Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007E18A0 lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,lstrcpy,DeleteFileA,FindNextFileA,FindClose, |
0_2_007E18A0 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007E3910 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,DeleteFileA,CopyFileA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_007E3910 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007E1269 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_007E1269 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007E1250 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_007E1250 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007EE210 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,CopyFileA,lstrcpy,lstrcpy,DeleteFileA,FindNextFileA,FindClose, |
0_2_007EE210 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007E4B29 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA, |
0_2_007E4B29 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007E4B10 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,CopyFileA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,DeleteFileA,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_007E4B10 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007ECBE0 wsprintfA,FindFirstFileA,lstrcat,StrCmpCA,StrCmpCA,wsprintfA,PathMatchSpecA,CoInitialize,CoUninitialize,lstrcat,lstrlen,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,wsprintfA,CopyFileA,CreateFileA,GetFileSizeEx,CloseHandle,CloseHandle,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,lstrcpy,lstrcpy,DeleteFileA,FindNextFileA,FindClose, |
0_2_007ECBE0 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007E23A9 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA, |
0_2_007E23A9 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007DDB99 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrlen,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,StrCmpCA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcpy,DeleteFileA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_007DDB99 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007E2390 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,lstrlen,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,GetFileAttributesA,StrCmpCA,lstrlen,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,GetFileAttributesA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,GetFileAttributesA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA, |
0_2_007E2390 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007DDB80 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrlen,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,StrCmpCA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcpy,DeleteFileA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,StrCmpCA,lstrcpy,GetFileAttributesA,StrCmpCA,lstrcpy,CopyFileA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,DeleteFileA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_007DDB80 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007ED530 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_007ED530 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007EDD30 GetProcessHeap,RtlAllocateHeap,wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,lstrcat,lstrcat,lstrlen,lstrlen,lstrcpy, |
0_2_007EDD30 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007D16B9 lstrcpy,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA, |
0_2_007D16B9 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007D16A0 lstrcpy,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,GetFileAttributesA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,lstrcpy,DeleteFileA,FindNextFileA,FindClose, |
0_2_007D16A0 |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A201C4 second address: A201D7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F8934532D0Eh 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A201D7 second address: A201DD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A201DD second address: A201E1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A201E1 second address: A1FAAE instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F893453D386h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov dword ptr [esp], eax 0x0000000f jp 00007F893453D39Dh 0x00000015 jmp 00007F893453D397h 0x0000001a push dword ptr [ebp+122D1091h] 0x00000020 jne 00007F893453D387h 0x00000026 call dword ptr [ebp+122D2BC3h] 0x0000002c pushad 0x0000002d jmp 00007F893453D393h 0x00000032 xor eax, eax 0x00000034 sub dword ptr [ebp+122D19BFh], ecx 0x0000003a mov edx, dword ptr [esp+28h] 0x0000003e sub dword ptr [ebp+122D19BFh], esi 0x00000044 mov dword ptr [ebp+122D2904h], eax 0x0000004a add dword ptr [ebp+122D19BFh], edx 0x00000050 mov esi, 0000003Ch 0x00000055 mov dword ptr [ebp+122D19BFh], edx 0x0000005b