dll-004-6-falconshelper-result.html dump auto analyze result

Crash in falconshelper, Analyzed 6 dumps, total processed 210, rate equals 2.86%

Top 1: Version = 2.7224.1000.625, Total count = 6

dump count = 1

ChildEBP RetAddr  
08a1f050 76365f09 kernel32!SortCompareString+0x22
08a1f16c 7638cfa0 KERNELBASE!CompareStringW+0x239
08a1f18c 73414a9d KERNELBASE!StrCmpNW+0x20
08a1f268 73415357 iertutil!GetUriInfo+0x36d
08a1f37c 73416599 iertutil!CUri::Init+0x457
08a1f460 7341594e iertutil!CreateUriPriv+0xc39
08a1f488 7353c92b iertutil!CreateUri+0x1e
08a1f4fc 73531775 urlmon!CreateURLMonikerExInternal+0x9b
08a1f540 735d353e urlmon!CBaseBSCB::KickOffDownload+0x45
08a1f778 798edcc5 urlmon!URLDownloadToCacheFileW+0x8e
08a1fbd4 798eba49 FalconsHelper!CStatisticImpl::InternalDownloadFile+0xa5
08a1fc30 79936f97 FalconsHelper!CStatisticImpl::DownloadThreadProc+0x139
08a1fc68 76cefcc9 FalconsHelper!thread_start<unsigned int (__stdcall*)(void *)>+0x58
08a1fc78 77327c6e kernel32!BaseThreadInitThunk+0x19
08a1fcd4 77327c3e ntdll!__RtlUserThreadStart+0x2f
08a1fce4 00000000 ntdll!_RtlUserThreadStart+0x1b

f6646a11faae2d57031d908e6b6c9a5c_000.dmp

dump count = 1

ChildEBP RetAddr  
0761f94c 051fa33c FalconsHelper!LogUtils::LogAppender::write+0x2a0
0761f9ac 051fad73 BroBasic!<lambda_322e00ec94ab47bb0f62c7a487c67275>::operator()+0x1bc
0761fa00 052da623 BroBasic!LdsThread::ThreadProc+0x123
0761fa3c 76b8343d BroBasic!thread_start<unsigned int (__stdcall*)(void *)>+0x57
0761fa48 77879812 kernel32!BaseThreadInitThunk+0xe
0761fa88 778797e5 ntdll!__RtlUserThreadStart+0x70
0761faa0 00000000 ntdll!_RtlUserThreadStart+0x1b

cd3facac96d7209180bd05079d78f38e_000.dmp

dump count = 1

ChildEBP RetAddr  
0016f608 7718e163 ntdll!RtlpLowFragHeapFree+0xc5
0016f620 752a14bd ntdll!RtlFreeHeap+0x105
0016f634 04606c3f kernel32!HeapFree+0x14
0016f648 045f5084 FalconsHelper!_free_base+0x1c
0016f658 045f05ca FalconsHelper!free+0x18
0016f664 771afb85 FalconsHelper!__vcrt_freefls+0x17
0016f684 74884008 ntdll!RtlFlsFree+0xa0
0016f690 045f1672 KERNELBASE!FlsFree+0xe
0016f6a0 045f071f FalconsHelper!__vcrt_FlsFree+0x30
0016f6a8 045efc87 FalconsHelper!__vcrt_uninitialize_ptd+0x10
0016f6ac 045a544e FalconsHelper!__vcrt_uninitialize_critical+0x5
0016f6b0 045a5424 FalconsHelper!dllmain_crt_process_detach+0x80
0016f6e4 045a52bf FalconsHelper!dllmain_crt_process_detach+0x56
0016f6f0 045a550f FalconsHelper!dllmain_crt_dispatch+0x4e
0016f730 045a55ad FalconsHelper!dllmain_dispatch+0xaf
0016f744 771991c4 FalconsHelper!_DllMainCRTStartup+0x1c
0016f764 771af567 ntdll!LdrpCallInitRoutine+0x14
0016f808 771af409 ntdll!LdrShutdownProcess+0x1aa
0016f81c 752a7a7c ntdll!RtlExitUserProcess+0x74
0016f830 001b275a kernel32!ExitProcessStub+0x12
0016f83c 001b26ef srvhost!exit_or_terminate_process+0x40
0016f874 001b2895 srvhost!common_exit+0xee
0016f888 001a7e90 srvhost!exit+0x11
0016f8c8 752a347d srvhost!__scrt_common_main_seh+0x179
0016f8d4 77199762 kernel32!BaseThreadInitThunk+0xe
0016f914 77199735 ntdll!__RtlUserThreadStart+0x70
0016f92c 00000000 ntdll!_RtlUserThreadStart+0x1b

235daf014cae84129a604292d5f2aebe_001.dmp

dump count = 1

0773fd24 7540343d FalconsHelper!thread_start<unsigned int (__stdcall*)(void *)>+0x58
0773fd30 77859802 kernel32!BaseThreadInitThunk+0xe
0773fd70 778597d5 ntdll!__RtlUserThreadStart+0x70
0773fd88 00000000 ntdll!_RtlUserThreadStart+0x1b

e7061c3ce8220c43a93192e694121f55_000.dmp

dump count = 1

ChildEBP RetAddr  
06aaf18c 0f29ee2b FalconsHelper!DynamicCall::GetDllImports+0x1f4c
06aaf1e4 0f29ed7c FalconsHelper!_BaseModule::CCriticalSection::Unlock+0x3b
06aaf20c 0f29ec7c FalconsHelper!CStatisticImpl::SendStatUrl+0x8c
06aaf280 0f29869d FalconsHelper!CStatisticImpl::SendStat+0x78c
06aaf2cc 0f261cea FalconsHelper!CDataStatistic::SendStat+0x2d
06aaf33c 0f2858ee FalconsHelper!SendStatHelper::SendStat+0x1aa
06aaf618 0f2886c7 FalconsHelper!FalconsMain::OnRecvBrowserEvent+0x140e
06aaf638 7500630a FalconsHelper!FalconsMain::WndPro+0xf7
06aaf664 75006d4a user32!InternalCallWinProc+0x23
06aaf6dc 750077d7 user32!UserCallWinProcCheckWow+0x109
06aaf73c 7500789a user32!DispatchMessageWorker+0x3b5
06aaf74c 0f28797c user32!DispatchMessageW+0xf
06aaf958 0f2885bf FalconsHelper!FalconsMain::Run+0x31c
06aaf960 0f2e6f97 FalconsHelper!FalconsMain::ThreadProc+0xf
06aaf998 75a4343d FalconsHelper!thread_start<unsigned int (__stdcall*)(void *)>+0x58
06aaf9a4 77469812 kernel32!BaseThreadInitThunk+0xe
06aaf9e4 774697e5 ntdll!__RtlUserThreadStart+0x70
06aaf9fc 00000000 ntdll!_RtlUserThreadStart+0x1b

247257087fae5343fac6d0b0635a6b99_000.dmp

dump count = 1

ChildEBP RetAddr  
0512efb0 77952880 ntdll!RtlpLowFragHeapFree+0x31
0512efc8 7711c5d4 ntdll!RtlFreeHeap+0x105
0512efdc 0ff76c3f kernel32!HeapFree+0x14
0512eff0 0ff65084 FalconsHelper!_free_base+0x1c
0512f000 0ff14d12 FalconsHelper!free+0x18
0512f00c 0fee518b FalconsHelper!operator delete+0xb
0512f01c 0feec9df FalconsHelper!std::_Tgt_state_t<char const *>::~_Tgt_state_t<char const *>+0x7b
0512f0a8 0feeca5f FalconsHelper!std::_Matcher<char const *,char,std::regex_traits<char>,char const *>::_Do_rep0+0x45f
0512f110 0feeded6 FalconsHelper!std::_Matcher<char const *,char,std::regex_traits<char>,char const *>::_Do_rep+0x3f
0512f15c 0feec23e FalconsHelper!std::_Matcher<char const *,char,std::regex_traits<char>,char const *>::_Match_pat+0x316
0512f1e0 0feedea7 FalconsHelper!std::_Matcher<char const *,char,std::regex_traits<char>,char const *>::_Do_if+0x1ae
0512f224 0fee2d29 FalconsHelper!std::_Matcher<char const *,char,std::regex_traits<char>,char const *>::_Match_pat+0x2e7
0512f240 0fee2f80 FalconsHelper!std::_Matcher<char const *,char,std::regex_traits<char>,char const *>::_Match<std::allocator<std::sub_match<char const *> > >+0x79
0512f2f0 0fee815b FalconsHelper!std::_Regex_match1<char const *,std::allocator<std::sub_match<char const *> >,char,std::regex_traits<char>,char const *>+0x110
0512f420 0ff05000 FalconsHelper!AvoidMgr::IsAvoidWebUrl+0x1db
0512f6f4 0ff086c7 FalconsHelper!FalconsMain::OnRecvBrowserEvent+0xb20
0512f714 7738c4e7 FalconsHelper!FalconsMain::WndPro+0xf7
0512f740 7738c5e7 user32!InternalCallWinProc+0x23
0512f7b8 7738cc19 user32!UserCallWinProcCheckWow+0x14b
0512f818 7738cc70 user32!DispatchMessageWorker+0x35e
0512f828 0ff0797c user32!DispatchMessageW+0xf
0512fa34 0ff085bf FalconsHelper!FalconsMain::Run+0x31c
0512fa3c 0ff66f97 FalconsHelper!FalconsMain::ThreadProc+0xf
0512fa74 7711ef6c FalconsHelper!thread_start<unsigned int (__stdcall*)(void *)>+0x58
0512fa80 77963618 kernel32!BaseThreadInitThunk+0xe
0512fac0 779635eb ntdll!__RtlUserThreadStart+0x70
0512fad8 00000000 ntdll!_RtlUserThreadStart+0x1b

400a501d53f217202bcaa348c58717e6_000.dmp