc000001d exception.offset: 1021696 exception.address: 0x4f9700 registers.esp: 2686620 registers.edi: 2686620 registers.eax: 0 registers.ebp: 2686648 registers.edx: 2 registers.ebx: 5215979 registers.esi: 0 registers.ecx: 2686656	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: bravecrashhandler64+0x1b232a @ 0x5b232a bravecrashhandler64+0x1b539e @ 0x5b539e bravecrashhandler64+0x291e61 @ 0x691e61 exception.instruction_r: 0f 0b e8 19 37 01 00 33 c0 5a 59 59 64 89 10 eb exception.symbol: bravecrashhandler64+0xf9700 exception.instruction: ud2 exception.module: BraveCrashHandler64.exe exception.exception_code: 0xc000001d exception.offset: 1021696 exception.address: 0x4f9700 registers.esp: 2686620 registers.edi: 5683876 registers.eax: 0 registers.ebp: 2686648 registers.edx: 2 registers.ebx: 4 registers.esi: 4294967295 registers.ecx: 3280666624	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 49544980 registers.edi: 37923860 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 37923944 registers.esi: 5 registers.ecx: 1354039296	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 49544980 registers.edi: 37923860 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 37923946 registers.esi: 13 registers.ecx: 1354039296	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 49544980 registers.edi: 37923860 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 37923948 registers.esi: 13 registers.ecx: 1354039296	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 49544980 registers.edi: 37923860 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 37923950 registers.esi: 13 registers.ecx: 1354039296	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 49544980 registers.edi: 37923860 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 37923952 registers.esi: 13 registers.ecx: 1354039296	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 49544980 registers.edi: 37923860 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 37923954 registers.esi: 13 registers.ecx: 1354039296	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 49544980 registers.edi: 37923860 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 37923956 registers.esi: 13 registers.ecx: 1354039296	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 49544980 registers.edi: 37923860 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 37923958 registers.esi: 13 registers.ecx: 1354039296	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 49544980 registers.edi: 37923860 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 37923960 registers.esi: 13 registers.ecx: 1354039296	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 49544980 registers.edi: 37923860 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 37923962 registers.esi: 13 registers.ecx: 1354039296	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 49544980 registers.edi: 37923860 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 37923964 registers.esi: 11 registers.ecx: 1354039296	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 49544980 registers.edi: 37923860 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 37923966 registers.esi: 11 registers.ecx: 1354039296	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 49544980 registers.edi: 37923860 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 37923968 registers.esi: 11 registers.ecx: 1354039296	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 49544980 registers.edi: 37923860 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 37923970 registers.esi: 11 registers.ecx: 1354039296	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 49544980 registers.edi: 37923860 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 37923972 registers.esi: 11 registers.ecx: 1354039296	1
__exception__ Dec. 11, 2023, 3:20 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 49544980 registers.edi: 37923860 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 37923974 registers.esi: 13 registers.ecx: 1354039296	1
__exception__ Dec. 11, 2023, 3:21 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 49544980 registers.edi: 37923860 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 37923976 registers.esi: 13 registers.ecx: 1354039296	1
__exception__ Dec. 11, 2023, 3:21 p.m.	stacktrace: exception.instruction_r: cc 68 41 71 5a e9 e9 42 a4 ff ff e5 18 b9 43 8f exception.symbol: bravecrashhandler64+0x1a2f9b exception.instruction: int3 exception.module: BraveCrashHandler64.exe exception.exception_code: 0x80000003 exception.offset: 1716123 exception.address: 0x5a2f9b registers.esp: 49544980 registers.edi: 37923860 registers.eax: 4 registers.ebp: 1111705675 registers.edx: 0 registers.ebx: 37923978 registers.esi: 10 registers.ecx: 1354039296	1

Allocates read-write-execute memory (usually to unpack itself) (50 out of 117 events)

