Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	March 20, 2024, 4:26 p.m.	March 20, 2024, 4:29 p.m.

Size	4.5MB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`804f06b24fba7ba4e1122faf2b119a2b`
SHA256	`1fc927cb6747c105d1a66e4792f166b857a9e42bc1b58a08a6698c2d05e62087`
CRC32	`398FAEDC`
ssdeep	`98304:3FL4zuJTWEnIk7wu0/Ksst0EXTroAyHKIZzCa9EP3HfRZ:1Cs3nJwu0/Ksst0LdHJvm35Z`
Yara	PhysicalDrive_20181001 - (no description) Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Admin_Tool_IN_Zero - Admin Tool Sysinternals Malicious_Packer_Zero - Malicious Packer IsPE32 - (no description) mzp_file_format - MZP(Delphi) file format Win32_Trojan_Emotet_2_Zero - Win32 Trojan Emotet UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

HxD32.exe "C:\Users\test22\AppData\Local\Temp\HxD32.exe"
2548
- HxD32.exe C:\Users\test22\AppData\Local\Temp\HxD32.exe /chooselang
  2600

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Checks if process is being debugged by a debugger (1 event)

Time & API	Arguments	Status	Return	Repeated
IsDebuggerPresent March 20, 2024, 4:26 p.m.			0	0

The executable contains unknown PE section names indicative of a packer (could be a false positive) (2 events)

section	.itext
section	.didata

The executable uses a known packer (1 event)

packer

BobSoft Mini Delphi -> BoB / BobSoft

One or more processes crashed (50 out of 74 events)

