Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_006318A0 lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,lstrcpy,DeleteFileA,FindNextFileA,FindClose, |
0_2_006318A0 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00633910 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,DeleteFileA,CopyFileA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_00633910 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00631269 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_00631269 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00631250 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_00631250 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_0063E210 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,CopyFileA,lstrcpy,lstrcpy,DeleteFileA,FindNextFileA,FindClose, |
0_2_0063E210 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00634B29 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA, |
0_2_00634B29 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00634B10 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,CopyFileA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,DeleteFileA,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_00634B10 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_0063CBE0 wsprintfA,FindFirstFileA,lstrcat,StrCmpCA,StrCmpCA,wsprintfA,PathMatchSpecA,CoInitialize,CoUninitialize,lstrcat,lstrlen,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,wsprintfA,CopyFileA,CreateFileA,GetFileSizeEx,CloseHandle,CloseHandle,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,lstrcpy,lstrcpy,DeleteFileA,FindNextFileA,FindClose, |
0_2_0063CBE0 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_006323A9 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA, |
0_2_006323A9 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_0062DB80 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrlen,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,StrCmpCA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcpy,DeleteFileA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,StrCmpCA,lstrcpy,GetFileAttributesA,StrCmpCA,lstrcpy,CopyFileA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,DeleteFileA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_0062DB80 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00632390 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,lstrlen,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,GetFileAttributesA,StrCmpCA,lstrlen,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,GetFileAttributesA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,GetFileAttributesA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA, |
0_2_00632390 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_0062DB99 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrlen,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,StrCmpCA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcpy,DeleteFileA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_0062DB99 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_0063DD30 GetProcessHeap,RtlAllocateHeap,wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,lstrcat,lstrcat,lstrlen,lstrlen,lstrcpy, |
0_2_0063DD30 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_0063D530 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_0063D530 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_006216A0 lstrcpy,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,GetFileAttributesA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,lstrcpy,DeleteFileA,FindNextFileA,FindClose, |
0_2_006216A0 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_006216B9 lstrcpy,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA, |
0_2_006216B9 |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 8702D3 second address: 8702EF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FF7B0C9CD55h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 86FB60 second address: 86FB65 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9E0E99 second address: 9E0E9F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9DFE0C second address: 9DFE39 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFCFh 0x00000007 push edi 0x00000008 pop edi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b popad 0x0000000c push esi 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FF7B0F3BFD4h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9DFE39 second address: 9DFE4C instructions: 0x00000000 rdtsc 0x00000002 jp 00007FF7B0C9CD46h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b ja 00007FF7B0C9CD46h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9DFE4C second address: 9DFE52 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9DFFF4 second address: 9DFFF8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9DFFF8 second address: 9E0004 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 jg 00007FF7B0F3BFC6h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9E01CD second address: 9E01DD instructions: 0x00000000 rdtsc 0x00000002 jp 00007FF7B0C9CD46h 0x00000008 push eax 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9E01DD second address: 9E01E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9E033A second address: 9E0365 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 jmp 00007FF7B0C9CD51h 0x0000000a popad 0x0000000b push eax 0x0000000c jmp 00007FF7B0C9CD4Bh 0x00000011 jp 00007FF7B0C9CD4Ch 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9E37B1 second address: 9E37C4 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a jp 00007FF7B0F3BFC6h 0x00000010 push edi 0x00000011 pop edi 0x00000012 popad 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9E37C4 second address: 9E381B instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pushad 0x00000004 popad 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 movsx ecx, bx 0x0000000c push 00000000h 0x0000000e jbe 00007FF7B0C9CD4Ch 0x00000014 pushad 0x00000015 mov dx, 638Bh 0x00000019 cld 0x0000001a popad 0x0000001b call 00007FF7B0C9CD49h 0x00000020 jmp 00007FF7B0C9CD59h 0x00000025 push eax 0x00000026 pushad 0x00000027 push eax 0x00000028 push edx 0x00000029 jmp 00007FF7B0C9CD50h 0x0000002e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9E381B second address: 9E381F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9E381F second address: 9E383F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jno 00007FF7B0C9CD48h 0x0000000c popad 0x0000000d mov eax, dword ptr [esp+04h] 0x00000011 pushad 0x00000012 push edx 0x00000013 jp 00007FF7B0C9CD46h 0x00000019 pop edx 0x0000001a push eax 0x0000001b push edx 0x0000001c push esi 0x0000001d pop esi 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9E383F second address: 9E3843 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9E3843 second address: 9E385B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov eax, dword ptr [eax] 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FF7B0C9CD4Dh 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9E3929 second address: 9E39B1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop eax 0x00000007 mov eax, dword ptr [eax] 0x00000009 jmp 00007FF7B0F3BFCDh 0x0000000e mov dword ptr [esp+04h], eax 0x00000012 pushad 0x00000013 jmp 00007FF7B0F3BFD8h 0x00000018 jmp 00007FF7B0F3BFD2h 0x0000001d popad 0x0000001e pop eax 0x0000001f jmp 00007FF7B0F3BFCFh 0x00000024 lea ebx, dword ptr [ebp+124476B5h] 0x0000002a je 00007FF7B0F3BFC6h 0x00000030 xchg eax, ebx 0x00000031 pushad 0x00000032 jmp 00007FF7B0F3BFD7h 0x00000037 push eax 0x00000038 push edx 0x00000039 jmp 00007FF7B0F3BFCBh 0x0000003e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9E3D12 second address: 9E3D19 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9F62CD second address: 9F62E7 instructions: 0x00000000 rdtsc 0x00000002 ja 00007FF7B0F3BFCCh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edi 0x0000000c push eax 0x0000000d push edx 0x0000000e jng 00007FF7B0F3BFC6h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A01771 second address: A01775 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A0191A second address: A0191E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A01A50 second address: A01A56 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A01A56 second address: A01A5A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A01B9C second address: A01BA0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A01BA0 second address: A01BCD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 push esi 0x0000000a pop esi 0x0000000b jmp 00007FF7B0F3BFD1h 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007FF7B0F3BFCCh 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A01BCD second address: A01BD1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A01BD1 second address: A01BD5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A023CF second address: A023FA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 js 00007FF7B0C9CD46h 0x0000000b jp 00007FF7B0C9CD46h 0x00000011 jc 00007FF7B0C9CD46h 0x00000017 popad 0x00000018 push eax 0x00000019 push edx 0x0000001a pushad 0x0000001b popad 0x0000001c jmp 00007FF7B0C9CD4Fh 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A023FA second address: A023FE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A02526 second address: A0252B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A0252B second address: A0253D instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jmp 00007FF7B0F3BFCDh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A026CF second address: A026DF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD4Ah 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9FAFD2 second address: 9FAFD6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9CFE8D second address: 9CFE96 