What is WinZip_Keygen.myegy.exe?
WinZip_Keygen.myegy.exe is part of Winzip_Keygen_By_DeltaFoX/TeamURET and developed by DeFconX according to the WinZip_Keygen.myegy.exe version information.
WinZip_Keygen.myegy.exe's description is "Winzip_Keygen_By_DeltaFoX/TeamURET"
WinZip_Keygen.myegy.exe is usually located in the 'c:\downloads\' folder.
Some of the anti-virus scanners at VirusTotal detected WinZip_Keygen.myegy.exe.
If you have additional information about the file, please share it with the FreeFixer users by posting a comment at the bottom of this page.
Vendor and version information [?]
The following is the available information on WinZip_Keygen.myegy.exe:
| Property | Value |
|---|---|
| Product name | Winzip_Keygen_By_DeltaFoX/TeamURET |
| Company name | DeFconX |
| File description | Winzip_Keygen_By_DeltaFoX/TeamURET |
| Internal name | WinZip_Keygen_By_DFoX.exe |
| Original filename | WinZip_Keygen_By_DFoX.exe |
| Comments | Keygen and Factor for Winzip all Version and all Edition |
| Legal copyright | Copyright © 2017 |
| Legal trademark | DeltaFoX |
| Product version | 2.9.0.0 |
| File version | 2.9.0.0 |
Here's a screenshot of the file properties when displayed by Windows Explorer:
| Product name | Winzip_Keygen_By_DeltaFoX/TeamURET |
| Company name | DeFconX |
| File description | Winzip_Keygen_By_DeltaFoX/TeamURET |
| Internal name | WinZip_Keygen_By_DFoX.exe |
| Original filename | WinZip_Keygen_By_DFoX.exe |
| Comments | Keygen and Factor for Winzip all Ver.. |
| Legal copyright | Copyright © 2017 |
| Legal trademark | DeltaFoX |
| Product version | 2.9.0.0 |
| File version | 2.9.0.0 |
Digital signatures [?]
WinZip_Keygen.myegy.exe is not signed.
VirusTotal report
42 of the 71 anti-virus programs at VirusTotal detected the WinZip_Keygen.myegy.exe file. That's a 59% detection rate.
| Scanner | Detection Name |
|---|---|
| Acronis | suspicious |
| AegisLab | Trojan.Win32.Generic.4!c |
| AhnLab-V3 | Malware/Win32.Generic.C2798453 |
| Antiy-AVL | Trojan/Win32.TSGeneric |
| Avast | Win32:Malware-gen |
| AVG | Win32:Malware-gen |
| Avira | HEUR/AGEN.1023554 |
| Bkav | W32.HfsAutoB. |
| CAT-QuickHeal | Worm.Generic |
| Comodo | Malware@#oluzwdkod5a7 |
| CrowdStrike | win/malicious_confidence_70% (W) |
| Cybereason | malicious.872bd6 |
| Cylance | Unsafe |
| Cyren | W32/Trojan.YPXN-6116 |
| Endgame | malicious (high confidence) |
| ESET-NOD32 | a variant of MSIL/HackTool.Crack.V potentially unsafe |
| F-Secure | Heuristic.HEUR/AGEN.1023554 |
| FireEye | Generic.mg.db73fbb0648aa054 |
| Fortinet | W32/Crack.V!tr |
| GData | Win32.Trojan.Agent.0LWL9T |
| Ikarus | PUA.MSIL.Hacktool |
| Invincea | heuristic |
| K7AntiVirus | Unwanted-Program ( 0050b6021 ) |
| K7GW | Unwanted-Program ( 0050b6021 ) |
| Malwarebytes | HackTool.Agent |
| MAX | malware (ai score=99) |
| McAfee | Generic-FAWW!DB73FBB0648A |
| McAfee-GW-Edition | BehavesLike.Win32.Dropper.dc |
| Microsoft | Trojan:Win32/Tiggre!rfn |
| NANO-Antivirus | Trojan.Win32.Crack.fdtudi |
| Paloalto | generic.ml |
| Panda | Trj/CI.A |
| Rising | Virus.Virut!8.44 (CLOUD) |
| SentinelOne | DFI - Malicious PE |
| Sophos | Mal/EncPk-ANL |
| Symantec | ML.Attribute.HighConfidence |
| Trapmine | malicious.moderate.ml.score |
| TrendMicro | TROJ_GEN.R002C0PBB19 |
| TrendMicro-HouseCall | TROJ_GEN.R002C0PBB19 |
| Webroot | W32.Trojan.Genkd |
| Yandex | PUP.Crack! |
| Zillya | Tool.Crack.Win32.1711 |
Sandbox Report
The following information was gathered by executing the file inside Cuckoo Sandbox.
Summary
Successfully executed process in sandbox.
Summary
{
"file_created": [
"C:\\Users\\cuck\\AppData\\Roaming\\Obsidium\\{EAF3AA4B-98B402DE-21B3A957-A3EAA5C4}\\000005E8.obs"
],
"directory_created": [
"C:\\Users\\cuck\\AppData\\Roaming\\Obsidium\\",
"C:\\Users\\cuck\\AppData\\Roaming\\Obsidium\\{EAF3AA4B-98B402DE-21B3A957-A3EAA5C4}"
],
"dll_loaded": [
"dwmapi.dll",
"ADVAPI32.dll",
"psapi.dll",
"SHLWAPI.dll",
"C:\\Windows\\system32\\uxtheme.dll"
],
"file_failed": [
"\\??\\VBoxGuest",
"\\??\\SICE",
"\\??\\NTICE",
"C:\\Users\\cuck\\AppData\\Local\\Temp\\381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26.bin.config",
"\\??\\NTFIRE"
],
"regkey_opened": [
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\.NETFramework\\Policy\\Upgrades",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\.NETFramework\\Policy\\Upgrades",
"HKEY_CURRENT_USER\\Software\\Microsoft\\.NETFramework\\Policy\\Standards",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\.NETFramework\\Policy\\Standards\\v4.0.30319",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\.NETFramework",
"HKEY_CURRENT_USER\\Software\\Microsoft\\.NETFramework\\Policy\\Upgrades",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\.NETFramework\\Policy\\",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\.NETFramework\\Policy\\Standards",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\.NETFramework\\Policy\\AppPatch",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\.NETFramework\\Policy\\v2.0",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\.NETFramework\\Policy\\Standards"
],
"file_exists": [
"C:\\Windows\\System32\\mscoree.dll.local"
],
"mutex": [
"{87EE6C4F-6B0F0419-23A5F32C-A653477D}"
],
"file_opened": [
"C:\\Users\\cuck\\AppData\\Local\\Temp\\381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26.bin"
],
"file_read": [
"C:\\Users\\cuck\\AppData\\Local\\Temp\\381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26.bin"
],
"regkey_read": [
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows NT\\CurrentVersion\\RegisteredOwner",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CustomLocale\\en-US",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\.NETFramework\\InstallRoot",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\GRE_Initialize\\DisableMetaFiles",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\.NETFramework\\CLRLoadLogDir",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\ExtendedLocale\\en-US",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\.NETFramework\\OnlyUseLatestCLR"
],
"directory_enumerated": [
"C:\\Windows\\Microsoft.NET\\Framework\\Upgrades.2.0.50727\\mscoreei.dll",
"C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscoreei.dll",
"C:\\Users\\cuck\\AppData\\Roaming\\Obsidium\\{EAF3AA4B-98B402DE-21B3A957-A3EAA5C4}\\*.obs",
"C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorwks.dll"
]
}Generic
[
{
"process_path": "C:\\Users\\cuck\\AppData\\Local\\Temp\\381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26.bin",
"process_name": "381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26.bin",
"pid": 1512,
"summary": {
"file_created": [
"C:\\Users\\cuck\\AppData\\Roaming\\Obsidium\\{EAF3AA4B-98B402DE-21B3A957-A3EAA5C4}\\000005E8.obs"
],
"directory_created": [
"C:\\Users\\cuck\\AppData\\Roaming\\Obsidium\\",
