Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: F8F0FD second address: F8F103 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1107915 second address: 110793D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007F6F31405BD6h 0x0000000a pop edx 0x0000000b push esi 0x0000000c jmp 00007F6F31405BE9h 0x00000011 push edx 0x00000012 pop edx 0x00000013 pop esi 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 110793D second address: 1107995 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF70h 0x00000007 jmp 00007F6F31ADDF6Fh 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pushad 0x0000000f jmp 00007F6F31ADDF6Eh 0x00000014 push ecx 0x00000015 pushad 0x00000016 popad 0x00000017 jmp 00007F6F31ADDF78h 0x0000001c pop ecx 0x0000001d push eax 0x0000001e push edx 0x0000001f je 00007F6F31ADDF66h 0x00000025 push ebx 0x00000026 pop ebx 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 10F7844 second address: 10F784A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 10F784A second address: 10F7850 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1106912 second address: 1106918 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1106918 second address: 110694E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF77h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jmp 00007F6F31ADDF76h 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 110694E second address: 1106952 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1106C71 second address: 1106C85 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF6Ah 0x00000007 push eax 0x00000008 push edx 0x00000009 jo 00007F6F31ADDF66h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1107044 second address: 1107057 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BDFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1107057 second address: 1107089 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF76h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jng 00007F6F31ADDF6Ah 0x00000011 push esi 0x00000012 pop esi 0x00000013 pushad 0x00000014 popad 0x00000015 js 00007F6F31ADDF6Ch 0x0000001b jp 00007F6F31ADDF66h 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1107089 second address: 110708E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1107217 second address: 110721B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1109FAC second address: 1109FB2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1109FB2 second address: 1109FC2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [esp+04h] 0x0000000c push edi 0x0000000d push ebx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1109FC2 second address: 1109FEB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop edi 0x00000006 mov eax, dword ptr [eax] 0x00000008 pushad 0x00000009 jno 00007F6F31405BDCh 0x0000000f pushad 0x00000010 jnc 00007F6F31405BD6h 0x00000016 push eax 0x00000017 pop eax 0x00000018 popad 0x00000019 popad 0x0000001a mov dword ptr [esp+04h], eax 0x0000001e push ecx 0x0000001f push eax 0x00000020 push edx 0x00000021 push eax 0x00000022 push edx 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1109FEB second address: 1109FEF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 110A103 second address: 110A115 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F6F31405BDEh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 110A115 second address: 110A119 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 110A209 second address: 110A236 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop esi 0x00000006 mov dword ptr [esp], eax 0x00000009 add dword ptr [ebp+122D1AABh], ecx 0x0000000f push 00000000h 0x00000011 mov edi, dword ptr [ebp+122D366Bh] 0x00000017 jmp 00007F6F31405BDBh 0x0000001c push B0F002E2h 0x00000021 push eax 0x00000022 push edx 0x00000023 push eax 0x00000024 push edx 0x00000025 pushad 0x00000026 popad 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 110A236 second address: 110A23C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 110A454 second address: 110A458 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 110A458 second address: 110A45E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 110A45E second address: 110A498 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F6F31405BDCh 0x00000008 pushad 0x00000009 popad 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d xor dword ptr [esp], 28CACB1Bh 0x00000014 xor edi, 446AA438h 0x0000001a lea ebx, dword ptr [ebp+1244EF20h] 0x00000020 xor di, 772Ah 0x00000025 push edx 0x00000026 mov cx, 1872h 0x0000002a pop edx 0x0000002b xchg eax, ebx 0x0000002c push eax 0x0000002d push edx 0x0000002e pushad 0x0000002f push ecx 0x00000030 pop ecx 0x00000031 push eax 0x00000032 push edx 0x00000033 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 110A498 second address: 110A49D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1127CA6 second address: 1127CAC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11280CE second address: 11280D3 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11286D2 second address: 1128707 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 jo 00007F6F31405BD6h 0x00000009 pushad 0x0000000a popad 0x0000000b pop edx 0x0000000c push ecx 0x0000000d push ebx 0x0000000e pop ebx 0x0000000f jmp 00007F6F31405BE9h 0x00000014 pop ecx 0x00000015 pop edx 0x00000016 pop eax 0x00000017 ja 00007F6F31405C05h 0x0000001d push eax 0x0000001e push edx 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1128707 second address: 112870D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 112870D second address: 1128711 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1128711 second address: 112872C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF77h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11292B5 second address: 11292DA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6F31405BE3h 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F6F31405BDBh 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11292DA second address: 11292DE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 112F119 second address: 112F13C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F6F31405BD6h 0x0000000a popad 0x0000000b pop esi 0x0000000c jng 00007F6F31405BF2h 0x00000012 pushad 0x00000013 pushad 0x00000014 popad 0x00000015 jmp 00007F6F31405BDCh 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 112F13C second address: 112F142 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 10FAD3A second address: 10FAD3E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 10FAD3E second address: 10FAD55 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 jmp 00007F6F31ADDF6Ch 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1131797 second address: 11317E9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 popad 0x00000006 mov eax, dword ptr [esp+04h] 0x0000000a jmp 00007F6F31405BE8h 0x0000000f mov eax, dword ptr [eax] 0x00000011 pushad 0x00000012 push esi 0x00000013 jmp 00007F6F31405BE7h 0x00000018 pop esi 0x00000019 pushad 0x0000001a jmp 00007F6F31405BE1h 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11341C2 second address: 11341E0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 jmp 00007F6F31ADDF79h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11344AB second address: 11344B1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1134937 second address: 1134954 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push ecx 0x00000006 jo 00007F6F31ADDF66h 0x0000000c pop ecx 0x0000000d pushad 0x0000000e pushad 0x0000000f popad 0x00000010 jmp 00007F6F31ADDF6Bh 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1136D6C second address: 1136D72 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1136D72 second address: 1136D78 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1136E4B second address: 1136E4F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1137353 second address: 1137357 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1137357 second address: 113735D instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1137416 second address: 1137434 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F6F31ADDF76h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11378E8 second address: 11378EF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11378EF second address: 11378F5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11378F5 second address: 113791E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jmp 00007F6F31405BE2h 0x0000000e nop 0x0000000f xor dword ptr [ebp+122D2C61h], eax 0x00000015 xchg eax, ebx 0x00000016 push eax 0x00000017 push edx 0x00000018 push edx 0x00000019 push ebx 0x0000001a pop ebx 0x0000001b pop edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113791E second address: 1137924 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1137924 second address: 1137928 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1137928 second address: 1137950 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF6Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f jmp 00007F6F31ADDF6Ch 0x00000014 push edi 0x00000015 pop edi 0x00000016 popad 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1137950 second address: 113795A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jng 00007F6F31405BD6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113795A second address: 113795E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1137E58 second address: 1137ED5 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F6F31405BD6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop eax 0x0000000b nop 0x0000000c push 00000000h 0x0000000e push esi 0x0000000f call 00007F6F31405BD8h 0x00000014 pop esi 0x00000015 mov dword ptr [esp+04h], esi 0x00000019 add dword ptr [esp+04h], 00000017h 0x00000021 inc esi 0x00000022 push esi 0x00000023 ret 0x00000024 pop esi 0x00000025 ret 0x00000026 mov edi, dword ptr [ebp+122D2ADAh] 0x0000002c mov si, di 0x0000002f push 00000000h 0x00000031 push 00000000h 0x00000033 push ebp 0x00000034 call 00007F6F31405BD8h 0x00000039 pop ebp 0x0000003a mov dword ptr [esp+04h], ebp 0x0000003e add dword ptr [esp+04h], 00000016h 0x00000046 inc ebp 0x00000047 push ebp 0x00000048 ret 0x00000049 pop ebp 0x0000004a ret 0x0000004b mov dword ptr [ebp+122D2AC6h], edi 0x00000051 push 00000000h 0x00000053 je 00007F6F31405BE0h 0x00000059 jbe 00007F6F31405BDAh 0x0000005f mov di, CE86h 0x00000063 xchg eax, ebx 0x00000064 push eax 0x00000065 push edx 0x00000066 jmp 00007F6F31405BDEh 0x0000006b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1137ED5 second address: 1137EEC instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push edi 0x00000004 pop edi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b ja 00007F6F31ADDF6Ch 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113A316 second address: 113A320 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113A320 second address: 113A326 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113A326 second address: 113A3A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 nop 0x00000007 sbb edi, 7B782A00h 0x0000000d push 00000000h 0x0000000f push 00000000h 0x00000011 push ebp 0x00000012 call 00007F6F31405BD8h 0x00000017 pop ebp 0x00000018 mov dword ptr [esp+04h], ebp 0x0000001c add dword ptr [esp+04h], 00000017h 0x00000024 inc ebp 0x00000025 push ebp 0x00000026 ret 0x00000027 pop ebp 0x00000028 ret 0x00000029 jmp 00007F6F31405BE5h 0x0000002e mov dword ptr [ebp+122D20D4h], ecx 0x00000034 sub esi, dword ptr [ebp+122D3517h] 0x0000003a push 00000000h 0x0000003c mov edi, 14832DFEh 0x00000041 pushad 0x00000042 jmp 00007F6F31405BDFh 0x00000047 push ebx 0x00000048 pop ebx 0x00000049 popad 0x0000004a xchg eax, ebx 0x0000004b push eax 0x0000004c push edx 0x0000004d pushad 0x0000004e jmp 00007F6F31405BDFh 0x00000053 push ecx 0x00000054 pop ecx 0x00000055 popad 0x00000056 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113A3A5 second address: 113A3AF instructions: 0x00000000 rdtsc 0x00000002 jl 00007F6F31ADDF6Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113A3AF second address: 113A3C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push esi 0x0000000a jg 00007F6F31405BD6h 0x00000010 pop esi 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113AD5B second address: 113AD5F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1140D69 second address: 1140D70 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1140D70 second address: 1140D75 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113D796 second address: 113D79C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1140D75 second address: 1140DE7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007F6F31ADDF6Eh 0x0000000f nop 