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push esi 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9CFE96 second address: 9CFE9E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A02ED0 second address: A02EDC instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FF7B0C9CD4Eh 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A0302F second address: A0304E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007FF7B0F3BFD3h 0x0000000b popad 0x0000000c push ecx 0x0000000d pushad 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A03416 second address: A0344C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD4Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jg 00007FF7B0C9CD61h 0x0000000f pushad 0x00000010 popad 0x00000011 jmp 00007FF7B0C9CD59h 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A0344C second address: A03466 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF7B0F3BFD6h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A03466 second address: A03482 instructions: 0x00000000 rdtsc 0x00000002 js 00007FF7B0C9CD46h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d jp 00007FF7B0C9CD4Ah 0x00000013 pushad 0x00000014 pushad 0x00000015 popad 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A03482 second address: A0349B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF7B0F3BFD3h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A0349B second address: A034A0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A034A0 second address: A034AA instructions: 0x00000000 rdtsc 0x00000002 jc 00007FF7B0F3BFCCh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A07D3F second address: A07D5C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF7B0C9CD59h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A07EAD second address: A07EB1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A065E6 second address: A065EC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A065EC second address: A065F8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop esi 0x00000006 push eax 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A07FB6 second address: A07FC0 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FF7B0C9CD4Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A080E7 second address: A080F2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jp 00007FF7B0F3BFC6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9D6A98 second address: 9D6A9D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9D6A9D second address: 9D6AF2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFCBh 0x00000007 ja 00007FF7B0F3BFD2h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pushad 0x00000010 pushad 0x00000011 push eax 0x00000012 pop eax 0x00000013 push eax 0x00000014 pop eax 0x00000015 jmp 00007FF7B0F3BFD2h 0x0000001a popad 0x0000001b jo 00007FF7B0F3BFD5h 0x00000021 push ecx 0x00000022 pop ecx 0x00000023 jmp 00007FF7B0F3BFCDh 0x00000028 push eax 0x00000029 push edx 0x0000002a pushad 0x0000002b popad 0x0000002c push eax 0x0000002d push edx 0x0000002e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9D6AF2 second address: 9D6AF6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9D4F41 second address: 9D4F50 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edi 0x00000007 jne 00007FF7B0F3BFC8h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9D4F50 second address: 9D4F5B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jc 00007FF7B0C9CD46h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9D4F5B second address: 9D4F7B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 jmp 00007FF7B0F3BFCFh 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e jbe 00007FF7B0F3BFC6h 0x00000014 push ecx 0x00000015 pop ecx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A0EE37 second address: A0EE59 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pushad 0x00000004 popad 0x00000005 push ebx 0x00000006 pop ebx 0x00000007 pop edi 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FF7B0C9CD56h 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A0F25E second address: A0F282 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFD2h 0x00000007 jc 00007FF7B0F3BFC6h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f jng 00007FF7B0F3BFC8h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A0F593 second address: A0F59E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007FF7B0C9CD46h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A0F59E second address: A0F5B9 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pushad 0x00000004 popad 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b push edx 0x0000000c pop edx 0x0000000d jmp 00007FF7B0F3BFCCh 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A0F5B9 second address: A0F5BE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A11619 second address: A116BA instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FF7B0F3BFC6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c jno 00007FF7B0F3BFE4h 0x00000012 mov eax, dword ptr [esp+04h] 0x00000016 push esi 0x00000017 push edi 0x00000018 je 00007FF7B0F3BFC6h 0x0000001e pop edi 0x0000001f pop esi 0x00000020 mov eax, dword ptr [eax] 0x00000022 jnp 00007FF7B0F3BFCEh 0x00000028 mov dword ptr [esp+04h], eax 0x0000002c push eax 0x0000002d pushad 0x0000002e pushad 0x0000002f popad 0x00000030 pushad 0x00000031 popad 0x00000032 popad 0x00000033 pop eax 0x00000034 pop eax 0x00000035 push 00000000h 0x00000037 push eax 0x00000038 call 00007FF7B0F3BFC8h 0x0000003d pop eax 0x0000003e mov dword ptr [esp+04h], eax 0x00000042 add dword ptr [esp+04h], 00000015h 0x0000004a inc eax 0x0000004b push eax 0x0000004c ret 0x0000004d pop eax 0x0000004e ret 0x0000004f cld 0x00000050 call 00007FF7B0F3BFC9h 0x00000055 ja 00007FF7B0F3BFD5h 0x0000005b push eax 0x0000005c push eax 0x0000005d push eax 0x0000005e push edx 0x0000005f jns 00007FF7B0F3BFC6h 0x00000065 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A116BA second address: A116DD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD50h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop eax 0x0000000a mov eax, dword ptr [esp+04h] 0x0000000e push eax 0x0000000f push edx 0x00000010 push ecx 0x00000011 jne 00007FF7B0C9CD46h 0x00000017 pop ecx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A116DD second address: A11724 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FF7B0F3BFD4h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov eax, dword ptr [eax] 0x0000000c push ecx 0x0000000d jbe 00007FF7B0F3BFD9h 0x00000013 jmp 00007FF7B0F3BFD3h 0x00000018 pop ecx 0x00000019 mov dword ptr [esp+04h], eax 0x0000001d push eax 0x0000001e push edx 0x0000001f jno 00007FF7B0F3BFCCh 0x00000025 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A11724 second address: A1172F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jc 00007FF7B0C9CD46h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1188B second address: A118AA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFD4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push edx 0x0000000d push ebx 0x0000000e pop ebx 0x0000000f pop edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A118AA second address: A118AF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A11B0C second address: A11B29 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFD9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A122F7 second address: A12341 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 xchg eax, ebx 0x00000008 push 00000000h 0x0000000a push edi 0x0000000b call 00007FF7B0C9CD48h 0x00000010 pop edi 0x00000011 mov dword ptr [esp+04h], edi 0x00000015 add dword ptr [esp+04h], 0000001Ah 0x0000001d inc edi 0x0000001e push edi 0x0000001f ret 0x00000020 pop edi 0x00000021 ret 0x00000022 mov edi, dword ptr [ebp+122D2A1Eh] 0x00000028 nop 0x00000029 js 00007FF7B0C9CD53h 0x0000002f push eax 0x00000030 jmp 00007FF7B0C9CD4Bh 0x00000035 pop eax 0x00000036 push eax 0x00000037 push ebx 0x00000038 push eax 0x00000039 push edx 0x0000003a push ebx 0x0000003b pop ebx 0x0000003c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A124E6 second address: A124F3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jo 00007FF7B0F3BFCCh 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1280B second address: A12813 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A12813 second address: A1282A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007FF7B0F3BFC6h 0x0000000a popad 0x0000000b popad 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 ja 00007FF7B0F3BFC6h 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1282A second address: A12830 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A12830 second address: A12835 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A12835 second address: A12844 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pop edx 0x00000006 pop eax 0x00000007 nop 0x00000008 clc 0x00000009 xchg eax, ebx 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e pop eax 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A12D7F second address: A12E0A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFD3h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jnl 00007FF7B0F3BFD4h 0x00000010 nop 0x00000011 push 00000000h 0x00000013 push ecx 0x00000014 call 00007FF7B0F3BFC8h 0x00000019 pop ecx 0x0000001a mov dword ptr [esp+04h], ecx 0x0000001e add dword ptr [esp+04h], 00000014h 0x00000026 inc ecx 0x00000027 push ecx 0x00000028 ret 0x00000029 pop ecx 0x0000002a ret 0x0000002b push 00000000h 0x0000002d push 00000000h 0x0000002f push 00000000h 0x00000031 push esi 0x00000032 call 00007FF7B0F3BFC8h 0x00000037 pop esi 0x00000038 mov dword ptr [esp+04h], esi 0x0000003c add dword ptr [esp+04h], 00000017h 0x00000044 inc esi 0x00000045 push esi 0x00000046 ret 0x00000047 pop esi 0x00000048 