"C:\\Users\\cuck\\AppData\\Roaming\\Obsidium\\{EAF3AA4B-98B402DE-21B3A957-A3EAA5C4}"
],
"dll_loaded": [
"dwmapi.dll",
"ADVAPI32.dll",
"psapi.dll",
"SHLWAPI.dll",
"C:\\Windows\\system32\\uxtheme.dll"
],
"file_failed": [
"\\??\\VBoxGuest",
"\\??\\SICE",
"\\??\\NTICE",
"C:\\Users\\cuck\\AppData\\Local\\Temp\\381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26.bin.config",
"\\??\\NTFIRE"
],
"regkey_opened": [
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\.NETFramework\\Policy\\Upgrades",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\.NETFramework\\Policy\\Upgrades",
"HKEY_CURRENT_USER\\Software\\Microsoft\\.NETFramework\\Policy\\Standards",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\.NETFramework\\Policy\\Standards\\v4.0.30319",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\.NETFramework",
"HKEY_CURRENT_USER\\Software\\Microsoft\\.NETFramework\\Policy\\Upgrades",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\.NETFramework\\Policy\\",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\.NETFramework\\Policy\\Standards",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\.NETFramework\\Policy\\AppPatch",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\.NETFramework\\Policy\\v2.0",
"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\.NETFramework\\Policy\\Standards"
],
"file_exists": [
"C:\\Windows\\System32\\mscoree.dll.local"
],
"mutex": [
"{87EE6C4F-6B0F0419-23A5F32C-A653477D}"
],
"file_opened": [
"C:\\Users\\cuck\\AppData\\Local\\Temp\\381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26.bin"
],
"file_read": [
"C:\\Users\\cuck\\AppData\\Local\\Temp\\381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26.bin"
],
"regkey_read": [
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows NT\\CurrentVersion\\RegisteredOwner",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CustomLocale\\en-US",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\.NETFramework\\InstallRoot",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\GRE_Initialize\\DisableMetaFiles",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\.NETFramework\\CLRLoadLogDir",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\ExtendedLocale\\en-US",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\.NETFramework\\OnlyUseLatestCLR"
],
"directory_enumerated": [
"C:\\Windows\\Microsoft.NET\\Framework\\Upgrades.2.0.50727\\mscoreei.dll",
"C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscoreei.dll",
"C:\\Users\\cuck\\AppData\\Roaming\\Obsidium\\{EAF3AA4B-98B402DE-21B3A957-A3EAA5C4}\\*.obs",
"C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorwks.dll"
]
},
"first_seen": 1567057986.75,
"ppid": 1564
},
{
"process_path": "C:\\Windows\\System32\\lsass.exe",
"process_name": "lsass.exe",
"pid": 476,
"summary": {},
"first_seen": 1567057986.5469,
"ppid": 376
}
]Signatures
[
{
"markcount": 1,
"families": [],
"description": "Queries for the computername",
"severity": 1,
"marks": [
{
"call": {
"category": "misc",
"status": 1,
"stacktrace": [],
"api": "GetComputerNameA",
"return_value": 1,
"arguments": {
"computer_name": "CUCKPC"
},
"time": 1567057986.922,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 299
}
],
"references": [],
"name": "antivm_queries_computername"
},
{
"markcount": 2,
"families": [],
"description": "Checks if process is being debugged by a debugger",
"severity": 1,
"marks": [
{
"call": {
"category": "system",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741816,
"api": "IsDebuggerPresent",
"return_value": 0,
"arguments": {},
"time": 1567057986.89,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 87
},
{
"call": {
"category": "system",
"status": 0,
"stacktrace": [],
"last_error": 18,
"nt_status": -1073741772,
"api": "IsDebuggerPresent",
"return_value": 0,
"arguments": {},
"time": 1567057986.906,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 257
}
],
"references": [],
"name": "checks_debugger"
},
{
"markcount": 1,
"families": [],
"description": "The executable contains unknown PE section names indicative of a packer (could be a false positive)",
"severity": 1,
"marks": [
{
"category": "section",
"ioc": "",
"type": "ioc",
"description": null
}
],
"references": [],
"name": "pe_features"
},
{
"markcount": 54,
"families": [],
"description": "One or more processes crashed",
"severity": 1,
"marks": [
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "R\nt\nl\nI\nn\ni\nt\ni\na\nl\ni\nz\ne\nE\nx\nc\ne\np\nt\ni\no\nn\nC\nh\na\ni\nn\n+\n0\nx\n6\n3\n \nR\nt\nl\nA\nl\nl\no\nc\na\nt\ne\nA\nc\nt\ni\nv\na\nt\ni\no\nn\nC\no\nn\nt\ne\nx\nt\nS\nt\na\nc\nk\n-\n0\nx\na\n1\n \nn\nt\nd\nl\nl\n+\n0\nx\n3\n9\ne\nd\n2\n \n@\n \n0\nx\n7\n7\nb\nc\n9\ne\nd\n2\n\n\nR\nt\nl\nI\nn\ni\nt\ni\na\nl\ni\nz\ne\nE\nx\nc\ne\np\nt\ni\no\nn\nC\nh\na\ni\nn\n+\n0\nx\n3\n6\n \nR\nt\nl\nA\nl\nl\no\nc\na\nt\ne\nA\nc\nt\ni\nv\na\nt\ni\no\nn\nC\no\nn\nt\ne\nx\nt\nS\nt\na\nc\nk\n-\n0\nx\nc\ne\n \nn\nt\nd\nl\nl\n+\n0\nx\n3\n9\ne\na\n5\n \n@\n \n0\nx\n7\n7\nb\nc\n9\ne\na\n5",
"registers": {
"esp": 1638272,
"edi": 0,
"eax": 0,
"ebp": 1638292,
"edx": 5148672,
"ebx": 4294828032,
"esi": 0,
"ecx": 0
},
"exception": {
"instruction_r": "8b 10 eb 04 dc b1 38 3a 64 8f 00 eb 01 0d 83 c4",
"symbol": "381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26+0xe905c",
"instruction": "mov edx, dword ptr [eax]",
"module": "381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26.bin",
"exception_code": "0xc0000005",
"offset": 954460,
"address": "0x4e905c"
}
},
"time": 1567057986.859,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 0
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "R\nt\nl\nI\nn\ni\nt\ni\na\nl\ni\nz\ne\nE\nx\nc\ne\np\nt\ni\no\nn\nC\nh\na\ni\nn\n+\n0\nx\n6\n3\n \nR\nt\nl\nA\nl\nl\no\nc\na\nt\ne\nA\nc\nt\ni\nv\na\nt\ni\no\nn\nC\no\nn\nt\ne\nx\nt\nS\nt\na\nc\nk\n-\n0\nx\na\n1\n \nn\nt\nd\nl\nl\n+\n0\nx\n3\n9\ne\nd\n2\n \n@\n \n0\nx\n7\n7\nb\nc\n9\ne\nd\n2\n\n\nR\nt\nl\nI\nn\ni\nt\ni\na\nl\ni\nz\ne\nE\nx\nc\ne\np\nt\ni\no\nn\nC\nh\na\ni\nn\n+\n0\nx\n3\n6\n \nR\nt\nl\nA\nl\nl\no\nc\na\nt\ne\nA\nc\nt\ni\nv\na\nt\ni\no\nn\nC\no\nn\nt\ne\nx\nt\nS\nt\na\nc\nk\n-\n0\nx\nc\ne\n \nn\nt\nd\nl\nl\n+\n0\nx\n3\n9\ne\na\n5\n \n@\n \n0\nx\n7\n7\nb\nc\n9\ne\na\n5",
"registers": {
"esp": 1638240,
"edi": 0,
"eax": 0,
"ebp": 1638292,
"edx": 0,
"ebx": 4294828032,
"esi": 0,
"ecx": 0
},
"exception": {
"instruction_r": "8b 00 eb 03 dd a4 7b 64 8f 00 eb 01 c1 83 c4 04",
"symbol": "381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26+0xea244",
"instruction": "mov eax, dword ptr [eax]",
"module": "381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26.bin",
"exception_code": "0xc0000005",
"offset": 959044,
"address": "0x4ea244"
}
},
"time": 1567057986.859,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 1
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1638232,
"edi": 5243377,
"eax": 0,
"ebp": 4282126712,
"edx": 0,
"ebx": 5150328,
"esi": 5150328,
