Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Jan. 27, 2024, 3:52 p.m.	Jan. 27, 2024, 3:57 p.m.

Size	5.6MB
Type	PE32 executable (GUI) Intel 80386, for MS Windows, InnoSetup self-extracting archive
MD5	`f94747901a9f32aa41d1212d6ecc4312`
SHA256	`dc4f7ed505c4426d0e04c603b1489ee10e46c703fce2c2e427ea9f9ec21b3ec4`
CRC32	`22CB61E1`
ssdeep	`98304:uiM35yxqVrmzF+oZ8SpqtXNZmRJf+/n5O6fqXqhEaMRnfBizbrLnBdTmxVC1mkL:bMwxqlm5FCdNR/n5O6feqz6Bin2Mmc`
Yara	Malicious_Library_Zero - Malicious_Library IsPE32 - (no description) Win32_Trojan_Emotet_2_Zero - Win32 Trojan Emotet PE_Header_Zero - PE File Signature UPX_Zero - UPX packed file mzp_file_format - MZP(Delphi) file format ConfuserEx_Zero - Confuser .NET

goo8.exe "C:\Users\test22\AppData\Local\Temp\goo8.exe"
840
- is-Q22MA.tmp "C:\Users\test22\AppData\Local\Temp\is-57ORE.tmp\is-Q22MA.tmp" /SL4 $30028 "C:\Users\test22\AppData\Local\Temp\goo8.exe" 5591109 52224
  2112
  - schtasks.exe "C:\Windows\system32\schtasks.exe" /Query
    2212
  - jsgeolocationapi.exe "C:\Users\test22\AppData\Local\JS Geolocation API\jsgeolocationapi.exe" -i
    2248
  - jsgeolocationapi.exe "C:\Users\test22\AppData\Local\JS Geolocation API\jsgeolocationapi.exe" -s
    2640

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Queries for the computername (2 events)

Time & API	Arguments	Status	Return	Repeated
GetComputerNameA Jan. 27, 2024, 3:52 p.m.	computer_name: TEST22-PC	1	1	0
GetComputerNameW Jan. 27, 2024, 3:52 p.m.	computer_name: TEST22-PC	1	1	0

Checks if process is being debugged by a debugger (1 event)

Time & API	Arguments	Status	Return	Repeated
IsDebuggerPresent Jan. 27, 2024, 3:52 p.m.			0	0

Command line console output was observed (50 out of 365 events)

Time & API	Arguments	Status	Return
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Folder: \ console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: TaskName console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Next Run Time console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Status console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Adobe Acrobat Update Task console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Disabled console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Adobe Flash Player Updater console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Disabled console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: GoogleUpdateTaskMachineCore console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Disabled console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: GoogleUpdateTaskMachineUA console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Disabled console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: KMSAutoNet console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: 2024-02-05 오전 10:02:37 console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Unknown console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Folder: \Microsoft console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: TaskName console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Next Run Time console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Status console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: INFO: There are no scheduled tasks presently available at your access level. console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Folder: \Microsoft\Office console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: TaskName console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Next Run Time console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Status console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Office 15 Subscription Heartbeat console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: 2024-01-28 오전 12:09:20 console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Unknown console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: OfficeTelemetryAgentFallBack console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: N/A console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Unknown console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: OfficeTelemetryAgentLogOn console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: N/A console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Unknown console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Folder: \Microsoft\Windows console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: TaskName console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Next Run Time console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Status console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: INFO: There are no scheduled tasks presently available at your access level. console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Folder: \Microsoft\Windows\Active Directory Rights Management Services Client console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: TaskName console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Next Run Time console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Status console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: AD RMS Rights Policy Template Management console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Disabled console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: AD RMS Rights Policy Template Management console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: N/A console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Ready console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Folder: \Microsoft\Windows\AppID console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: TaskName console_handle: 0x00000007	1	1
WriteConsoleW Jan. 27, 2024, 3:52 p.m.	buffer: Next Run Time console_handle: 0x00000007	1	1

The executable contains unknown PE section names indicative of a packer (could be a false positive) (3 events)

section	CODE
section	DATA
section	BSS

One or more processes crashed (50 out of 131074 events)