0x00000010 push ecx 0x00000011 pop edi 0x00000012 or ebx, 72E92690h 0x00000018 push 00000000h 0x0000001a push 00000000h 0x0000001c push eax 0x0000001d call 00007F6F31ADDF68h 0x00000022 pop eax 0x00000023 mov dword ptr [esp+04h], eax 0x00000027 add dword ptr [esp+04h], 0000001Ch 0x0000002f inc eax 0x00000030 push eax 0x00000031 ret 0x00000032 pop eax 0x00000033 ret 0x00000034 mov ebx, 2F32FCF7h 0x00000039 push 00000000h 0x0000003b push 00000000h 0x0000003d push eax 0x0000003e call 00007F6F31ADDF68h 0x00000043 pop eax 0x00000044 mov dword ptr [esp+04h], eax 0x00000048 add dword ptr [esp+04h], 00000016h 0x00000050 inc eax 0x00000051 push eax 0x00000052 ret 0x00000053 pop eax 0x00000054 ret 0x00000055 xchg eax, esi 0x00000056 push edi 0x00000057 push eax 0x00000058 push edx 0x00000059 pushad 0x0000005a popad 0x0000005b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113D79C second address: 113D7A0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1141EA6 second address: 1141EB0 instructions: 0x00000000 rdtsc 0x00000002 js 00007F6F31ADDF66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1141EB0 second address: 1141EC5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 je 00007F6F31405BD6h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 push ecx 0x00000014 pop ecx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1141EC5 second address: 1141ECB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1141ECB second address: 1141F19 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F6F31405BDCh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b push 00000000h 0x0000000d mov ebx, esi 0x0000000f push 00000000h 0x00000011 push 00000000h 0x00000013 push ecx 0x00000014 call 00007F6F31405BD8h 0x00000019 pop ecx 0x0000001a mov dword ptr [esp+04h], ecx 0x0000001e add dword ptr [esp+04h], 00000016h 0x00000026 inc ecx 0x00000027 push ecx 0x00000028 ret 0x00000029 pop ecx 0x0000002a ret 0x0000002b push esi 0x0000002c mov bx, 3E2Fh 0x00000030 pop edi 0x00000031 jng 00007F6F31405BD9h 0x00000037 sbb bl, 00000027h 0x0000003a xchg eax, esi 0x0000003b push esi 0x0000003c jc 00007F6F31405BDCh 0x00000042 push eax 0x00000043 push edx 0x00000044 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1142E47 second address: 1142E68 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 pushad 0x00000009 jmp 00007F6F31ADDF70h 0x0000000e push eax 0x0000000f push edx 0x00000010 jo 00007F6F31ADDF66h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1142E68 second address: 1142E6C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1144D69 second address: 1144D6E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1145DB1 second address: 1145E05 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp], eax 0x0000000a add dword ptr [ebp+122D1EB4h], ebx 0x00000010 mov dword ptr [ebp+12449DE2h], ebx 0x00000016 push 00000000h 0x00000018 push 00000000h 0x0000001a push ecx 0x0000001b call 00007F6F31405BD8h 0x00000020 pop ecx 0x00000021 mov dword ptr [esp+04h], ecx 0x00000025 add dword ptr [esp+04h], 00000014h 0x0000002d inc ecx 0x0000002e push ecx 0x0000002f ret 0x00000030 pop ecx 0x00000031 ret 0x00000032 push 00000000h 0x00000034 stc 0x00000035 movsx ebx, cx 0x00000038 xchg eax, esi 0x00000039 jmp 00007F6F31405BE4h 0x0000003e push eax 0x0000003f push ecx 0x00000040 push ebx 0x00000041 push eax 0x00000042 push edx 0x00000043 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1144EC0 second address: 1144ECE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F6F31ADDF6Ah 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1146C96 second address: 1146CA3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 jc 00007F6F31405BD6h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1147CBA second address: 1147CC0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1149C96 second address: 1149C9C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1149E02 second address: 1149E08 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 114AD4D second address: 114AD51 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1149E08 second address: 1149E36 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a pushad 0x0000000b jmp 00007F6F31ADDF74h 0x00000010 jmp 00007F6F31ADDF6Bh 0x00000015 popad 0x00000016 pushad 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 114CC2E second address: 114CC32 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 114AD51 second address: 114AD6D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF78h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1149E36 second address: 1149E3C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 114BF44 second address: 114BF48 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 114CDF6 second address: 114CE09 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BDFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1149E3C second address: 1149EAC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 nop 0x00000007 mov dword ptr [ebp+122D1D13h], esi 0x0000000d mov bl, ah 0x0000000f push dword ptr fs:[00000000h] 0x00000016 sub dword ptr [ebp+1244BAD1h], ecx 0x0000001c mov dword ptr fs:[00000000h], esp 0x00000023 add dword ptr [ebp+122D1E67h], eax 0x00000029 mov edi, dword ptr [ebp+122D1AFDh] 0x0000002f mov eax, dword ptr [ebp+122D0871h] 0x00000035 clc 0x00000036 push FFFFFFFFh 0x00000038 push 00000000h 0x0000003a push edi 0x0000003b call 00007F6F31ADDF68h 0x00000040 pop edi 0x00000041 mov dword ptr [esp+04h], edi 0x00000045 add dword ptr [esp+04h], 00000015h 0x0000004d inc edi 0x0000004e push edi 0x0000004f ret 0x00000050 pop edi 0x00000051 ret 0x00000052 xor dword ptr [ebp+122D1A22h], edi 0x00000058 mov di, dx 0x0000005b nop 0x0000005c jl 00007F6F31ADDF6Ah 0x00000062 push eax 0x00000063 pushad 0x00000064 popad 0x00000065 pop eax 0x00000066 push eax 0x00000067 push eax 0x00000068 push edx 0x00000069 push edi 0x0000006a pushad 0x0000006b popad 0x0000006c pop edi 0x0000006d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 114DEFE second address: 114DFC1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BE4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b ja 00007F6F31405BDCh 0x00000011 pop eax 0x00000012 nop 0x00000013 add di, F9D5h 0x00000018 push dword ptr fs:[00000000h] 0x0000001f push 00000000h 0x00000021 push esi 0x00000022 call 00007F6F31405BD8h 0x00000027 pop esi 0x00000028 mov dword ptr [esp+04h], esi 0x0000002c add dword ptr [esp+04h], 0000001Ch 0x00000034 inc esi 0x00000035 push esi 0x00000036 ret 0x00000037 pop esi 0x00000038 ret 0x00000039 push ecx 0x0000003a add bl, 00000074h 0x0000003d pop edi 0x0000003e mov dword ptr fs:[00000000h], esp 0x00000045 push 00000000h 0x00000047 push edx 0x00000048 call 00007F6F31405BD8h 0x0000004d pop edx 0x0000004e mov dword ptr [esp+04h], edx 0x00000052 add dword ptr [esp+04h], 0000001Ah 0x0000005a inc edx 0x0000005b push edx 0x0000005c ret 0x0000005d pop edx 0x0000005e ret 0x0000005f jmp 00007F6F31405BE7h 0x00000064 mov bx, dx 0x00000067 mov eax, dword ptr [ebp+122D0D5Dh] 0x0000006d jmp 00007F6F31405BE1h 0x00000072 push FFFFFFFFh 0x00000074 mov ebx, 0C923444h 0x00000079 push eax 0x0000007a push esi 0x0000007b pushad 0x0000007c push eax 0x0000007d push edx 0x0000007e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 114AE1A second address: 114AE20 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 114EF65 second address: 114EF6F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jne 00007F6F31405BD6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1149EAC second address: 1149EC2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F6F31ADDF72h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 114CED9 second address: 114CEE3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jl 00007F6F31405BD6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 114FFEB second address: 114FFF1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1152EC1 second address: 1152EC5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 114FFF1 second address: 114FFF6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11592F6 second address: 11592FA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1158AAA second address: 1158AB0 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1158BE3 second address: 1158BF7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BDFh 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 115EBD2 second address: 115EC1C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 push ebx 0x00000006 pop ebx 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push ecx 0x0000000c push ebx 0x0000000d jnl 00007F6F31ADDF66h 0x00000013 pop ebx 0x00000014 pop ecx 0x00000015 mov eax, dword ptr [esp+04h] 0x00000019 jno 00007F6F31ADDF70h 0x0000001f mov eax, dword ptr [eax] 0x00000021 jl 00007F6F31ADDF70h 0x00000027 mov dword ptr [esp+04h], eax 0x0000002b pushad 0x0000002c pushad 0x0000002d push edi 0x0000002e pop edi 0x0000002f push edi 0x00000030 pop edi 0x00000031 popad 0x00000032 push eax 0x00000033 push edx 0x00000034 push eax 0x00000035 push edx 0x00000036 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 115EC1C second address: 115EC20 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 115EC20 second address: 115EC24 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 115EDB2 second address: 115EDE8 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F6F31405BD6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop ebx 0x0000000b push eax 0x0000000c push eax 0x0000000d pushad 0x0000000e push edx 0x0000000f pop edx 0x00000010 push edx 0x00000011 pop edx 0x00000012 popad 0x00000013 pop eax 0x00000014 mov eax, dword ptr [esp+04h] 0x00000018 push eax 0x00000019 push edx 0x0000001a pushad 0x0000001b pushad 0x0000001c popad 0x0000001d jmp 00007F6F31405BE8h 0x00000022 popad 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 115EDE8 second address: 115EE00 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 pop eax 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [eax] 0x0000000a jbe 00007F6F31ADDF72h 0x00000010 jp 00007F6F31ADDF6Ch 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11632D7 second address: 11632F4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BE3h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11632F4 second address: 11632FE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007F6F31ADDF66h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11632FE second address: 1163302 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1163302 second address: 116330A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 116330A second address: 116330F instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 116330F second address: 116331A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edi 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 116331A second address: 116331E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 116331E second address: 1163322 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11638A1 second address: 11638A5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11638A5 second address: 11638BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop ecx 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c pushad 0x0000000d popad 0x0000000e pushad 0x0000000f popad 0x00000010 pushad 0x00000011 popad 0x00000012 popad 0x00000013 pushad 0x00000014 push edx 0x00000015 pop edx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11638BD second address: 11638C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007F6F31405BD6h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11638C8 second address: 11638CE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11638CE second address: 11638D2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1163BD9 second address: 1163BEE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F6F31ADDF6Ah 0x0000000e push esi 0x0000000f pop esi 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1163BEE second address: 1163BF6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1163BF6 second address: 1163BFC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1163BFC second address: 1163C00 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1163C00 second address: 1163C09 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1163EDA second address: 1163EE0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1164460 second address: 1164483 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F6F31ADDF66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jmp 00007F6F31ADDF6Ch 0x00000010 push ebx 0x00000011 pop ebx 0x00000012 popad 0x00000013 pop edx 0x00000014 push eax 0x00000015 push edx 0x00000016 push esi 0x00000017 push edi 0x00000018 pop edi 0x00000019 push