sub dword ptr [ebp+122D3525h], esi 0x00000061 add esi, dword ptr [esp+24h] 0x00000065 pushad 0x00000066 jne 00007F893453D38Ch 0x0000006c popad 0x0000006d lodsw 0x0000006f mov dword ptr [ebp+122D2045h], eax 0x00000075 add eax, dword ptr [esp+24h] 0x00000079 cld 0x0000007a mov ebx, dword ptr [esp+24h] 0x0000007e sub dword ptr [ebp+122D3525h], ebx 0x00000084 nop 0x00000085 push ecx 0x00000086 jmp 00007F893453D395h 0x0000008b pop ecx 0x0000008c push eax 0x0000008d push eax 0x0000008e push edx 0x0000008f push edx 0x00000090 push eax 0x00000091 push edx 0x00000092 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: A1FAAE second address: A1FAB3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B97693 second address: B97699 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B97699 second address: B9769F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9769F second address: B976A3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B97C55 second address: B97C7D instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F8934532D08h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jno 00007F8934532D08h 0x00000014 pushad 0x00000015 jno 00007F8934532D06h 0x0000001b pushad 0x0000001c popad 0x0000001d jl 00007F8934532D06h 0x00000023 pushad 0x00000024 popad 0x00000025 popad 0x00000026 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B97C7D second address: B97C86 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push edi 0x00000004 pop edi 0x00000005 pop ebx 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B97C86 second address: B97C8C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B97C8C second address: B97C92 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B97DEC second address: B97DF8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop eax 0x00000007 pushad 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9A475 second address: B9A491 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F893453D398h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9A491 second address: B9A4B5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jng 00007F8934532D19h 0x00000011 jmp 00007F8934532D13h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9A4B5 second address: B9A4E8 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pushad 0x00000004 popad 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [esp+04h] 0x0000000c pushad 0x0000000d pushad 0x0000000e jg 00007F893453D386h 0x00000014 pushad 0x00000015 popad 0x00000016 popad 0x00000017 push ecx 0x00000018 jg 00007F893453D386h 0x0000001e pop ecx 0x0000001f popad 0x00000020 mov eax, dword ptr [eax] 0x00000022 pushad 0x00000023 jno 00007F893453D388h 0x00000029 jc 00007F893453D38Ch 0x0000002f push eax 0x00000030 push edx 0x00000031 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9A4E8 second address: A1FAAE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 mov dword ptr [esp+04h], eax 0x00000009 jmp 00007F8934532D0Ch 0x0000000e pop eax 0x0000000f mov dword ptr [ebp+122D2045h], esi 0x00000015 push dword ptr [ebp+122D1091h] 0x0000001b xor dh, 00000009h 0x0000001e call dword ptr [ebp+122D2BC3h] 0x00000024 pushad 0x00000025 jmp 00007F8934532D13h 0x0000002a xor eax, eax 0x0000002c sub dword ptr [ebp+122D19BFh], ecx 0x00000032 mov edx, dword ptr [esp+28h] 0x00000036 sub dword ptr [ebp+122D19BFh], esi 0x0000003c mov dword ptr [ebp+122D2904h], eax 0x00000042 add dword ptr [ebp+122D19BFh], edx 0x00000048 mov esi, 0000003Ch 0x0000004d mov dword ptr [ebp+122D19BFh], edx 0x00000053 sub dword ptr [ebp+122D3525h], esi 0x00000059 add esi, dword ptr [esp+24h] 0x0000005d pushad 0x0000005e jne 00007F8934532D0Ch 0x00000064 popad 0x00000065 lodsw 0x00000067 mov dword ptr [ebp+122D2045h], eax 0x0000006d add eax, dword ptr [esp+24h] 0x00000071 cld 0x00000072 mov ebx, dword ptr [esp+24h] 0x00000076 sub dword ptr [ebp+122D3525h], ebx 0x0000007c nop 0x0000007d push ecx 0x0000007e jmp 00007F8934532D15h 0x00000083 pop ecx 0x00000084 push eax 0x00000085 push eax 0x00000086 push edx 0x00000087 push edx 0x00000088 push eax 0x00000089 push edx 0x0000008a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9A524 second address: B9A562 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 jmp 00007F893453D395h 0x00000008 pop edx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov dword ptr [esp], eax 0x0000000e jnp 00007F893453D388h 0x00000014 mov ch, 64h 0x00000016 push 00000000h 0x00000018 xor esi, dword ptr [ebp+122D2854h] 0x0000001e clc 0x0000001f push D1814EECh 0x00000024 push eax 0x00000025 push edx 0x00000026 jne 00007F893453D388h 0x0000002c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9A562 second address: B9A5BE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F8934532D0Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 add dword ptr [esp], 2E7EB194h 0x00000010 mov dword ptr [ebp+122D37DEh], eax 