"ecx": 5243634
},
"exception": {
"instruction_r": "cd 01 40 40 eb 03 a2 24 ff 85 c0 73 05 03 2d db",
"symbol": "381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26+0x10028d",
"instruction": "int 1",
"module": "381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26.bin",
"exception_code": "0xc0000005",
"offset": 1049229,
"address": "0x50028d"
}
},
"time": 1567057986.875,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 9
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1638240,
"edi": 5235197,
"eax": 0,
"ebp": 4282132466,
"edx": 0,
"ebx": 30539776,
"esi": 5150328,
"ecx": 877
},
"exception": {
"instruction_r": "89 0a eb 02 dc 77 e9 f0 fb ff ff eb 03 33 92 5b",
"symbol": "381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26+0xebc6d",
"instruction": "mov dword ptr [edx], ecx",
"module": "381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26.bin",
"exception_code": "0xc0000005",
"offset": 965741,
"address": "0x4ebc6d"
}
},
"time": 1567057986.875,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 18
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1638240,
"edi": 31260672,
"eax": 3339275212,
"ebp": 4282132466,
"edx": 5237109,
"ebx": 30539776,
"esi": 31260856,
"ecx": 0
},
"exception": {
"instruction_r": "0f 0b eb 03 89 b4 0e 0f 0b eb 02 02 97 e9 bf 04",
"symbol": "381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26+0xeb833",
"instruction": "ud2",
"module": "381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26.bin",
"exception_code": "0xc000001d",
"offset": 964659,
"address": "0x4eb833"
}
},
"time": 1567057986.875,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 20
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\nb\nd\n2\n7\n \n@\n \n0\nx\n4\ne\nb\nd\n2\n7",
"registers": {
"esp": 1637904,
"edi": 30543592,
"eax": 0,
"ebp": 1638220,
"edx": 5158672,
"ebx": 31260856,
"esi": 4282199045,
"ecx": 235
},
"exception": {
"instruction_r": "0f 0b eb 01 d2 0f 0b eb 01 f2 eb 02 3e 66 eb 03",
"instruction": "ud2",
"exception_code": "0xc000001d",
"symbol": "",
"address": "0x1dd0cea"
}
},
"time": 1567057986.875,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 29
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "R\nt\nl\nD\no\ns\nS\ne\na\nr\nc\nh\nP\na\nt\nh\n_\nU\ns\nt\nr\n+\n0\nx\na\nd\na\n \nR\nt\nl\nC\na\np\nt\nu\nr\ne\nC\no\nn\nt\ne\nx\nt\n-\n0\nx\n7\n2\n \nn\nt\nd\nl\nl\n+\n0\nx\n4\n6\na\nb\n9\n \n@\n \n0\nx\n7\n7\nb\nd\n6\na\nb\n9\n\n\nR\nt\nl\nD\no\ns\nS\ne\na\nr\nc\nh\nP\na\nt\nh\n_\nU\ns\nt\nr\n+\n0\nx\na\na\nc\n \nR\nt\nl\nC\na\np\nt\nu\nr\ne\nC\no\nn\nt\ne\nx\nt\n-\n0\nx\na\n0\n \nn\nt\nd\nl\nl\n+\n0\nx\n4\n6\na\n8\nb\n \n@\n \n0\nx\n7\n7\nb\nd\n6\na\n8\nb\n\n\nN\ne\nw\n_\nn\nt\nd\nl\nl\n_\nR\nt\nl\nD\ni\ns\np\na\nt\nc\nh\nE\nx\nc\ne\np\nt\ni\no\nn\n@\n8\n+\n0\nx\nf\n7\n \nN\ne\nw\n_\nn\nt\nd\nl\nl\n_\nR\nt\nl\nR\ne\nm\no\nv\ne\nV\ne\nc\nt\no\nr\ne\nd\nC\no\nn\nt\ni\nn\nu\ne\nH\na\nn\nd\nl\ne\nr\n@\n4\n-\n0\nx\n2\n3\n \n@\n \n0\nx\n6\n3\nd\ne\n4\na\n5\n9\n\n\nK\ni\nU\ns\ne\nr\nE\nx\nc\ne\np\nt\ni\no\nn\nD\ni\ns\np\na\nt\nc\nh\ne\nr\n+\n0\nx\nf\n \nK\ni\nR\na\ni\ns\ne\nU\ns\ne\nr\nE\nx\nc\ne\np\nt\ni\no\nn\nD\ni\ns\np\na\nt\nc\nh\ne\nr\n-\n0\nx\n4\n1\n \nn\nt\nd\nl\nl\n+\n0\nx\n1\n0\n1\n4\n3\n \n@\n \n0\nx\n7\n7\nb\na\n0\n1\n4\n3\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\nb\nd\n2\n7\n \n@\n \n0\nx\n4\ne\nb\nd\n2\n7",
"registers": {
"esp": 1636112,
"edi": 0,
"eax": 0,
"ebp": 1636128,
"edx": 5158672,
"ebx": 31264255,
"esi": 0,
"ecx": 1636780
},
"exception": {
"instruction_r": "f7 f0 eb 01 83 eb 03 23 84 3a eb 05 dd 96 cf fd",
"instruction": "div eax",
"exception_code": "0xc0000094",
"symbol": "",
"address": "0x1dd0e6b"
}
},
"time": 1567057986.875,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 30
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "0\nx\n1\nd\nd\n5\na\n5\n5\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\nb\nd\n2\n7\n \n@\n \n0\nx\n4\ne\nb\nd\n2\n7",
"registers": {
"esp": 1637880,
"edi": 30567976,
"eax": 1,
"ebp": 1637892,
"edx": 5158672,
"ebx": 31260856,
"esi": 4282199045,
"ecx": 2020557398
},
"exception": {
"instruction_r": "0f 3f 07 0b c7 45 fc ff ff ff ff 33 c0 33 d2 39",
"exception_code": "0xc000001d",
"symbol": "",
"address": "0x1dd5bc4"
}
},
"time": 1567057986.875,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 73
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\nb\nd\n2\n7\n \n@\n \n0\nx\n4\ne\nb\nd\n2\n7",
"registers": {
"esp": 1637904,
"edi": 30567976,
"eax": 0,
"ebp": 1638220,
"edx": 2,
"ebx": 31260856,
"esi": 4282199045,
"ecx": 4294823936
},
"exception": {
"instruction_r": "8b 00 90 90 f8 eb 01 65 73 48 eb 05 ea e9 8f 69",
"instruction": "mov eax, dword ptr [eax]",
"exception_code": "0xc0000005",
"symbol": "",
"address": "0x1dd5a7d"
}
},
"time": 1567057986.875,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 75
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\nb\nd\n2\n7\n \n@\n \n0\nx\n4\ne\nb\nd\n2\n7",
"registers": {
"esp": 1637904,
"edi": 30567976,
"eax": 0,
"ebp": 1638220,
"edx": 2,
"ebx": 31260856,
"esi": 4282199045,
"ecx": 4294823936
},
"exception": {
"instruction_r": "90 f8 eb 01 65 73 48 eb 05 ea e9 8f 69 62 eb 03",
"instruction": "nop",
"exception_code": "0x80000004",
"symbol": "",
"address": "0x1dd5a80"
}
},
"time": 1567057986.875,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 76
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\nb\nd\n2\n7\n \n@\n \n0\nx\n4\ne\nb\nd\n2\n7",
"registers": {
"esp": 1637900,
"edi": 30569668,
"eax": 0,
"ebp": 1638220,
"edx": 5158672,
"ebx": 31260856,
"esi": 1637900,
"ecx": 150
},
"exception": {
"instruction_r": "cc eb 01 8b 8b 83 20 02 00 00 eb 03 a3 64 2c c7",
"instruction": "int3",
"exception_code": "0x80000003",
"symbol": "",
"address": "0x1dd5ab3"
}
},
"time": 1567057986.875,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 78
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\nb\nd\n2\n7\n \n@\n \n0\nx\n4\ne\nb\nd\n2\n7",
"registers": {
"esp": 1637904,
"edi": 30570200,
"eax": 0,
"ebp": 1638220,
"edx": 31284153,
"ebx": 31260856,
"esi": 4282199045,
"ecx": 5158672
},
"exception": {
"instruction_r": "cd 01 40 40 eb 01 2b 85 c0 eb 05 82 cb 05 0e d5",
"instruction": "int 1",
"exception_code": "0xc0000005",
"symbol": "",
"address": "0x1dd5ac9"
}
},
"time": 1567057986.875,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 79
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1638240,
"edi": 30588896,
"eax": 92,
"ebp": 4282138865,
"edx": 5167569,
"ebx": 30539776,
"esi": 31260856,
"ecx": 0
},
"exception": {
"instruction_r": "0f 0b eb 03 a0 a8 70 0f 0b eb 03 63 9e 62 eb a1",
"symbol": "381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26+0xedea2",
"instruction": "ud2",
"module": "381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26.bin",
"exception_code": "0xc000001d",
"offset": 974498,
"address": "0x4edea2"
}
},
