kn0wl3dge / autodetours Goto Github PK

This project is no longer maintained. You should check out SledRE (https://github.com/sledre/sledre) which is the continuation of it.

Home Page: https://github.com/sledre/sledre

License: GNU General Public License v3.0

Dockerfile 0.08% Python 4.97% JavaScript 0.24% Vue 4.11% C# 1.79% SCSS 0.88% Shell 0.08% Makefile 0.48% C++ 87.37%

automation dataset sandbox syscall-hooking unpacker

autodetours's People

Stargazers

Watchers

Forkers

killvxk

autodetours's Issues

Add an option to get the unpacker shellcode

Test and, if possible, integrate the /shellc option oof mal_unpack.exe to get the unpacker shellcode.

Create unit tests and integration tests

Some malware detect if they have been renamed

Some malware detect if they have been renamed. So we should not rename the malware sample.exe.
Instead we should let the api provide the name when downloading and store the file as it is.

TODO:

Check that the API provide the sample name when downloading
Change the way the sample is stored by the Agent to keep the real filename

Wrong Malware State on Timeout

When one of the jobs states is "time out" while the other has a "done" state, the malware stays in a "Running state".

Remove .env.dev from git tracked files

.env.dev is a file at the root of the project and is updated by setup.py depending on the user env. It SHOULD NOT be tracked because every user will have unignored unstaged files that he should not push.

The easiest and possibly the best solution imo is to delete this file from the tracked files with

git rm --cached .env.dev

and to add it to ignored files. Then to modify the setup.py so it regenerate the file entirely if it does not exist instead of updating it.

Add a CI for the frontend

We should add a CI to check the linting of the frontend before every merge.

Infinite loop - Fix the timeout

This ticket is just a reminder about the timeout strange behavior. We should clean the logs to understand why is the timeout triggered every 2 seconds, why it does not work even if the worker is stuck for hours and we should basically rethink the whole timeout process to get a clearer view about it, and then to add timeout on each separate step instead of having an overall timeout.

Remove the about page

The about page is completely useless, so we should remove it.

Fix 1 qcow2 per worker

It should be possible to have only one qcow2 image !

https://serverfault.com/questions/889163/combine-snapshot-and-loadvm-snap-id-in-qemu-system

Data persistence when recreating containers

Data does not persist when containers are recreated.
We should update the backend entrypoint to remove the flush and add directory mount with the host for the data volumes (on backend and db).

Improve .env.dev generation in setup.py

Secrets should be generated. We can specify a python dictionnary and then convert it to a env file.

text = f"""DEBUG=True
SECRET_KEY='_ejix(@eon@nv6r8rc!^+#*pi(^a2b5c$*bdnhjkeo#fn@vv8c'
POSTGRES_ENGINE=django.db.backends.postgresql
POSTGRES_DB=postgres
POSTGRES_USER=postgres
POSTGRES_PASSWORD=postgres
POSTGRES_HOST=db
POSTGRES_PORT=5432

Review and improve containerfiles

Container files are not perfect.
Since we're using a lot of them, we should try to optimize used space of images.

Also, everything is running as root which is not necessary. Some work is needed to limit containers privileges to what is really necessary.

@0pendev Can you give it a try ?

Add check for qemu-tools in setup.py and update readme

[Important] Detours traces don't work as expected

Detours traces don't work anymore on branch unpacker. All traces seem identical.
Maybe the malware is not really run ?
The following traces illustrate the issue :