0x00000016 push 00000003h 0x00000018 or esi, 6FF2C100h 0x0000001e push 00000000h 0x00000020 sbb edx, 0CAD763Eh 0x00000026 push 00000003h 0x00000028 push 00000000h 0x0000002a push edi 0x0000002b call 00007F8934532D08h 0x00000030 pop edi 0x00000031 mov dword ptr [esp+04h], edi 0x00000035 add dword ptr [esp+04h], 00000016h 0x0000003d inc edi 0x0000003e push edi 0x0000003f ret 0x00000040 pop edi 0x00000041 ret 0x00000042 mov edi, edx 0x00000044 push 91342199h 0x00000049 push eax 0x0000004a push edx 0x0000004b push eax 0x0000004c pushad 0x0000004d popad 0x0000004e pop eax 0x0000004f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9A685 second address: B9A689 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9A689 second address: B9A6B1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 mov dword ptr [esp], eax 0x0000000a adc cx, D4ACh 0x0000000f push 00000000h 0x00000011 mov dword ptr [ebp+122D2BF4h], edi 0x00000017 push 29CACF5Eh 0x0000001c push eax 0x0000001d push edx 0x0000001e pushad 0x0000001f pushad 0x00000020 popad 0x00000021 jc 00007F8934532D06h 0x00000027 popad 0x00000028 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9A6B1 second address: B9A768 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jmp 00007F893453D399h 0x00000008 pop ebx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xor dword ptr [esp], 29CACFDEh 0x00000012 sub dword ptr [ebp+122D2B9Ah], edi 0x00000018 push 00000003h 0x0000001a sub dword ptr [ebp+122D1A93h], esi 0x00000020 push 00000000h 0x00000022 jo 00007F893453D386h 0x00000028 push 00000003h 0x0000002a call 00007F893453D389h 0x0000002f push ebx 0x00000030 jnc 00007F893453D388h 0x00000036 pushad 0x00000037 popad 0x00000038 pop ebx 0x00000039 push eax 0x0000003a jbe 00007F893453D3A4h 0x00000040 mov eax, dword ptr [esp+04h] 0x00000044 jmp 00007F893453D392h 0x00000049 mov eax, dword ptr [eax] 0x0000004b push edx 0x0000004c jmp 00007F893453D38Bh 0x00000051 pop edx 0x00000052 mov dword ptr [esp+04h], eax 0x00000056 push eax 0x00000057 push edx 0x00000058 jmp 00007F893453D396h 0x0000005d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9A768 second address: B9A76D instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9A76D second address: B9A7A8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 pop eax 0x00000008 jmp 00007F893453D391h 0x0000000d lea ebx, dword ptr [ebp+1244E3A8h] 0x00000013 cld 0x00000014 xchg eax, ebx 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007F893453D398h 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9A7A8 second address: B9A7CA instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 jmp 00007F8934532D0Eh 0x00000008 pop edx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c pushad 0x0000000d push eax 0x0000000e jc 00007F8934532D06h 0x00000014 pop eax 0x00000015 push eax 0x00000016 push edx 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9A7CA second address: B9A7CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9A959 second address: B9A962 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9A962 second address: B9A9EF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b push ecx 0x0000000c jp 00007F893453D38Ch 0x00000012 pop ecx 0x00000013 mov eax, dword ptr [eax] 0x00000015 jmp 00007F893453D390h 0x0000001a mov dword ptr [esp+04h], eax 0x0000001e push eax 0x0000001f push edx 0x00000020 pushad 0x00000021 popad 0x00000022 pop edx 0x00000023 pop eax 0x00000024 pop eax 0x00000025 jl 00007F893453D38Fh 0x0000002b pushad 0x0000002c add bx, EE47h 0x00000031 mov al, B5h 0x00000033 popad 0x00000034 lea ebx, dword ptr [ebp+1244E3B3h] 0x0000003a mov esi, ebx 0x0000003c jne 00007F893453D39Ah 0x00000042 xchg eax, ebx 0x00000043 jne 00007F893453D39Ah 0x00000049 push eax 0x0000004a push eax 0x0000004b push edx 0x0000004c jo 00007F893453D38Ch 0x00000052 push eax 0x00000053 push edx 0x00000054 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9A9EF second address: B9A9F3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B8AD03 second address: B8AD3E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F893453D395h 0x00000009 pop ebx 0x0000000a jc 00007F893453D3A1h 0x00000010 pushad 0x00000011 popad 0x00000012 jmp 00007F893453D399h 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B8AD3E second address: B8AD43 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B8AD43 second address: B8AD6D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F893453D386h 0x0000000a jnp 00007F893453D386h 0x00000010 jmp 00007F893453D38Ch 0x00000015 popad 0x00000016 pop edx 0x00000017 pop eax 0x00000018 push eax 0x00000019 push edx 0x0000001a pushad 0x0000001b js 00007F893453D386h 0x00000021 push eax 0x00000022 push edx 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B8AD6D second address: B8AD72 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BB9A95 second address: BB9AB8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F893453D394h 0x0000000e jnp 00007F893453D386h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BB9C26 second address: BB9C2A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BB9F31 second address: BB9F53 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F893453D398h 0x00000007 jc 00007F893453D386h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BB9F53 second address: BB9F5D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jo 00007F8934532D06h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BB9F5D second address: BB9F61 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BBA4D8 second address: BBA508 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 jng 00007F8934532D06h 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 jc 00007F8934532D06h 0x00000017 jmp 00007F8934532D19h 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BBA643 second address: BBA647 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BBA647 second address: BBA64D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BBA64D second address: BBA652 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BBA911 second address: BBA917 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BBA917 second address: BBA91B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BBA91B second address: BBA923 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BBA923 second address: BBA93A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F893453D393h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BBA93A second address: BBA93E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BBAA9F second address: BBAAA3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BBAAA3 second address: BBAAA9 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BBAAA9 second address: BBAAAF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BBABFD second address: BBAC07 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 je 00007F8934532D06h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B877D5 second address: B877D9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B877D9 second address: B877E8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F8934532D06h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B877E8 second address: B877EE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BBFD8C second address: BBFD91 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC02BB second address: BC02BF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC02BF second address: BC02C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC02C5 second address: BC02CB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BBEB57 second address: BBEB5B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BBEB5B second address: BBEB61 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC03D0 second address: BC03D4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC0555 second address: BC055A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC055A second address: BC055F instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC6030 second address: BC6038 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC6038 second address: BC603D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC603D second address: BC6045 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC6045 second address: BC6063 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 pushad 0x00000008 jmp 00007F8934532D0Eh 0x0000000d jc 00007F8934532D12h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC6063 second address: BC6069 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC648F second address: BC64AB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F8934532D12h 0x00000007 jo 00007F8934532D0Eh 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC65E9 second address: BC65F3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007F893453D386h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC65F3 second address: BC6617 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F8934532D06h 0x00000008 jmp 00007F8934532D16h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC6617 second address: BC662E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F893453D393h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC662E second address: BC6634 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC6634 second address: BC663A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC663A second address: BC666B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F8934532D0Eh 0x00000008 js 00007F8934532D06h 0x0000000e jmp 00007F8934532D0Bh 0x00000013 popad 0x00000014 push eax 0x00000015 push edx 0x00000016 jbe 00007F8934532D06h 0x0000001c jne 00007F8934532D06h 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC85F4 second address: BC85FA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC85FA second address: BC85FE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC85FE second address: BC8604 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B89244 second address: B89248 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B89248 second address: B8924E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B8924E second address: B89254 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B89254 second address: B8925E instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F893453D38Eh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B8925E second address: B8926D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push esi 0x00000009 push eax 0x0000000a push edx 0x0000000b push esi 0x0000000c pop esi 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC9252 second address: BC9258 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC9258 second address: BC9284 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F8934532D17h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d je 00007F8934532D06h 0x00000013 jo 00007F8934532D06h 0x00000019 popad 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC9413 second address: BC9438 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F893453D392h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jg 00007F893453D39Eh 0x00000010 push eax 0x00000011 push edx 0x00000012 js 00007F893453D386h 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC99E6 second address: BC99EB instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC99EB second address: BC9A0B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d jmp 00007F893453D392h 0x00000012 popad 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC9A0B second address: BC9A11 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC9A11 second address: BC9A15 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC9B83 second address: BC9B87 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC9C77 second address: BC9C9C instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 jbe 00007F893453D386h 0x00000009 pop esi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push ebx 0x00000010 jmp 00007F893453D394h 0x00000015 pop ebx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC9F98 second address: BC9F9C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC9F9C second address: BC9FA2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BC9FA2 second address: BC9FA7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCA0B0 second address: BCA0B4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCA0B4 second address: BCA0B8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCA154 second address: BCA17C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop eax 0x00000006 mov dword ptr [esp], eax 0x00000009 mov esi, ecx 0x0000000b xchg eax, ebx 0x0000000c jnl 00007F893453D38Ah 0x00000012 push eax 0x00000013 push eax 0x00000014 push edx 0x00000015 jmp 00007F893453D38Fh 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCAFEF second address: BCAFF4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCAFF4 second address: BCB017 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F893453D397h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCB017 second address: BCB01C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCB01C second address: BCB022 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCB022 second address: BCB026 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCB026 second address: BCB05A instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 push 00000000h 0x0000000b movsx edi, si 0x0000000e push 00000000h 0x00000010 or dword ptr [ebp+122D2BA8h], ecx 0x00000016 jmp 00007F893453D397h 0x0000001b xchg eax, ebx 0x0000001c push eax 0x0000001d push edx 0x0000001e push eax 0x0000001f push edx 0x00000020 pushad 0x00000021 popad 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCB05A second address: BCB05E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCB05E second address: BCB064 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCB064 second address: BCB07B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F8934532D0Ah 0x00000008 pushad 0x00000009 popad 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e push ebx 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCC070 second address: BCC075 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCC075 second address: BCC0AD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F8934532D16h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c mov dword ptr [ebp+122D1885h], ecx 0x00000012 push 00000000h 0x00000014 push 00000000h 0x00000016 mov dword ptr [ebp+12471EB1h], ebx 0x0000001c push eax 0x0000001d push ecx 0x0000001e pushad 0x0000001f jl 00007F8934532D06h 0x00000025 push eax 0x00000026 push edx 