"time": 1567057986.89,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 135
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1638240,
"edi": 31029764,
"eax": 31029764,
"ebp": 4282138865,
"edx": 0,
"ebx": 30539776,
"esi": 31260856,
"ecx": 3351183360
},
"exception": {
"instruction_r": "89 0a eb 03 c1 a3 10 e9 8a fd ff ff eb 01 86 55",
"symbol": "381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26+0xedf2e",
"instruction": "mov dword ptr [edx], ecx",
"module": "381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26.bin",
"exception_code": "0xc0000005",
"offset": 974638,
"address": "0x4edf2e"
}
},
"time": 1567057986.89,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 139
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637904,
"edi": 31076140,
"eax": 0,
"ebp": 1638220,
"edx": 5158672,
"ebx": 31260856,
"esi": 4282199045,
"ecx": 235
},
"exception": {
"instruction_r": "0f 0b eb 01 d2 0f 0b eb 01 f2 eb 02 3e 66 eb 03",
"instruction": "ud2",
"exception_code": "0xc000001d",
"symbol": "",
"address": "0x1de47b2"
}
},
"time": 1567057986.89,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 151
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "R\nt\nl\nD\no\ns\nS\ne\na\nr\nc\nh\nP\na\nt\nh\n_\nU\ns\nt\nr\n+\n0\nx\na\nd\na\n \nR\nt\nl\nC\na\np\nt\nu\nr\ne\nC\no\nn\nt\ne\nx\nt\n-\n0\nx\n7\n2\n \nn\nt\nd\nl\nl\n+\n0\nx\n4\n6\na\nb\n9\n \n@\n \n0\nx\n7\n7\nb\nd\n6\na\nb\n9\n\n\nR\nt\nl\nD\no\ns\nS\ne\na\nr\nc\nh\nP\na\nt\nh\n_\nU\ns\nt\nr\n+\n0\nx\na\na\nc\n \nR\nt\nl\nC\na\np\nt\nu\nr\ne\nC\no\nn\nt\ne\nx\nt\n-\n0\nx\na\n0\n \nn\nt\nd\nl\nl\n+\n0\nx\n4\n6\na\n8\nb\n \n@\n \n0\nx\n7\n7\nb\nd\n6\na\n8\nb\n\n\nN\ne\nw\n_\nn\nt\nd\nl\nl\n_\nR\nt\nl\nD\ni\ns\np\na\nt\nc\nh\nE\nx\nc\ne\np\nt\ni\no\nn\n@\n8\n+\n0\nx\nf\n7\n \nN\ne\nw\n_\nn\nt\nd\nl\nl\n_\nR\nt\nl\nR\ne\nm\no\nv\ne\nV\ne\nc\nt\no\nr\ne\nd\nC\no\nn\nt\ni\nn\nu\ne\nH\na\nn\nd\nl\ne\nr\n@\n4\n-\n0\nx\n2\n3\n \n@\n \n0\nx\n6\n3\nd\ne\n4\na\n5\n9\n\n\nK\ni\nU\ns\ne\nr\nE\nx\nc\ne\np\nt\ni\no\nn\nD\ni\ns\np\na\nt\nc\nh\ne\nr\n+\n0\nx\nf\n \nK\ni\nR\na\ni\ns\ne\nU\ns\ne\nr\nE\nx\nc\ne\np\nt\ni\no\nn\nD\ni\ns\np\na\nt\nc\nh\ne\nr\n-\n0\nx\n4\n1\n \nn\nt\nd\nl\nl\n+\n0\nx\n1\n0\n1\n4\n3\n \n@\n \n0\nx\n7\n7\nb\na\n0\n1\n4\n3\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1636112,
"edi": 0,
"eax": 0,
"ebp": 1636128,
"edx": 5158672,
"ebx": 31344839,
"esi": 0,
"ecx": 1636780
},
"exception": {
"instruction_r": "f7 f0 eb 01 83 eb 03 23 84 3a eb 05 dd 96 cf fd",
"instruction": "div eax",
"exception_code": "0xc0000094",
"symbol": "",
"address": "0x1de4933"
}
},
"time": 1567057986.89,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 152
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637888,
"edi": 31260856,
"eax": 0,
"ebp": 1637916,
"edx": 1637908,
"ebx": 12144792,
"esi": 4282199045,
"ecx": 94
},
"exception": {
"instruction_r": "0f b7 53 06 eb 03 a9 b2 72 c1 e2 10 eb 01 83 66",
"instruction": "movzx edx, word ptr [ebx + 6]",
"exception_code": "0xc0000005",
"symbol": "",
"address": "0x1de4aed"
}
},
"time": 1567057986.89,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 158
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637892,
"edi": 31079196,
"eax": 0,
"ebp": 1637916,
"edx": 5237109,
"ebx": 31260856,
"esi": 31345244,
"ecx": 1
},
"exception": {
"instruction_r": "0f 0b 0f 0b eb b6 eb 01 b4 eb 01 a2 33 d2 71 03",
"instruction": "ud2",
"exception_code": "0xc000001d",
"symbol": "",
"address": "0x1de4c36"
}
},
"time": 1567057986.89,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 159
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637892,
"edi": 31079196,
"eax": 0,
"ebp": 1637916,
"edx": 5237109,
"ebx": 31260856,
"esi": 31345244,
"ecx": 0
},
"exception": {
"instruction_r": "0f 0b 0f 0b eb b6 eb 01 b4 eb 01 a2 33 d2 71 03",
"instruction": "ud2",
"exception_code": "0xc000001d",
"symbol": "",
"address": "0x1de4c36"
}
},
"time": 1567057986.89,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 160
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637892,
"edi": 31079196,
"eax": 0,
"ebp": 1637916,
"edx": 5237109,
"ebx": 31260856,
"esi": 31345244,
"ecx": 1
},
"exception": {
"instruction_r": "8b c2 eb 03 bb 35 1f 55 8b 60 83 6c 24 20 05 8b",
"instruction": "mov eax, edx",
"exception_code": "0x80000004",
"symbol": "",
"address": "0x1de4cc3"
}
},
"time": 1567057986.89,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 161
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637892,
"edi": 31079196,
"eax": 0,
"ebp": 1637916,
"edx": 5237109,
"ebx": 31260856,
"esi": 31345244,
"ecx": 0
},
"exception": {
"instruction_r": "8b c2 eb 03 bb 35 1f 55 8b 60 83 6c 24 20 05 8b",
"instruction": "mov eax, edx",
"exception_code": "0x80000004",
"symbol": "",
"address": "0x1de4cc3"
}
},
"time": 1567057986.89,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 162
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637892,
"edi": 31079196,
"eax": 0,
"ebp": 1637916,
"edx": 5237109,
"ebx": 31260856,
"esi": 31345244,
"ecx": 1
},
"exception": {
"instruction_r": "8b c2 eb 03 bb 35 1f 55 8b 60 83 6c 24 20 05 8b",
"instruction": "mov eax, edx",
"exception_code": "0x80000004",
"symbol": "",
"address": "0x1de4cc3"
}
},
"time": 1567057986.89,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 163
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637892,
"edi": 31079196,
"eax": 5237110,
"ebp": 1637916,
"edx": 5237109,
"ebx": 31260856,
"esi": 31345244,
"ecx": 0
},
"exception": {
"instruction_r": "cc eb 02 80 26 5e 5b 8b e5 5d c3 eb 04 03 bb ba",
"instruction": "int3",
"exception_code": "0x80000003",
"symbol": "",
"address": "0x1de4c09"
}
},
"time": 1567057986.89,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 164
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637892,
"edi": 31079196,
"eax": 0,
"ebp": 1637916,
"edx": 5237109,
"ebx": 31260856,
"esi": 31345244,
"ecx": 1
},
"exception": {
"instruction_r": "8b c2 eb 03 bb 35 1f 55 8b 60 83 6c 24 20 05 8b",
"instruction": "mov eax, edx",
"exception_code": "0x80000004",
"symbol": "",
"address": "0x1de4cc3"
}
},
"time": 1567057986.89,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 165
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637892,
"edi": 31079196,
"eax": 0,
"ebp": 1637916,
"edx": 5237109,
"ebx": 31260856,
"esi": 31345244,
"ecx": 0
},
"exception": {
"instruction_r": "8b c2 eb 03 bb 35 1f 55 8b 60 83 6c 24 20 05 8b",
"instruction": "mov eax, edx",
"exception_code": "0x80000004",
"symbol": "",
"address": "0x1de4cc3"
}
},
"time": 1567057986.89,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 166
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "0\nx\n1\nd\ne\n4\na\nf\n5\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637880,
"edi": 31079968,
"eax": 1,
"ebp": 1637892,
"edx": 5158672,
"ebx": 31260856,
"esi": 4282199045,
"ecx": 2020557398
},
"exception": {
"instruction_r": "0f 3f 07 0b c7 45 fc ff ff ff ff 33 c0 33 d2 39",
