What is video-media-player.exe?
video-media-player.exe is part of Finifatipo and developed by according to the video-media-player.exe version information.
video-media-player.exe's description is "Finifatipo Setup "
video-media-player.exe is usually located in the 'c:\downloads\' folder.
Some of the anti-virus scanners at VirusTotal detected video-media-player.exe.
If you have additional information about the file, please share it with the FreeFixer users by posting a comment at the bottom of this page.
Vendor and version information [?]
The following is the available information on video-media-player.exe:
| Property | Value |
|---|---|
| Product name | Finifatipo |
| Company name | |
| File description | Finifatipo Setup |
| Comments | This installation was built with Inno Setup. |
| Legal copyright | |
| Product version | 4.7.7 |
| File version | 4.6.3.8 |
Here's a screenshot of the file properties when displayed by Windows Explorer:
| Product name | Finifatipo .. |
| Company name | .. |
| File description | Finifatipo Setup .. |
| Comments | This installation was built with Inn.. |
| Legal copyright | .. |
| Product version | 4.7.7 .. |
| File version | 4.6.3.8 |
Digital signatures [?]
The verification of video-media-player.exe's digital signature failed.
| Property | Value |
|---|---|
| Signer name | Advwebstudio 2.0 Srl |
| Certificate issuer name | thawte SHA256 Code Signing CA |
| Certificate serial number | 432bce3ab5e55db783fbd23baa13e86a |
VirusTotal report
40 of the 72 anti-virus programs at VirusTotal detected the video-media-player.exe file. That's a 56% detection rate.
| Scanner | Detection Name |
|---|---|
| Ad-Aware | Application.DealAgent.ACKH |
| Alibaba | AdWare:Win32/InstallCore.70feab73 |
| Arcabit | Application.DealAgent.ACKH |
| AVG | FileRepMalware [PUP] |
| BitDefender | Application.DealAgent.ACKH |
| CAT-QuickHeal | Trojan.InstallCore |
| Comodo | Malware@#30h5lmet50vfh |
| CrowdStrike | win/malicious_confidence_100% (D) |
| Cybereason | malicious.77adfb |
| Cylance | Unsafe |
| Cyren | W32/Trojan.YRDZ-8935 |
| Emsisoft | Application.InstallAd (A) |
| Endgame | malicious (high confidence) |
| ESET-NOD32 | Win32/InstallCore.Gen.A potentially unwanted |
| FireEye | Generic.mg.f1141e677adfb7d2 |
| Fortinet | Adware/DealPly |
| GData | Win32.Application.InstallCore.LR@gen |
| Invincea | heuristic |
| K7AntiVirus | Adware ( 0051ad261 ) |
| K7GW | Adware ( 0051ad261 ) |
| Kaspersky | not-a-virus:AdWare.Win32.DealPly.dphik |
| Malwarebytes | PUP.Optional.InstallCore.Generic |
| MaxSecure | Trojan.Malware.73644151.susgen |
| McAfee | Artemis!F1141E677ADF |
| McAfee-GW-Edition | Artemis |
| Microsoft | PUA:Win32/InstallCore |
| MicroWorld-eScan | Application.DealAgent.ACKH |
| NANO-Antivirus | Virus.Win32.Gen-Crypt.ccnc |
| Panda | Generic Malware |
| Qihoo-360 | HEUR/QVM42.2.2A53.Malware.Gen |
| Rising | PUF.InstallCore!1.AB2C (CLASSIC) |
| SentinelOne | DFI - Suspicious PE |
| Sophos | InnoMod (PUA) |
| Symantec | ML.Attribute.HighConfidence |
| TrendMicro-HouseCall | TROJ_GEN.R002H0CCG19 |
| VBA32 | Adware.DealPly |
| VIPRE | Trojan.Win32.Generic!BT |
| Webroot | W32.Adware.Gen |
| Zillya | Tool.DealAgent.Win32.283 |
| ZoneAlarm | not-a-virus:AdWare.Win32.DealPly.dphik |
Sandbox Report
The following information was gathered by executing the file inside Cuckoo Sandbox.
Summary
Successfully executed process in sandbox.