ret 0x00000049 mov esi, dword ptr [ebp+122D17BFh] 0x0000004f xchg eax, ebx 0x00000050 push eax 0x00000051 push edx 0x00000052 jmp 00007FF7B0F3BFD6h 0x00000057 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A137BB second address: A137CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop esi 0x00000006 push eax 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a je 00007FF7B0C9CD46h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A137CB second address: A137CF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A137CF second address: A137D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A152A7 second address: A1531C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 nop 0x00000008 push 00000000h 0x0000000a push eax 0x0000000b call 00007FF7B0F3BFC8h 0x00000010 pop eax 0x00000011 mov dword ptr [esp+04h], eax 0x00000015 add dword ptr [esp+04h], 0000001Ah 0x0000001d inc eax 0x0000001e push eax 0x0000001f ret 0x00000020 pop eax 0x00000021 ret 0x00000022 mov esi, dword ptr [ebp+122D3A69h] 0x00000028 push 00000000h 0x0000002a mov edi, dword ptr [ebp+122D26BBh] 0x00000030 push 00000000h 0x00000032 push 00000000h 0x00000034 push esi 0x00000035 call 00007FF7B0F3BFC8h 0x0000003a pop esi 0x0000003b mov dword ptr [esp+04h], esi 0x0000003f add dword ptr [esp+04h], 00000019h 0x00000047 inc esi 0x00000048 push esi 0x00000049 ret 0x0000004a pop esi 0x0000004b ret 0x0000004c add esi, 23DE91C4h 0x00000052 xchg eax, ebx 0x00000053 jo 00007FF7B0F3BFDDh 0x00000059 push eax 0x0000005a push edx 0x0000005b jmp 00007FF7B0F3BFCBh 0x00000060 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1500F second address: A1502F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD4Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ecx 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jne 00007FF7B0C9CD4Ch 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1531C second address: A15336 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FF7B0F3BFC6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c jmp 00007FF7B0F3BFCAh 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A15336 second address: A1533A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1533A second address: A1533E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1650C second address: A16512 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A16512 second address: A16516 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9CC84C second address: 9CC86E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD58h 0x00000007 push esi 0x00000008 pop esi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push ebx 0x0000000e pop ebx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1944B second address: A1944F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1944F second address: A194CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp], eax 0x0000000a push 00000000h 0x0000000c push edi 0x0000000d call 00007FF7B0C9CD48h 0x00000012 pop edi 0x00000013 mov dword ptr [esp+04h], edi 0x00000017 add dword ptr [esp+04h], 00000015h 0x0000001f inc edi 0x00000020 push edi 0x00000021 ret 0x00000022 pop edi 0x00000023 ret 0x00000024 push 00000000h 0x00000026 push 00000000h 0x00000028 push esi 0x00000029 call 00007FF7B0C9CD48h 0x0000002e pop esi 0x0000002f mov dword ptr [esp+04h], esi 0x00000033 add dword ptr [esp+04h], 0000001Dh 0x0000003b inc esi 0x0000003c push esi 0x0000003d ret 0x0000003e pop esi 0x0000003f ret 0x00000040 push 00000000h 0x00000042 push 00000000h 0x00000044 push ebp 0x00000045 call 00007FF7B0C9CD48h 0x0000004a pop ebp 0x0000004b mov dword ptr [esp+04h], ebp 0x0000004f add dword ptr [esp+04h], 0000001Ch 0x00000057 inc ebp 0x00000058 push ebp 0x00000059 ret 0x0000005a pop ebp 0x0000005b ret 0x0000005c xchg eax, ebx 0x0000005d push eax 0x0000005e push edx 0x0000005f push ecx 0x00000060 pushad 0x00000061 popad 0x00000062 pop ecx 0x00000063 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1D2E5 second address: A1D302 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF7B0F3BFD9h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1E813 second address: A1E81D instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FF7B0C9CD4Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1D9E8 second address: A1DA0A instructions: 0x00000000 rdtsc 0x00000002 jg 00007FF7B0F3BFCCh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c push esi 0x0000000d jnl 00007FF7B0F3BFC6h 0x00000013 pop esi 0x00000014 js 00007FF7B0F3BFCCh 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1DAB6 second address: A1DABC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1EA66 second address: A1EA8A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFD9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e push esi 0x0000000f pop esi 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1EA8A second address: A1EA90 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1FA8C second address: A1FAA4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF7B0F3BFD3h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1EA90 second address: A1EA9A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 js 00007FF7B0C9CD46h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A23120 second address: A23124 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A22232 second address: A22238 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A23124 second address: A2315E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 nop 0x00000007 cmc 0x00000008 push 00000000h 0x0000000a jo 00007FF7B0F3BFC8h 0x00000010 mov ebx, esi 0x00000012 push 00000000h 0x00000014 push 00000000h 0x00000016 push eax 0x00000017 call 00007FF7B0F3BFC8h 0x0000001c pop eax 0x0000001d mov dword ptr [esp+04h], eax 0x00000021 add dword ptr [esp+04h], 00000019h 0x00000029 inc eax 0x0000002a push eax 0x0000002b ret 0x0000002c pop eax 0x0000002d ret 0x0000002e push eax 0x0000002f push edx 0x00000030 pushad 0x00000031 push eax 0x00000032 push edx 0x00000033 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A241E4 second address: A241EE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A232AE second address: A23335 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 nop 0x00000008 mov dword ptr [ebp+1246FEB9h], edi 0x0000000e push dword ptr fs:[00000000h] 0x00000015 push 00000000h 0x00000017 push ebp 0x00000018 call 00007FF7B0F3BFC8h 0x0000001d pop ebp 0x0000001e mov dword ptr [esp+04h], ebp 0x00000022 add dword ptr [esp+04h], 0000001Ch 0x0000002a inc ebp 0x0000002b push ebp 0x0000002c ret 0x0000002d pop ebp 0x0000002e ret 0x0000002f jp 00007FF7B0F3BFCCh 0x00000035 mov dword ptr fs:[00000000h], esp 0x0000003c movsx ebx, bx 0x0000003f mov eax, dword ptr [ebp+122D0859h] 0x00000045 mov edi, ebx 0x00000047 push FFFFFFFFh 0x00000049 push 00000000h 0x0000004b push ebp 0x0000004c call 00007FF7B0F3BFC8h 0x00000051 pop ebp 0x00000052 mov dword ptr [esp+04h], ebp 0x00000056 add dword ptr [esp+04h], 00000015h 0x0000005e inc ebp 0x0000005f push ebp 0x00000060 ret 0x00000061 pop ebp 0x00000062 ret 0x00000063 or dword ptr [ebp+124643F6h], edi 0x00000069 nop 0x0000006a push eax 0x0000006b push edx 0x0000006c jo 00007FF7B0F3BFC8h 0x00000072 push edx 0x00000073 pop edx 0x00000074 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A23335 second address: A2333F instructions: 0x00000000 rdtsc 0x00000002 jg 00007FF7B0C9CD4Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2333F second address: A23363 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FF7B0F3BFD9h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A23363 second address: A23369 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2500E second address: A2508B instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jo 00007FF7B0F3BFC6h 0x00000009 pop ebx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d jno 00007FF7B0F3BFE0h 0x00000013 nop 0x00000014 mov dword ptr [ebp+122D2A00h], ebx 0x0000001a sub edi, dword ptr [ebp+122D3875h] 0x00000020 push 00000000h 0x00000022 push 00000000h 0x00000024 push ecx 0x00000025 call 00007FF7B0F3BFC8h 0x0000002a pop ecx 0x0000002b mov dword ptr [esp+04h], ecx 0x0000002f add dword ptr [esp+04h], 0000001Dh 0x00000037 inc ecx 0x00000038 push ecx 0x00000039 ret 0x0000003a pop ecx 0x0000003b ret 0x0000003c pushad 0x0000003d pushad 0x0000003e mov ah, BDh 0x00000040 and esi, dword ptr [ebp+122D3765h] 0x00000046 popad 0x00000047 mov esi, ebx 0x00000049 popad 0x0000004a push 00000000h 0x0000004c sub ebx, dword ptr [ebp+122D2A00h] 0x00000052 push eax 0x00000053 push esi 0x00000054 push eax 0x00000055 push edx 0x00000056 push esi 0x00000057 pop esi 0x00000058 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A25207 second address: A2520B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2520B second address: A25295 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 nop 0x00000007 mov di, 2F95h 0x0000000b push dword ptr fs:[00000000h] 0x00000012 push 00000000h 0x00000014 push ebx 0x00000015 call 00007FF7B0F3BFC8h 0x0000001a pop ebx 0x0000001b mov dword ptr [esp+04h], ebx 0x0000001f add dword ptr [esp+04h], 00000019h 0x00000027 inc ebx 0x00000028 push ebx 0x00000029 ret 0x0000002a pop ebx 0x0000002b ret 0x0000002c mov dword ptr fs:[00000000h], esp 0x00000033 mov eax, dword ptr [ebp+122D0371h] 0x00000039 push 00000000h 0x0000003b push edx 0x0000003c call 00007FF7B0F3BFC8h 0x00000041 pop edx 0x00000042 mov dword ptr [esp+04h], edx 0x00000046 add dword ptr [esp+04h], 00000014h 0x0000004e inc edx 0x0000004f push edx 0x00000050 ret 0x00000051 pop edx 0x00000052 ret 0x00000053 mov bx, ax 0x00000056 push FFFFFFFFh 0x00000058 mov dword ptr [ebp+122D2A00h], edi 0x0000005e push eax 0x0000005f push eax 0x00000060 push edx 0x00000061 pushad 0x00000062 jmp 00007FF7B0F3BFD8h 0x00000067 jl 00007FF7B0F3BFC6h 0x0000006d popad 