Time & API	Arguments	Status
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 16384 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x022d0000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 16384 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x023d0000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00860000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00880000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x008a0000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 65536 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x023d4000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x023e4000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 147456 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x023e4000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 65536 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02404000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 16384 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02414000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 65536 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02414000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 16384 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02414000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02418000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02418000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02418000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02418000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02418000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02418000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02418000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02428000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 1064960 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02b40000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02428000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0243c000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02428000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0243c000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02428000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0243c000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02428000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0243c000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02428000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0243c000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02428000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0243c000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02428000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0243c000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02428000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0243c000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02428000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 region_size: 81920 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0243c000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtProtectVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x778bf000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x778c0000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x778bf000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x778bf000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x778bf000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x778bf000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x778bf000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x778bf000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x778bf000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x778bf000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Dec. 11, 2023, 3:20 p.m.	process_identifier: 2088 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x778c0000 process_handle: 0xffffffff	1

A process attempted to delay the analysis task. (1 event)

description

BraveCrashHandler64.exe tried to sleep 235 seconds, actually delayed analysis time by 235 seconds

Creates executable files on the filesystem (2 events)

file	c:\Users\test22\AppData\Local\Temp\RuntimeBrooker.exe
file	C:\Users\test22\AppData\Local\Temp\2088820A.bat

Creates a suspicious process (1 event)

cmdline

cmd.exe /c ""C:\Users\test22\AppData\Local\Temp\2088820A.bat" "C:\Users\test22\AppData\Local\Temp\BraveCrashHandler64.exe" "

Drops a binary and executes it (1 event)

file	C:\Users\test22\AppData\Local\Temp\RuntimeBrooker.exe

Executes one or more WMI queries (1 event)

wmi	SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime FROM Win32_Process

Searches running processes potentially to identify processes for sandbox evasion, code injection or memory dumping (37 events)

Time & API	Arguments	Status	Return
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: [System Process] process_identifier: 0	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: System process_identifier: 4	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: smss.exe process_identifier: 232	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: csrss.exe process_identifier: 308	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: wininit.exe process_identifier: 344	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: csrss.exe process_identifier: 356	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: winlogon.exe process_identifier: 392	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: services.exe process_identifier: 436	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: lsass.exe process_identifier: 452	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: lsm.exe process_identifier: 460	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: svchost.exe process_identifier: 560	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: svchost.exe process_identifier: 636	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: svchost.exe process_identifier: 716	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: svchost.exe process_identifier: 780	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: svchost.exe process_identifier: 824	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: audiodg.exe process_identifier: 896	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: svchost.exe process_identifier: 984	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: svchost.exe process_identifier: 340	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: spoolsv.exe process_identifier: 1060	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: taskhost.exe process_identifier: 1112	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: svchost.exe process_identifier: 1120	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: dwm.exe process_identifier: 1192	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: explorer.exe process_identifier: 1236	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: svchost.exe process_identifier: 1744	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: pw.exe process_identifier: 1888	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: SearchIndexer.exe process_identifier: 1652	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: mobsync.exe process_identifier: 536	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: pw.exe process_identifier: 1448	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: wsqmcons.exe process_identifier: 2040	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: sdclt.exe process_identifier: 660	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: taskhost.exe process_identifier: 292	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: cmd.exe process_identifier: 1792	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: conhost.exe process_identifier: 1188	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: SearchProtocolHost.exe process_identifier: 880	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: pw.exe process_identifier: 1648	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: SearchFilterHost.exe process_identifier: 632	1	1
Process32NextW Dec. 11, 2023, 3:20 p.m.	snapshot_handle: 0x00000148 process_name: BraveCrashHandler64.exe process_identifier: 2088	1	1

The binary likely contains encrypted or compressed data indicative of a packer (7 events)

section

{u'size_of_data': u'0x00004c00', u'virtual_address': u'0x00001000', u'entropy': 7.9668972347074325, u'name': u'', u'virtual_size': u'0x00009000'}

entropy

7.96689723471

description