Time & API	Arguments	Status
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22fd9a @ 0x62fd9a hxd32+0x22fe5d @ 0x62fe5d hxd32+0x359b02 @ 0x759b02 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637564 registers.edi: 7710904 registers.eax: 1637564 registers.ebp: 1637644 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359b2c @ 0x759b2c hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7710928 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359b5d @ 0x759b5d hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7710972 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359b8e @ 0x759b8e hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7711016 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359bbf @ 0x759bbf hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7711056 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359bf0 @ 0x759bf0 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7711096 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359c21 @ 0x759c21 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7711148 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359c52 @ 0x759c52 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7711180 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22eba4 @ 0x62eba4 hxd32+0x359c7e @ 0x759c7e hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637512 registers.edi: 7711220 registers.eax: 1637512 registers.ebp: 1637592 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22eba4 @ 0x62eba4 hxd32+0x359c9c @ 0x759c9c hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637512 registers.edi: 7711276 registers.eax: 1637512 registers.ebp: 1637592 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22eba4 @ 0x62eba4 hxd32+0x359cba @ 0x759cba hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637512 registers.edi: 7711320 registers.eax: 1637512 registers.ebp: 1637592 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359cda @ 0x759cda hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7711376 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359d08 @ 0x759d08 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7711456 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359d36 @ 0x759d36 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7711524 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359d64 @ 0x759d64 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7711636 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359d92 @ 0x759d92 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7711720 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22eba4 @ 0x62eba4 hxd32+0x359dbe @ 0x759dbe hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637512 registers.edi: 7711756 registers.eax: 1637512 registers.ebp: 1637592 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359dde @ 0x759dde hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7711784 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359dfe @ 0x759dfe hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7711812 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359e1e @ 0x759e1e hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7711848 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22eba4 @ 0x62eba4 hxd32+0x359e4a @ 0x759e4a hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637512 registers.edi: 7711888 registers.eax: 1637512 registers.ebp: 1637592 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359e7a @ 0x759e7a hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7711992 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359eb1 @ 0x759eb1 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7712024 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22ead6 @ 0x62ead6 hxd32+0x22fd20 @ 0x62fd20 hxd32+0x359ef5 @ 0x759ef5 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637524 registers.edi: 7712056 registers.eax: 1637524 registers.ebp: 1637604 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359f48 @ 0x759f48 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7711784 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22fd9a @ 0x62fd9a hxd32+0x22fe5d @ 0x62fe5d hxd32+0x359f85 @ 0x759f85 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637564 registers.edi: 7712144 registers.eax: 1637564 registers.ebp: 1637644 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359fad @ 0x759fad hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7712168 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x359fd4 @ 0x759fd4 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7712192 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22ead6 @ 0x62ead6 hxd32+0x22fd20 @ 0x62fd20 hxd32+0x35a019 @ 0x75a019 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637524 registers.edi: 7712056 registers.eax: 1637524 registers.ebp: 1637604 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x35a093 @ 0x75a093 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7712268 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x35a0f1 @ 0x75a0f1 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7712308 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x35a133 @ 0x75a133 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7712348 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x35a18c @ 0x75a18c hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7712268 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x35a1f3 @ 0x75a1f3 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7712268 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x35a22b @ 0x75a22b hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7712580 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x35a266 @ 0x75a266 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7712580 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x35a4b8 @ 0x75a4b8 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637508 registers.edi: 7713004 registers.eax: 1637508 registers.ebp: 1637588 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x35997d @ 0x75997d hxd32+0x1e5785 @ 0x5e5785 hxd32+0x35a803 @ 0x75a803 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637396 registers.edi: 6183056 registers.eax: 1637396 registers.ebp: 1637476 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x35997d @ 0x75997d hxd32+0x1e5785 @ 0x5e5785 hxd32+0x35a803 @ 0x75a803 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637396 registers.edi: 6183056 registers.eax: 1637396 registers.ebp: 1637476 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x35997d @ 0x75997d hxd32+0x1e5785 @ 0x5e5785 hxd32+0x35a803 @ 0x75a803 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637396 registers.edi: 6183056 registers.eax: 1637396 registers.ebp: 1637476 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x35997d @ 0x75997d hxd32+0x1e5785 @ 0x5e5785 hxd32+0x35a803 @ 0x75a803 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637396 registers.edi: 6183056 registers.eax: 1637396 registers.ebp: 1637476 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x35997d @ 0x75997d hxd32+0x1e5785 @ 0x5e5785 hxd32+0x35a803 @ 0x75a803 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637396 registers.edi: 6183056 registers.eax: 1637396 registers.ebp: 1637476 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x35997d @ 0x75997d hxd32+0x1e5785 @ 0x5e5785 hxd32+0x35a803 @ 0x75a803 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637396 registers.edi: 6183056 registers.eax: 1637396 registers.ebp: 1637476 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x35997d @ 0x75997d hxd32+0x1e5785 @ 0x5e5785 hxd32+0x35a803 @ 0x75a803 hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637396 registers.edi: 6183056 registers.eax: 1637396 registers.ebp: 1637476 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22eba4 @ 0x62eba4 hxd32+0x35a81c @ 0x75a81c hxd32+0x354b7b @ 0x754b7b hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637512 registers.edi: 7713256 registers.eax: 1637512 registers.ebp: 1637592 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x22efd4 @ 0x62efd4 hxd32+0x22edf5 @ 0x62edf5 hxd32+0x22fd64 @ 0x62fd64 hxd32+0x3367cc @ 0x7367cc hxd32+0x3364a3 @ 0x7364a3 hxd32+0x336580 @ 0x736580 hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd9df @ 0x5bd9df hxd32+0x8278 @ 0x408278 hxd32+0x2264c5 @ 0x6264c5 hxd32+0x3334c4 @ 0x7334c4 hxd32+0x1bdd9b @ 0x5bdd9b hxd32+0x1bd933 @ 0x5bd933 hxd32+0x226487 @ 0x626487 hxd32+0x1c7eb1 @ 0x5c7eb1 hxd32+0x3764e3 @ 0x7764e3 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1637308 registers.edi: 7563680 registers.eax: 1637308 registers.ebp: 1637388 registers.edx: 0 registers.ebx: 37595536 registers.esi: 6473340 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x3050bb @ 0x7050bb hxd32+0x3060cc @ 0x7060cc hxd32+0x305caa @ 0x705caa hxd32+0x2f53be @ 0x6f53be hxd32+0x2f5a20 @ 0x6f5a20 hxd32+0x2f60af @ 0x6f60af hxd32+0xfcdd8 @ 0x4fcdd8 hxd32+0x10173a @ 0x50173a hxd32+0x1bf01e @ 0x5bf01e hxd32+0x28f413 @ 0x68f413 hxd32+0xfca13 @ 0x4fca13 hxd32+0x100b26 @ 0x500b26 hxd32+0x100c35 @ 0x500c35 hxd32+0x10380b @ 0x50380b hxd32+0x10173a @ 0x50173a hxd32+0x1bf01e @ 0x5bf01e hxd32+0x28f413 @ 0x68f413 hxd32+0xfca13 @ 0x4fca13 hxd32+0xfb527 @ 0x4fb527 hxd32+0x3764ed @ 0x7764ed BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1636580 registers.edi: 1 registers.eax: 1636580 registers.ebp: 1636660 registers.edx: 0 registers.ebx: 37137568 registers.esi: 1636828 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x2ff094 @ 0x6ff094 hxd32+0x3060cc @ 0x7060cc hxd32+0x305caa @ 0x705caa hxd32+0x2f53be @ 0x6f53be hxd32+0x2f5be1 @ 0x6f5be1 hxd32+0x2f5eb8 @ 0x6f5eb8 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1636244 registers.edi: 37137536 registers.eax: 1636244 registers.ebp: 1636324 registers.edx: 0 registers.ebx: 1 registers.esi: 1636504 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x2ff4a8 @ 0x6ff4a8 hxd32+0x3060cc @ 0x7060cc hxd32+0x305caa @ 0x705caa hxd32+0x2f53be @ 0x6f53be hxd32+0x2f5be1 @ 0x6f5be1 hxd32+0x2f5eb8 @ 0x6f5eb8 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1636244 registers.edi: 37137632 registers.eax: 1636244 registers.ebp: 1636324 registers.edx: 0 registers.ebx: 1 registers.esi: 1636504 registers.ecx: 7	1
__exception__ March 20, 2024, 4:26 p.m.	stacktrace: hxd32+0x2ff8b0 @ 0x6ff8b0 hxd32+0x3060cc @ 0x7060cc hxd32+0x305caa @ 0x705caa hxd32+0x2f53be @ 0x6f53be hxd32+0x2f5be1 @ 0x6f5be1 hxd32+0x2f5eb8 @ 0x6f5eb8 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xeedfade exception.offset: 46887 exception.address: 0x7597b727 registers.esp: 1636244 registers.edi: 2 registers.eax: 1636244 registers.ebp: 1636324 registers.edx: 0 registers.ebx: 37137696 registers.esi: 1636504 registers.ecx: 7	1