Summary
{
"file_opened": [
"C:\\Windows\\SysWOW64\\en-US\\KERNELBASE.dll.mui",
"C:\\Windows\\System32\\netmsg.dll",
"C:\\Users\\cuck\\AppData\\Local\\Temp\\2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin"
],
"regkey_opened": [
"HKEY_CURRENT_USER\\Software\\Borland\\Delphi\\Locales",
"HKEY_LOCAL_MACHINE\\Software\\Borland\\Locales",
"HKEY_CURRENT_USER\\Software\\Borland\\Locales"
],
"file_read": [
"C:\\Users\\cuck\\AppData\\Local\\Temp\\2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin"
],
"regkey_read": [
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CustomLocale\\en-US",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\ExtendedLocale\\en-US"
],
"dll_loaded": [
"Kernel32",
"kernel32",
"kernel32.dll",
"oleaut32.dll",
"advapi32.dll",
"shell32.dll",
"user32.dll"
]
}Generic
[
{
"process_path": "C:\\Users\\cuck\\AppData\\Local\\Temp\\2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"process_name": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"pid": 2456,
"summary": {
"file_opened": [
"C:\\Windows\\SysWOW64\\en-US\\KERNELBASE.dll.mui",
"C:\\Windows\\System32\\netmsg.dll",
"C:\\Users\\cuck\\AppData\\Local\\Temp\\2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin"
],
"regkey_opened": [
"HKEY_CURRENT_USER\\Software\\Borland\\Delphi\\Locales",
"HKEY_LOCAL_MACHINE\\Software\\Borland\\Locales",
"HKEY_CURRENT_USER\\Software\\Borland\\Locales"
],
"file_read": [
"C:\\Users\\cuck\\AppData\\Local\\Temp\\2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin"
],
"regkey_read": [
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CustomLocale\\en-US",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\ExtendedLocale\\en-US"
],
"dll_loaded": [
"Kernel32",
"kernel32",
"kernel32.dll",
"oleaut32.dll",
"advapi32.dll",
"shell32.dll",
"user32.dll"
]
},
"first_seen": 1576594385.609375,
"ppid": 2780
},
{
"process_path": "C:\\Windows\\System32\\lsass.exe",
"process_name": "lsass.exe",
"pid": 476,
"summary": {},
"first_seen": 1576594385.328125,
"ppid": 376
}
]Signatures
[
{
"markcount": 3,
"families": [],
"description": "The executable contains unknown PE section names indicative of a packer (could be a false positive)",
"severity": 1,
"marks": [
{
"category": "section",
"ioc": "CODE",
"type": "ioc",
"description": null
},
{
"category": "section",
"ioc": "DATA",
"type": "ioc",
"description": null
},
{
"category": "section",
"ioc": "BSS",
"type": "ioc",
"description": null
}
],
"references": [],
"name": "pe_features"
},
{
"markcount": 580,
"families": [],
"description": "One or more processes crashed",
"severity": 1,
"marks": [
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1636864,
"edi": 1636831,
"eax": 343398293,
"ebp": 4236358,
"edx": 4,
"ebx": 4294967292,
"esi": 4294967295,
"ecx": 1
},
"exception": {
"symbol": "",
"exception_code": "0xc0000005",
"address": "0x296f7bc7"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047491
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1635092,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047492
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1633320,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047493
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1631548,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047494
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1629776,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047495
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1628004,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047496
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1626232,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047497
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1624460,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047498
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1622688,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047499
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1620916,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047500
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1619144,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047501
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1617372,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047502
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1615600,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047503
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1613828,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047504
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1612056,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047505
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1610284,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047506
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1608512,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047507
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1606740,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047508
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1604968,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047509
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1603196,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047510
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1601424,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047511
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1599652,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047512
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1597880,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047513
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1596108,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047514
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1594336,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047515
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1592564,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047516
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1590792,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047517
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1589020,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047518