0x0000006e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A25295 second address: A2529B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2529B second address: A2529F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2529F second address: A252A3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A26231 second address: A26235 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A26235 second address: A2623B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2623B second address: A2623F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A28F39 second address: A28F3D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A28F3D second address: A28F98 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnl 00007FF7B0F3BFC8h 0x0000000c push edi 0x0000000d jmp 00007FF7B0F3BFD3h 0x00000012 pushad 0x00000013 popad 0x00000014 pop edi 0x00000015 jmp 00007FF7B0F3BFCCh 0x0000001a popad 0x0000001b push eax 0x0000001c push edx 0x0000001d pushad 0x0000001e pushad 0x0000001f popad 0x00000020 pushad 0x00000021 popad 0x00000022 popad 0x00000023 pushad 0x00000024 jmp 00007FF7B0F3BFD9h 0x00000029 je 00007FF7B0F3BFC6h 0x0000002f popad 0x00000030 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2957D second address: A29601 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 push eax 0x00000008 jmp 00007FF7B0C9CD52h 0x0000000d nop 0x0000000e push 00000000h 0x00000010 push esi 0x00000011 call 00007FF7B0C9CD48h 0x00000016 pop esi 0x00000017 mov dword ptr [esp+04h], esi 0x0000001b add dword ptr [esp+04h], 00000017h 0x00000023 inc esi 0x00000024 push esi 0x00000025 ret 0x00000026 pop esi 0x00000027 ret 0x00000028 push esi 0x00000029 cld 0x0000002a pop edi 0x0000002b push 00000000h 0x0000002d mov ebx, dword ptr [ebp+122D1C39h] 0x00000033 push 00000000h 0x00000035 push 00000000h 0x00000037 push eax 0x00000038 call 00007FF7B0C9CD48h 0x0000003d pop eax 0x0000003e mov dword ptr [esp+04h], eax 0x00000042 add dword ptr [esp+04h], 00000015h 0x0000004a inc eax 0x0000004b push eax 0x0000004c ret 0x0000004d pop eax 0x0000004e ret 0x0000004f call 00007FF7B0C9CD4Bh 0x00000054 xor bx, C902h 0x00000059 pop edi 0x0000005a xchg eax, esi 0x0000005b push eax 0x0000005c push edx 0x0000005d ja 00007FF7B0C9CD4Ch 0x00000063 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2A56B second address: A2A570 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2A570 second address: A2A57A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jne 00007FF7B0C9CD46h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2B38F second address: A2B393 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2B393 second address: A2B3A5 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 js 00007FF7B0C9CD46h 0x00000009 pop edx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 pop eax 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2B440 second address: A2B446 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2B446 second address: A2B457 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b jng 00007FF7B0C9CD46h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2B457 second address: A2B45B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2B45B second address: A2B461 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2A67E second address: A2A726 instructions: 0x00000000 rdtsc 0x00000002 jng 00007FF7B0F3BFC6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop ebx 0x0000000b mov dword ptr [esp], eax 0x0000000e adc ebx, 14ED5439h 0x00000014 mov edi, ecx 0x00000016 push dword ptr fs:[00000000h] 0x0000001d pushad 0x0000001e jmp 00007FF7B0F3BFCDh 0x00000023 jc 00007FF7B0F3BFCCh 0x00000029 mov dword ptr [ebp+12450BD7h], ecx 0x0000002f popad 0x00000030 mov dword ptr fs:[00000000h], esp 0x00000037 mov dword ptr [ebp+122D2940h], edx 0x0000003d mov eax, dword ptr [ebp+122D0889h] 0x00000043 push 00000000h 0x00000045 push eax 0x00000046 call 00007FF7B0F3BFC8h 0x0000004b pop eax 0x0000004c mov dword ptr [esp+04h], eax 0x00000050 add dword ptr [esp+04h], 0000001Ch 0x00000058 inc eax 0x00000059 push eax 0x0000005a ret 0x0000005b pop eax 0x0000005c ret 0x0000005d mov di, dx 0x00000060 push FFFFFFFFh 0x00000062 and ebx, dword ptr [ebp+122D1C60h] 0x00000068 nop 0x00000069 jo 00007FF7B0F3BFD0h 0x0000006f pushad 0x00000070 jns 00007FF7B0F3BFC6h 0x00000076 push edx 0x00000077 pop edx 0x00000078 popad 0x00000079 push eax 0x0000007a pushad 0x0000007b push eax 0x0000007c push edx 0x0000007d jmp 00007FF7B0F3BFD9h 0x00000082 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2C45E second address: A2C4DD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007FF7B0C9CD4Ah 0x0000000a popad 0x0000000b push eax 0x0000000c pushad 0x0000000d push eax 0x0000000e jp 00007FF7B0C9CD46h 0x00000014 pop eax 0x00000015 push edi 0x00000016 jne 00007FF7B0C9CD46h 0x0000001c pop edi 0x0000001d popad 0x0000001e nop 0x0000001f push 00000000h 0x00000021 push ecx 0x00000022 call 00007FF7B0C9CD48h 0x00000027 pop ecx 0x00000028 mov dword ptr [esp+04h], ecx 0x0000002c add dword ptr [esp+04h], 0000001Dh 0x00000034 inc ecx 0x00000035 push ecx 0x00000036 ret 0x00000037 pop ecx 0x00000038 ret 0x00000039 push 00000000h 0x0000003b jmp 00007FF7B0C9CD4Fh 0x00000040 push 00000000h 0x00000042 xchg eax, esi 0x00000043 jne 00007FF7B0C9CD5Ch 0x00000049 push eax 0x0000004a pushad 0x0000004b push eax 0x0000004c push edx 0x0000004d pushad 0x0000004e popad 0x0000004f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2C4DD second address: A2C4E1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2C63C second address: A2C640 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2E327 second address: A2E32E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2D60C second address: A2D628 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD58h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2D628 second address: A2D62D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2F534 second address: A2F538 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2F538 second address: A2F5EC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFD6h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ecx 0x0000000a mov dword ptr [esp], eax 0x0000000d sub dword ptr [ebp+122D5876h], eax 0x00000013 or ebx, dword ptr [ebp+122D39C1h] 0x00000019 push dword ptr fs:[00000000h] 0x00000020 push 00000000h 0x00000022 push ecx 0x00000023 call 00007FF7B0F3BFC8h 0x00000028 pop ecx 0x00000029 mov dword ptr [esp+04h], ecx 0x0000002d add dword ptr [esp+04h], 0000001Ch 0x00000035 inc ecx 0x00000036 push ecx 0x00000037 ret 0x00000038 pop ecx 0x00000039 ret 0x0000003a jo 00007FF7B0F3BFD8h 0x00000040 jmp 00007FF7B0F3BFD2h 0x00000045 mov dword ptr [ebp+122D1DE4h], ebx 0x0000004b mov dword ptr fs:[00000000h], esp 0x00000052 cmc 0x00000053 mov eax, dword ptr [ebp+122D0ED1h] 0x00000059 jmp 00007FF7B0F3BFD5h 0x0000005e push FFFFFFFFh 0x00000060 mov dword ptr [ebp+122D580Ah], ebx 0x00000066 nop 0x00000067 pushad 0x00000068 push eax 0x00000069 push edx 0x0000006a jmp 00007FF7B0F3BFD2h 0x0000006f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A2F5EC second address: A2F604 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a popad 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f jp 00007FF7B0C9CD46h 0x00000015 pushad 0x00000016 popad 0x00000017 popad 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A36E88 second address: A36EA2 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnp 00007FF7B0F3BFCEh 0x0000000c push edi 0x0000000d pop edi 0x0000000e jnc 00007FF7B0F3BFC6h 0x00000014 push eax 0x00000015 push edx 0x00000016 push edi 0x00000017 pop edi 0x00000018 pushad 0x00000019 popad 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A367B2 second address: A367B6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A367B6 second address: A367E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 pushad 0x00000008 jmp 00007FF7B0F3BFCDh 0x0000000d pushad 0x0000000e jnc 00007FF7B0F3BFC6h 0x00000014 jo 00007FF7B0F3BFC6h 0x0000001a push ecx 0x0000001b pop ecx 0x0000001c push ecx 0x0000001d pop ecx 0x0000001e popad 0x0000001f push eax 0x00000020 push edx 0x00000021 pushad 0x00000022 popad 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A367E3 second address: A367E7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A367E7 second address: A3680B instructions: 0x00000000 rdtsc 0x00000002 jg 00007FF7B0F3BFC6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jnc 00007FF7B0F3BFC6h 0x00000012 jmp 00007FF7B0F3BFD2h 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A3680B second address: A36820 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD51h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A3694F second address: A36968 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jmp 00007FF7B0F3BFD2h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A3A47C second address: A3A492 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FF7B0C9CD46h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c jg 00007FF7B0C9CD54h 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A3A492 second address: A3A496 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A3A496 second address: A3A4E3 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov eax, dword ptr [esp+04h] 0x0000000a jmp 00007FF7B0C9CD59h 0x0000000f mov eax, dword ptr [eax] 0x00000011 jmp 00007FF7B0C9CD52h 0x00000016 mov dword ptr [esp+04h], eax 0x0000001a push eax 0x0000001b push edx 0x0000001c jmp 00007FF7B0C9CD50h 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A3A62B second address: A3A634 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A3A634 second address: A3A638 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A3A638 second address: A3A666 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFD0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b pushad 