"exception_code": "0xc000001d",
"symbol": "",
"address": "0x1de4c64"
}
},
"time": 1567057986.89,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 167
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637904,
"edi": 31079968,
"eax": 0,
"ebp": 1638220,
"edx": 2,
"ebx": 31260856,
"esi": 4282199045,
"ecx": 4294823936
},
"exception": {
"instruction_r": "8b 00 90 90 f8 eb 01 65 73 48 eb 05 ea e9 8f 69",
"instruction": "mov eax, dword ptr [eax]",
"exception_code": "0xc0000005",
"symbol": "",
"address": "0x1de4b1d"
}
},
"time": 1567057986.906,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 169
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637904,
"edi": 31079968,
"eax": 0,
"ebp": 1638220,
"edx": 2,
"ebx": 31260856,
"esi": 4282199045,
"ecx": 4294823936
},
"exception": {
"instruction_r": "90 f8 eb 01 65 73 48 eb 05 ea e9 8f 69 62 eb 03",
"instruction": "nop",
"exception_code": "0x80000004",
"symbol": "",
"address": "0x1de4b20"
}
},
"time": 1567057986.906,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 170
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637904,
"edi": 31081108,
"eax": 17152,
"ebp": 1638220,
"edx": 5158672,
"ebx": 31260856,
"esi": 4282199045,
"ecx": 62
},
"exception": {
"instruction_r": "cd 68 eb 02 c1 4c 66 3d 86 f3 eb 04 ea 0d bf ea",
"instruction": "int 0x68",
"exception_code": "0xc0000005",
"symbol": "",
"address": "0x1de4ad0"
}
},
"time": 1567057986.906,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 171
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637904,
"edi": 31086160,
"eax": 0,
"ebp": 1638220,
"edx": 31348637,
"ebx": 31260856,
"esi": 4282199045,
"ecx": 5158672
},
"exception": {
"instruction_r": "cd 01 40 40 eb 01 2b 85 c0 eb 05 82 cb 05 0e d5",
"instruction": "int 1",
"exception_code": "0xc0000005",
"symbol": "",
"address": "0x1de56ad"
}
},
"time": 1567057986.906,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 176
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1637900,
"edi": 31091840,
"eax": 4,
"ebp": 1111705675,
"edx": 5158672,
"ebx": 31260856,
"esi": 4282199045,
"ecx": 0
},
"exception": {
"instruction_r": "cc eb 04 33 15 e8 cf 3c 04 eb 03 30 8e 94 75 49",
"instruction": "int3",
"exception_code": "0x80000003",
"symbol": "",
"address": "0x1de692b"
}
},
"time": 1567057986.906,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 258
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637892,
"edi": 31092388,
"eax": 0,
"ebp": 1637916,
"edx": 5237109,
"ebx": 31260856,
"esi": 31353004,
"ecx": 0
},
"exception": {
"instruction_r": "cc eb 02 80 26 5e 5b 8b e5 5d c3 eb 04 03 bb ba",
"instruction": "int3",
"exception_code": "0x80000003",
"symbol": "",
"address": "0x1de6a59"
}
},
"time": 1567057986.906,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 259
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637892,
"edi": 31092388,
"eax": 0,
"ebp": 1637916,
"edx": 5237109,
"ebx": 31260856,
"esi": 31353004,
"ecx": 1
},
"exception": {
"instruction_r": "8b c2 eb 03 bb 35 1f 55 8b 60 83 6c 24 20 05 8b",
"instruction": "mov eax, edx",
"exception_code": "0x80000004",
"symbol": "",
"address": "0x1de6b13"
}
},
"time": 1567057986.906,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 260
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637892,
"edi": 31092388,
"eax": 0,
"ebp": 1637916,
"edx": 5237109,
"ebx": 31260856,
"esi": 31353004,
"ecx": 0
},
"exception": {
"instruction_r": "8b c2 eb 03 bb 35 1f 55 8b 60 83 6c 24 20 05 8b",
"instruction": "mov eax, edx",
"exception_code": "0x80000004",
"symbol": "",
"address": "0x1de6b13"
}
},
"time": 1567057986.906,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 261
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637892,
"edi": 31092388,
"eax": 5237110,
"ebp": 1637916,
"edx": 5237109,
"ebx": 31260856,
"esi": 31353004,
"ecx": 1
},
"exception": {
"instruction_r": "cc eb 02 80 26 5e 5b 8b e5 5d c3 eb 04 03 bb ba",
"instruction": "int3",
"exception_code": "0x80000003",
"symbol": "",
"address": "0x1de6a59"
}
},
"time": 1567057986.906,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 262
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637892,
"edi": 31092388,
"eax": 0,
"ebp": 1637916,
"edx": 5237109,
"ebx": 31260856,
"esi": 31353004,
"ecx": 0
},
"exception": {
"instruction_r": "cc eb 02 80 26 5e 5b 8b e5 5d c3 eb 04 03 bb ba",
"instruction": "int3",
"exception_code": "0x80000003",
"symbol": "",
"address": "0x1de6a59"
}
},
"time": 1567057986.906,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 263
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637892,
"edi": 31092388,
"eax": 0,
"ebp": 1637916,
"edx": 0,
"ebx": 31260856,
"esi": 31353004,
"ecx": 1
},
"exception": {
"symbol": "",
"exception_code": "0xc0000005",
"address": "0x0"
}
},
"time": 1567057986.906,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 264
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637892,
"edi": 31092388,
"eax": 5237110,
"ebp": 1637916,
"edx": 5237109,
"ebx": 31260856,
"esi": 31353004,
"ecx": 0
},
"exception": {
"instruction_r": "cc eb 02 80 26 5e 5b 8b e5 5d c3 eb 04 03 bb ba",
"instruction": "int3",
"exception_code": "0x80000003",
"symbol": "",
"address": "0x1de6a59"
}
},
"time": 1567057986.906,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 265
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "0\nx\n1\nd\ne\n6\n8\nb\n4\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637552,
"edi": 31096864,
"eax": 0,
"ebp": 1637904,
"edx": 31318796,
"ebx": 31260856,
"esi": 31318796,
"ecx": 31260856
},
"exception": {
"instruction_r": "f7 f0 eb 03 9a 1e 07 eb 16 eb 02 35 5b eb 02 0f",
"instruction": "div eax",
"exception_code": "0xc0000094",
"symbol": "",
"address": "0x1dde3b5"
}
},
"time": 1567057986.906,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 275
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "0\nx\n1\nd\ne\n6\n9\na\na\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637528,
"edi": 31353268,
"eax": 0,
"ebp": 1637884,
"edx": 1637600,
"ebx": 31260856,
"esi": 31321790,
"ecx": 31260856
},
"exception": {
"instruction_r": "0f 0b 0f 0b eb 04 82 64 19 05 eb 01 28 f7 f0 eb",
"instruction": "ud2",
"exception_code": "0xc000001d",
"symbol": "",
"address": "0x1ddef51"
}
},
"time": 1567057986.906,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 277
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "0\nx\n1\nd\ne\n7\n2\n8\nc\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637552,
"edi": 31099416,
"eax": 0,
"ebp": 1637904,
"edx": 31318796,
"ebx": 31260856,
"esi": 31318796,
"ecx": 31260856
},
"exception": {
"instruction_r": "f7 f0 eb 03 9a 1e 07 eb 16 eb 02 35 5b eb 02 0f",
"instruction": "div eax",
"exception_code": "0xc0000094",
"symbol": "",
"address": "0x1dde3b5"
}
},
"time": 1567057986.906,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 278