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1587248,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047519
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1585476,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047520
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1583704,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047521
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1581932,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047522
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1580160,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047523
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1578388,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047524
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1576616,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047525
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1574844,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047526
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1573072,
"edi": 0,
"eax": 0,
"ebp": 24,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047527
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1571300,
"edi": 0,
"eax": 0,
"ebp": 23,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047528
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1569528,
"edi": 0,
"eax": 0,
"ebp": 23,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047529
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1567756,
"edi": 0,
"eax": 0,
"ebp": 23,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047530
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1565984,
"edi": 0,
"eax": 0,
"ebp": 23,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047531
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1564212,
"edi": 0,
"eax": 0,
"ebp": 23,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047532
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1562440,
"edi": 0,
"eax": 0,
"ebp": 23,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047533
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1560668,
"edi": 0,
"eax": 0,
"ebp": 23,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047534
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1558896,
"edi": 0,
"eax": 0,
"ebp": 23,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047535
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1557124,
"edi": 0,
"eax": 0,
"ebp": 23,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047536
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1555352,
"edi": 0,
"eax": 0,
"ebp": 23,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047537
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1553580,
"edi": 0,
"eax": 0,
"ebp": 23,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047538
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1551808,
"edi": 0,
"eax": 0,
"ebp": 23,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047539
},
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "",
"registers": {
"esp": 1550036,
"edi": 0,
"eax": 0,
"ebp": 23,
"edx": 2008902349,
"ebx": 0,
"esi": 0,
"ecx": 4237342
},
"exception": {
"instruction_r": "1f d6 33 d1 81 f2 12 ef e0 29 81 e2 4d 90 eb 66",
"symbol": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137+0x2ccf",
"instruction": "pop ds",
"module": "2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137.bin",
"exception_code": "0xc0000005",
"offset": 11471,
"address": "0x402ccf"
}
},
"time": 1576594447.749375,
"tid": 2676,
"flags": {}
},
"pid": 2456,
"type": "call",
"cid": 1047540
}
],
"references": [],
"name": "raises_exception"
},
{
"markcount": 5,
"families": [],
"description": "Allocates read-write-execute memory (usually to unpack itself)",
"severity": 2,
"marks": [
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtProtectVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 2456,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 0,
"length": 4096,
"protection": 64,
"process_handle": "0xffffffff",
"base_address": "0x00400000"
},
"time": 1576594385.702375,
"tid": 2676,
"flags": {
"protection": "PAGE_EXECUTE_READWRITE"
}
},
"pid": 2456,
"type": "call",
"cid": 71
},
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtProtectVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 2456,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 0,
"length": 40960,
"protection": 64,
"process_handle": "0xffffffff",
"base_address": "0x00401000"
},
"time": 1576594385.702375,
"tid": 2676,
"flags": {
"protection": "PAGE_EXECUTE_READWRITE"
}
},
"pid": 2456,
"type": "call",
"cid": 73
},
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtProtectVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 2456,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 0,
"length": 20480,
"protection": 64,
"process_handle": "0xffffffff",
"base_address": "0x0040f000"
},
"time": 1576594385.702375,
"tid": 2676,
"flags": {
"protection": "PAGE_EXECUTE_READWRITE"
}
},
"pid": 2456,
"type": "call",
"cid": 75
},
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtAllocateVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 2456,
"region_size": 1863680,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 0,
"protection": 64,
"process_handle": "0xffffffff",
"allocation_type": 4096,
"base_address": "0x02240000"
},
"time": 1576594447.452375,
"tid": 2676,
"flags": {
"protection": "PAGE_EXECUTE_READWRITE",
"allocation_type": "MEM_COMMIT"
}
},
"pid": 2456,
"type": "call",
"cid": 1047346
},
{
"call": {
"category": "process",
"status": 1,
"stacktrace": [],
"api": "NtAllocateVirtualMemory",
"return_value": 0,
"arguments": {
"process_identifier": 2456,
"region_size": 1859584,
"stack_dep_bypass": 0,
"stack_pivoted": 0,
"heap_dep_bypass": 0,
"protection": 64,
"process_handle": "0xffffffff",
"allocation_type": 4096,
"base_address": "0x02410000"
},
"time": 1576594447.452375,
"tid": 2676,
"flags": {
"protection": "PAGE_EXECUTE_READWRITE",
"allocation_type": "MEM_COMMIT"
}
},
"pid": 2456,
"type": "call",
"cid": 1047351
}
],
"references": [],
"name": "allocates_rwx"
}
]Yara
The Yara rules did not detect anything in the file.