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f pop edx 0x00000010 jnc 00007FF7B0F3BFC8h 0x00000016 popad 0x00000017 mov eax, dword ptr [esp+04h] 0x0000001b push eax 0x0000001c push edx 0x0000001d push eax 0x0000001e push edx 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A3A666 second address: A3A66A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A3A66A second address: A3A674 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FF7B0F3BFC6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A3A674 second address: A3A699 instructions: 0x00000000 rdtsc 0x00000002 jg 00007FF7B0C9CD48h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov eax, dword ptr [eax] 0x0000000c push eax 0x0000000d push edx 0x0000000e jp 00007FF7B0C9CD55h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A40C2D second address: A40C31 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9D18FC second address: 9D1905 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9D1905 second address: 9D190C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop ebx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A40131 second address: A4013F instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jbe 00007FF7B0C9CD46h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A4013F second address: A40145 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A40145 second address: A40159 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD4Eh 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A40159 second address: A4015F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A4015F second address: A40165 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A40165 second address: A401AA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c jmp 00007FF7B0F3BFCDh 0x00000011 jmp 00007FF7B0F3BFD4h 0x00000016 popad 0x00000017 pushad 0x00000018 jmp 00007FF7B0F3BFCEh 0x0000001d jp 00007FF7B0F3BFC6h 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A40345 second address: A40349 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A40498 second address: A404C4 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FF7B0F3BFCCh 0x00000008 jg 00007FF7B0F3BFC6h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pushad 0x00000011 push edx 0x00000012 push ebx 0x00000013 pop ebx 0x00000014 jmp 00007FF7B0F3BFD2h 0x00000019 pop edx 0x0000001a pushad 0x0000001b push esi 0x0000001c pop esi 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A404C4 second address: A404D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007FF7B0C9CD46h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A404D3 second address: A404D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A40753 second address: A40758 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A40758 second address: A4075E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A4075E second address: A4076E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push ecx 0x00000008 push eax 0x00000009 push edx 0x0000000a js 00007FF7B0C9CD46h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A40919 second address: A4091D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A4091D second address: A40921 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A436C9 second address: A43703 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFD0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a pushad 0x0000000b ja 00007FF7B0F3BFCEh 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 pop eax 0x00000015 jmp 00007FF7B0F3BFD2h 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A43703 second address: A43722 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007FF7B0C9CD54h 0x0000000c push edx 0x0000000d pop edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9CE449 second address: 9CE481 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007FF7B0F3BFD5h 0x0000000d jmp 00007FF7B0F3BFD8h 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A4ABAE second address: A4ABB9 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pushad 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A4ABB9 second address: A4ABFA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF7B0F3BFD5h 0x00000009 jmp 00007FF7B0F3BFD1h 0x0000000e popad 0x0000000f push edi 0x00000010 jnp 00007FF7B0F3BFC6h 0x00000016 jnp 00007FF7B0F3BFC6h 0x0000001c pop edi 0x0000001d push eax 0x0000001e push edx 0x0000001f jnl 00007FF7B0F3BFC6h 0x00000025 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1A74E second address: A1A75B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 js 00007FF7B0C9CD46h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1AACC second address: A1AAD6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jc 00007FF7B0F3BFC6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1AAD6 second address: A1AADA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1ABC8 second address: A1AC00 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FF7B0F3BFC8h 0x00000008 push edi 0x00000009 pop edi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov eax, dword ptr [eax] 0x0000000e jg 00007FF7B0F3BFE0h 0x00000014 mov dword ptr [esp+04h], eax 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c pushad 0x0000001d popad 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1AC00 second address: A1AC04 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1AC04 second address: A1AC0A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1AC0A second address: A1AC2A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jc 00007FF7B0C9CD46h 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pop eax 0x0000000f add dword ptr [ebp+122D2A07h], edx 0x00000015 push 329FDC86h 0x0000001a push eax 0x0000001b push edx 0x0000001c push eax 0x0000001d push edx 0x0000001e pushad 0x0000001f popad 0x00000020 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1AC2A second address: A1AC2E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1AC2E second address: A1AC34 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1AC34 second address: A1AC3B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1ACA7 second address: A1ACAC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1AD57 second address: A1ADBB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFD6h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b pushad 0x0000000c jns 00007FF7B0F3BFC6h 0x00000012 pushad 0x00000013 popad 0x00000014 popad 0x00000015 jnc 00007FF7B0F3BFC8h 0x0000001b popad 0x0000001c xchg eax, esi 0x0000001d call 00007FF7B0F3BFD2h 0x00000022 mov ecx, dword ptr [ebp+122D37EDh] 0x00000028 pop ecx 0x00000029 mov edx, dword ptr [ebp+122D26E3h] 0x0000002f push eax 0x00000030 push eax 0x00000031 push edx 0x00000032 jmp 00007FF7B0F3BFD2h 0x00000037 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1AE8D second address: A1AE92 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1AE92 second address: A1AEBF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FF7B0F3BFD0h 0x00000008 pushad 0x00000009 popad 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FF7B0F3BFD1h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1AEBF second address: A1AEC3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1AEC3 second address: A1AF2A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ecx 0x00000007 jno 00007FF7B0F3BFC6h 0x0000000d pop ecx 0x0000000e popad 0x0000000f mov eax, dword ptr [esp+04h] 0x00000013 jno 00007FF7B0F3BFDCh 0x00000019 mov eax, dword ptr [eax] 0x0000001b pushad 0x0000001c jnp 00007FF7B0F3BFD1h 0x00000022 jmp 00007FF7B0F3BFCBh 0x00000027 jno 00007FF7B0F3BFD9h 0x0000002d popad 0x0000002e mov dword ptr [esp+04h], eax 0x00000032 push eax 0x00000033 push edx 0x00000034 push ebx 0x00000035 push edi 0x00000036 pop edi 0x00000037 pop ebx 0x00000038 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1AFC6 second address: A1AFCC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1AFCC second address: A1AFD0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1AFD0 second address: A1AFDF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e pop eax 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1AFDF second address: A1AFE9 instructions: 0x00000000 rdtsc 0x00000002 jns 00007FF7B0F3BFC6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1B7AE second address: A1B7CB instructions: 0x00000000 rdtsc 0x00000002 jl 00007FF7B0C9CD46h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FF7B0C9CD51h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1B8A2 second address: A1B8D7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFCBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c mov di, si 0x0000000f lea eax, dword ptr [ebp+1247E243h] 0x00000015 pushad 0x00000016 xor si, 6E3Eh 0x0000001b mov bx, cx 0x0000001e popad 0x0000001f mov edi, dword ptr [ebp+122D39FDh] 0x00000025 nop 0x00000026 pushad 0x00000027 push eax 0x00000028 push edx 0x00000029 ja 00007FF7B0F3BFC6h 0x0000002f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1B8D7 second address: A1B90B instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FF7B0C9CD46h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jo 00007FF7B0C9CD53h 0x00000010 jmp 00007FF7B0C9CD4Dh 0x00000015 popad 0x00000016 push eax 0x00000017 pushad 0x00000018 jns 00007FF7B0C9CD4Ch 0x0000001e jng 00007FF7B0C9CD46h 0x00000024 push eax 0x00000025 push edx 0x00000026 jns 00007FF7B0C9CD46h 0x0000002c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1B90B second address: 9FBA41 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 nop 0x00000008 sbb cl, FFFFFFC2h 0x0000000b mov dword ptr [ebp+122D5880h], ecx 0x00000011 call dword ptr [ebp+1244516Ah] 0x00000017 jmp 00007FF7B0F3BFCBh 0x0000001c push eax 0x0000001d push edx 0x0000001e push eax 0x0000001f push edx 0x00000020 push ecx 0x00000021 pop ecx 0x00000022 push eax 0x00000023 push edx 