/data/results # cat ./3d/27/77/b7/48/3d2777b748e805c0463c0c6d0fef8280ad197bea1dd0a25e30ed711999_J6ePsyx.json
{"results": [
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"DisableThreadLibraryCalls","funcParams":["764f0000"],"funcOutput":"1"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"GetACP","funcParams":[""],"funcOutput":"4e4"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"RegisterClipboardFormatW","funcParams":["{FB8F0821-0164-101B-84ED-08002B2EC713}"],"funcOutput":"c048"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"GetSystemDirectoryW","funcParams":["76686420","104"],"funcOutput":"13"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ff"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["fe"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["fd"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["fc"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["fb"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["fa"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f9"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f8"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f7"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f6"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f5"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f4"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f3"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f2"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f1"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f0"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ef"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ee"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ed"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ec"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["eb"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ea"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e9"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e8"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e7"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e6"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e5"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e4"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e3"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e2"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e1"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e0"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["df"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["de"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["dd"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["dc"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["db"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["da"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d9"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d8"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d7"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d6"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d5"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d4"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d3"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d2"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d1"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d0"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["cf"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ce"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["cd"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["cc"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["cb"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ca"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c9"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c8"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c7"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c6"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c5"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c4"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c3"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c2"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c1"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c0"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["bf"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["be"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["bd"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["bc"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["bb"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ba"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b9"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b8"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b7"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b6"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b5"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b4"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b3"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b2"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b1"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b0"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["af"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ae"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ad"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ac"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ab"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.060+00","epoch":1623406612060,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["aa"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a9"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a8"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a7"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a6"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a5"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a4"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a3"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a2"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a1"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a0"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["9f"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["9e"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["9d"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["9c"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["9b"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["9a"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["99"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["98"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["97"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["96"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["95"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["94"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["93"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["92"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["91"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["90"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["8f"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["8e"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["8d"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["8c"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["8b"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["8a"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["89"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["88"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["87"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["86"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["85"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["84"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["83"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["82"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["81"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["80"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetEnvironmentVariableA","funcParams":["OANOCACHE","76686c40","100"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetEnvironmentVariableA","funcParams":["OAPERUSERTLIBREG","76686c40","100"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetCurrentProcess","funcParams":[""],"funcOutput":"ffffffff"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetEnvironmentVariableA","funcParams":["OACACHEPARAMS","76686c40","100"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"DisableThreadLibraryCalls","funcParams":["71fb0000"],"funcOutput":"1"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#DA#"],"funcOutput":"71fc114b"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#D9#"],"funcOutput":"71fcf6ca"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","SetDefaultPrinterW"],"funcOutput":"71fcbd1c"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetDefaultPrinterW"],"funcOutput":"71fcb8a5"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetPrinterDriverPackagePathW"],"funcOutput":"71fd4ee4"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","CorePrinterDriverInstalledW"],"funcOutput":"71fd4db4"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetCorePrinterDriversW"],"funcOutput":"71fd4c24"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","UploadPrinterDriverPackageW"],"funcOutput":"71fd5144"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","InstallPrinterDriverFromPackageW"],"funcOutput":"71fd4b04"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#FB#"],"funcOutput":"71fd4218"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddPrinterConnection2W"],"funcOutput":"71fd3d24"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","OpenPrinter2W"],"funcOutput":"71fcc844"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrinterKeyW"],"funcOutput":"71fbdb90"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrinterDataExW"],"funcOutput":"71fbdab0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumPrinterKeyW"],"funcOutput":"71fbd8e0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumPrinterDataExW"],"funcOutput":"71fbd748"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetPrinterDataExW"],"funcOutput":"71fbd278"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","SetPrinterDataExW"],"funcOutput":"71fbdd50"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrinterDataW"],"funcOutput":"71fbd9d8"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumPrinterDataW"],"funcOutput":"71fbd624"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","SpoolerPrinterEvent"],"funcOutput":"71fc5694"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","SetPortW"],"funcOutput":"71fc037a"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DocumentPropertySheets"],"funcOutput":"71fc73d3"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DevicePropertySheets"],"funcOutput":"71fc7165"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","IsValidDevmodeW"],"funcOutput":"71fc0d77"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","IsValidDevmodeA"],"funcOutput":"71fb8ea0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddPortExW"],"funcOutput":"71fbf98c"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrintProvidorW"],"funcOutput":"71fc40cc"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddPrintProvidorW"],"funcOutput":"71fbf612"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrintProcessorW"],"funcOutput":"71fc4014"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeleteMonitorW"],"funcOutput":"71fc3f5c"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddMonitorW"],"funcOutput":"71fc3e8c"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","StartDocDlgW"],"funcOutput":"71fc416c"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AdvancedDocumentPropertiesW"],"funcOutput":"71fbe529"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AdvancedDocumentPropertiesA"],"funcOutput":"71fba732"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DocumentPropertiesW"],"funcOutput":"71fc5c54"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeviceCapabilitiesW"],"funcOutput":"71fc5dac"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrinterIC"],"funcOutput":"71fbf4e4"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","PlayGdiScriptOnPrinterIC"],"funcOutput":"71fbf454"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","CreatePrinterIC"],"funcOutput":"71fbf33f"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","SetJobW"],"funcOutput":"71fbb310"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetJobW"],"funcOutput":"71fc1420"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumJobsW"],"funcOutput":"71fc15b8"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddPrinterW"],"funcOutput":"71fc1758"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","SetPrinterW"],"funcOutput":"71fbb56c"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetPrinterDriverW"],"funcOutput":"71fc2458"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetPrinterDriverDirectoryW"],"funcOutput":"71fc274c"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumPrintersW"],"funcOutput":"71fb6ca7"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddPrinterConnectionW"],"funcOutput":"71fd3534"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrinterConnectionW"],"funcOutput":"71fd3bb8"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddPrinterDriverExW"],"funcOutput":"71fc1af0"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddPrinterDriverExA"],"funcOutput":"71fb7b68"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumPrinterDriversW"],"funcOutput":"71fb6f8d"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrinterDriverW"],"funcOutput":"71fc292c"},
{"timestamp":"2021-06-11 17:16:52.076+00","epoch":1623406612076,"timeMs":47,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrinterDriverExW"],"funcOutput":"71fc286c"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddPrintProcessorW"],"funcOutput":"71fc29e4"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumPrintProcessorsW"],"funcOutput":"71fc2aac"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetPrintProcessorDirectoryW"],"funcOutput":"71fc2b8c"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumPrintProcessorDatatypesW"],"funcOutput":"71fbbff4"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#CF#"],"funcOutput":"71fbbdbd"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#D1#"],"funcOutput":"71fbbe84"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#D3#"],"funcOutput":"71fbbf2c"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#D4#"],"funcOutput":"71fbe29c"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","SplDriverUnloadComplete"],"funcOutput":"71fbde48"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#D5#"],"funcOutput":"71fbe078"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#D6#"],"funcOutput":"71fbe11c"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","OpenPrinterW"],"funcOutput":"71fb68f0"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","OpenPrinterA"],"funcOutput":"71fb74d6"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","ResetPrinterW"],"funcOutput":"71fc1294"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","StartDocPrinterW"],"funcOutput":"71fc2c8c"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","FlushPrinter"],"funcOutput":"71fbc540"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetPrinterDataW"],"funcOutput":"71fbd069"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","SetPrinterDataW"],"funcOutput":"71fbdc68"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddJobW"],"funcOutput":"71fc3888"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","ScheduleJob"],"funcOutput":"71fc3b70"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","WaitForPrinterChange"],"funcOutput":"71fcb2b4"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","FindNextPrinterChangeNotification"],"funcOutput":"71fcafbe"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","PrinterMessageBoxW"],"funcOutput":"71fbf60c"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","ClosePrinter"],"funcOutput":"71fccae7"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddFormW"],"funcOutput":"71fbe654"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeleteFormW"],"funcOutput":"71fbe780"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetFormW"],"funcOutput":"71fbe880"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","SetFormW"],"funcOutput":"71fbe9f0"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumFormsW"],"funcOutput":"71fbeb10"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumPortsW"],"funcOutput":"71fbec80"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumMonitorsW"],"funcOutput":"71fbedec"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddPortW"],"funcOutput":"71fc6014"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","ConfigurePortW"],"funcOutput":"71fc626c"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePortW"],"funcOutput":"71fc64cc"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetPrinterW"],"funcOutput":"71fbba00"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrinterDriverPackageW"],"funcOutput":"71fd503c"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#EA#"],"funcOutput":"71fc2485"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetSystemDirectoryW","funcParams":["ef1d0","104"],"funcOutput":"13"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"LocalAlloc","funcParams":["40","48"],"funcOutput":"2c8b90"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"LocalAlloc","funcParams":["40","48"],"funcOutput":"2c8be0"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetModuleFileNameW","funcParams":["0","2c8be4","20"],"funcOutput":"20"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"LocalFree","funcParams":["2c8b90"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"LocalFree","funcParams":["2c8be0"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"CreateEventW","funcParams":["0","1","0","<NULL>"],"funcOutput":"a4"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"DisableThreadLibraryCalls","funcParams":["727e0000"],"funcOutput":"1"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetSystemTimeAsFileTime","funcParams":["ef994"],"funcOutput":""},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetCurrentProcessId","funcParams":[""],"funcOutput":"9c8"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetCurrentThreadId","funcParams":[""],"funcOutput":"9cc"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetTickCount","funcParams":[""],"funcOutput":"785a"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"QueryPerformanceCounter","funcParams":["ef98c"],"funcOutput":"1"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetStartupInfoW","funcParams":["ef934"],"funcOutput":""},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetModuleHandleA","funcParams":["<NULL>"],"funcOutput":"800000"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"SetUnhandledExceptionFilter","funcParams":["803cef"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetEnvironmentStringsW","funcParams":[""],"funcOutput":"ALLUSERSPROFILE=C:\\ProgramData"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"LocalAlloc","funcParams":["40","28"],"funcOutput":"29e308"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"LocalFree","funcParams":["29e308"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetCurrentThreadId","funcParams":[""],"funcOutput":"9cc"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"LocalFree","funcParams":["29e368"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"LocalFree","funcParams":["2baae8"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetCurrentProcessId","funcParams":[""],"funcOutput":"9c8"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetModuleHandleW","funcParams":["KERNELBASE.DLL"],"funcOutput":"75f40000"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"GetModuleHandleW","funcParams":["KERNELBASE.DLL"],"funcOutput":"75f40000"},
{"timestamp":"2021-06-11 17:16:52.091+00","epoch":1623406612091,"timeMs":62,"thread":1,"funcName":"ExitProcess","funcParams":["0"],"funcOutput":"No output"}
/data/results # cat ./e6/78/34/d1/e8/e67834d1e8b38ec5864cfa101b140aeaba8f1900a6e269e6a94c90fcbf_vP8JRfa.json
{"results": [
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"DisableThreadLibraryCalls","funcParams":["764f0000"],"funcOutput":"1"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"GetACP","funcParams":[""],"funcOutput":"4e4"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"RegisterClipboardFormatW","funcParams":["{FB8F0821-0164-101B-84ED-08002B2EC713}"],"funcOutput":"c048"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"GetSystemDirectoryW","funcParams":["76686420","104"],"funcOutput":"13"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ff"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["fe"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["fd"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["fc"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["fb"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["fa"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f9"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f8"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f7"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f6"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f5"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f4"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f3"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f2"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f1"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["f0"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ef"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ee"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ed"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ec"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["eb"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ea"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e9"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e8"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e7"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e6"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e5"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e4"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e3"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e2"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e1"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["e0"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["df"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["de"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["dd"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["dc"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["db"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["da"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d9"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d8"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d7"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d6"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d5"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d4"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d3"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d2"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d1"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["d0"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["cf"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ce"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["cd"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["cc"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["cb"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ca"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c9"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c8"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c7"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c6"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c5"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c4"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c3"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c2"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c1"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["c0"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["bf"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["be"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["bd"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["bc"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.139+00","epoch":1623406699139,"timeMs":15,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["bb"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ba"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b9"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b8"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b7"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b6"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b5"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b4"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b3"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b2"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b1"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["b0"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["af"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ae"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ad"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ac"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["ab"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["aa"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a9"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a8"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a7"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a6"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a5"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a4"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a3"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a2"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a1"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["a0"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["9f"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["9e"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["9d"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["9c"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["9b"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["9a"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["99"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["98"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["97"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["96"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["95"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["94"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["93"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["92"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["91"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["90"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["8f"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["8e"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["8d"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["8c"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["8b"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["8a"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["89"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["88"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["87"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["86"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["85"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["84"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["83"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["82"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["81"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"IsDBCSLeadByte","funcParams":["80"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetEnvironmentVariableA","funcParams":["OANOCACHE","76686c40","100"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetEnvironmentVariableA","funcParams":["OAPERUSERTLIBREG","76686c40","100"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetCurrentProcess","funcParams":[""],"funcOutput":"ffffffff"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetEnvironmentVariableA","funcParams":["OACACHEPARAMS","76686c40","100"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"DisableThreadLibraryCalls","funcParams":["71fb0000"],"funcOutput":"1"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#DA#"],"funcOutput":"71fc114b"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#D9#"],"funcOutput":"71fcf6ca"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","SetDefaultPrinterW"],"funcOutput":"71fcbd1c"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetDefaultPrinterW"],"funcOutput":"71fcb8a5"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetPrinterDriverPackagePathW"],"funcOutput":"71fd4ee4"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","CorePrinterDriverInstalledW"],"funcOutput":"71fd4db4"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetCorePrinterDriversW"],"funcOutput":"71fd4c24"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","UploadPrinterDriverPackageW"],"funcOutput":"71fd5144"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","InstallPrinterDriverFromPackageW"],"funcOutput":"71fd4b04"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#FB#"],"funcOutput":"71fd4218"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddPrinterConnection2W"],"funcOutput":"71fd3d24"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","OpenPrinter2W"],"funcOutput":"71fcc844"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrinterKeyW"],"funcOutput":"71fbdb90"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrinterDataExW"],"funcOutput":"71fbdab0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumPrinterKeyW"],"funcOutput":"71fbd8e0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumPrinterDataExW"],"funcOutput":"71fbd748"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetPrinterDataExW"],"funcOutput":"71fbd278"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","SetPrinterDataExW"],"funcOutput":"71fbdd50"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrinterDataW"],"funcOutput":"71fbd9d8"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumPrinterDataW"],"funcOutput":"71fbd624"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","SpoolerPrinterEvent"],"funcOutput":"71fc5694"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","SetPortW"],"funcOutput":"71fc037a"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DocumentPropertySheets"],"funcOutput":"71fc73d3"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DevicePropertySheets"],"funcOutput":"71fc7165"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","IsValidDevmodeW"],"funcOutput":"71fc0d77"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","IsValidDevmodeA"],"funcOutput":"71fb8ea0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddPortExW"],"funcOutput":"71fbf98c"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrintProvidorW"],"funcOutput":"71fc40cc"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddPrintProvidorW"],"funcOutput":"71fbf612"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrintProcessorW"],"funcOutput":"71fc4014"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeleteMonitorW"],"funcOutput":"71fc3f5c"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddMonitorW"],"funcOutput":"71fc3e8c"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","StartDocDlgW"],"funcOutput":"71fc416c"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AdvancedDocumentPropertiesW"],"funcOutput":"71fbe529"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AdvancedDocumentPropertiesA"],"funcOutput":"71fba732"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DocumentPropertiesW"],"funcOutput":"71fc5c54"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeviceCapabilitiesW"],"funcOutput":"71fc5dac"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrinterIC"],"funcOutput":"71fbf4e4"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","PlayGdiScriptOnPrinterIC"],"funcOutput":"71fbf454"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","CreatePrinterIC"],"funcOutput":"71fbf33f"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","SetJobW"],"funcOutput":"71fbb310"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetJobW"],"funcOutput":"71fc1420"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumJobsW"],"funcOutput":"71fc15b8"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddPrinterW"],"funcOutput":"71fc1758"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","SetPrinterW"],"funcOutput":"71fbb56c"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetPrinterDriverW"],"funcOutput":"71fc2458"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetPrinterDriverDirectoryW"],"funcOutput":"71fc274c"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumPrintersW"],"funcOutput":"71fb6ca7"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddPrinterConnectionW"],"funcOutput":"71fd3534"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrinterConnectionW"],"funcOutput":"71fd3bb8"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddPrinterDriverExW"],"funcOutput":"71fc1af0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddPrinterDriverExA"],"funcOutput":"71fb7b68"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumPrinterDriversW"],"funcOutput":"71fb6f8d"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrinterDriverW"],"funcOutput":"71fc292c"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrinterDriverExW"],"funcOutput":"71fc286c"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddPrintProcessorW"],"funcOutput":"71fc29e4"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumPrintProcessorsW"],"funcOutput":"71fc2aac"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetPrintProcessorDirectoryW"],"funcOutput":"71fc2b8c"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumPrintProcessorDatatypesW"],"funcOutput":"71fbbff4"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#CF#"],"funcOutput":"71fbbdbd"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#D1#"],"funcOutput":"71fbbe84"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#D3#"],"funcOutput":"71fbbf2c"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#D4#"],"funcOutput":"71fbe29c"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","SplDriverUnloadComplete"],"funcOutput":"71fbde48"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#D5#"],"funcOutput":"71fbe078"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#D6#"],"funcOutput":"71fbe11c"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","OpenPrinterW"],"funcOutput":"71fb68f0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","OpenPrinterA"],"funcOutput":"71fb74d6"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","ResetPrinterW"],"funcOutput":"71fc1294"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","StartDocPrinterW"],"funcOutput":"71fc2c8c"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","FlushPrinter"],"funcOutput":"71fbc540"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetPrinterDataW"],"funcOutput":"71fbd069"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","SetPrinterDataW"],"funcOutput":"71fbdc68"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddJobW"],"funcOutput":"71fc3888"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","ScheduleJob"],"funcOutput":"71fc3b70"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","WaitForPrinterChange"],"funcOutput":"71fcb2b4"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","FindNextPrinterChangeNotification"],"funcOutput":"71fcafbe"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","PrinterMessageBoxW"],"funcOutput":"71fbf60c"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","ClosePrinter"],"funcOutput":"71fccae7"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddFormW"],"funcOutput":"71fbe654"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeleteFormW"],"funcOutput":"71fbe780"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetFormW"],"funcOutput":"71fbe880"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","SetFormW"],"funcOutput":"71fbe9f0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumFormsW"],"funcOutput":"71fbeb10"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumPortsW"],"funcOutput":"71fbec80"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","EnumMonitorsW"],"funcOutput":"71fbedec"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","AddPortW"],"funcOutput":"71fc6014"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","ConfigurePortW"],"funcOutput":"71fc626c"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePortW"],"funcOutput":"71fc64cc"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","GetPrinterW"],"funcOutput":"71fbba00"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","DeletePrinterDriverPackageW"],"funcOutput":"71fd503c"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetProcAddress","funcParams":["71fb0000","#EA#"],"funcOutput":"71fc2485"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetSystemDirectoryW","funcParams":["1cf400","104"],"funcOutput":"13"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"LocalAlloc","funcParams":["40","48"],"funcOutput":"268b90"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"LocalAlloc","funcParams":["40","48"],"funcOutput":"268be0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetModuleFileNameW","funcParams":["0","268be4","20"],"funcOutput":"20"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"LocalFree","funcParams":["268b90"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"LocalFree","funcParams":["268be0"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"CreateEventW","funcParams":["0","1","0","<NULL>"],"funcOutput":"a4"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"DisableThreadLibraryCalls","funcParams":["727e0000"],"funcOutput":"1"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetSystemTimeAsFileTime","funcParams":["1cfbc4"],"funcOutput":""},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetCurrentProcessId","funcParams":[""],"funcOutput":"ae4"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetCurrentThreadId","funcParams":[""],"funcOutput":"ae8"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetTickCount","funcParams":[""],"funcOutput":"1cc72"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"QueryPerformanceCounter","funcParams":["1cfbbc"],"funcOutput":"1"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetStartupInfoW","funcParams":["1cfb64"],"funcOutput":""},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetModuleHandleA","funcParams":["<NULL>"],"funcOutput":"c20000"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"SetUnhandledExceptionFilter","funcParams":["c23cef"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetEnvironmentStringsW","funcParams":[""],"funcOutput":"ALLUSERSPROFILE=C:\\ProgramData"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"LocalAlloc","funcParams":["40","28"],"funcOutput":"23e308"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"LocalFree","funcParams":["23e308"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetCurrentThreadId","funcParams":[""],"funcOutput":"ae8"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"LocalFree","funcParams":["23e368"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"LocalFree","funcParams":["25aae8"],"funcOutput":"0"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetCurrentProcessId","funcParams":[""],"funcOutput":"ae4"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetModuleHandleW","funcParams":["KERNELBASE.DLL"],"funcOutput":"75f40000"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"GetModuleHandleW","funcParams":["KERNELBASE.DLL"],"funcOutput":"75f40000"},
{"timestamp":"2021-06-11 17:18:19.155+00","epoch":1623406699155,"timeMs":31,"thread":1,"funcName":"ExitProcess","funcParams":["0"],"funcOutput":"No output"}
]}/data/results #