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "0\nx\n1\nd\ne\n7\nd\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637540,
"edi": 31099416,
"eax": 0,
"ebp": 1637892,
"edx": 31318796,
"ebx": 31260856,
"esi": 31318796,
"ecx": 31260856
},
"exception": {
"instruction_r": "f7 f0 eb 03 9a 1e 07 eb 16 eb 02 35 5b eb 02 0f",
"instruction": "div eax",
"exception_code": "0xc0000094",
"symbol": "",
"address": "0x1dde3b5"
}
},
"time": 1567057986.906,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 282
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "0\nx\n1\nd\ne\n8\n0\n5\n3\n\n\n0\nx\n1\nd\ne\n7\n8\n4\nd\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637128,
"edi": 31099416,
"eax": 0,
"ebp": 1637484,
"edx": 1637508,
"ebx": 31260856,
"esi": 31321790,
"ecx": 31260856
},
"exception": {
"instruction_r": "0f 0b 0f 0b eb 04 82 64 19 05 eb 01 28 f7 f0 eb",
"instruction": "ud2",
"exception_code": "0xc000001d",
"symbol": "",
"address": "0x1ddef51"
}
},
"time": 1567057986.922,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 284
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "0\nx\n1\nd\ne\nb\nd\nf\n8\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637532,
"edi": 31099416,
"eax": 0,
"ebp": 1637884,
"edx": 31318796,
"ebx": 31260856,
"esi": 31318796,
"ecx": 31260856
},
"exception": {
"instruction_r": "f7 f0 eb 03 9a 1e 07 eb 16 eb 02 35 5b eb 02 0f",
"instruction": "div eax",
"exception_code": "0xc0000094",
"symbol": "",
"address": "0x1dde3b5"
}
},
"time": 1567057986.922,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 285
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "0\nx\n1\nd\ne\nc\na\nd\na\n\n\n0\nx\n1\nd\ne\n7\n8\nf\nc\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637412,
"edi": 31099416,
"eax": 0,
"ebp": 1637768,
"edx": 4294967295,
"ebx": 31260856,
"esi": 31321790,
"ecx": 31260856
},
"exception": {
"instruction_r": "f7 f0 eb 02 2b 99 eb 06 eb 04 81 a5 9b 38 eb 03",
"instruction": "div eax",
"exception_code": "0xc0000094",
"symbol": "",
"address": "0x1ddef5e"
}
},
"time": 1567057986.922,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 287
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "0\nx\n1\nd\ne\n7\n9\n4\n5\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637540,
"edi": 31099416,
"eax": 0,
"ebp": 1637896,
"edx": 2902880718,
"ebx": 31260856,
"esi": 31321790,
"ecx": 31260856
},
"exception": {
"instruction_r": "0f 0b 0f 0b eb 04 82 64 19 05 eb 01 28 f7 f0 eb",
"instruction": "ud2",
"exception_code": "0xc000001d",
"symbol": "",
"address": "0x1ddef51"
}
},
"time": 1567057986.922,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 288
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "0\nx\n1\nd\ne\n9\n1\n6\n3\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1637244,
"edi": 5144772,
"eax": 0,
"ebp": 1637596,
"edx": 31318796,
"ebx": 31260856,
"esi": 31318796,
"ecx": 31260856
},
"exception": {
"instruction_r": "f7 f0 eb 03 9a 1e 07 eb 16 eb 02 35 5b eb 02 0f",
"instruction": "div eax",
"exception_code": "0xc0000094",
"symbol": "",
"address": "0x1dde3b5"
}
},
"time": 1567057986.922,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 303
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "0\nx\n1\nd\ne\n9\n8\nd\na\n\n\n0\nx\n1\nd\ne\ne\n6\ne\n5\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1636964,
"edi": 5144772,
"eax": 0,
"ebp": 1637316,
"edx": 31318796,
"ebx": 31260856,
"esi": 31318796,
"ecx": 31260856
},
"exception": {
"instruction_r": "f7 f0 eb 03 9a 1e 07 eb 16 eb 02 35 5b eb 02 0f",
"instruction": "div eax",
"exception_code": "0xc0000094",
"symbol": "",
"address": "0x1dde3b5"
}
},
"time": 1567057986.922,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 305
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "0\nx\n1\nd\nd\nf\na\nc\n4\n\n\n0\nx\n1\nd\ne\n9\n1\n7\nd\n\n\n0\nx\n1\nd\ne\ne\n6\ne\n5\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1636932,
"edi": 5144772,
"eax": 0,
"ebp": 1637284,
"edx": 31318796,
"ebx": 31260856,
"esi": 31318796,
"ecx": 31260856
},
"exception": {
"instruction_r": "f7 f0 eb 03 9a 1e 07 eb 16 eb 02 35 5b eb 02 0f",
"instruction": "div eax",
"exception_code": "0xc0000094",
"symbol": "",
"address": "0x1dde3b5"
}
},
"time": 1567057986.922,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 309
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "0\nx\n1\nd\nd\nf\nb\na\n8\n\n\n0\nx\n1\nd\ne\n9\n9\n4\n1\n\n\n0\nx\n1\nd\ne\n9\n1\n7\nd\n\n\n0\nx\n1\nd\ne\ne\n6\ne\n5\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\n1\n0\n2\n7\n5\n0\n \n@\n \n0\nx\n5\n0\n2\n7\n5\n0\n\n\n3\n8\n1\nf\nf\n8\n0\n4\n2\n6\n7\nb\n9\n5\n4\n2\n7\n2\n0\nf\n5\nd\n5\nf\n7\n6\nf\nb\n7\n1\nd\n1\n6\n0\n4\n2\nb\n4\n1\n8\nb\nf\n9\n4\n4\n9\n8\n0\n6\na\nb\nd\n3\n3\nf\nf\n0\n6\n5\nb\n5\nb\n2\n6\n+\n0\nx\ne\ne\nf\na\n8\n \n@\n \n0\nx\n4\ne\ne\nf\na\n8",
"registers": {
"esp": 1636920,
"edi": 5144772,
"eax": 0,
"ebp": 1637276,
"edx": 0,
"ebx": 14834580,
"esi": 31321790,
"ecx": 31260856
},
"exception": {
"instruction_r": "0f 0b 0f 0b eb 04 82 64 19 05 eb 01 28 f7 f0 eb",
"instruction": "ud2",
"exception_code": "0xc000001d",
"symbol": "",
"address": "0x1ddef51"
}
},
"time": 1567057986.922,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 311
}
],
"references": [],
"name": "raises_exception"
},
{
"markcount": 12,
"families": [],
"description": "Allocates read-write-execute memory (usually to unpack itself)",
"severity": 2,
"marks": [
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtAllocateVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 1512,
"region_size": 593920,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 0,
"protection": 64,
"process_handle": "0xffffffff",
"allocation_type": 12288,
"base_address": "0x01d20000"
},
"time": 1567057986.875,
"tid": 2732,
"flags": {
"protection": "PAGE_EXECUTE_READWRITE",
"allocation_type": "MEM_COMMIT|MEM_RESERVE"
}
},
"pid": 1512,
"type": "call",
"cid": 13
},
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtAllocateVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 1512,
"region_size": 278528,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 0,
"protection": 64,
"process_handle": "0xffffffff",
"allocation_type": 12288,
"base_address": "0x01dd0000"
},
"time": 1567057986.875,
"tid": 2732,
"flags": {
"protection": "PAGE_EXECUTE_READWRITE",
"allocation_type": "MEM_COMMIT|MEM_RESERVE"
}
},
"pid": 1512,
"type": "call",
"cid": 19
},
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtProtectVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 1512,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 0,
"length": 262144,
"protection": 64,
"process_handle": "0xffffffff",
"base_address": "0x75181000"
},
"time": 1567057986.875,
"tid": 2732,
"flags": {
"protection": "PAGE_EXECUTE_READWRITE"
}
},
"pid": 1512,
"type": "call",
"cid": 58
},
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtProtectVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 1512,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 0,