Allocates read-write-execute memory (usually to unpack itself) (50 out of 2538 events)

Time & API	Arguments	Status
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2548 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2548 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2548 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2548 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2548 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2548 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2548 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2548 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2548 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x73442000 process_handle: 0xffffffff	1
NtAllocateVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2548 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x008c0000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1
NtProtectVirtualMemory March 20, 2024, 4:26 p.m.	process_identifier: 2600 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0040c000 process_handle: 0xffffffff	1

File has been identified by one AntiVirus engine on VirusTotal as malicious (1 event)

Jiangmin

Packed.Dico.esi

Queries for potentially installed applications (4 events)

Time & API	Arguments	Return
RegOpenKeyExW March 20, 2024, 4:26 p.m.	regkey_r: Software\Microsoft\Windows\CurrentVersion\Uninstall\HxD_is1 base_handle: 0x80000002 key_handle: 0x00000000 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HxD_is1	2
RegOpenKeyExW March 20, 2024, 4:26 p.m.	regkey_r: Software\Microsoft\Windows\CurrentVersion\Uninstall\HxD_is1 base_handle: 0x80000002 key_handle: 0x00000000 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HxD_is1	2
RegOpenKeyExW March 20, 2024, 4:26 p.m.	regkey_r: Software\Microsoft\Windows\CurrentVersion\Uninstall\HxD_is1 base_handle: 0x80000002 key_handle: 0x00000000 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HxD_is1	2
RegOpenKeyExW March 20, 2024, 4:26 p.m.	regkey_r: Software\Microsoft\Windows\CurrentVersion\Uninstall\HxD_is1 base_handle: 0x80000002 key_handle: 0x00000000 options: 0 access: 0x00020019 regkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HxD_is1	2

HxD32.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All