Bypass django filefield path limiations

Django FileField class seems to have a max_length set to 100 for the filepath.
Files named after malware's sha256 easily get truncated.

In consequence, files available in dataset cannot be named after the job type they come from.

Remove useless malware family

Family field in malware is not interesting. It never matches anything and its not a reliable information.
It will be easier to just remove it...

Unable to stop autodetour with "docker-compose" down

When stopping autodetours with "docker-compose down", it throws an error as it does not deletes the workers started by celeri.

Add caller address in Detours traces

Getting the caller address could be interesting because from where in the sample the call has been made.
This could be useful if we want to integrate the traces into Ghidra.

Make it possible to do both unpacking and analyse on the same malware without submitting 2 different jobs

We should be able to get both the analyse and the unpack results without having to wait for one and then submit the other one

Auto refreshing of frontend components

Auto refresh malware table
Auto refresh the dashboard
Remove the malware from the table when clicking on delete button

Change frontend component "TimelineChar" for load analysis

The chart is not adapted since it doesn't get back to 0. An easier way would be to use a bar chart (histogram) which will be more representative of the real data.

Rename job "unpack" and add format validation for each job

"unpack" should be named PESieve since there could be multiples tools able to unpack.

For now, when a job is submitted, the API doesn't check if the sample format (exe/dll) is compatible with the job.
For example PESieve is not able to unpack DLL for the moment.

We should had a validator.

Rename "unpack"
Add job format validator

Fix the useless paramiko warning

Find a way to remove the paramiko warning triggered during the setup script

[*] Starting the installation...
[*] Removing previous images (win7-xx.qcow2)...
rm: cannot remove '/home/ewael/AutoDetours/workers/win7*': No such file or directory
[*] Creating workers directory...
[*] Downloading https://az792536.vo.msecnd.net/vms/VMBuild_20150916/VirtualBox/IE9/IE9.Win7.VirtualBox.zip
100% [....................................................................] 4801220932 / 4801220932[*] Extracting zipfile...
[*] Extracting tarfile...
[*] Converting vmdk disk to qcow2 image...
[*] Removing temporary files...
[*] Copying the base.qcow2 image to win7-0.qcow2...
[*] Building qemu docker image...
[*] Running qemu container...
[*] Trying to connect to Windows OpenSSH server...
[-] Exception: Error reading SSH protocol banner
[-] Traceback (most recent call last):
[-]   File "/home/ewael/.local/lib/python3.9/site-packages/paramiko/transport.py", line 2211, in _check_banner
[-]     buf = self.packetizer.readline(timeout)
[-]   File "/home/ewael/.local/lib/python3.9/site-packages/paramiko/packet.py", line 380, in readline
[-]     buf += self._read_timeout(timeout)
[-]   File "/home/ewael/.local/lib/python3.9/site-packages/paramiko/packet.py", line 622, in _read_timeout
[-]     raise socket.timeout()
[-] socket.timeout
[-] 
[-] During handling of the above exception, another exception occurred:
[-] 
[-] Traceback (most recent call last):
[-]   File "/home/ewael/.local/lib/python3.9/site-packages/paramiko/transport.py", line 2039, in run
[-]     self._check_banner()
[-]   File "/home/ewael/.local/lib/python3.9/site-packages/paramiko/transport.py", line 2215, in _check_banner
[-]     raise SSHException(
[-] paramiko.ssh_exception.SSHException: Error reading SSH protocol banner
[-] 
[*] Connected (version 2.0, client OpenSSH_6.7)
[*] Authentication (password) successful!
[*] Successfully connected!
[*] Copying files into the Windows VM...
[*] Disabling Windows service: wuauserv
[*] Stopping Windows service: wuauserv
[*] Disabling Windows service: windefend
[*] Stopping Windows service: windefend
[*] Creating AutoDetours service...
[*] Installing AutoDetours dependencies...
[*] Waiting for Windows reboot...
[*] Windows VM just rebooted!
[*] Trying to connect to Windows OpenSSH server...
[*] Connected (version 2.0, client OpenSSH_6.7)
[*] Authentication (password) successful!
[*] Successfully connected!
[*] Checking if AutoDetours service is running...
[*] Making a qemu snaphsot through QMP...
[*] Starting the snaphot...
[*] Snapshot is done!
[*] Quitting...
[*] Updating .env.dev configuration file...
[*] Done!


[*] You can now start the project using: docker-compose up -d

There might be some informations here: https://stackoverflow.com/questions/8144545/turning-off-logging-in-paramiko

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.