edi 0x0000001a pop edi 0x0000001b pop esi 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1168B2E second address: 1168B40 instructions: 0x00000000 rdtsc 0x00000002 je 00007F6F31405BDAh 0x00000008 pushad 0x00000009 popad 0x0000000a push edx 0x0000000b pop edx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f pop eax 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113E121 second address: 113E127 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113E223 second address: 113E227 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113E351 second address: 113E357 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113E357 second address: 113E35C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113E907 second address: 113E90B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113E90B second address: 113E92E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop eax 0x00000007 mov dword ptr [esp], esi 0x0000000a mov ecx, 22BA7DFEh 0x0000000f nop 0x00000010 pushad 0x00000011 pushad 0x00000012 jns 00007F6F31405BD6h 0x00000018 jo 00007F6F31405BD6h 0x0000001e popad 0x0000001f push eax 0x00000020 push edx 0x00000021 push eax 0x00000022 push edx 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113E92E second address: 113E932 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113EB01 second address: 113EB05 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113EB05 second address: 113EB0B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113EC1F second address: 113EC42 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 pop edx 0x00000008 nop 0x00000009 cmc 0x0000000a push 00000004h 0x0000000c jng 00007F6F31405BDCh 0x00000012 or ecx, dword ptr [ebp+1247248Bh] 0x00000018 push eax 0x00000019 jg 00007F6F31405BE0h 0x0000001f push eax 0x00000020 push edx 0x00000021 push edx 0x00000022 pop edx 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113F236 second address: 113F259 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF74h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop esi 0x0000000a push eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e jl 00007F6F31ADDF66h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113F259 second address: 113F267 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jc 00007F6F31405BDCh 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113F353 second address: 113F3C6 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edx 0x00000007 push esi 0x00000008 pop esi 0x00000009 pop edx 0x0000000a popad 0x0000000b mov dword ptr [esp], eax 0x0000000e pushad 0x0000000f sub dword ptr [ebp+122D1B3Eh], eax 0x00000015 mov eax, dword ptr [ebp+12448CE8h] 0x0000001b popad 0x0000001c lea eax, dword ptr [ebp+12482ED7h] 0x00000022 push 00000000h 0x00000024 push eax 0x00000025 call 00007F6F31ADDF68h 0x0000002a pop eax 0x0000002b mov dword ptr [esp+04h], eax 0x0000002f add dword ptr [esp+04h], 00000015h 0x00000037 inc eax 0x00000038 push eax 0x00000039 ret 0x0000003a pop eax 0x0000003b ret 0x0000003c movsx edi, cx 0x0000003f nop 0x00000040 jmp 00007F6F31ADDF76h 0x00000045 push eax 0x00000046 push eax 0x00000047 push edx 0x00000048 jmp 00007F6F31ADDF77h 0x0000004d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1167D83 second address: 1167D87 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1167EDB second address: 1167EE0 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 116809D second address: 11680C0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BDDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push edx 0x0000000b push eax 0x0000000c jnl 00007F6F31405BD6h 0x00000012 pop eax 0x00000013 je 00007F6F31405BE2h 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11680C0 second address: 11680C6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 116836F second address: 1168373 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1168373 second address: 1168391 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jns 00007F6F31ADDF78h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1168391 second address: 1168396 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1168396 second address: 11683A4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push ebx 0x00000006 je 00007F6F31ADDF66h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1170A2D second address: 1170A37 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007F6F31405BD6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1170A37 second address: 1170A3B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1170B6E second address: 1170B72 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1170B72 second address: 1170B90 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF74h 0x00000007 jnp 00007F6F31ADDF66h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1170B90 second address: 1170BAC instructions: 0x00000000 rdtsc 0x00000002 js 00007F6F31405BDAh 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a pushad 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 jnl 00007F6F31405BDCh 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1171028 second address: 117102C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 117102C second address: 1171046 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F6F31405BE1h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11711B8 second address: 11711DD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF77h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F6F31ADDF6Ah 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11711DD second address: 11711E4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edx 0x00000004 pop edx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1170715 second address: 117071B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1171A17 second address: 1171A1D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1171A1D second address: 1171A29 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1171A29 second address: 1171A2D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1171A2D second address: 1171A33 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1171A33 second address: 1171A4D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 ja 00007F6F31405BD6h 0x00000009 jnp 00007F6F31405BD6h 0x0000000f pop eax 0x00000010 ja 00007F6F31405BDEh 0x00000016 pushad 0x00000017 popad 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1177408 second address: 1177419 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a jc 00007F6F31ADDF66h 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1177419 second address: 117743D instructions: 0x00000000 rdtsc 0x00000002 je 00007F6F31405BEAh 0x00000008 push edx 0x00000009 pop edx 0x0000000a jmp 00007F6F31405BE2h 0x0000000f jng 00007F6F31405BDCh 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11767A1 second address: 11767C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F6F31ADDF66h 0x0000000a jmp 00007F6F31ADDF70h 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 push ecx 0x00000013 pop ecx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11767C0 second address: 11767D4 instructions: 0x00000000 rdtsc 0x00000002 js 00007F6F31405BD6h 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pop esi 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11767D4 second address: 11767D8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1176E75 second address: 1176EA7 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jnp 00007F6F31405BDEh 0x0000000e jmp 00007F6F31405BE6h 0x00000013 popad 0x00000014 pushad 0x00000015 push eax 0x00000016 push edx 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1176EA7 second address: 1176EAB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1177271 second address: 1177282 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F6F31405BDBh 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 117A9CA second address: 117A9CF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 117A9CF second address: 117A9D8 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pushad 0x00000004 popad 0x00000005 pop ecx 0x00000006 push ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 117D692 second address: 117D698 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 117D698 second address: 117D69E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 117D69E second address: 117D6A7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 117D6A7 second address: 117D6AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 117D6AB second address: 117D6B1 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11801A8 second address: 11801B5 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F6F31405BD6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 118059B second address: 118059F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11866D2 second address: 11866D6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11866D6 second address: 11866E2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11866E2 second address: 11866E8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11866E8 second address: 11866EE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11866EE second address: 11866F5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push esi 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11866F5 second address: 1186701 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 pushad 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1186701 second address: 1186722 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6F31405BE4h 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d pushad 0x0000000e pushad 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1186722 second address: 1186742 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F6F31ADDF79h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1185FFF second address: 118600B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jo 00007F6F31405BD6h 0x0000000a push eax 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11863EB second address: 118640C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6F31ADDF71h 0x00000009 js 00007F6F31ADDF66h 0x0000000f popad 0x00000010 pop ebx 0x00000011 push edx 0x00000012 push ebx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 118A874 second address: 118A878 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 118F028 second address: 118F033 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007F6F31ADDF66h 0x0000000a pop edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 118F033 second address: 118F03B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 118F2C1 second address: 118F2C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 118F2C7 second address: 118F2D8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push ecx 0x0000000a pop ecx 0x0000000b jnp 00007F6F31405BD6h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 118F68C second address: 118F695 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1196EC0 second address: 1196EF2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007F6F31405BD6h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F6F31405BE0h 0x00000012 jmp 00007F6F31405BE5h 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 10FFD1B second address: 10FFD21 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 10FFD21 second address: 10FFD33 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 jnl 00007F6F31405BD6h 0x0000000c jnl 00007F6F31405BD6h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 10FFD33 second address: 10FFD37 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11952CB second address: 11952E2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6F31405BE3h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11952E2 second address: 11952F9 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 push eax 0x00000008 push edx 0x00000009 jno 00007F6F31ADDF6Eh 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11952F9 second address: 11952FE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11952FE second address: 1195304 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11955FE second address: 119562E instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 jmp 00007F6F31405BE8h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jng 00007F6F31405BDEh 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11958DC second address: 11958E7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop ecx 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11958E7 second address: 11958EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11958EB second address: 11958FD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF6Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1195C23 second address: 1195C4A instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 ja 00007F6F31405BD6h 0x00000009 push edx 0x0000000a pop edx 0x0000000b pop edx 0x0000000c push edx 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f pop edx 0x00000010 pop edx 0x00000011 pop eax 0x00000012 pushad 0x00000013 je 00007F6F31405BE1h 0x00000019 jmp 00007F6F31405BDBh 0x0000001e pushad 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1195ECF second address: 1195ED5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1195ED5 second address: 1195EDA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11961F3 second address: 11961FA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11961FA second address: 1196213 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jne 00007F6F31405BD6h 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pushad 0x00000010 push eax 0x00000011 jc 00007F6F31405BD6h 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1196213 second address: 1196222 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 jns 00007F6F31ADDF66h 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1196222 second address: 1196233 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jns 00007F6F31405BD6h 0x0000000d pushad 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11967E9 second address: 11967EE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11967EE second address: 1196826 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 jmp 00007F6F31405BE1h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 jng 00007F6F31405BD6h 0x00000018 jmp 00007F6F31405BE4h 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1196826 second address: 1196839 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF6Fh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1196839 second address: 1196858 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F6F31405BE9h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1196B54 second address: 1196B63 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 jbe 00007F6F31ADDF66h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push edi 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1196B63 second address: 1196B83 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 popad 0x00000006 pushad 0x00000007 push edi 0x00000008 jbe 00007F6F31405BD6h 0x0000000e pop edi 0x0000000f jmp 00007F6F31405BDDh 0x00000014 push eax 0x00000015 push edx 0x00000016 pushad 0x00000017 popad 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 119A9EC second address: 119AA04 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF6Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d push esi 0x0000000e pop esi 0x0000000f push edi 0x00000010 pop edi 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 119AA04 second address: 119AA08 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 119AA08 second address: 119AA0E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 119AA0E second address: 119AA2F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jnp 00007F6F31405BD6h 0x00000009 jmp 00007F6F31405BE6h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 119ABC0 second address: 119ABE2 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edx 0x00000007 jmp 00007F6F31ADDF74h 0x0000000c pop edx 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 119ABE2 second address: 119ABE6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 119ABE6 second address: 119AC2B instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 jmp 00007F6F31ADDF77h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b popad 0x0000000c pushad 0x0000000d push edi 0x0000000e pushad 0x0000000f popad 0x00000010 pushad 0x00000011 popad 0x00000012 pop edi 0x00000013 jmp 00007F6F31ADDF76h 0x00000018 push eax 0x00000019 push edx 0x0000001a push ecx 0x0000001b pop ecx 0x0000001c jno 00007F6F31ADDF66h 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 119AD69 second address: 119AD6D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 119AD6D second address: 119AD89 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF6Bh 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F6F31ADDF6Bh 0x0000000e push ebx 0x0000000f pop ebx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 119AEB5 second address: 119AEC4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 pushad 0x00000007 jne 00007F6F31405BD6h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 119AEC4 second address: 119AEE5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F6F31ADDF78h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 119B1A0 second address: 119B1A8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 119B1A8 second address: 119B1AD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 119B1AD second address: 119B1CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6F31405BE8h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 119B330 second address: 119B334 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 119B660 second address: 119B674 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6F31405BDFh 0x00000009 pop ecx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 119B674 second address: 119B679 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 119B679 second address: 119B681 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A0002 second address: 11A0042 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 js 00007F6F31ADDF66h 0x0000000c jmp 00007F6F31ADDF79h 0x00000011 popad 0x00000012 jmp 00007F6F31ADDF76h 0x00000017 push eax 0x00000018 push edx 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A0042 second address: 11A0046 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A235B second address: 11A2361 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A9CCE second address: 11A9CD7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A9CD7 second address: 11A9CE7 instructions: 0x00000000 rdtsc 0x00000002 je 00007F6F31ADDF66h 0x00000008 jg 00007F6F31ADDF66h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A9CE7 second address: 11A9CED instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A7EBA second address: 11A7EE5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007F6F31ADDF6Dh 0x0000000b jno 00007F6F31ADDF66h 0x00000011 popad 0x00000012 jmp 00007F6F31ADDF71h 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A7EE5 second address: 11A7F04 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 pop eax 0x00000005 jmp 00007F6F31405BE1h 0x0000000a pop ebx 0x0000000b jng 00007F6F31405BEAh 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A830E second address: 11A8313 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A848C second address: 11A8490 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A89B8 second address: 11A89BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A8CCB second address: 11A8CD1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A8CD1 second address: 11A8CE1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F6F31ADDF6Ch 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A8CE1 second address: 11A8CE9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 push eax 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A8CE9 second address: 11A8D10 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF79h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 ja 00007F6F31ADDF6Eh 0x0000000f push edx 0x00000010 pop edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A8D10 second address: 11A8D28 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 jmp 00007F6F31405BDBh 0x0000000e pushad 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A8D28 second address: 11A8D2D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A9471 second address: 11A949B instructions: 0x00000000 rdtsc 0x00000002 jc 00007F6F31405BD6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop ebx 0x0000000b push esi 0x0000000c jmp 00007F6F31405BE6h 0x00000011 jg 00007F6F31405BE2h 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A9B74 second address: 11A9B83 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 jno 00007F6F31ADDF66h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11A9B83 second address: 11A9B87 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11AE5F2 second address: 11AE5F6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11B2C90 second address: 11B2D06 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6F31405BE9h 0x00000009 popad 0x0000000a pushad 0x0000000b pushad 0x0000000c jl 00007F6F31405BD6h 0x00000012 jnp 00007F6F31405BD6h 0x00000018 jmp 00007F6F31405BE4h 0x0000001d jmp 00007F6F31405BE4h 0x00000022 popad 0x00000023 jl 00007F6F31405BE2h 0x00000029 js 00007F6F31405BD6h 0x0000002f jg 00007F6F31405BD6h 0x00000035 push eax 0x00000036 push edx 0x00000037 jmp 00007F6F31405BDBh 0x0000003c pushad 0x0000003d popad 0x0000003e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11B2E6D second address: 11B2E87 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F6F31ADDF74h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11BEB20 second address: 11BEB31 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BDBh 0x00000007 push eax 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11BEB31 second address: 11BEB3B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnl 00007F6F31ADDF66h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11BEB3B second address: 11BEB5C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BE8h 0x00000007 push edx 0x00000008 pop edx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11BEB5C second address: 11BEB72 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jg 00007F6F31ADDF66h 0x00000010 jc 00007F6F31ADDF66h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11BEB72 second address: 11BEB78 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11BEB78 second address: 11BEB86 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jc 00007F6F31ADDF6Eh 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11BE57C second address: 11BE581 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11BE6A4 second address: 11BE6A9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11C42CA second address: 11C4302 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jo 00007F6F31405BD6h 0x00000009 pushad 0x0000000a popad 0x0000000b pop eax 0x0000000c jng 00007F6F31405BDCh 0x00000012 pop edx 0x00000013 pop eax 0x00000014 push eax 0x00000015 push edx 0x00000016 jp 00007F6F31405BECh 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11C8C98 second address: 11C8C9E instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11D0D0A second address: 11D0D0E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11D0B33 second address: 11D0B56 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F6F31ADDF66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007F6F31ADDF79h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11D0B56 second address: 11D0B5E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 push esi 0x00000007 pop esi 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11D8C30 second address: 11D8C3A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pushad 0x00000007 popad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11D8C3A second address: 11D8C4F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F6F31405BDDh 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11D8C4F second address: 11D8C55 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11D8C55 second address: 11D8C59 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11D9055 second address: 11D9059 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11DDBB7 second address: 11DDBBB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11DDBBB second address: 11DDBC7 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F6F31ADDF66h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11DDBC7 second address: 11DDBD3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 ja 00007F6F31405BD6h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11DDBD3 second address: 11DDBEA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F6F31ADDF6Ah 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push ebx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11DDBEA second address: 11DDBF4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007F6F31405BD6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11EA995 second address: 11EA9BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6F31ADDF72h 0x00000009 jnp 00007F6F31ADDF66h 0x0000000f ja 00007F6F31ADDF66h 0x00000015 popad 0x00000016 pushad 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11EA9BB second address: 11EA9DD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F6F31405BE9h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11EA9DD