Unimplemented API call at 0x104014: ExitProcess

[attilamester]

While running on a sample (sha provided), encountered this error.
No result was written to the disk.
Output:

$ unipacker f011ba0a6de7dde6db6345f75e23abdab80683e5a510ea4be325ef2c5f45d05d.exe 
Warning: Ignoring XDG_SESSION_TYPE=wayland on Gnome. Use QT_QPA_PLATFORM=wayland to run on Wayland anyway.
Next up: Sample: [PEtite] f011ba0a6de7dde6db6345f75e23abdab80683e5a510ea4be325ef2c5f45d05d.exe
Emulation starting at 0x40c9d0
Message Box (ERROR): This file has been tampered with and
MAY BE INFECTED BY A VIRUS!
Unimplemented API call at 0x104014: ExitProcess, first 6 stack items: ['0x40c9d0', '0x80000', '0x80000', '0x201000', '0xffffeff7', '0x439000']
Error: Invalid instruction (UC_ERR_INSN_INVALID)

Emulation of f011ba0a6de7dde6db6345f75e23abdab80683e5a510ea4be325ef2c5f45d05d.exe finished.
--- Saved to ./unpacked_f011ba0a6de7dde6db6345f75e23abdab80683e5a510ea4be325ef2c5f45d05d.exe ---

[Masrepus]

As you can see in the output, the sample noticed that it's not running in its expected environment and notifies the user via a message box. You could implement ExitProcess, but apart from stopping the emulation it wouldn't do anything. I don't expect any unpacking to have happened yet due to failed environment checks, so you would be better off finding out what that sample actually expects to be different