not really sure if its an issue

[TridentFactor]

No dlls are missing and it seems that its stuck at the third API call, its the same for all the test binaries

binee@36db47c11662:/go/src/binee# ./binee tests/ConsoleApplication1_x86.exe
[1] 0x21982e60: F GetSystemTimeAsFileTime(lpSystemTimeAsFileTime = 0xb7feffe0) = 0xb7feffe0
[1] 0x2197ea60: P GetCurrentThreadId() = 0x0
[1] 0x21990c00: P GetCurrentProcessId() = 0x2001
STUCK*
binee@36db47c11662:/go/src/binee#

[TridentFactor]

Below is an example for running TrickBot seems to emulating further than the test sample

Binee@6ab1153bcb24:~/go/src/binee# ./binee ursnif/2019-09-26-1st-run-Trickbot-gtag-leo19-follow-up-malware-from-Ursnif-infection-1258460.exe
[1] 0x20b12990: F LoadLibraryA(lpFileName = 'KERNEL32.DLL') = 0x20af0000
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetTickCount') = 0x20b13130
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetProcAddress') = 0x20b05f20
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'LoadLibraryA') = 0x20b12990
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetSystemTimeAsFileTime') = 0x20b05e60
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetModuleHandleA') = 0x20b08f60
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetCommandLineA') = 0x20b0a280
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetVersionExA') = 0x20b09ce0
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'ExitProcess') = 0x20b158f0
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'TerminateProcess') = 0x20b0f420
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetCurrentProcess') = 0x20b13bf0
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'WriteFile') = 0x20b14320
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetStdHandle') = 0x20b09c40
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetModuleFileNameA') = 0x20b09730
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'UnhandledExceptionFilter') = 0x20b26210
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'FreeEnvironmentStringsA') = 0x20b24540
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetEnvironmentStrings') = 0x20b247a0
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'FreeEnvironmentStringsW') = 0x20b09ff0
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'WideCharToMultiByte') = 0x20b04650
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetLastError') = 0x20b04670
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetEnvironmentStringsW') = 0x20b0a290
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'SetHandleCount') = 0x20b12ea0
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetFileType') = 0x20b14100
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetStartupInfoA') = 0x20b12000
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'HeapDestroy') = 0x20b129d0
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'HeapCreate') = 0x20b09960
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'VirtualFree') = 0x20b05ef0
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'HeapFree') = 0x20b01a70
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'CloseHandle') = 0x20b13c50
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'CreateFileA') = 0x20b13ea0
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'HeapAlloc') = 0x20b8b2a4
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetACP') = 0x20b07c60
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetOEMCP') = 0x20b12f80
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetCPInfo') = 0x20b09a60
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'VirtualAlloc') = 0x20b05ed0
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'HeapReAlloc') = 0x20b8b310
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'RtlUnwind') = 0x20b07d50
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'InterlockedExchange') = 0x20b05e40
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'VirtualQuery') = 0x20b077e0
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'SetEndOfFile') = 0x20b14280
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'ReadFile') = 0x20b14230
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'SetFilePointer') = 0x20b142c0
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'SetStdHandle') = 0x20b25fb0
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'HeapSize') = 0x20b8b344
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'QueryPerformanceCounter') = 0x20b07f40
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetCurrentThreadId') = 0x20b01a60
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetCurrentProcessId') = 0x20b13c00
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'LCMapStringA') = 0x20b0f3e0
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'MultiByteToWideChar') = 0x20b04030
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'LCMapStringW') = 0x20b097c0
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetStringTypeA') = 0x20b0f400
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetStringTypeW') = 0x20b08f00
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'FlushFileBuffers') = 0x20b14010
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetLocaleInfoA') = 0x20b0dc10
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'VirtualProtect') = 0x20b07c70
[1] 0x20b05f20: F GetProcAddress(hModule = 0x20af0000, lpProcName = 'GetSystemInfo') = 0x20b09ee0
[1] 0x20b07c70: F VirtualProtect(lpAddress = 0x400000, dwSize = 0x1000, flNewProtect = 0x4, lpflOldProtect = 0xb7feffdc) = 0x1
[1] 0x20b07c70: F VirtualProtect(lpAddress = 0x400000, dwSize = 0x1000, flNewProtect = 0x0, lpflOldProtect = 0xb7feffdc) = 0x1
[1] 0x20b09ce0: F GetVersionExA(lpVersionInformation = 0xb7feff34) = 0x12
[1] 0x20b08f60: F GetModuleHandleA(lpModuleName = '') = 0x400000
[1] 0x20b09960: F HeapCreate(flOptions = 0x1, dwInitialSize = 0x1000, dwMaximumSize = 0x0) = 0x123456
[1] 0x20b8b2a4: F HeapAlloc(hHeap = 0x123456, dwFlags = 0x0, dwBytes = 0x140) = 0xa00006b6
[1] 0x20b8b2a4: F HeapAlloc(hHeap = 0x123456, dwFlags = 0x8, dwBytes = 0x41c4) = 0xa0000806
[1] 0x20b05ed0: P VirtualAlloc(lpAddress = 0x0, dwSize = 0x100000, flAllocationType = 0x2000, flProtect = 0x4) = 0xa0000806
HALT
HALT

[MennaEssa]

This happened with me and using system32 dlls from 32bit windows 10 installation seemed to fix the issue , previously i just collected them from sysWOW from my 64 bit installation.

[kgwinnup]

possibly unrelated, PE+ binaries will now parse without error, there was an issue with the imports table but that is resolved now. However, 64bit support is still a work in progress