"length": 4096,
"protection": 64,
"process_handle": "0xffffffff",
"base_address": "0x77ba0000"
},
"time": 1567057986.875,
"tid": 2732,
"flags": {
"protection": "PAGE_EXECUTE_READWRITE"
}
},
"pid": 1512,
"type": "call",
"cid": 66
},
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtProtectVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 1512,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 0,
"length": 442368,
"protection": 64,
"process_handle": "0xffffffff",
"base_address": "0x00402000"
},
"time": 1567057986.89,
"tid": 2732,
"flags": {
"protection": "PAGE_EXECUTE_READWRITE"
}
},
"pid": 1512,
"type": "call",
"cid": 137
},
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtProtectVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 1512,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 0,
"length": 442368,
"protection": 64,
"process_handle": "0xffffffff",
"base_address": "0x00402000"
},
"time": 1567057986.89,
"tid": 2732,
"flags": {
"protection": "PAGE_EXECUTE_READWRITE"
}
},
"pid": 1512,
"type": "call",
"cid": 138
},
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtProtectVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 1512,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 0,
"length": 4096,
"protection": 64,
"process_handle": "0xffffffff",
"base_address": "0x00402000"
},
"time": 1567057986.89,
"tid": 2732,
"flags": {
"protection": "PAGE_EXECUTE_READWRITE"
}
},
"pid": 1512,
"type": "call",
"cid": 146
},
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtAllocateVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 1512,
"region_size": 4096,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 0,
"protection": 64,
"process_handle": "0xffffffff",
"allocation_type": 12288,
"base_address": "0x01f30000"
},
"time": 1567057986.89,
"tid": 2732,
"flags": {
"protection": "PAGE_EXECUTE_READWRITE",
"allocation_type": "MEM_COMMIT|MEM_RESERVE"
}
},
"pid": 1512,
"type": "call",
"cid": 150
},
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtProtectVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 1512,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 0,
"length": 331776,
"protection": 64,
"process_handle": "0xffffffff",
"base_address": "0x77571000"
},
"time": 1567057986.922,
"tid": 2732,
"flags": {
"protection": "PAGE_EXECUTE_READWRITE"
}
},
"pid": 1512,
"type": "call",
"cid": 378
},
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtProtectVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 1512,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 0,
"length": 299008,
"protection": 64,
"process_handle": "0xffffffff",
"base_address": "0x76310000"
},
"time": 1567057986.922,
"tid": 2732,
"flags": {
"protection": "PAGE_EXECUTE_READWRITE"
}
},
"pid": 1512,
"type": "call",
"cid": 382
},
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtProtectVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 1512,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 0,
"length": 651264,
"protection": 64,
"process_handle": "0xffffffff",
"base_address": "0x76531000"
},
"time": 1567057986.922,
"tid": 2732,
"flags": {
"protection": "PAGE_EXECUTE_READWRITE"
}
},
"pid": 1512,
"type": "call",
"cid": 391
},
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtProtectVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 1512,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 0,
"length": 258048,
"protection": 64,
"process_handle": "0xffffffff",
"base_address": "0x75db1000"
},
"time": 1567057986.922,
"tid": 2732,
"flags": {
"protection": "PAGE_EXECUTE_READWRITE"
}
},
"pid": 1512,
"type": "call",
"cid": 397
}
],
"references": [],
"name": "allocates_rwx"
},
{
"markcount": 2,
"families": [],
"description": "Creates hidden or system file",
"severity": 2,
"marks": [
{
"call": {
"category": "file",
"status": 1,
"stacktrace": [],
"api": "SetFileAttributesW",
"return_value": 1,
"arguments": {
"file_attributes": 2,
"filepath_r": "C:\\Users\\cuck\\AppData\\Roaming\\Obsidium\\{EAF3AA4B-98B402DE-21B3A957-A3EAA5C4}",
"filepath": "C:\\Users\\cuck\\AppData\\Roaming\\Obsidium\\{EAF3AA4B-98B402DE-21B3A957-A3EAA5C4}"
},
"time": 1567057986.922,
"tid": 2732,
"flags": {
"file_attributes": "FILE_ATTRIBUTE_HIDDEN"
}
},
"pid": 1512,
"type": "call",
"cid": 294
},
{
"call": {
"category": "file",
"status": 1,
"stacktrace": [],
"api": "NtCreateFile",
"return_value": 0,
"arguments": {
"create_disposition": 5,
"file_handle": "0x0000011c",
"filepath": "C:\\Users\\cuck\\AppData\\Roaming\\Obsidium\\{EAF3AA4B-98B402DE-21B3A957-A3EAA5C4}\\000005E8.obs",
"desired_access": "0xc0110080",
"file_attributes": 2,
"filepath_r": "\\??\\C:\\Users\\cuck\\AppData\\Roaming\\Obsidium\\{EAF3AA4B-98B402DE-21B3A957-A3EAA5C4}\\000005E8.obs",
"create_options": 4192,
"status_info": 2,
"share_access": 0
},
"time": 1567057986.922,
"tid": 2732,
"flags": {
"create_disposition": "FILE_OVERWRITE_IF",
"desired_access": "FILE_READ_ATTRIBUTES|DELETE|SYNCHRONIZE|GENERIC_WRITE",
"create_options": "FILE_NON_DIRECTORY_FILE|FILE_SYNCHRONOUS_IO_NONALERT|FILE_DELETE_ON_CLOSE",
"file_attributes": "FILE_ATTRIBUTE_HIDDEN",
"status_info": "FILE_CREATED",
"share_access": ""
}
},
"pid": 1512,
"type": "call",
"cid": 296
}
],
"references": [],
"name": "creates_hidden_file"
},
{
"markcount": 1,
"families": [],
"description": "Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time)",
"severity": 2,
"marks": [
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtProtectVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 1512,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 1,
"length": 4096,
"protection": 32,
"process_handle": "0xffffffff",
"base_address": "0x01e30000"
},
"time": 1567057986.89,
"tid": 2732,
"flags": {
"protection": "PAGE_EXECUTE_READ"
}
},
"pid": 1512,
"type": "call",
"cid": 149
}
],
"references": [],
"name": "protection_rx"
},
{
"markcount": 3,
"families": [],
"description": "The binary likely contains encrypted or compressed data indicative of a packer",
"severity": 2,
"marks": [
{
"entropy": 6.9836991716041,
"section": {
"size_of_data": "0x0003b1c4",
"virtual_address": "0x000ad000",
"entropy": 6.9836991716041,
"name": ".rsrc",
"virtual_size": "0x0003b1c4"
},
"type": "generic",
"description": "A section with a high entropy has been found"
},
{
"entropy": 7.9971440267011,
"section": {
"size_of_data": "0x00019e59",
"virtual_address": "0x000e9000",
"entropy": 7.9971440267011,
"name": "",
"virtual_size": "0x0001a000"
},
"type": "generic",
"description": "A section with a high entropy has been found"
},
{
"entropy": 0.99853169334186,
"type": "generic",
"description": "Overall entropy of this PE file is high"
}
],
"references": [
"http:\/\/www.forensickb.com\/2013\/03\/file-entropy-explained.html",
"http:\/\/virii.es\/U\/Using%20Entropy%20Analysis%20to%20Find%20Encrypted%20and%20Packed%20Malware.pdf"