Time & API	Arguments	Status
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: is-q22ma+0x40672 @ 0x440672 is-q22ma+0x424b7 @ 0x4424b7 is-q22ma+0x47b24 @ 0x447b24 is-q22ma+0x3da85 @ 0x43da85 is-q22ma+0x3c9bb @ 0x43c9bb is-q22ma+0x874cc @ 0x4874cc is-q22ma+0x750c4 @ 0x4750c4 is-q22ma+0x8b184 @ 0x48b184 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: 8b 06 c7 45 fc fe ff ff ff 85 db 0f 85 97 34 00 exception.symbol: WNetCloseEnum+0x14 WNetOpenEnumW-0x11c mpr+0x2dea exception.instruction: mov eax, dword ptr [esi] exception.module: mpr.dll exception.exception_code: 0xc0000005 exception.offset: 11754 exception.address: 0x74342dea registers.esp: 1637616 registers.edi: 33455576 registers.eax: 1637644 registers.ebp: 1637660 registers.edx: 44 registers.ebx: 0 registers.esi: 44 registers.ecx: 0	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: is-q22ma+0x3d5aa @ 0x43d5aa is-q22ma+0x3c9bb @ 0x43c9bb is-q22ma+0x874cc @ 0x4874cc is-q22ma+0x750c4 @ 0x4750c4 is-q22ma+0x8b184 @ 0x48b184 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: f7 37 89 06 e9 dd 07 00 00 8b 06 33 d2 8a 17 8b exception.symbol: is-q22ma+0x3a89f exception.instruction: div dword ptr [edi] exception.module: is-Q22MA.tmp exception.exception_code: 0xc0000094 exception.offset: 239775 exception.address: 0x43a89f registers.esp: 1637788 registers.edi: 33361356 registers.eax: 9713356 registers.ebp: 1637868 registers.edx: 0 registers.ebx: 1 registers.esi: 33361348 registers.ecx: 33361356	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x26510a @ 0x66510a jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: 8b 06 c7 45 fc fe ff ff ff 85 db 0f 85 97 34 00 exception.symbol: WNetCloseEnum+0x14 WNetOpenEnumW-0x11c mpr+0x2dea exception.instruction: mov eax, dword ptr [esi] exception.module: MPR.dll exception.exception_code: 0xc0000005 exception.offset: 11754 exception.address: 0x74342dea registers.esp: 1638044 registers.edi: 0 registers.eax: 1638072 registers.ebp: 1638088 registers.edx: 188 registers.ebx: 0 registers.esi: 1 registers.ecx: 659202542	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x220b8b @ 0x620b8b jsgeolocationapi+0x260cd6 @ 0x660cd6 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638000 registers.edi: 0 registers.eax: 1971253248 registers.ebp: 1638040 registers.edx: 1971253248 registers.ebx: 0 registers.esi: 2895792 registers.ecx: 1971253248	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x220b8b @ 0x620b8b jsgeolocationapi+0x260cd6 @ 0x660cd6 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638000 registers.edi: 0 registers.eax: 1971249152 registers.ebp: 1638040 registers.edx: 1971249152 registers.ebx: 0 registers.esi: 2895792 registers.ecx: 1971249152	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x220b8b @ 0x620b8b jsgeolocationapi+0x260cd6 @ 0x660cd6 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638000 registers.edi: 0 registers.eax: 1971245056 registers.ebp: 1638040 registers.edx: 1971245056 registers.ebx: 0 registers.esi: 2895792 registers.ecx: 1971245056	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x220b8b @ 0x620b8b jsgeolocationapi+0x260cd6 @ 0x660cd6 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638000 registers.edi: 0 registers.eax: 1971240960 registers.ebp: 1638040 registers.edx: 1971240960 registers.ebx: 0 registers.esi: 2895792 registers.ecx: 1971240960	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x220b8b @ 0x620b8b jsgeolocationapi+0x260cd6 @ 0x660cd6 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638000 registers.edi: 0 registers.eax: 1971236864 registers.ebp: 1638040 registers.edx: 1971236864 registers.ebx: 0 registers.esi: 2895792 registers.ecx: 1971236864	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x220b8b @ 0x620b8b jsgeolocationapi+0x260cd6 @ 0x660cd6 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638000 registers.edi: 0 registers.eax: 1971232768 registers.ebp: 1638040 registers.edx: 1971232768 registers.ebx: 0 registers.esi: 2895792 registers.ecx: 1971232768	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x220b8b @ 0x620b8b jsgeolocationapi+0x260cd6 @ 0x660cd6 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638000 registers.edi: 0 registers.eax: 1971228672 registers.ebp: 1638040 registers.edx: 1971228672 registers.ebx: 0 registers.esi: 2895792 registers.ecx: 1971228672	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x220b8b @ 0x620b8b jsgeolocationapi+0x260cd6 @ 0x660cd6 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638000 registers.edi: 0 registers.eax: 1971224576 registers.ebp: 1638040 registers.edx: 1971224576 registers.ebx: 0 registers.esi: 2895792 registers.ecx: 1971224576	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x220b8b @ 0x620b8b jsgeolocationapi+0x260cd6 @ 0x660cd6 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638000 registers.edi: 0 registers.eax: 1971220480 registers.ebp: 1638040 registers.edx: 1971220480 registers.ebx: 0 registers.esi: 2895792 registers.ecx: 1971220480	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x220b8b @ 0x620b8b jsgeolocationapi+0x260cd6 @ 0x660cd6 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638000 registers.edi: 0 registers.eax: 1971216384 registers.ebp: 1638040 registers.edx: 1971216384 registers.ebx: 0 registers.esi: 2895792 registers.ecx: 1971216384	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x220b8b @ 0x620b8b jsgeolocationapi+0x260cd6 @ 0x660cd6 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638000 registers.edi: 0 registers.eax: 1971212288 registers.ebp: 1638040 registers.edx: 1971212288 registers.ebx: 0 registers.esi: 2895792 registers.ecx: 1971212288	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x220b8b @ 0x620b8b jsgeolocationapi+0x260cd6 @ 0x660cd6 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638000 registers.edi: 0 registers.eax: 