RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000 RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000 R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000 R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000 R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000 R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000 R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000 R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000 RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0 IP: 0x0000000000200000 E800000000 CALL 0x200005 Memory STOR, address 0x00000000001fdffc, size 4, value 05002000 RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000 RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000 R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000 R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000 R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000 R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000 R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000 R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000 RIP = 0x0000000000200005 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0 IP: 0x0000000000200005 5D POP ebp Memory LOAD, address 0x00000000001fdffc, size 4, value 05002000 RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000 RSP = 0x00000000001fe000 RBP = 0x0000000000200005 RSI = 0x0000000000000000 RDI = 0x0000000000000000 R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000 R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000 R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000 R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000 R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000 R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000 RIP = 0x0000000000200006 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0 IP: 0x0000000000200006 83ED05 SUB ebp, 0x00000005 RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000 RSP = 0x00000000001fe000 RBP = 0x0000000000200000 RSI = 0x0000000000000000 RDI = 0x0000000000000000 R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000 R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000 R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000 R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000 R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000 R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000 RIP = 0x0000000000200009 RFLAGS = 0x0000000000000206 CF:0 PF:1 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0 IP: 0x0000000000200009 8D851B000000 LEA eax, [ebp+0x1b] RAX = 0x000000000020001b RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000 RSP = 0x00000000001fe000 RBP = 0x0000000000200000 RSI = 0x0000000000000000 RDI = 0x0000000000000000 R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000 R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000 R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000 R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000 R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000 R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000 RIP = 0x000000000020000f RFLAGS = 0x0000000000000206 CF:0 PF:1 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0 IP: 0x000000000020000f 89851C000000 MOV dword ptr [ebp+0x1c], eax Memory STOR, address 0x000000000020001c, size 4, value 1B002000 RAX = 0x000000000020001b RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000 RSP = 0x00000000001fe000 RBP = 0x0000000000200000 RSI = 0x0000000000000000 RDI = 0x0000000000000000 R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000 R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000 R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000 R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000 R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000 R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000 RIP = 0x0000000000200015 RFLAGS = 0x0000000000000206 CF:0 PF:1 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0 IP: 0x0000000000200015 FF9D1C000000 CALLF fword ptr [ebp+0x1c] Memory LOAD, address 0x000000000020001c, size 6, value 1B0020003300 Emulation terminated with status 0x0000000a, flags: 0x82, 0 NOPs, 0 NULLs, 7 total instructions, 6 unique instructions SHEMU_FLAG_LOAD_RIP SHEMU_FLAG_HEAVENS_GATE