second address: 11EA9F8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF73h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11EA9F8 second address: 11EA9FE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11EA9FE second address: 11EAA02 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11FFC29 second address: 11FFC38 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F6F31405BDAh 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11FFC38 second address: 11FFC3E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11FF812 second address: 11FF825 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 jnc 00007F6F31405BDAh 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11FF825 second address: 11FF829 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 121A3A7 second address: 121A3AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 121A3AD second address: 121A3B2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1219213 second address: 1219218 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 121963C second address: 121966D instructions: 0x00000000 rdtsc 0x00000002 js 00007F6F31ADDF87h 0x00000008 jmp 00007F6F31ADDF74h 0x0000000d jmp 00007F6F31ADDF6Dh 0x00000012 push eax 0x00000013 push edx 0x00000014 jnl 00007F6F31ADDF66h 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 121966D second address: 121967C instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b push edx 0x0000000c pop edx 0x0000000d push edx 0x0000000e pop edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 121967C second address: 1219690 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F6F31ADDF66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jl 00007F6F31ADDF6Eh 0x00000010 pushad 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1219BEB second address: 1219BFC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 jne 00007F6F31405BDCh 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1219DAD second address: 1219DB5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1219DB5 second address: 1219DB9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1219F0A second address: 1219F19 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007F6F31ADDF66h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e pop eax 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1219F19 second address: 1219F29 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F6F31405BD6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push edx 0x0000000d pop edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1219F29 second address: 1219F2D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1219F2D second address: 1219F31 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 121B9F4 second address: 121BA26 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jo 00007F6F31ADDF66h 0x0000000c jmp 00007F6F31ADDF71h 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007F6F31ADDF72h 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 121E425 second address: 121E42C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 121E42C second address: 121E442 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jg 00007F6F31ADDF6Ch 0x00000010 je 00007F6F31ADDF66h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 121E442 second address: 121E44C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jng 00007F6F31405BD6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 121E6CA second address: 121E6D4 instructions: 0x00000000 rdtsc 0x00000002 je 00007F6F31ADDF6Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 121E6D4 second address: 121E6EA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F6F31405BDDh 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 121E6EA second address: 121E6F8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F6F31ADDF6Ah 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 542001A second address: 5420069 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007F6F31405BE1h 0x00000008 pop ecx 0x00000009 mov esi, ebx 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push edx 0x0000000f jmp 00007F6F31405BE8h 0x00000014 mov dword ptr [esp], ebp 0x00000017 push eax 0x00000018 push edx 0x00000019 jmp 00007F6F31405BE7h 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5420069 second address: 542008E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF79h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 542008E second address: 5420092 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5420092 second address: 5420096 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5420096 second address: 542009C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5400D78 second address: 5400D94 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF70h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a xchg eax, ebp 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5400D94 second address: 5400DAC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BE4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5400DAC second address: 5400E06 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ax, di 0x00000006 mov bl, ABh 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov ebp, esp 0x0000000d pushad 0x0000000e call 00007F6F31ADDF72h 0x00000013 mov bl, al 0x00000015 pop edi 0x00000016 pushfd 0x00000017 jmp 00007F6F31ADDF6Ch 0x0000001c xor ax, 7E88h 0x00000021 jmp 00007F6F31ADDF6Bh 0x00000026 popfd 0x00000027 popad 0x00000028 pop ebp 0x00000029 push eax 0x0000002a push edx 0x0000002b jmp 00007F6F31ADDF75h 0x00000030 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5400E06 second address: 5400E0C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 545019A second address: 54501A0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54501A0 second address: 54501A4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54501A4 second address: 54501C3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a movzx eax, bx 0x0000000d push eax 0x0000000e push edx 0x0000000f call 00007F6F31ADDF6Fh 0x00000014 pop ecx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54501C3 second address: 5450209 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007F6F31405BE9h 0x00000008 sub ax, AA56h 0x0000000d jmp 00007F6F31405BE1h 0x00000012 popfd 0x00000013 pop edx 0x00000014 pop eax 0x00000015 popad 0x00000016 xchg eax, ebp 0x00000017 push eax 0x00000018 push edx 0x00000019 jmp 00007F6F31405BDDh 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5450209 second address: 545020F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 545020F second address: 5450213 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E00F3 second address: 53E0141 instructions: 0x00000000 rdtsc 0x00000002 call 00007F6F31ADDF6Fh 0x00000007 pop esi 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushfd 0x0000000b jmp 00007F6F31ADDF79h 0x00000010 add eax, 55540A36h 0x00000016 jmp 00007F6F31ADDF71h 0x0000001b popfd 0x0000001c popad 0x0000001d xchg eax, ebp 0x0000001e push eax 0x0000001f push edx 0x00000020 pushad 0x00000021 mov ch, bh 0x00000023 popad 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E0141 second address: 53E0151 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F6F31405BDCh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E0151 second address: 53E0155 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E0155 second address: 53E016D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F6F31405BDDh 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E016D second address: 53E017D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F6F31ADDF6Ch 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E017D second address: 53E0181 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E0181 second address: 53E01AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 jmp 00007F6F31ADDF77h 0x0000000e mov ebp, esp 0x00000010 pushad 0x00000011 mov ax, 5BEBh 0x00000015 push eax 0x00000016 push edx 0x00000017 mov dx, cx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E01AD second address: 53E01F1 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007F6F31405BDAh 0x00000008 adc ecx, 2B6D3878h 0x0000000e jmp 00007F6F31405BDBh 0x00000013 popfd 0x00000014 pop edx 0x00000015 pop eax 0x00000016 popad 0x00000017 push dword ptr [ebp+04h] 0x0000001a jmp 00007F6F31405BE6h 0x0000001f push dword ptr [ebp+0Ch] 0x00000022 push eax 0x00000023 push edx 0x00000024 push eax 0x00000025 push edx 0x00000026 push eax 0x00000027 push edx 0x00000028 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E01F1 second address: 53E01F5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E01F5 second address: 53E01FB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5400A3A second address: 5400A49 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF6Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5400A49 second address: 5400AB0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BE9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a pushad 0x0000000b mov cx, EE93h 0x0000000f mov di, cx 0x00000012 popad 0x00000013 push eax 0x00000014 jmp 00007F6F31405BE5h 0x00000019 xchg eax, ebp 0x0000001a jmp 00007F6F31405BDEh 0x0000001f mov ebp, esp 0x00000021 push eax 0x00000022 push edx 0x00000023 jmp 00007F6F31405BE7h 0x00000028 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5400578 second address: 54005F2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushfd 0x00000005 jmp 00007F6F31ADDF6Ch 0x0000000a jmp 00007F6F31ADDF75h 0x0000000f popfd 0x00000010 popad 0x00000011 popad 0x00000012 xchg eax, ebp 0x00000013 jmp 00007F6F31ADDF6Eh 0x00000018 mov ebp, esp 0x0000001a pushad 0x0000001b call 00007F6F31ADDF6Eh 0x00000020 pushfd 0x00000021 jmp 00007F6F31ADDF72h 0x00000026 xor eax, 6AFCD3D8h 0x0000002c jmp 00007F6F31ADDF6Bh 0x00000031 popfd 0x00000032 pop ecx 0x00000033 movsx ebx, cx 0x00000036 popad 0x00000037 pop ebp 0x00000038 push eax 0x00000039 push edx 0x0000003a push eax 0x0000003b push edx 0x0000003c pushad 0x0000003d popad 0x0000003e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54005F2 second address: 540060F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BE9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 540035D second address: 540038B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF6Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007F6F31ADDF76h 0x0000000f mov ebp, esp 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 540038B second address: 540038F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 540038F second address: 5400395 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410257 second address: 5410284 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BE9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F6F31405BDDh 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410284 second address: 541028A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 541028A second address: 541028E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5450077 second address: 545007B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 545007B second address: 5450089 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5450089 second address: 545008D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 545008D second address: 54500A7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BE6h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54500A7 second address: 54500AD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54500AD second address: 54500B1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54500B1 second address: 54500D4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF6Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F6F31ADDF6Dh 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54500D4 second address: 54500D9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54500D9 second address: 5450129 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop esi 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b pushad 0x0000000c pushad 0x0000000d jmp 00007F6F31ADDF6Bh 0x00000012 jmp 00007F6F31ADDF78h 0x00000017 popad 0x00000018 popad 0x00000019 pop ebp 0x0000001a push eax 0x0000001b push edx 0x0000001c push eax 0x0000001d push edx 0x0000001e jmp 00007F6F31ADDF79h 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5450129 second address: 545012D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 545012D second address: 5450133 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54203DD second address: 54203E3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54203E3 second address: 54203E7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54203E7 second address: 54203EB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54203EB second address: 54204BA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jmp 00007F6F31ADDF73h 0x0000000e xchg eax, ebp 0x0000000f pushad 0x00000010 movzx ecx, bx 0x00000013 pushfd 0x00000014 jmp 00007F6F31ADDF71h 0x00000019 or cx, E366h 0x0000001e jmp 00007F6F31ADDF71h 0x00000023 popfd 0x00000024 popad 0x00000025 mov ebp, esp 0x00000027 jmp 00007F6F31ADDF6Eh 0x0000002c mov eax, dword ptr [ebp+08h] 0x0000002f pushad 0x00000030 pushfd 0x00000031 jmp 00007F6F31ADDF6Eh 0x00000036 adc si, E638h 0x0000003b jmp 00007F6F31ADDF6Bh 0x00000040 popfd 0x00000041 mov bx, si 0x00000044 popad 0x00000045 and dword ptr [eax], 00000000h 0x00000048 jmp 00007F6F31ADDF72h 0x0000004d and dword ptr [eax+04h], 00000000h 0x00000051 jmp 00007F6F31ADDF70h 0x00000056 pop ebp 0x00000057 pushad 0x00000058 push eax 0x00000059 push edx 0x0000005a pushfd 0x0000005b jmp 00007F6F31ADDF6Ch 0x00000060 adc eax, 6E8B8AF8h 0x00000066 jmp 00007F6F31ADDF6Bh 0x0000006b popfd 0x0000006c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54201F6 second address: 54201FA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54201FA second address: 5420239 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007F6F31ADDF70h 0x00000008 sbb si, 64F8h 0x0000000d jmp 00007F6F31ADDF6Bh 0x00000012 popfd 0x00000013 pop edx 0x00000014 pop eax 0x00000015 popad 0x00000016 xchg eax, ebp 0x00000017 push eax 0x00000018 push edx 0x00000019 jmp 00007F6F31ADDF75h 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5420239 second address: 542023F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 542023F second address: 5420243 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5420243 second address: 5420247 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5420247 second address: 542025E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c mov edi, 65237C46h 0x00000011 mov edx, 260B16D2h 0x00000016 popad 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 542025E second address: 5420264 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5420264 second address: 5420268 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5420268 second address: 542026C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 542026C second address: 5420284 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F6F31ADDF6Dh 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5420284 second address: 54202A0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F6F31405BE7h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54202A0 second address: 54202B6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov ebp, esp 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F6F31ADDF6Bh 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54202B6 second address: 54202C0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ebx, 415B94EAh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5440787 second address: 5440796 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF6Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5440796 second address: 5440835 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007F6F31405BDFh 0x00000008 pop eax 0x00000009 pushfd 0x0000000a jmp 00007F6F31405BE9h 0x0000000f xor si, FD06h 0x00000014 jmp 00007F6F31405BE1h 0x00000019 popfd 0x0000001a popad 0x0000001b pop edx 0x0000001c pop eax 0x0000001d push eax 0x0000001e jmp 00007F6F31405BE1h 0x00000023 xchg eax, ebp 0x00000024 jmp 00007F6F31405BDEh 0x00000029 mov ebp, esp 0x0000002b pushad 0x0000002c mov bx, si 0x0000002f push eax 0x00000030 push edx 0x00000031 pushfd 0x00000032 jmp 00007F6F31405BE8h 0x00000037 jmp 00007F6F31405BE5h 0x0000003c popfd 0x0000003d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5440835 second address: 5440872 instructions: 0x00000000 rdtsc 0x00000002 mov bh, al 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push esi 0x00000008 pushad 0x00000009 pushfd 0x0000000a jmp 00007F6F31ADDF76h 0x0000000f and ax, BAC8h 0x00000014 jmp 00007F6F31ADDF6Bh 0x00000019 popfd 0x0000001a mov ch, A8h 0x0000001c popad 0x0000001d mov dword ptr [esp], ecx 0x00000020 push eax 0x00000021 push edx 0x00000022 push eax 0x00000023 push edx 0x00000024 push eax 0x00000025 push edx 0x00000026 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5440872 second address: 5440876 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5440876 second address: 544087C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 544087C second address: 54408CC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov edi, 0E883D28h 0x00000008 pushfd 0x00000009 jmp 00007F6F31405BE1h 0x0000000e jmp 00007F6F31405BDBh 0x00000013 popfd 0x00000014 popad 0x00000015 pop edx 0x00000016 pop eax 0x00000017 mov eax, dword ptr [76FB65FCh] 0x0000001c jmp 00007F6F31405BE6h 0x00000021 test eax, eax 0x00000023 push eax 0x00000024 push edx 0x00000025 pushad 0x00000026 mov bx, 38D0h 0x0000002a pushad 0x0000002b popad 0x0000002c popad 0x0000002d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54408CC second address: 5440915 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF74h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 je 00007F6FA35D0FE8h 0x0000000f pushad 0x00000010 pushfd 0x00000011 jmp 00007F6F31ADDF6Ah 0x00000016 and esi, 78BDE448h 0x0000001c jmp 00007F6F31ADDF6Bh 0x00000021 popfd 0x00000022 popad 0x00000023 mov ecx, eax 0x00000025 push eax 0x00000026 push edx 0x00000027 pushad 0x00000028 mov al, dh 0x0000002a mov si, F853h 0x0000002e popad 0x0000002f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5440915 second address: 544094D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BE9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xor eax, dword ptr [ebp+08h] 0x0000000c pushad 0x0000000d mov cx, dx 0x00000010 popad 0x00000011 and ecx, 1Fh 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007F6F31405BDEh 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 544094D second address: 5440953 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5440953 second address: 5440957 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5440957 second address: 54409C5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF6Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b ror eax, cl 0x0000000d pushad 0x0000000e pushfd 0x0000000f jmp 00007F6F31ADDF6Ch 0x00000014 sbb si, CE98h 0x00000019 jmp 00007F6F31ADDF6Bh 0x0000001e popfd 0x0000001f push eax 0x00000020 movsx ebx, cx 0x00000023 pop eax 0x00000024 popad 0x00000025 leave 0x00000026 jmp 00007F6F31ADDF77h 0x0000002b retn 0004h 0x0000002e nop 0x0000002f mov esi, eax 0x00000031 lea eax, dword ptr [ebp-08h] 0x00000034 xor esi, dword ptr [00F82014h] 0x0000003a push eax 0x0000003b push eax 0x0000003c push eax 0x0000003d lea eax, dword ptr [ebp-10h] 0x00000040 push eax 0x00000041 call 00007F6F35FDE852h 0x00000046 push FFFFFFFEh 0x00000048 push eax 0x00000049 push edx 0x0000004a jmp 00007F6F31ADDF75h 0x0000004f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54409C5 second address: 54409D9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov bx, 9522h 0x00000007 mov bx, E16Eh 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54409D9 second address: 54409E1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov bx, cx 0x00000007 popad 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54409E1 second address: 5440A27 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F6F31405BDFh 0x00000008 mov ah, 61h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d ret 0x0000000e nop 0x0000000f push eax 0x00000010 call 00007F6F35906508h 0x00000015 mov edi, edi 0x00000017 pushad 0x00000018 jmp 00007F6F31405BE1h 0x0000001d movzx eax, di 0x00000020 popad 0x00000021 push esp 0x00000022 pushad 0x00000023 mov eax, 38BAAC65h 0x00000028 mov ecx, 26AEA9E1h 0x0000002d popad 0x0000002e mov dword ptr [esp], ebp 0x00000031 pushad 0x00000032 push eax 0x00000033 push edx 0x00000034 mov bx, cx 0x00000037 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5440A27 second address: 5440A57 instructions: 0x00000000 rdtsc 0x00000002 movzx eax, bx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 movsx edx, ax 0x0000000a popad 0x0000000b mov ebp, esp 0x0000000d jmp 00007F6F31ADDF78h 0x00000012 pop ebp 0x00000013 push eax 0x00000014 push edx 0x00000015 pushad 0x00000016 mov bx, AEF0h 0x0000001a mov esi, ebx 0x0000001c popad 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F001B second address: 53F00C0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BE9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007F6F31405BDEh 0x0000000f push eax 0x00000010 jmp 00007F6F31405BDBh 0x00000015 xchg eax, ebp 0x00000016 pushad 0x00000017 mov al, 4Ch 0x00000019 jmp 00007F6F31405BE1h 0x0000001e popad 0x0000001f mov ebp, esp 0x00000021 jmp 00007F6F31405BDEh 0x00000026 and esp, FFFFFFF8h 0x00000029 jmp 00007F6F31405BE0h 0x0000002e xchg eax, ecx 0x0000002f pushad 0x00000030 pushfd 0x00000031 jmp 00007F6F31405BDEh 0x00000036 or ecx, 7A61F678h 0x0000003c jmp 00007F6F31405BDBh 0x00000041 popfd 0x00000042 mov ebx, esi 0x00000044 popad 0x00000045 push eax 0x00000046 pushad 0x00000047 mov ax, bx 0x0000004a mov dl, 5Ch 0x0000004c popad 0x0000004d xchg eax, ecx 0x0000004e push eax 0x0000004f push edx 0x00000050 pushad 0x00000051 push eax 0x00000052 push edx 0x00000053 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F00C0 second address: 53F00EF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushfd 0x00000005 jmp 00007F6F31ADDF71h 0x0000000a adc esi, 69CF49C6h 0x00000010 jmp 00007F6F31ADDF71h 0x00000015 popfd 0x00000016 popad 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F00EF second address: 53F010B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BE1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F010B second address: 53F0111 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F0111 second address: 53F0164 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov di, ax 0x00000006 mov si, 56F3h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e jmp 00007F6F31405BE9h 0x00000013 xchg eax, ebx 0x00000014 jmp 00007F6F31405BDEh 0x00000019 mov ebx, dword ptr [ebp+10h] 0x0000001c pushad 0x0000001d mov edi, ecx 0x0000001f mov dl, al 0x00000021 popad 0x00000022 push edx 0x00000023 push eax 0x00000024 push edx 0x00000025 jmp 00007F6F31405BE1h 0x0000002a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F0164 second address: 53F0198 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF71h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], esi 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007F6F31ADDF78h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F0198 second address: 53F019C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F019C second address: 53F01A2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F01A2 second address: 53F01B3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F6F31405BDDh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F01B3 second address: 53F01B7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F01B7 second address: 53F01DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov esi, dword ptr [ebp+08h] 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F6F31405BE8h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F01DC second address: 53F01E2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F01E2 second address: 53F01E6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F01E6 second address: 53F0202 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a mov esi, 416692BBh 0x0000000f mov dx, ax 0x00000012 popad 0x00000013 mov dword ptr [esp], edi 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a pushad 0x0000001b popad 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F0202 second address: 53F0211 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BDBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F0211 second address: 53F0252 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF79h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 test esi, esi 0x0000000b jmp 00007F6F31ADDF6Eh 0x00000010 je 00007F6FA361C33Dh 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a jmp 00007F6F31ADDF6Ah 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F0252 second address: 53F0261 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BDBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F0261 second address: 53F02FC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF79h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 cmp dword ptr [esi+08h], DDEEDDEEh 0x00000010 pushad 0x00000011 movzx esi, bx 0x00000014 pushfd 0x00000015 jmp 00007F6F31ADDF79h 0x0000001a and cx, DA46h 0x0000001f jmp 00007F6F31ADDF71h 0x00000024 popfd 0x00000025 popad 0x00000026 je 00007F6FA361C2D6h 0x0000002c pushad 0x0000002d jmp 00007F6F31ADDF6Ch 0x00000032 pushfd 0x00000033 jmp 00007F6F31ADDF72h 0x00000038 sbb si, B218h 0x0000003d jmp 00007F6F31ADDF6Bh 0x00000042 popfd 0x00000043 popad 0x00000044 mov edx, dword ptr [esi+44h] 0x00000047 push eax 0x00000048 push edx 0x00000049 push eax 0x0000004a push edx 0x0000004b pushad 0x0000004c popad 0x0000004d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F02FC second address: 53F0300 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F0300 second address: 53F0306 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F0306 second address: 53F0346 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BDAh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 or edx, dword ptr [ebp+0Ch] 0x0000000c jmp 00007F6F31405BE0h 0x00000011 test edx, 61000000h 0x00000017 push eax 0x00000018 push edx 0x00000019 jmp 00007F6F31405BE7h 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F0346 second address: 53F0394 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF79h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jne 00007F6FA361C28Bh 0x0000000f pushad 0x00000010 mov ecx, 42479113h 0x00000015 mov ebx, esi 0x00000017 popad 0x00000018 test byte ptr [esi+48h], 00000001h 0x0000001c jmp 00007F6F31ADDF72h 0x00000021 jne 00007F6FA361C27Fh 0x00000027 push eax 0x00000028 push edx 0x00000029 push eax 0x0000002a push edx 0x0000002b push eax 0x0000002c push edx 0x0000002d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F0394 second address: 53F0398 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F0398 second address: 53F03B5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF79h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E075E second address: 53E0763 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E0763 second address: 53E07A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushfd 0x00000005 jmp 00007F6F31ADDF70h 0x0000000a adc eax, 4C4FF9E8h 0x00000010 jmp 00007F6F31ADDF6Bh 0x00000015 popfd 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 xchg eax, ebp 0x0000001a push eax 0x0000001b push edx 0x0000001c jmp 00007F6F31ADDF75h 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E07A5 second address: 53E0817 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F6F31405BE7h 0x00000009 jmp 00007F6F31405BE3h 0x0000000e popfd 0x0000000f push eax 0x00000010 pop ebx 0x00000011 popad 0x00000012 pop edx 0x00000013 pop eax 0x00000014 mov ebp, esp 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 mov di, FFA2h 0x0000001d pushfd 0x0000001e jmp 00007F6F31405BE3h 0x00000023 adc esi, 5557B49Eh 0x00000029 jmp 00007F6F31405BE9h 0x0000002e popfd 0x0000002f popad 0x00000030 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E0817 second address: 53E08B0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov cx, bx 0x00000006 pushfd 0x00000007 jmp 00007F6F31ADDF73h 0x0000000c sub cx, BEAEh 0x00000011 jmp 00007F6F31ADDF79h 0x00000016 popfd 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a and esp, FFFFFFF8h 0x0000001d pushad 0x0000001e pushfd 0x0000001f jmp 00007F6F31ADDF6Ch 0x00000024 sub si, B828h 0x00000029 jmp 00007F6F31ADDF6Bh 0x0000002e popfd 0x0000002f pushfd 0x00000030 jmp 00007F6F31ADDF78h 0x00000035 adc cl, FFFFFF88h 0x00000038 jmp 00007F6F31ADDF6Bh 0x0000003d popfd 0x0000003e popad 0x0000003f xchg eax, ebx 0x00000040 push eax 0x00000041 push edx 0x00000042 pushad 0x00000043 jmp 00007F6F31ADDF6Bh 0x00000048 mov edi, esi 0x0000004a popad 0x0000004b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E08B0 second address: 53E093B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F6F31405BDBh 0x00000009 or cx, 4F7Eh 0x0000000e jmp 00007F6F31405BE9h 0x00000013 popfd 0x00000014 mov eax, 19B9E5C7h 0x00000019 popad 0x0000001a pop edx 0x0000001b pop eax 0x0000001c push eax 0x0000001d pushad 0x0000001e pushfd 0x0000001f jmp 00007F6F31405BE3h 0x00000024 adc esi, 453EC18Eh 0x0000002a jmp 00007F6F31405BE9h 0x0000002f popfd 0x00000030 mov esi, 663CF497h 0x00000035 popad 0x00000036 xchg eax, ebx 0x00000037 push eax 0x00000038 push edx 0x00000039 push eax 0x0000003a push edx 0x0000003b jmp 00007F6F31405BE4h 0x00000040 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E093B second address: 53E094A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF6Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E094A second address: 53E0973 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BE9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, esi 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d mov ebx, 095369AEh 0x00000012 mov bl, 72h 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E0973 second address: 53E09F2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF71h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b mov di, F0C2h 0x0000000f pushfd 0x00000010 jmp 00007F6F31ADDF73h 0x00000015 sub ah, FFFFFFBEh 0x00000018 jmp 00007F6F31ADDF79h 0x0000001d popfd 0x0000001e popad 0x0000001f xchg eax, esi 0x00000020 jmp 00007F6F31ADDF6Eh 0x00000025 mov esi, dword ptr [ebp+08h] 0x00000028 push eax 0x00000029 push edx 0x0000002a pushad 0x0000002b pushfd 0x0000002c jmp 00007F6F31ADDF6Dh 0x00000031 jmp 00007F6F31ADDF6Bh 0x00000036 popfd 0x00000037 push ecx 0x00000038 pop ebx 0x00000039 popad 0x0000003a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E09F2 second address: 53E0A2C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BE5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 sub ebx, ebx 0x0000000b jmp 00007F6F31405BE7h 0x00000010 test esi, esi 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 pushad 0x00000017 popad 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E0A2C second address: 53E0A32 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E0A32 second address: 53E0A8B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BDAh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 je 00007F6FA2F4B524h 0x0000000f pushad 0x00000010 jmp 00007F6F31405BDEh 0x00000015 push eax 0x00000016 mov ebx, 42A2EBB4h 0x0000001b pop ebx 0x0000001c popad 0x0000001d cmp dword ptr [esi+08h], DDEEDDEEh 0x00000024 push eax 0x00000025 push edx 0x00000026 pushad 0x00000027 mov dl, A2h 0x00000029 pushfd 0x0000002a jmp 00007F6F31405BDEh 0x0000002f or eax, 19260968h 0x00000035 jmp 00007F6F31405BDBh 0x0000003a popfd 0x0000003b popad 0x0000003c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E0A8B second address: 53E0B17 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF79h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ecx, esi 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007F6F31ADDF6Ch 0x00000012 sub si, 46F8h 0x00000017 jmp 00007F6F31ADDF6Bh 0x0000001c popfd 0x0000001d pushad 0x0000001e mov bx, ax 0x00000021 pushfd 0x00000022 jmp 00007F6F31ADDF72h 0x00000027 jmp 00007F6F31ADDF75h 0x0000002c popfd 0x0000002d popad 0x0000002e popad 0x0000002f je 00007F6FA3623811h 0x00000035 push eax 0x00000036 push edx 0x00000037 pushad 0x00000038 jmp 00007F6F31ADDF73h 0x0000003d mov ah, C7h 0x0000003f popad 0x00000040 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E0B17 second address: 53E0B2C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F6F31405BE1h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E0B2C second address: 53E0B41 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 test byte ptr [76FB6968h], 00000002h 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 movsx ebx, cx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53E0B41 second address: 53E0BD0 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007F6F31405BE2h 0x00000008 add ecx, 479DD078h 0x0000000e jmp 00007F6F31405BDBh 0x00000013 popfd 0x00000014 pop edx 0x00000015 pop eax 0x00000016 popad 0x00000017 jne 00007F6FA2F4B421h 0x0000001d jmp 00007F6F31405BE5h 0x00000022 mov edx, dword ptr [ebp+0Ch] 0x00000025 pushad 0x00000026 mov di, cx 0x00000029 pushfd 0x0000002a jmp 00007F6F31405BE8h 0x0000002f or cx, B538h 0x00000034 jmp 00007F6F31405BDBh 0x00000039 popfd 0x0000003a popad 0x0000003b xchg eax, ebx 0x0000003c push eax 0x0000003d push edx 0x0000003e jmp 00007F6F31405BE5h 0x00000043 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 547077F second address: 547079C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF79h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 547079C second address: 54707AC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F6F31405BDCh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54707AC second address: 54707B0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54707B0 second address: 5470819 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push esp 0x00000009 pushad 0x0000000a pushfd 0x0000000b jmp 00007F6F31405BDAh 0x00000010 xor ecx, 48C8C508h 0x00000016 jmp 00007F6F31405BDBh 0x0000001b popfd 0x0000001c pushfd 0x0000001d jmp 00007F6F31405BE8h 0x00000022 adc ax, 6768h 0x00000027 jmp 00007F6F31405BDBh 0x0000002c popfd 0x0000002d popad 0x0000002e mov dword ptr [esp], ebp 0x00000031 push eax 0x00000032 push edx 0x00000033 pushad 0x00000034 jmp 00007F6F31405BDBh 0x00000039 mov ecx, 086FB84Fh 0x0000003e popad 0x0000003f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54608F4 second address: 54608FA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54608FA second address: 546093D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ecx 0x00000009 jmp 00007F6F31405BDCh 0x0000000e mov dword ptr [esp], ebp 0x00000011 jmp 00007F6F31405BE0h 0x00000016 mov ebp, esp 0x00000018 push eax 0x00000019 push edx 0x0000001a jmp 00007F6F31405BE7h 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 546093D second address: 5460943 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5400038 second address: 540004D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BDBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 540004D second address: 5400051 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5400051 second address: 540005E instructions: 0x00000000 rdtsc 0x00000002 mov ax, 31F7h 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a movzx ecx, dx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 540005E second address: 540008B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF6Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a mov ebp, esp 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F6F31ADDF75h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 540008B second address: 54000A0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov edx, 2EDF2C92h 0x00000008 mov cx, bx 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pop ebp 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54000A0 second address: 54000A6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54000A6 second address: 54000AC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5460C2B second address: 5460C31 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5460C31 second address: 5460CF5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F6F31405BE0h 0x00000009 sub si, D688h 0x0000000e jmp 00007F6F31405BDBh 0x00000013 popfd 0x00000014 pushfd 0x00000015 jmp 00007F6F31405BE8h 0x0000001a and eax, 5C3E38E8h 0x00000020 jmp 00007F6F31405BDBh 0x00000025 popfd 0x00000026 popad 0x00000027 pop edx 0x00000028 pop eax 0x00000029 push eax 0x0000002a pushad 0x0000002b mov edx, 702A718Ah 0x00000030 mov dx, 1C56h 0x00000034 popad 0x00000035 mov eax, dword ptr [esp+04h] 0x00000039 pushad 0x0000003a pushad 0x0000003b mov ebx, ecx 0x0000003d push eax 0x0000003e pop edi 0x0000003f popad 0x00000040 pushfd 0x00000041 jmp 00007F6F31405BE0h 0x00000046 sbb si, 1678h 0x0000004b jmp 00007F6F31405BDBh 0x00000050 popfd 0x00000051 popad 0x00000052 mov eax, dword ptr [eax] 0x00000054 jmp 00007F6F31405BE9h 0x00000059 mov dword ptr [esp+04h], eax 0x0000005d jmp 00007F6F31405BE1h 0x00000062 pop eax 0x00000063 push eax 0x00000064 push edx 0x00000065 push eax 0x00000066 push edx 0x00000067 pushad 0x00000068 popad 0x00000069 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5460CF5 second address: 5460CFB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 113945E second address: 1139464 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1139464 second address: 113946E instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F6F31ADDF6Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54105A4 second address: 54105AA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54105AA second address: 54105AE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54105AE second address: 54105B2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54105B2 second address: 54105C6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push esp 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c