],
"name": "packer_entropy"
},
{
"markcount": 1,
"families": [],
"description": "Expresses interest in specific running processes",
"severity": 2,
"marks": [
{
"category": "process",
"ioc": "381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26.bin",
"type": "ioc",
"description": null
}
],
"references": [],
"name": "process_interest"
},
{
"markcount": 2,
"families": [],
"description": "Checks for the presence of known devices from debuggers and forensic tools",
"severity": 3,
"marks": [
{
"category": "file",
"ioc": "\\??\\SICE",
"type": "ioc",
"description": null
},
{
"category": "file",
"ioc": "\\??\\NTICE",
"type": "ioc",
"description": null
}
],
"references": [],
"name": "antidbg_devices"
},
{
"markcount": 3,
"families": [],
"description": "Checks for the presence of known windows from debuggers and forensic tools",
"severity": 3,
"marks": [
{
"call": {
"category": "ui",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "FindWindowW",
"return_value": 0,
"arguments": {
"class_name": "WinDbgFrameClass",
"window_name": ""
},
"time": 1567057986.875,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 25
},
{
"call": {
"category": "ui",
"status": 0,
"stacktrace": [],
"last_error": 0,
"nt_status": -1073741772,
"api": "FindWindowW",
"return_value": 0,
"arguments": {
"class_name": "OLLYDBG",
"window_name": ""
},
"time": 1567057986.875,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 27
},
{
"call": {
"category": "ui",
"status": 1,
"stacktrace": [],
"api": "FindWindowExW",
"return_value": 1639142,
"arguments": {
"class_name": "OLLYDBG",
"parent_hwnd": "0x00000000",
"child_after_hwnd": "0x00000000",
"window_name": "OllyDBg"
},
"time": 1567057986.89,
"tid": 2732,
"flags": {}
},
"pid": 1512,
"type": "call",
"cid": 112
}
],
"references": [],
"name": "antidbg_windows"
},
{
"markcount": 1,
"families": [],
"description": "Detects VirtualBox through the presence of a device",
"severity": 3,
"marks": [
{
"category": "file",
"ioc": "\\??\\VBoxGuest",
"type": "ioc",
"description": null
}
],
"references": [],
"name": "antivm_vbox_devices"
}
]Yara
The Yara rules did not detect anything in the file.
Network
{
"tls": [],
"udp": [
{
"src": "192.168.56.101",
"dst": "192.168.56.255",
"offset": 546,
"time": 3.0789890289307,
"dport": 137,
"sport": 137
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 3346,
"time": 3.0361969470978,
"dport": 5355,
"sport": 51001
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 3674,
"time": 1.0161118507385,
"dport": 5355,
"sport": 53595
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 4002,
"time": 3.0474109649658,
"dport": 5355,
"sport": 53848
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 4330,
"time": 1.653284072876,
"dport": 5355,
"sport": 54255
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 4658,
"time": -0.091340065002441,
"dport": 5355,
"sport": 55314
},
{
"src": "192.168.56.101",
"dst": "239.255.255.250",
"offset": 4986,
"time": 1.0807118415833,
"dport": 1900,
"sport": 1900
},
{
"src": "192.168.56.101",
"dst": "239.255.255.250",
"offset": 12604,
"time": 1.046660900116,
"dport": 3702,
"sport": 49152
},
{
"src": "192.168.56.101",
"dst": "239.255.255.250",
"offset": 16796,
"time": 3.1246619224548,
"dport": 1900,
"sport": 53598
}
],
"dns_servers": [],
"http": [],
"icmp": [],
"smtp": [],
"tcp": [],
"smtp_ex": [],
"mitm": [],
"hosts": [],
"pcap_sha256": "a35f66c213cca721bd9ffcff86704f3dba9a29dc803b10bae5ee8f440be21287",
"dns": [],
"http_ex": [],
"domains": [],
"dead_hosts": [],
"sorted_pcap_sha256": "172ecb0696026be728785d4a09ad657de4c51ad8ec498bdbb15ad2fc5a500aa9",
"irc": [],
"https_ex": []
}Screenshots
WinZip_Keygen.myegy.exe removal instructions
The instructions below shows how to remove WinZip_Keygen.myegy.exe with help from the FreeFixer removal tool. Basically, you install FreeFixer, scan your computer, check the WinZip_Keygen.myegy.exe file for removal, restart your computer and scan it again to verify that WinZip_Keygen.myegy.exe has been successfully removed. Here are the removal instructions in more detail:
- Download and install FreeFixer: http://www.freefixer.com/download.html
- Start FreeFixer and press the Start Scan button. The scan will finish in approximately five minutes.
- When the scan is finished, locate WinZip_Keygen.myegy.exe in the scan result and tick the checkbox next to the WinZip_Keygen.myegy.exe file. Do not check any other file for removal unless you are 100% sure you want to delete it. Tip: Press CTRL-F to open up FreeFixer's search dialog to quickly locate WinZip_Keygen.myegy.exe in the scan result.
c:\downloads\WinZip_Keygen.myegy.exe 
- Scroll down to the bottom of the scan result and press the Fix button. FreeFixer will now delete the WinZip_Keygen.myegy.exe file.
- Restart your computer.
- Start FreeFixer and scan your computer again. If WinZip_Keygen.myegy.exe still remains in the scan result, proceed with the next step. If WinZip_Keygen.myegy.exe is gone from the scan result you're done.
- If WinZip_Keygen.myegy.exe still remains in the scan result, check its checkbox again in the scan result and click Fix.
- Restart your computer.
- Start FreeFixer and scan your computer again. Verify that WinZip_Keygen.myegy.exe no longer appear in the scan result.
Hashes [?]
| Property | Value |
|---|---|
| MD5 | db73fbb0648aa054a6dd0e3979c77f04 |
| SHA256 | 381ff804267b9542720f5d5f76fb71d16042b418bf9449806abd33ff065b5b26 |
Error Messages
These are some of the error messages that can appear related to winzip_keygen.myegy.exe:
winzip_keygen.myegy.exe has encountered a problem and needs to close. We are sorry for the inconvenience.
winzip_keygen.myegy.exe - Application Error. The instruction at "0xXXXXXXXX" referenced memory at "0xXXXXXXXX". The memory could not be "read/written". Click on OK to terminate the program.
Winzip_Keygen_By_DeltaFoX/TeamURET has stopped working.
End Program - winzip_keygen.myegy.exe. This program is not responding.
winzip_keygen.myegy.exe is not a valid Win32 application.
winzip_keygen.myegy.exe - Application Error. The application failed to initialize properly (0xXXXXXXXX). Click OK to terminate the application.
What will you do with the file?
To help other users, please let us know what you will do with the file:
Comments
Please share with the other users what you think about this file. What does this file do? Is it legitimate or something that your computer is better without? Do you know how it was installed on your system? Did you install it yourself or did it come bundled with some other software? Is it running smoothly or do you get some error message? Any information that will help to document this file is welcome. Thank you for your contributions.
I'm reading all new comments so don't hesitate to post a question about the file. If I don't have the answer perhaps another user can help you.
No comments posted yet.