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9FBA41 second address: 9FBA45 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9FBA45 second address: 9FBA49 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9FBA49 second address: 9FBA59 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FF7B0C9CD4Ah 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9FBA59 second address: 9FBA5F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9FBA5F second address: 9FBA65 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A49D2B second address: A49D31 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A49D31 second address: A49D63 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FF7B0C9CD4Ch 0x00000008 pushad 0x00000009 jnp 00007FF7B0C9CD46h 0x0000000f pushad 0x00000010 popad 0x00000011 jmp 00007FF7B0C9CD4Dh 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 jo 00007FF7B0C9CD50h 0x0000001f pushad 0x00000020 push eax 0x00000021 pop eax 0x00000022 push eax 0x00000023 push edx 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A49EAF second address: A49EDF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFCFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FF7B0F3BFD8h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A49EDF second address: A49EE3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A49EE3 second address: A49EEF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007FF7B0F3BFC6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A4A491 second address: A4A49A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push edx 0x00000008 pop edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A4A620 second address: A4A624 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A4A624 second address: A4A637 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jnl 00007FF7B0C9CD48h 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A4A637 second address: A4A63D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A51868 second address: A51878 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jl 00007FF7B0C9CD4Eh 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A51878 second address: A51890 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007FF7B0F3BFD2h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A50344 second address: A50352 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 js 00007FF7B0C9CD4Ch 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A50352 second address: A5036E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007FF7B0F3BFCAh 0x0000000a pushad 0x0000000b popad 0x0000000c pushad 0x0000000d popad 0x0000000e popad 0x0000000f push ecx 0x00000010 jp 00007FF7B0F3BFC8h 0x00000016 push edi 0x00000017 pop edi 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5036E second address: A50374 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5065F second address: A50669 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FF7B0F3BFC6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A50669 second address: A50685 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD4Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c jl 00007FF7B0C9CD46h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A50685 second address: A50692 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FF7B0F3BFC6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5095D second address: A50961 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A50C36 second address: A50C46 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007FF7B0F3BFC6h 0x0000000a push edx 0x0000000b pop edx 0x0000000c popad 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A50D8B second address: A50D8F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A50EDE second address: A50EE2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A50EE2 second address: A50EE6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A511C0 second address: A511C8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A511C8 second address: A511CC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A57E09 second address: A57E1A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFCDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A57E1A second address: A57E4F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD54h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jne 00007FF7B0C9CD4Eh 0x00000010 push edx 0x00000011 push edi 0x00000012 pop edi 0x00000013 jbe 00007FF7B0C9CD46h 0x00000019 pop edx 0x0000001a push eax 0x0000001b push edx 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A57E4F second address: A57E53 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A57E53 second address: A57E63 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a je 00007FF7B0C9CD46h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9DA082 second address: 9DA086 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9DA086 second address: 9DA08A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 9DA08A second address: 9DA090 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A56CB6 second address: A56CBA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A570E4 second address: A570EE instructions: 0x00000000 rdtsc 0x00000002 jns 00007FF7B0F3BFC6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A57212 second address: A57237 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007FF7B0C9CD46h 0x0000000a jmp 00007FF7B0C9CD4Ah 0x0000000f jmp 00007FF7B0C9CD4Dh 0x00000014 popad 0x00000015 push ebx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A574D8 second address: A574DC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A574DC second address: A574FC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FF7B0C9CD56h 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A574FC second address: A5751A instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FF7B0F3BFCEh 0x0000000b push eax 0x0000000c push edx 0x0000000d js 00007FF7B0F3BFC6h 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5751A second address: A5752B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD4Dh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A577DD second address: A577E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A577E3 second address: A5781C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF7B0C9CD53h 0x00000009 popad 0x0000000a pop edi 0x0000000b pushad 0x0000000c jo 00007FF7B0C9CD57h 0x00000012 jmp 00007FF7B0C9CD4Bh 0x00000017 jp 00007FF7B0C9CD46h 0x0000001d jnp 00007FF7B0C9CD52h 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5781C second address: A5783F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007FF7B0F3BFC6h 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d pop eax 0x0000000e jmp 00007FF7B0F3BFD5h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5783F second address: A57850 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD4Dh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5BA2D second address: A5BA33 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5BA33 second address: A5BA49 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF7B0C9CD50h 0x00000009 push esi 0x0000000a pop esi 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5BA49 second address: A5BA5C instructions: 0x00000000 rdtsc 0x00000002 jo 00007FF7B0F3BFC6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5BA5C second address: A5BA7D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007FF7B0C9CD4Ah 0x0000000b jns 00007FF7B0C9CD46h 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 jno 00007FF7B0C9CD46h 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5BA7D second address: A5BA81 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5BA81 second address: A5BA85 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5BA85 second address: A5BA8B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5BA8B second address: A5BAA4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD54h 0x00000007 push esi 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5B313 second address: A5B317 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5B317 second address: A5B31B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5B31B second address: A5B323 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5B486 second address: A5B49F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007FF7B0C9CD46h 0x0000000a push edx 0x0000000b pop edx 0x0000000c popad 0x0000000d jg 00007FF7B0C9CD48h 0x00000013 pushad 0x00000014 popad 0x00000015 push eax 0x00000016 push edx 0x00000017 push edi 0x00000018 pop edi 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5B49F second address: A5B4BA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFD7h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5B750 second address: A5B754 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A5DEA7 second address: A5DEAB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A642F4 second address: A642F8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A642F8 second address: A64321 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop ecx 0x00000009 push eax 0x0000000a push edx 0x0000000b jnl 00007FF7B0F3BFDEh 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A64321 second address: A6433E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD4Dh 0x00000007 push eax 0x00000008 push edx 0x00000009 jc 00007FF7B0C9CD46h 0x0000000f jnl 00007FF7B0C9CD46h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A6446F second address: A64473 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A64473 second address: A6449F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD51h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edi 0x0000000a push edi 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FF7B0C9CD53h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A6463F