mov ax, dx 0x0000000f mov bx, 5D10h 0x00000013 popad 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54105C6 second address: 54105CD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54105CD second address: 5410622 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov dword ptr [esp], ebp 0x0000000a jmp 00007F6F31ADDF6Eh 0x0000000f mov ebp, esp 0x00000011 jmp 00007F6F31ADDF70h 0x00000016 push FFFFFFFEh 0x00000018 pushad 0x00000019 pushfd 0x0000001a jmp 00007F6F31ADDF6Eh 0x0000001f sub esi, 7C5C0BB8h 0x00000025 jmp 00007F6F31ADDF6Bh 0x0000002a popfd 0x0000002b push eax 0x0000002c push edx 0x0000002d mov ecx, 2BC9BD85h 0x00000032 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410622 second address: 5410679 instructions: 0x00000000 rdtsc 0x00000002 mov cx, AD01h 0x00000006 pop edx 0x00000007 pop eax 0x00000008 popad 0x00000009 call 00007F6F31405BD9h 0x0000000e jmp 00007F6F31405BDCh 0x00000013 push eax 0x00000014 jmp 00007F6F31405BDBh 0x00000019 mov eax, dword ptr [esp+04h] 0x0000001d jmp 00007F6F31405BE9h 0x00000022 mov eax, dword ptr [eax] 0x00000024 push eax 0x00000025 push edx 0x00000026 jmp 00007F6F31405BDCh 0x0000002b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410679 second address: 541068B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F6F31ADDF6Eh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 541068B second address: 54106C9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BDBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov dword ptr [esp+04h], eax 0x0000000f jmp 00007F6F31405BE9h 0x00000014 pop eax 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007F6F31405BDDh 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54106C9 second address: 541072A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF71h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 call 00007F6F31ADDF69h 0x0000000e jmp 00007F6F31ADDF6Eh 0x00000013 push eax 0x00000014 pushad 0x00000015 pushad 0x00000016 mov si, 2599h 0x0000001a popad 0x0000001b mov ecx, 69458255h 0x00000020 popad 0x00000021 mov eax, dword ptr [esp+04h] 0x00000025 jmp 00007F6F31ADDF6Bh 0x0000002a mov eax, dword ptr [eax] 0x0000002c push eax 0x0000002d push edx 0x0000002e jmp 00007F6F31ADDF74h 0x00000033 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 541072A second address: 5410758 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F6F31405BE1h 0x00000009 sbb ax, 1946h 0x0000000e jmp 00007F6F31405BE1h 0x00000013 popfd 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410758 second address: 5410780 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov dword ptr [esp+04h], eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F6F31ADDF79h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410780 second address: 5410786 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410786 second address: 541078B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 541078B second address: 54107A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F6F31405BE0h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54107A5 second address: 5410804 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov esi, ebx 0x00000005 mov si, di 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov eax, dword ptr fs:[00000000h] 0x00000011 pushad 0x00000012 pushfd 0x00000013 jmp 00007F6F31ADDF75h 0x00000018 and eax, 0FD90416h 0x0000001e jmp 00007F6F31ADDF71h 0x00000023 popfd 0x00000024 mov edi, eax 0x00000026 popad 0x00000027 nop 0x00000028 push eax 0x00000029 push edx 0x0000002a jmp 00007F6F31ADDF79h 0x0000002f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410804 second address: 5410814 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F6F31405BDCh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410814 second address: 5410853 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a jmp 00007F6F31ADDF6Ch 0x0000000f call 00007F6F31ADDF72h 0x00000014 pushad 0x00000015 popad 0x00000016 pop eax 0x00000017 popad 0x00000018 nop 0x00000019 pushad 0x0000001a mov bl, 43h 0x0000001c mov eax, 2D0D11C5h 0x00000021 popad 0x00000022 sub esp, 1Ch 0x00000025 push eax 0x00000026 push edx 0x00000027 push eax 0x00000028 push edx 0x00000029 pushad 0x0000002a popad 0x0000002b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410853 second address: 5410870 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BE9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410870 second address: 5410876 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410876 second address: 54108B7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ecx 0x00000009 pushad 0x0000000a movzx ecx, di 0x0000000d mov cl, bl 0x0000000f popad 0x00000010 mov dword ptr [esp], ebx 0x00000013 jmp 00007F6F31405BE6h 0x00000018 xchg eax, esi 0x00000019 jmp 00007F6F31405BE0h 0x0000001e push eax 0x0000001f push eax 0x00000020 push edx 0x00000021 push eax 0x00000022 push edx 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54108B7 second address: 54108BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54108BB second address: 54108C1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54108C1 second address: 54108C7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54108C7 second address: 54108CB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54108CB second address: 541092B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, esi 0x00000009 pushad 0x0000000a jmp 00007F6F31ADDF73h 0x0000000f pushfd 0x00000010 jmp 00007F6F31ADDF78h 0x00000015 sub cx, C008h 0x0000001a jmp 00007F6F31ADDF6Bh 0x0000001f popfd 0x00000020 popad 0x00000021 xchg eax, edi 0x00000022 push eax 0x00000023 push edx 0x00000024 jmp 00007F6F31ADDF75h 0x00000029 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 541092B second address: 5410931 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410931 second address: 5410935 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410935 second address: 5410973 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jmp 00007F6F31405BE6h 0x0000000e xchg eax, edi 0x0000000f pushad 0x00000010 mov bh, al 0x00000012 push edi 0x00000013 mov eax, 7E92D055h 0x00000018 pop esi 0x00000019 popad 0x0000001a mov eax, dword ptr [76FBB370h] 0x0000001f push eax 0x00000020 push edx 0x00000021 jmp 00007F6F31405BDCh 0x00000026 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410973 second address: 5410A1A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF6Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xor dword ptr [ebp-08h], eax 0x0000000c jmp 00007F6F31ADDF76h 0x00000011 xor eax, ebp 0x00000013 jmp 00007F6F31ADDF71h 0x00000018 nop 0x00000019 pushad 0x0000001a call 00007F6F31ADDF6Ch 0x0000001f pushfd 0x00000020 jmp 00007F6F31ADDF72h 0x00000025 jmp 00007F6F31ADDF75h 0x0000002a popfd 0x0000002b pop eax 0x0000002c push ebx 0x0000002d mov bh, ch 0x0000002f pop edx 0x00000030 popad 0x00000031 push eax 0x00000032 jmp 00007F6F31ADDF6Fh 0x00000037 nop 0x00000038 jmp 00007F6F31ADDF76h 0x0000003d lea eax, dword ptr [ebp-10h] 0x00000040 push eax 0x00000041 push edx 0x00000042 pushad 0x00000043 push eax 0x00000044 push edx 0x00000045 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410A1A second address: 5410A20 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410A20 second address: 5410A25 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410A25 second address: 5410A6B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov cx, 80ABh 0x00000007 pushad 0x00000008 popad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov dword ptr fs:[00000000h], eax 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 mov edi, 60D7E94Ch 0x0000001a pushfd 0x0000001b jmp 00007F6F31405BE5h 0x00000020 sub ah, 00000026h 0x00000023 jmp 00007F6F31405BE1h 0x00000028 popfd 0x00000029 popad 0x0000002a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410A6B second address: 5410A71 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410A71 second address: 5410A75 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410A75 second address: 5410A97 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF73h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov esi, dword ptr [ebp+08h] 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410A97 second address: 5410A9B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410A9B second address: 5410AB6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF77h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410AB6 second address: 5410ABC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410ABC second address: 5410AC0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410AC0 second address: 5410B56 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [esi+10h] 0x0000000b pushad 0x0000000c movsx edi, ax 0x0000000f mov dl, al 0x00000011 popad 0x00000012 test eax, eax 0x00000014 pushad 0x00000015 mov ch, dl 0x00000017 pushfd 0x00000018 jmp 00007F6F31405BE8h 0x0000001d adc ah, FFFFFFE8h 0x00000020 jmp 00007F6F31405BDBh 0x00000025 popfd 0x00000026 popad 0x00000027 jne 00007F6FA2EB4DFAh 0x0000002d pushad 0x0000002e pushfd 0x0000002f jmp 00007F6F31405BE4h 0x00000034 adc al, 00000048h 0x00000037 jmp 00007F6F31405BDBh 0x0000003c popfd 0x0000003d mov dx, ax 0x00000040 popad 0x00000041 sub eax, eax 0x00000043 jmp 00007F6F31405BDBh 0x00000048 mov dword ptr [ebp-20h], eax 0x0000004b push eax 0x0000004c push edx 0x0000004d jmp 00007F6F31405BE5h 0x00000052 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410B56 second address: 5410BB6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edx 0x00000004 pop eax 0x00000005 jmp 00007F6F31ADDF73h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d mov ebx, dword ptr [esi] 0x0000000f pushad 0x00000010 pushfd 0x00000011 jmp 00007F6F31ADDF74h 0x00000016 sub si, 8868h 0x0000001b jmp 00007F6F31ADDF6Bh 0x00000020 popfd 0x00000021 mov ecx, 67EAAE5Fh 0x00000026 popad 0x00000027 mov dword ptr [ebp-24h], ebx 0x0000002a push eax 0x0000002b push edx 0x0000002c jmp 00007F6F31ADDF71h 0x00000031 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410BB6 second address: 5410BD3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BE1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 test ebx, ebx 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410BD3 second address: 5410BD7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410BD7 second address: 5410BEA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31405BDFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410BEA second address: 5410C6F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6F31ADDF79h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 je 00007F6FA358CFDCh 0x0000000f pushad 0x00000010 pushfd 0x00000011 jmp 00007F6F31ADDF6Ch 0x00000016 or si, 6AB8h 0x0000001b jmp 00007F6F31ADDF6Bh 0x00000020 popfd 0x00000021 pushfd 0x00000022 jmp 00007F6F31ADDF78h 0x00000027 add ecx, 45E0A518h 0x0000002d jmp 00007F6F31ADDF6Bh 0x00000032 popfd 0x00000033 popad 0x00000034 cmp ebx, FFFFFFFFh 0x00000037 push eax 0x00000038 push edx 0x00000039 push eax 0x0000003a push edx 0x0000003b jmp 00007F6F31ADDF70h 0x00000040 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410C6F second address: 5410C73 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410C73 second address: 5410C79 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5410C79 second address: 54105A4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov dx, si 0x00000006 call 00007F6F31405BE8h 0x0000000b pop ecx 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f jmp 00007F6FA2EB4BB6h 0x00000014 jne 00007F6F31405BF9h 0x00000016 xor ecx, ecx 0x00000018 mov dword ptr [esi], ecx 0x0000001a mov dword ptr [esi+04h], ecx 0x0000001d mov dword ptr [esi+08h], ecx 0x00000020 mov dword ptr [esi+0Ch], ecx 0x00000023 mov dword ptr [esi+10h], ecx 0x00000026 mov dword ptr [esi+14h], ecx 0x00000029 mov ecx, dword ptr [ebp-10h] 0x0000002c mov dword ptr fs:[00000000h], ecx 0x00000033 pop ecx 0x00000034 pop edi 0x00000035 pop esi 0x00000036 pop ebx 0x00000037 mov esp, ebp 0x00000039 pop ebp 0x0000003a retn 0004h 0x0000003d nop 0x0000003e pop ebp 0x0000003f ret 0x00000040 add esi, 18h 0x00000043 pop ecx 0x00000044 cmp esi, 00F856A8h 0x0000004a jne 00007F6F31405BC0h 0x0000004c push esi 0x0000004d call 00007F6F31406443h 0x00000052 push ebp 0x00000053 mov ebp, esp 0x00000055 push dword ptr [ebp+08h] 0x00000058 call 00007F6F358D91A9h 0x0000005d mov edi, edi 0x0000005f push eax 0x00000060 push edx 0x00000061 jmp 00007F6F31405BE1h 0x00000066 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 541000A second address: 541000F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 541000F second address: 5410015 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |