Skip to content

Instantly share code, notes, and snippets.

@joshfinley

joshfinley/inject-profile-2.txt

Created April 10, 2025 17:06
Show Gist options
  • Save joshfinley/fecc3c2f4eaef9a3452d538218f86907 to your computer and use it in GitHub Desktop.
Save joshfinley/fecc3c2f4eaef9a3452d538218f86907 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
inject-profile-2.txt
'=== NtReadVirtualMemory Called ==='
Debug session time: Thu Apr 10 10:06:12.945 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:56.971
Process Uptime: 0 days 0:07:16.466
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtReadVirtualMemory Called ==='
Debug session time: Thu Apr 10 10:06:12.949 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:56.975
Process Uptime: 0 days 0:07:16.470
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtReadVirtualMemory Called ==='
Debug session time: Thu Apr 10 10:06:12.951 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:56.977
Process Uptime: 0 days 0:07:16.472
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtOpenProcess Called ==='
Debug session time: Thu Apr 10 10:06:12.955 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:56.981
Process Uptime: 0 days 0:07:16.475
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtOpenProcess Called ==='
Debug session time: Thu Apr 10 10:06:12.957 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:56.983
Process Uptime: 0 days 0:07:16.478
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtCreateThreadEx Called ==='
Debug session time: Thu Apr 10 10:06:12.959 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:56.985
Process Uptime: 0 days 0:07:16.480
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtWriteVirtualMemory Called ==='
Debug session time: Thu Apr 10 10:06:12.965 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:56.991
Process Uptime: 0 days 0:07:16.486
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtQueueApcThread Called ==='
Debug session time: Thu Apr 10 10:06:12.967 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:56.993
Process Uptime: 0 days 0:07:16.488
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtResumeThread Called ==='
Debug session time: Thu Apr 10 10:06:12.970 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:56.996
Process Uptime: 0 days 0:07:16.491
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtCreateThreadEx Called ==='
Debug session time: Thu Apr 10 10:06:12.973 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:56.999
Process Uptime: 0 days 0:07:16.494
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtResumeThread Called ==='
Debug session time: Thu Apr 10 10:06:12.979 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.005
Process Uptime: 0 days 0:07:16.500
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtTerminateThread Called ==='
Debug session time: Thu Apr 10 10:06:12.992 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.018
Process Uptime: 0 days 0:07:16.513
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtCreateThreadEx Called ==='
Debug session time: Thu Apr 10 10:06:12.995 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.021
Process Uptime: 0 days 0:07:16.516
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtQueueApcThread Called ==='
Debug session time: Thu Apr 10 10:06:13.008 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.034
Process Uptime: 0 days 0:07:16.529
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtResumeThread Called ==='
Debug session time: Thu Apr 10 10:06:13.010 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.036
Process Uptime: 0 days 0:07:16.531
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtCreateThreadEx Called ==='
Debug session time: Thu Apr 10 10:06:13.012 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.038
Process Uptime: 0 days 0:07:16.533
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtQueueApcThread Called ==='
Debug session time: Thu Apr 10 10:06:13.024 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.050
Process Uptime: 0 days 0:07:16.545
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtResumeThread Called ==='
Debug session time: Thu Apr 10 10:06:13.026 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.052
Process Uptime: 0 days 0:07:16.547
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtCreateThreadEx Called ==='
Debug session time: Thu Apr 10 10:06:13.028 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.054
Process Uptime: 0 days 0:07:16.549
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtQueueApcThread Called ==='
Debug session time: Thu Apr 10 10:06:13.039 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.065
Process Uptime: 0 days 0:07:16.560
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtResumeThread Called ==='
Debug session time: Thu Apr 10 10:06:13.041 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.067
Process Uptime: 0 days 0:07:16.562
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtCreateThreadEx Called ==='
Debug session time: Thu Apr 10 10:06:13.043 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.069
Process Uptime: 0 days 0:07:16.564
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtQueueApcThread Called ==='
Debug session time: Thu Apr 10 10:06:13.049 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.075
Process Uptime: 0 days 0:07:16.570
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtResumeThread Called ==='
Debug session time: Thu Apr 10 10:06:13.055 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.081
Process Uptime: 0 days 0:07:16.576
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtCreateThreadEx Called ==='
Debug session time: Thu Apr 10 10:06:13.057 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.083
Process Uptime: 0 days 0:07:16.578
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtQueueApcThread Called ==='
Debug session time: Thu Apr 10 10:06:13.062 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.088
Process Uptime: 0 days 0:07:16.583
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtResumeThread Called ==='
Debug session time: Thu Apr 10 10:06:13.066 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.092
Process Uptime: 0 days 0:07:16.587
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtProtectVirtualMemory Called ==='
Debug session time: Thu Apr 10 10:06:13.068 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.094
Process Uptime: 0 days 0:07:16.589
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtTerminateThread Called ==='
Debug session time: Thu Apr 10 10:06:13.073 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.099
Process Uptime: 0 days 0:07:16.594
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
'=== NtTerminateThread Called ==='
Debug session time: Thu Apr 10 10:06:13.076 2025 (UTC - 7:00)
System Uptime: 1 days 8:32:57.102
Process Uptime: 0 days 0:07:16.597
Kernel time: 0 days 0:00:00.093
User time: 0 days 0:00:00.046
'RCX: ' + @rcx
'RDX: ' + @rdx
'R8: ' + @r8
'R9: ' + @r9
'Stack[0]: ' + poi(@rsp+0x28)
'Stack[1]: ' + poi(@rsp+0x30)
'Stack[2]: ' + poi(@rsp+0x38)
'Stack[3]: ' + poi(@rsp+0x40)
''
(576c.6324): Break instruction exception - code 80000003 (first chance)
ntdll!DbgBreakPoint:
00007ffb`0b1fdd10 cc int 3
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment