You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Got this backtrace on a file pulled from memory during an investigation. Let me know if you need/want anymore information:
Traceback (most recent call last):
File "/usr/local/bin/evtx_dump.py", line 4, in <module>
__import__('pkg_resources').run_script('python-evtx==0.6.1', 'evtx_dump.py')
File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 739, in run_script
self.require(requires)[0].run_script(script_name, ns)
File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 1501, in run_script
exec(script_code, namespace, namespace)
File "/usr/local/lib/python2.7/dist-packages/python_evtx-0.6.1-py2.7.egg/EGG-INFO/scripts/evtx_dump.py", line 42, in <module>
File "/usr/local/lib/python2.7/dist-packages/python_evtx-0.6.1-py2.7.egg/EGG-INFO/scripts/evtx_dump.py", line 37, in main
File "build/bdist.linux-x86_64/egg/Evtx/Evtx.py", line 498, in xml
File "build/bdist.linux-x86_64/egg/Evtx/Views.py", line 204, in evtx_record_xml_view
File "build/bdist.linux-x86_64/egg/Evtx/Views.py", line 191, in render_root_node
File "build/bdist.linux-x86_64/egg/Evtx/Views.py", line 176, in render_root_node_with_subs
File "build/bdist.linux-x86_64/egg/Evtx/Views.py", line 126, in rec
File "build/bdist.linux-x86_64/egg/Evtx/Views.py", line 166, in rec
File "build/bdist.linux-x86_64/egg/Evtx/Views.py", line 182, in render_root_node
File "build/bdist.linux-x86_64/egg/Evtx/BinaryParser.py", line 64, in __call__
File "build/bdist.linux-x86_64/egg/Evtx/Nodes.py", line 1001, in substitutions
File "build/bdist.linux-x86_64/egg/Evtx/Nodes.py", line 962, in tag_and_children_length
File "build/bdist.linux-x86_64/egg/Evtx/BinaryParser.py", line 64, in __call__
File "build/bdist.linux-x86_64/egg/Evtx/Nodes.py", line 952, in children
File "build/bdist.linux-x86_64/egg/Evtx/Nodes.py", line 162, in _children
File "build/bdist.linux-x86_64/egg/Evtx/BinaryParser.py", line 64, in __call__
File "build/bdist.linux-x86_64/egg/Evtx/Nodes.py", line 808, in find_end_of_stream
File "build/bdist.linux-x86_64/egg/Evtx/BinaryParser.py", line 64, in __call__
File "build/bdist.linux-x86_64/egg/Evtx/Nodes.py", line 183, in find_end_of_stream
File "build/bdist.linux-x86_64/egg/Evtx/BinaryParser.py", line 64, in __call__
File "build/bdist.linux-x86_64/egg/Evtx/Nodes.py", line 168, in children
File "build/bdist.linux-x86_64/egg/Evtx/Nodes.py", line 159, in _children
File "build/bdist.linux-x86_64/egg/Evtx/BinaryParser.py", line 64, in __call__
File "build/bdist.linux-x86_64/egg/Evtx/Nodes.py", line 177, in length
File "build/bdist.linux-x86_64/egg/Evtx/BinaryParser.py", line 64, in __call__
File "build/bdist.linux-x86_64/egg/Evtx/Nodes.py", line 334, in children
File "build/bdist.linux-x86_64/egg/Evtx/Nodes.py", line 159, in _children
File "build/bdist.linux-x86_64/egg/Evtx/BinaryParser.py", line 64, in __call__
File "build/bdist.linux-x86_64/egg/Evtx/Nodes.py", line 177, in length
File "build/bdist.linux-x86_64/egg/Evtx/BinaryParser.py", line 64, in __call__
File "build/bdist.linux-x86_64/egg/Evtx/Nodes.py", line 334, in children
File "build/bdist.linux-x86_64/egg/Evtx/Nodes.py", line 159, in _children
File "build/bdist.linux-x86_64/egg/Evtx/BinaryParser.py", line 64, in __call__
File "build/bdist.linux-x86_64/egg/Evtx/Nodes.py", line 177, in length
File "build/bdist.linux-x86_64/egg/Evtx/Nodes.py", line 506, in children
File "build/bdist.linux-x86_64/egg/Evtx/Nodes.py", line 468, in get_variant_value
KeyError: 108
The text was updated successfully, but these errors were encountered:
Got this backtrace on a file pulled from memory during an investigation. Let me know if you need/want anymore information:
The text was updated successfully, but these errors were encountered: