2020-07-21 08:19:18 +00:00
|
|
|
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202
|
|
|
|
Emulating: 0x0000000000200000 XOR eax, eax
|
|
|
|
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200002 RFLAGS = 0x0000000000000246
|
|
|
|
Emulating: 0x0000000000200002 MOV eax, 0xffffffff
|
|
|
|
RAX = 0x00000000ffffffff RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200007 RFLAGS = 0x0000000000000246
|
2020-07-23 11:08:01 +00:00
|
|
|
Emulating: 0x0000000000200007 ADD eax, 0x00000001
|
2020-07-21 08:19:18 +00:00
|
|
|
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x000000000020000a RFLAGS = 0x0000000000000247
|
|
|
|
Emulating: 0x000000000020000a XOR eax, eax
|
|
|
|
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x000000000020000c RFLAGS = 0x0000000000000246
|
|
|
|
Emulating: 0x000000000020000c MOV eax, 0xffffffff
|
|
|
|
RAX = 0x00000000ffffffff RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200011 RFLAGS = 0x0000000000000246
|
2020-07-23 11:08:01 +00:00
|
|
|
Emulating: 0x0000000000200011 ADD eax, 0x00000001
|
2020-07-21 08:19:18 +00:00
|
|
|
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200014 RFLAGS = 0x0000000000000247
|
2020-07-23 11:08:01 +00:00
|
|
|
Emulating: 0x0000000000200014 ADC eax, 0x00000000
|
2020-07-21 08:19:18 +00:00
|
|
|
RAX = 0x0000000000000001 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200017 RFLAGS = 0x0000000000000202
|
|
|
|
Emulating: 0x0000000000200017 XOR eax, eax
|
|
|
|
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200019 RFLAGS = 0x0000000000000246
|
2020-07-23 11:08:01 +00:00
|
|
|
Emulating: 0x0000000000200019 SUB eax, 0x00000001
|
2020-07-21 08:19:18 +00:00
|
|
|
RAX = 0x00000000ffffffff RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x000000000020001c RFLAGS = 0x0000000000000286
|
2020-07-23 11:08:01 +00:00
|
|
|
Emulating: 0x000000000020001c SBB eax, 0x00000000
|
2020-07-21 08:19:18 +00:00
|
|
|
RAX = 0x00000000ffffffff RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x000000000020001f RFLAGS = 0x0000000000000286
|
|
|
|
Emulating: 0x000000000020001f XOR eax, eax
|
|
|
|
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200021 RFLAGS = 0x0000000000000246
|
|
|
|
Emulating: 0x0000000000200021 MOV eax, 0xbdbdbdbd
|
|
|
|
RAX = 0x00000000bdbdbdbd RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200026 RFLAGS = 0x0000000000000246
|
|
|
|
Emulating: 0x0000000000200026 ROL eax, 0x10
|
|
|
|
RAX = 0x00000000bdbdbdbd RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200029 RFLAGS = 0x0000000000000247
|
|
|
|
Emulating: 0x0000000000200029 XOR eax, eax
|
|
|
|
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x000000000020002b RFLAGS = 0x0000000000000246
|
|
|
|
Emulating: 0x000000000020002b MOV eax, 0xbdbdbdbd
|
|
|
|
RAX = 0x00000000bdbdbdbd RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200030 RFLAGS = 0x0000000000000246
|
|
|
|
Emulating: 0x0000000000200030 ROR eax, 0x18
|
|
|
|
RAX = 0x00000000bdbdbdbd RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200033 RFLAGS = 0x0000000000000247
|
|
|
|
Emulating: 0x0000000000200033 XOR eax, eax
|
|
|
|
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200035 RFLAGS = 0x0000000000000246
|
|
|
|
Emulating: 0x0000000000200035 MOV eax, 0xbdbdbdbd
|
|
|
|
RAX = 0x00000000bdbdbdbd RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x000000000020003a RFLAGS = 0x0000000000000246
|
|
|
|
Emulating: 0x000000000020003a RCL eax, 0x18
|
|
|
|
RAX = 0x00000000bd5edede RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x000000000020003d RFLAGS = 0x0000000000000247
|
|
|
|
Emulating: 0x000000000020003d XOR eax, eax
|
|
|
|
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x000000000020003f RFLAGS = 0x0000000000000246
|
|
|
|
Emulating: 0x000000000020003f MOV eax, 0xbdbdbdbd
|
|
|
|
RAX = 0x00000000bdbdbdbd RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200044 RFLAGS = 0x0000000000000246
|
|
|
|
Emulating: 0x0000000000200044 RCR eax, 0x18
|
|
|
|
RAX = 0x000000007b7b7abd RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200047 RFLAGS = 0x0000000000000247
|
|
|
|
Emulating: 0x0000000000200047 XOR eax, eax
|
|
|
|
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200049 RFLAGS = 0x0000000000000246
|
|
|
|
Emulating: 0x0000000000200049 MOV eax, 0xbdbdbdbd
|
|
|
|
RAX = 0x00000000bdbdbdbd RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x000000000020004e RFLAGS = 0x0000000000000246
|
|
|
|
Emulating: 0x000000000020004e SHL eax, 0x18
|
|
|
|
RAX = 0x00000000bd000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200051 RFLAGS = 0x0000000000000286
|
|
|
|
Emulating: 0x0000000000200051 XOR eax, eax
|
|
|
|
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200053 RFLAGS = 0x0000000000000246
|
|
|
|
Emulating: 0x0000000000200053 MOV eax, 0xbdbdbdbd
|
|
|
|
RAX = 0x00000000bdbdbdbd RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x0000000000200058 RFLAGS = 0x0000000000000246
|
|
|
|
Emulating: 0x0000000000200058 SHR eax, 0x18
|
|
|
|
RAX = 0x00000000000000bd RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
|
|
|
|
RSP = 0x0000000000101000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
|
|
|
|
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
|
|
|
|
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
|
|
|
|
RIP = 0x000000000020005b RFLAGS = 0x0000000000000206
|
|
|
|
Emulating: 0x000000000020005b RETN
|
|
|
|
Emulation terminated with status 0x00000002, flags: 0x0, 0 NOPs
|