second address: A64649 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007FF7B0F3BFC6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A64649 second address: A6464F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A64A77 second address: A64A89 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF7B0F3BFCEh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A69498 second address: A6949D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A69639 second address: A69640 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A69640 second address: A69655 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FF7B0C9CD50h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A69655 second address: A6965B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A6965B second address: A69664 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A69664 second address: A6966E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007FF7B0F3BFC6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A69ADF second address: A69AFA instructions: 0x00000000 rdtsc 0x00000002 jp 00007FF7B0C9CD46h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007FF7B0C9CD51h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A69AFA second address: A69B29 instructions: 0x00000000 rdtsc 0x00000002 js 00007FF7B0F3BFE1h 0x00000008 jmp 00007FF7B0F3BFD9h 0x0000000d pushad 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 push ebx 0x00000015 pop ebx 0x00000016 pushad 0x00000017 popad 0x00000018 push edx 0x00000019 pop edx 0x0000001a popad 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A69B29 second address: A69B39 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FF7B0C9CD52h 0x00000008 jc 00007FF7B0C9CD46h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A69B39 second address: A69B47 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 js 00007FF7B0F3BFC6h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A69B47 second address: A69B4B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A69DEF second address: A69DF3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A6C7CC second address: A6C7D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A6C7D0 second address: A6C7D9 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A6C7D9 second address: A6C7F1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007FF7B0C9CD46h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d popad 0x0000000e jc 00007FF7B0C9CD5Ah 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 pop eax 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A6C7F1 second address: A6C7F5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A6C950 second address: A6C964 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF7B0C9CD4Fh 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A6C964 second address: A6C96A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A6C96A second address: A6C96E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A6C96E second address: A6C974 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A6CAF5 second address: A6CAFA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A7474A second address: A7474E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A7474E second address: A7475D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jnp 00007FF7B0C9CD46h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A7BE01 second address: A7BE0B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push edi 0x00000006 push edi 0x00000007 pop edi 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A7BE0B second address: A7BE10 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A7BE10 second address: A7BE17 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A7BE17 second address: A7BE26 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007FF7B0C9CD46h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A7BE26 second address: A7BE2A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A7BF6B second address: A7BF7F instructions: 0x00000000 rdtsc 0x00000002 jns 00007FF7B0C9CD46h 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jc 00007FF7B0C9CD5Eh 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A7BF7F second address: A7BFC8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF7B0F3BFD2h 0x00000009 popad 0x0000000a pushad 0x0000000b jmp 00007FF7B0F3BFD6h 0x00000010 jmp 00007FF7B0F3BFD7h 0x00000015 push eax 0x00000016 push edx 0x00000017 pushad 0x00000018 popad 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A7C281 second address: A7C29D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD56h 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A7C29D second address: A7C2A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A7C433 second address: A7C447 instructions: 0x00000000 rdtsc 0x00000002 jg 00007FF7B0C9CD46h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jc 00007FF7B0C9CD4Ah 0x00000010 pushad 0x00000011 popad 0x00000012 push edx 0x00000013 pop edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A7C447 second address: A7C459 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF7B0F3BFCEh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A7C459 second address: A7C470 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD50h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A7C9E6 second address: A7C9F0 instructions: 0x00000000 rdtsc 0x00000002 jng 00007FF7B0F3BFC6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A7C9F0 second address: A7CA1B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD51h 0x00000007 jo 00007FF7B0C9CD52h 0x0000000d jbe 00007FF7B0C9CD46h 0x00000013 jne 00007FF7B0C9CD46h 0x00000019 pop edx 0x0000001a pop eax 0x0000001b push ecx 0x0000001c pushad 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A7CA1B second address: A7CA21 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A8355E second address: A83577 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD53h 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A83577 second address: A8358E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF7B0F3BFD3h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A8358E second address: A83592 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A83592 second address: A83598 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A83598 second address: A835AF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FF7B0C9CD4Dh 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A8374C second address: A83753 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A838CA second address: A838D0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A838D0 second address: A838D6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A838D6 second address: A838E7 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FF7B0C9CD46h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push ebx 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A838E7 second address: A838ED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A838ED second address: A83919 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD4Dh 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f jmp 00007FF7B0C9CD55h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A82BC7 second address: A82BCD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A82BCD second address: A82BF6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD54h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push edx 0x0000000b pop edx 0x0000000c jmp 00007FF7B0C9CD4Ch 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A82BF6 second address: A82BFB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A82BFB second address: A82C1A instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 jmp 00007FF7B0C9CD4Fh 0x00000008 pop edx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push esi 0x0000000c push ecx 0x0000000d jg 00007FF7B0C9CD46h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A82C1A second address: A82C2E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push esi 0x00000006 jmp 00007FF7B0F3BFCCh 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A8B683 second address: A8B6A2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 jmp 00007FF7B0C9CD55h 0x0000000a pushad 0x0000000b push esi 0x0000000c pop esi 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A8B238 second address: A8B23C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A8B23C second address: A8B242 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A9B1D7 second address: A9B1F1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFD5h 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A9D7A4 second address: A9D7B0 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push edx 0x0000000b pop edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A9D45A second address: A9D46C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF7B0F3BFCEh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AB4F40 second address: AB4F71 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007FF7B0C9CD59h 0x0000000b pushad 0x0000000c popad 0x0000000d popad 0x0000000e jmp 00007FF7B0C9CD4Fh 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AB4F71 second address: AB4F90 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pushad 0x00000004 popad 0x00000005 pop ecx 0x00000006 jmp 00007FF7B0F3BFD2h 0x0000000b pop edx 0x0000000c pop eax 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AB4F90 second address: AB4F96 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AB4F96 second address: AB4F9A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AB5383 second address: AB5387 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AB577A second address: AB577F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AB6265 second address: AB626F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007FF7B0C9CD46h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AB626F second address: AB629B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFCAh 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jmp 00007FF7B0F3BFD2h 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 popad 0x00000014 jo 00007FF7B0F3BFC6h 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AB9C4D second address: AB9C56 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pushad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AB9C56 second address: AB9C73 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 jmp 00007FF7B0F3BFD1h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AB9C73 second address: AB9C77 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AB9C77 second address: AB9C7B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AB9C7B second address: AB9C81 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AB9C81 second address: AB9C87 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AB9C87 second address: AB9C8B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AB994C second address: AB995C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jns 00007FF7B0F3BFCAh 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AB995C second address: AB9962 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AB9962 second address: AB99A6 instructions: 0x00000000 rdtsc 0x00000002 jns 00007FF7B0F3BFC6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jnl 00007FF7B0F3BFCEh 0x00000012 pop edx 0x00000013 pop eax 0x00000014 pushad 0x00000015 jns 00007FF7B0F3BFC8h 0x0000001b push eax 0x0000001c push edx 0x0000001d jmp 00007FF7B0F3BFD7h 0x00000022 jnc 00007FF7B0F3BFC6h 0x00000028 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AC48DC second address: AC48F3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edi 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FF7B0C9CD4Dh 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AC48F3 second address: AC48F7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AC48F7 second address: AC48FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AC7981 second address: AC7987 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AC7987 second address: AC798B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AC798B second address: AC79AE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFD9h 0x00000007 jnp 00007FF7B0F3BFC6h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AC79AE second address: AC79B5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AD7EBE second address: AD7ECC instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push ebx 0x00000008 pushad 0x00000009 popad 0x0000000a pop ebx 0x0000000b push esi 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AD7ECC second address: AD7ED4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: ADA881 second address: ADA8A0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0F3BFD5h 0x00000007 je 00007FF7B0F3BFDEh 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AF0279 second address: AF0297 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FF7B0C9CD46h 0x0000000a jmp 00007FF7B0C9CD52h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AEF134 second address: AEF13A instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AEF13A second address: AEF15A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FF7B0C9CD57h 0x0000000b push ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AEF2B1 second address: AEF2B8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AEFE58 second address: AEFE6B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF7B0C9CD4Eh 0x00000009 pop edi 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AF1863 second address: AF1868 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AF4187 second address: AF4195 instructions: 0x00000000 rdtsc 0x00000002 ja 00007FF7B0C9CD46h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push ebx 0x0000000d pop ebx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AF5CC3 second address: AF5CD3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 js 00007FF7B0F3BFC6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AF5CD3 second address: AF5CD7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AF7AB8 second address: AF7ABE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: AF7ABE second address: AF7AE3 instructions: 0x00000000 rdtsc 0x00000002 je 00007FF7B0C9CD46h 0x00000008 jmp 00007FF7B0C9CD55h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push ecx 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5150367 second address: 5150377 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF7B0F3BFCCh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5150377 second address: 51503A3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD4Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c pushad 0x0000000d mov edx, 070E8EEAh 0x00000012 push eax 0x00000013 push edx 0x00000014 call 00007FF7B0C9CD51h 0x00000019 pop esi 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 51503A3 second address: 51503D3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 xchg eax, ebp 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b push esi 0x0000000c pop edx 0x0000000d pushfd 0x0000000e jmp 00007FF7B0F3BFD2h 0x00000013 sbb al, 00000008h 0x00000016 jmp 00007FF7B0F3BFCBh 0x0000001b popfd 0x0000001c popad 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5150477 second address: 5150493 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movzx esi, bx 0x00000006 call 00007FF7B0C9CD4Bh 0x0000000b pop ecx 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f xchg eax, ebp 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5150493 second address: 5150497 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5150497 second address: 51504A7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF7B0C9CD4Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 51504A7 second address: 51504AD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 51504AD second address: 51504B1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_006318A0 lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,lstrcpy,DeleteFileA,FindNextFileA,FindClose, |
0_2_006318A0 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00633910 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,DeleteFileA,CopyFileA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_00633910 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00631269 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_00631269 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00631250 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_00631250 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_0063E210 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,CopyFileA,lstrcpy,lstrcpy,DeleteFileA,FindNextFileA,FindClose, |
0_2_0063E210 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00634B29 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA, |
0_2_00634B29 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00634B10 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,CopyFileA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,DeleteFileA,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_00634B10 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_0063CBE0 wsprintfA,FindFirstFileA,lstrcat,StrCmpCA,StrCmpCA,wsprintfA,PathMatchSpecA,CoInitialize,CoUninitialize,lstrcat,lstrlen,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,wsprintfA,CopyFileA,CreateFileA,GetFileSizeEx,CloseHandle,CloseHandle,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,lstrcpy,lstrcpy,DeleteFileA,FindNextFileA,FindClose, |
0_2_0063CBE0 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_006323A9 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA, |
0_2_006323A9 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_0062DB80 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrlen,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,StrCmpCA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcpy,DeleteFileA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,StrCmpCA,lstrcpy,GetFileAttributesA,StrCmpCA,lstrcpy,CopyFileA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,DeleteFileA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_0062DB80 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00632390 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,lstrlen,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,GetFileAttributesA,StrCmpCA,lstrlen,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,GetFileAttributesA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,GetFileAttributesA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA, |
0_2_00632390 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_0062DB99 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrlen,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,StrCmpCA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcpy,DeleteFileA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_0062DB99 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_0063DD30 GetProcessHeap,RtlAllocateHeap,wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,lstrcat,lstrcat,lstrlen,lstrlen,lstrcpy, |
0_2_0063DD30 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_0063D530 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_0063D530 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_006216A0 lstrcpy,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,GetFileAttributesA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,lstrcpy,DeleteFileA,FindNextFileA,FindClose, |
0_2_006216A0 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_006216B9 lstrcpy,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA, |
0_2_006216B9 |