Network
{
"tls": [],
"udp": [
{
"src": "192.168.56.101",
"dst": "192.168.56.255",
"offset": 662,
"time": 6.1977269649505615,
"dport": 137,
"sport": 137
},
{
"src": "192.168.56.101",
"dst": "192.168.56.255",
"offset": 5990,
"time": 12.245476961135864,
"dport": 138,
"sport": 138
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 7834,
"time": 6.1789751052856445,
"dport": 5355,
"sport": 51001
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 8162,
"time": 4.15706205368042,
"dport": 5355,
"sport": 53595
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 8490,
"time": 6.18625807762146,
"dport": 5355,
"sport": 53848
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 8818,
"time": 4.783844947814941,
"dport": 5355,
"sport": 54255
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 9146,
"time": 3.031930923461914,
"dport": 5355,
"sport": 55314
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 9474,
"time": 70.88909697532654,
"dport": 5355,
"sport": 55880
},
{
"src": "192.168.56.101",
"dst": "239.255.255.250",
"offset": 9794,
"time": 4.699214935302734,
"dport": 1900,
"sport": 1900
},
{
"src": "192.168.56.101",
"dst": "239.255.255.250",
"offset": 29204,
"time": 4.178241014480591,
"dport": 3702,
"sport": 49152
},
{
"src": "192.168.56.101",
"dst": "239.255.255.250",
"offset": 37588,
"time": 6.244746923446655,
"dport": 1900,
"sport": 53598
}
],
"dns_servers": [],
"http": [],
"icmp": [],
"smtp": [],
"tcp": [],
"smtp_ex": [],
"mitm": [],
"hosts": [],
"pcap_sha256": "96dccc0bae048e35775213cfdd61c8d4a5de6752588dc3355474ca0ea00a4b3f",
"dns": [],
"http_ex": [],
"domains": [],
"dead_hosts": [],
"sorted_pcap_sha256": "e0d3e358826391d720012488707d0bf42992f546964a20ab236665ea53882b12",
"irc": [],
"https_ex": []
}Screenshots
video-media-player.exe removal instructions
The instructions below shows how to remove video-media-player.exe with help from the FreeFixer removal tool. Basically, you install FreeFixer, scan your computer, check the video-media-player.exe file for removal, restart your computer and scan it again to verify that video-media-player.exe has been successfully removed. Here are the removal instructions in more detail:
- Download and install FreeFixer: http://www.freefixer.com/download.html
- Start FreeFixer and press the Start Scan button. The scan will finish in approximately five minutes.
- When the scan is finished, locate video-media-player.exe in the scan result and tick the checkbox next to the video-media-player.exe file. Do not check any other file for removal unless you are 100% sure you want to delete it. Tip: Press CTRL-F to open up FreeFixer's search dialog to quickly locate video-media-player.exe in the scan result.
c:\downloads\video-media-player.exe 
- Scroll down to the bottom of the scan result and press the Fix button. FreeFixer will now delete the video-media-player.exe file.
- Restart your computer.
- Start FreeFixer and scan your computer again. If video-media-player.exe still remains in the scan result, proceed with the next step. If video-media-player.exe is gone from the scan result you're done.
- If video-media-player.exe still remains in the scan result, check its checkbox again in the scan result and click Fix.
- Restart your computer.
- Start FreeFixer and scan your computer again. Verify that video-media-player.exe no longer appear in the scan result.
Hashes [?]
| Property | Value |
|---|---|
| MD5 | f1141e677adfb7d2d85d526bba7c15b1 |
| SHA256 | 2f1d2ac5f0f7c9d8d5db212211cfc0eb2e0ff7eb96b540c935ccea996b9a3137 |
Error Messages
These are some of the error messages that can appear related to video-media-player.exe:
video-media-player.exe has encountered a problem and needs to close. We are sorry for the inconvenience.
video-media-player.exe - Application Error. The instruction at "0xXXXXXXXX" referenced memory at "0xXXXXXXXX". The memory could not be "read/written". Click on OK to terminate the program.
Finifatipo Setup has stopped working.
End Program - video-media-player.exe. This program is not responding.
video-media-player.exe is not a valid Win32 application.
video-media-player.exe - Application Error. The application failed to initialize properly (0xXXXXXXXX). Click OK to terminate the application.
What will you do with the file?
To help other users, please let us know what you will do with the file:
Comments
Please share with the other users what you think about this file. What does this file do? Is it legitimate or something that your computer is better without? Do you know how it was installed on your system? Did you install it yourself or did it come bundled with some other software? Is it running smoothly or do you get some error message? Any information that will help to document this file is welcome. Thank you for your contributions.
I'm reading all new comments so don't hesitate to post a question about the file. If I don't have the answer perhaps another user can help you.
No comments posted yet.