If you're running malware in IDA and get a error such as
8A1EE: The instruction at 0x8A1EE referenced memory at 0x0. The memory could not be written -> 0000000000000000 (exc.code c0000006, tid 2268)
Per the OALabs youtube video
https://www.youtube.com/watch?v=ScBB-Hi7NxQ
This might be caused by the Debugger holding a handle to malware sample and the malware itself wanting its own exclusive handle to the file.
Thus the malware errors out because it cannot collect an exclusive handle to the malware sample since the debugger already has a handle.
To remediate, one potential fix is to try ...
- Set a breakpoint in IDA on startup
- In the debugger "Modules" window, find "ntdll.dll" and the "NtCreateFile" function, set a breakpoint
- Continue the debugger, it will eventually hit NtCreateFile
- Then "Continue until Return" multiple times until you return to the malware code
- In my case it was a call to "kernel32.dll" "CreateFileA" that triggered this call
- If you look at the parameters to "CreateFileA", the 3rd parameter was set to 0 which means an exclusive handle
- If you look in the return result of CreateFileA it returned FFFFFFFF which means an "invalid file handle" which is what's causing the error
- So, add a breakpoint to this CreateFileA call
- Kill the debugging process
- Re-launch the program until it hits your new breakpoint
- Change that 3rd parameter from 0x0 to 0x7 to give yourself full access
- Now allow it to run, and notice the return value is no longer FFFFFFFF , it's a valid file handle now, and thus you've gotten past that error caused by the exclusive handle!
Thank you Dr.Ogudugu for the great work you did for me when my lover broke my heart. Dr.Ogudugu was able to bring my lover that left for about 2 months back to me within 48 hours of me contact Dr.Ogudugu. Contact Dr.Ogudugu on greatogudugu@gmail.com or better still you can give Dr.Ogudugu a call onWhatsApp +27663492930 for a better understanding for what i just said about him..
ReplyDeleteThis is a testimony that I will tell everyone to hear. i have been married four 4 years and on the fifth year of my marriage, another woman had a spell to take my lover away from me and my husband left me and the kids and we have suffered for 2 years until i meant a post where this man Dr, kuta have helped someone and i decided to give him a try to help me bring my love Husband home and believe me i just send my picture to him and that of my husband and after 48 hours as he have told me, i saw a car drove into the house and behold it was my husband and he have come to me and the kids and that is why i am happy to make every one of you in similar to met with this man and have your lover back to your self His email: drkutaherbalcenter@gmail.com you can also contact him or whatspp him on this +2347054547814 thank so much
ReplyDeleteAll thanks to the great Priest Dr bow for helping me restore back my marriage when i taught all hope was lost.,this Priest helped me, and my relationship is now perfect. Contact for any spiritual work (@Drbowsolutionhome1) Your partner will definitely love you email him Drbowsolutionhome@gmail.com or whatapp him +2348121786772
ReplyDeleteHow I Got My Ex Husband Back..Am so excited to share my testimony of a real spell caster who brought my husband back to me. My husband and I have been married for about 6 years now. We were happily married with two kids, a boy and a girl. 3 months ago, I started to notice some strange behavior from him and a few weeks later I found out that my husband is seeing someone else. He started coming home late from work, he hardly care about me or the kids anymore, Sometimes he goes out and doesn't even come back home for about 2-3 days. I did all I could to rectify this problem but all to no avail. I became very worried and needed help. As I was browsing through the internet one day, I came across a website that suggested that Dr Aluya can help solve marital problems, restore broken relationships and so on. So, I felt I should give him a try. I contacted him and and told him my problems and he told me what to do and i did it and he did a spell for me. 48 hours later, my husband came to me and apologized for the wrongs he did and promise never to do it again. Ever since then, everything has returned back to normal. I and my family are living together happily again.. All thanks to Dr Aluya Powerful Love Spell that really works. If you have any problem contact him and i guarantee you that he will help you. He will not disappoint you. Email him at: aluya.48hoursspelltemple@gmail.com. or whatsapp him on: +2348110493039
ReplyDeleteSPELLS THAT WORKS I am sharing this testimony to partners suffering in their relationships LOVE because there is an enduring solution.
ReplyDeleteMy husband left me and our 2 kids for another woman for 3 years. I tried to be strong just for my kids but I could not control the pains that torment my heart. I was hurt and confused. I needed a help, so i did a research on the internet and came across a site where I saw that Dr. Aluya a spell caster, can help get lovers back. I contacted him and he did a special prayer and spells for me. To my surprises, after some days, my husband came back home. That was how we reunited again and there was a lot of love, joy and peace in the family.
You can as well contact Dr. Aluya , a powerful spell-caster for solutions on his contact aluya.48hoursspelltemple@gmail.com or directly on Whats App: +2348110493039