1971208192 registers.ebp: 1638040 registers.edx: 1971208192 registers.ebx: 0 registers.esi: 2895792 registers.ecx: 1971208192	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x220b8b @ 0x620b8b jsgeolocationapi+0x260cd6 @ 0x660cd6 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638000 registers.edi: 0 registers.eax: 1971204096 registers.ebp: 1638040 registers.edx: 1971204096 registers.ebx: 0 registers.esi: 2895792 registers.ecx: 1971204096	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x220b8b @ 0x620b8b jsgeolocationapi+0x260cd6 @ 0x660cd6 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638000 registers.edi: 0 registers.eax: 1971200000 registers.ebp: 1638040 registers.edx: 1971200000 registers.ebx: 0 registers.esi: 2895792 registers.ecx: 1971200000	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x220b8b @ 0x620b8b jsgeolocationapi+0x260cd6 @ 0x660cd6 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638000 registers.edi: 0 registers.eax: 1971195904 registers.ebp: 1638040 registers.edx: 1971195904 registers.ebx: 0 registers.esi: 2895792 registers.ecx: 1971195904	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134217728 registers.ebp: 1638048 registers.edx: 35 registers.ebx: 0 registers.esi: 134217728 registers.ecx: 2005598752	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134221824 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134221824 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134225920 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134225920 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134230016 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134230016 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134234112 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134234112 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134238208 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134238208 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134242304 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134242304 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134246400 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134246400 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134250496 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134250496 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134254592 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134254592 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134258688 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134258688 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134262784 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134262784 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134266880 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134266880 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134270976 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134270976 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134275072 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134275072 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134279168 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134279168 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134283264 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134283264 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134287360 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134287360 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134291456 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134291456 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134295552 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134295552 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134299648 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134299648 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134303744 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134303744 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134307840 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134307840 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134311936 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134311936 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134316032 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134316032 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134320128 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134320128 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134324224 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134324224 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134328320 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134328320 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134332416 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134332416 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134336512 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134336512 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134340608 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134340608 registers.ecx: 1638264	1
__exception__ Jan. 27, 2024, 3:52 p.m.	stacktrace: jsgeolocationapi+0x1ba493 @ 0x5ba493 jsgeolocationapi+0x16d467 @ 0x56d467 jsgeolocationapi+0x269a45 @ 0x669a45 jsgeolocationapi+0xb9efa @ 0x4b9efa BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x757f33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: ff 30 ff 34 24 8b 04 24 57 89 e7 81 c7 04 00 00 exception.symbol: jsgeolocationapi+0x1a55bd exception.instruction: push dword ptr [eax] exception.module: jsgeolocationapi.exe exception.exception_code: 0xc0000005 exception.offset: 1725885 exception.address: 0x5a55bd registers.esp: 1638008 registers.edi: 4705 registers.eax: 134344704 registers.ebp: 1638048 registers.edx: 0 registers.ebx: 0 registers.esi: 134344704 registers.ecx: 1638264	1

Allocates read-write-execute memory (usually to unpack itself) (11 events)

Time & API	Arguments	Status
NtProtectVirtualMemory Jan. 27, 2024, 3:52 p.m.	process_identifier: 840 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00400000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Jan. 27, 2024, 3:52 p.m.	process_identifier: 840 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 36864 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00401000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Jan. 27, 2024, 3:52 p.m.	process_identifier: 840 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 20480 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040e000 process_handle: 0xffffffff	1
NtAllocateVirtualMemory Jan. 27, 2024, 3:52 p.m.	process_identifier: 2112 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x003f0000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtProtectVirtualMemory Jan. 27, 2024, 3:52 p.m.	process_identifier: 2112 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x73ff1000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Jan. 27, 2024, 3:52 p.m.	process_identifier: 2112 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x73eb1000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Jan. 27, 2024, 3:52 p.m.	process_identifier: 2112 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x75291000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Jan. 27, 2024, 3:52 p.m.	process_identifier: 2112 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x73dd1000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Jan. 27, 2024, 3:52 p.m.	process_identifier: 2112 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x73ea1000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Jan. 27, 2024, 3:52 p.m.	process_identifier: 2248 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x73c71000 process_handle: 0xffffffff	1
NtProtectVirtualMemory Jan. 27, 2024, 3:53 p.m.	process_identifier: 2640 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x73d81000 process_handle: 0xffffffff	1

Creates executable files on the filesystem (3 events)

file	C:\Users\test22\AppData\Local\Temp\is-UH99Q.tmp\_iscrypt.dll
file	C:\Users\test22\AppData\Local\JS Geolocation API\jsgeolocationapi.exe
file	C:\Users\test22\AppData\Local\Temp\is-UH99Q.tmp\_isetup\_shfoldr.dll

Creates a suspicious process (1 event)

cmdline

"C:\Windows\system32\schtasks.exe" /Query

Drops an executable to the user AppData folder (2 events)

file	C:\Users\test22\AppData\Local\Temp\is-UH99Q.tmp\_isetup\_shfoldr.dll
file	C:\Users\test22\AppData\Local\Temp\is-UH99Q.tmp\_iscrypt.dll

Queries for potentially installed applications (4 events)

Time & API	Arguments	Return
RegOpenKeyExA Jan. 27, 2024, 3:52 p.m.	regkey_r: Software\Microsoft\Windows\CurrentVersion\Uninstall\JS Geolocation API_is1 base_handle: 0x80000001 key_handle: 0x00000000 options: 0 access: 0x00000001 regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\JS Geolocation API_is1	2
RegOpenKeyExA Jan. 27, 2024, 3:52 p.m.	regkey_r: Software\Microsoft\Windows\CurrentVersion\Uninstall\JS Geolocation API_is1 base_handle: 0x80000002 key_handle: 0x00000000 options: 0 access: 0x00000001 regkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\JS Geolocation API_is1	2
RegOpenKeyExA Jan. 27, 2024, 3:52 p.m.	regkey_r: Software\Microsoft\Windows\CurrentVersion\Uninstall\JS Geolocation API_is1 base_handle: 0x80000001 key_handle: 0x00000000 options: 0 access: 0x00000008 regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\JS Geolocation API_is1	2
RegOpenKeyExA Jan. 27, 2024, 3:52 p.m.	regkey_r: Software\Microsoft\Windows\CurrentVersion\Uninstall\JS Geolocation API_is1 base_handle: 0x80000002 key_handle: 0x00000000 options: 0 access: 0x00000008 regkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\JS Geolocation API_is1	2

Uses Windows utilities for basic Windows functionality (1 event)

cmdline

"C:\Windows\system32\schtasks.exe" /Query

File has been identified by 10 AntiVirus engines on VirusTotal as malicious (10 events)

Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
Skyhigh	BehavesLike.Win32.ObfuscatedPoly.tc
ESET-NOD32	a variant of Win32/TrojanDropper.Agent.SLC
APEX	Malicious
McAfee	Artemis!F94747901A9F
Ikarus	Trojan.Win32.Crypt
Webroot	W32.Malware.Gen
Microsoft	Trojan:Win32/Sabsik.TE.B!ml
Varist	W32/Trojan.YDKZ-7788

Tries to unhook Windows functions monitored by Cuckoo (1 event)

Time & API	Arguments	Status	Return	Repeated
__anomaly__ Jan. 27, 2024, 3:53 p.m.	tid: 2252 message: Encountered 65537 exceptions, quitting. subcategory: exception function_name:	1	0	0

goo8.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All