Heap overflow in Windows Defender (mpengine.dll). Overflow happens while unpacking an ASProtect packed executable. While iterating over the section table it looks for the next highest virtual address. So if you have two entries with the same vaddr, one with a 0size it’ll ignore the second occurrence, resulting in the section being allocated with the wrong size, and then when data is copied into it, overflowing.