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCCA6B second address: BCCAD3 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pushad 0x00000004 popad 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d jmp 00007F893453D393h 0x00000012 popad 0x00000013 pop eax 0x00000014 nop 0x00000015 push ecx 0x00000016 sub edi, 35816077h 0x0000001c pop esi 0x0000001d sub dword ptr [ebp+12456846h], edi 0x00000023 push 00000000h 0x00000025 sub edi, 0BFD5AE4h 0x0000002b mov edi, dword ptr [ebp+122D3693h] 0x00000031 push 00000000h 0x00000033 xchg eax, ebx 0x00000034 jmp 00007F893453D393h 0x00000039 push eax 0x0000003a pushad 0x0000003b jmp 00007F893453D38Dh 0x00000040 push eax 0x00000041 push edx 0x00000042 pushad 0x00000043 popad 0x00000044 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCD45F second address: BCD465 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCD465 second address: BCD469 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCD469 second address: BCD46D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCDDE5 second address: BCDDF9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F893453D390h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCDDF9 second address: BCDE03 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 ja 00007F8934532D06h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCDE03 second address: BCDE80 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F893453D386h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov dword ptr [esp], eax 0x0000000f push 00000000h 0x00000011 push ebx 0x00000012 call 00007F893453D388h 0x00000017 pop ebx 0x00000018 mov dword ptr [esp+04h], ebx 0x0000001c add dword ptr [esp+04h], 00000016h 0x00000024 inc ebx 0x00000025 push ebx 0x00000026 ret 0x00000027 pop ebx 0x00000028 ret 0x00000029 pushad 0x0000002a and esi, dword ptr [ebp+122D2910h] 0x00000030 add eax, dword ptr [ebp+122D1946h] 0x00000036 popad 0x00000037 mov di, CD1Fh 0x0000003b push 00000000h 0x0000003d mov dword ptr [ebp+122D26A0h], edi 0x00000043 push 00000000h 0x00000045 push 00000000h 0x00000047 push edx 0x00000048 call 00007F893453D388h 0x0000004d pop edx 0x0000004e mov dword ptr [esp+04h], edx 0x00000052 add dword ptr [esp+04h], 00000014h 0x0000005a inc edx 0x0000005b push edx 0x0000005c ret 0x0000005d pop edx 0x0000005e ret 0x0000005f or dword ptr [ebp+122D199Dh], ebx 0x00000065 jnc 00007F893453D38Ch 0x0000006b push eax 0x0000006c pushad 0x0000006d push eax 0x0000006e push edx 0x0000006f push eax 0x00000070 push edx 0x00000071 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCDE80 second address: BCDE84 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCDE84 second address: BCDE88 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCD1B4 second address: BCD1D1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F8934532D19h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B826D3 second address: B826D7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD09D4 second address: BD09E4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F8934532D0Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD09E4 second address: BD09EA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD09EA second address: BD09EE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD09EE second address: BD0A5F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 push 00000000h 0x0000000b push edi 0x0000000c call 00007F893453D388h 0x00000011 pop edi 0x00000012 mov dword ptr [esp+04h], edi 0x00000016 add dword ptr [esp+04h], 00000014h 0x0000001e inc edi 0x0000001f push edi 0x00000020 ret 0x00000021 pop edi 0x00000022 ret 0x00000023 mov si, cx 0x00000026 sub dword ptr [ebp+1244CD26h], edx 0x0000002c push 00000000h 0x0000002e push 00000000h 0x00000030 push ecx 0x00000031 call 00007F893453D388h 0x00000036 pop ecx 0x00000037 mov dword ptr [esp+04h], ecx 0x0000003b add dword ptr [esp+04h], 00000019h 0x00000043 inc ecx 0x00000044 push ecx 0x00000045 ret 0x00000046 pop ecx 0x00000047 ret 0x00000048 mov edi, dword ptr [ebp+122D27B4h] 0x0000004e mov dword ptr [ebp+1246E6F2h], eax 0x00000054 push 00000000h 0x00000056 movzx edi, dx 0x00000059 xchg eax, ebx 0x0000005a jl 00007F893453D392h 0x00000060 jl 00007F893453D38Ch 0x00000066 push eax 0x00000067 push edx 0x00000068 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD475F second address: BD4763 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD4D0A second address: BD4D17 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pushad 0x00000004 popad 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCE61B second address: BCE62C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F8934532D0Ah 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCF0CF second address: BCF0D5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BCE62C second address: BCE630 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD126E second address: BD1273 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD1273 second address: BD128E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F8934532D0Dh 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 popad 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD128E second address: BD1294 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD8B67 second address: BD8BDC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 pushad 0x00000006 popad 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b push 00000000h 0x0000000d push ecx 0x0000000e call 00007F8934532D08h 0x00000013 pop ecx 0x00000014 mov dword ptr [esp+04h], ecx 0x00000018 add dword ptr [esp+04h], 00000019h 0x00000020 inc ecx 0x00000021 push ecx 0x00000022 ret 0x00000023 pop ecx 0x00000024 ret 0x00000025 pushad 0x00000026 movsx eax, bx 0x00000029 jmp 00007F8934532D0Fh 0x0000002e popad 0x0000002f push 00000000h 0x00000031 mov edi, dword ptr [ebp+1244D2D2h] 0x00000037 push 00000000h 0x00000039 push 00000000h 0x0000003b push ebp 0x0000003c call 00007F8934532D08h 0x00000041 pop ebp 0x00000042 mov dword ptr [esp+04h], ebp 0x00000046 add dword ptr [esp+04h], 0000001Dh 0x0000004e inc ebp 0x0000004f push ebp 0x00000050 ret 0x00000051 pop ebp 0x00000052 ret 0x00000053 push eax 0x00000054 push ecx 0x00000055 push eax 0x00000056 push edx 0x00000057 push eax 0x00000058 push edx 0x00000059 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD8BDC second address: BD8BE0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD4E7F second address: BD4E89 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F8934532D06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD4E89 second address: BD4E8F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD4E8F second address: BD4E93 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD4E93 second address: BD4EBF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d jmp 00007F893453D399h 0x00000012 popad 0x00000013 pushad 0x00000014 push ebx 0x00000015 pop ebx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BDAACB second address: BDAAD0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BDAAD0 second address: BDAB3D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 jmp 00007F893453D396h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d nop 0x0000000e or di, DB90h 0x00000013 push 00000000h 0x00000015 push ecx 0x00000016 sub ebx, 1E2F7144h 0x0000001c pop edi 0x0000001d push 00000000h 0x0000001f push 00000000h 0x00000021 push ebp 0x00000022 call 00007F893453D388h 0x00000027 pop ebp 0x00000028 mov dword ptr [esp+04h], ebp 0x0000002c add dword ptr [esp+04h], 00000019h 0x00000034 inc ebp 0x00000035 push ebp 0x00000036 ret 0x00000037 pop ebp 0x00000038 ret 0x00000039 jmp 00007F893453D38Bh 0x0000003e xchg eax, esi 0x0000003f push eax 0x00000040 push edx 0x00000041 pushad 0x00000042 jg 00007F893453D386h 0x00000048 jg 00007F893453D386h 0x0000004e popad 0x0000004f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BDAB3D second address: BDAB47 instructions: 0x00000000 rdtsc 0x00000002 je 00007F8934532D0Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BDAB47 second address: BDAB53 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a push ecx 0x0000000b pop ecx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD8CC4 second address: BD8D19 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 mov dword ptr [esp], eax 0x00000008 push dword ptr fs:[00000000h] 0x0000000f mov bx, 878Bh 0x00000013 mov dword ptr fs:[00000000h], esp 0x0000001a mov di, dx 0x0000001d mov eax, dword ptr [ebp+122D0451h] 0x00000023 push FFFFFFFFh 0x00000025 jmp 00007F8934532D15h 0x0000002a push eax 0x0000002b push eax 0x0000002c push edx 0x0000002d jmp 00007F8934532D18h 0x00000032 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD9D3F second address: BD9D59 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F893453D38Ch 0x00000008 jno 00007F893453D386h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 ja 00007F893453D38Eh 0x00000017 push edi 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BDCA41 second address: BDCABC instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F8934532D0Eh 0x0000000b popad 0x0000000c push eax 0x0000000d jmp 00007F8934532D11h 0x00000012 nop 0x00000013 push 00000000h 0x00000015 push ecx 0x00000016 call 00007F8934532D08h 0x0000001b pop ecx 0x0000001c mov dword ptr [esp+04h], ecx 0x00000020 add dword ptr [esp+04h], 0000001Bh 0x00000028 inc ecx 0x00000029 push ecx 0x0000002a ret 0x0000002b pop ecx 0x0000002c ret 0x0000002d sub di, 15A2h 0x00000032 push 00000000h 0x00000034 jno 00007F8934532D0Bh 0x0000003a jnp 00007F8934532D0Ch 0x00000040 and ebx, 62AFA1A2h 0x00000046 push 00000000h 0x00000048 mov di, dx 0x0000004b push eax 0x0000004c push eax 0x0000004d push edx 0x0000004e pushad 0x0000004f js 00007F8934532D06h 0x00000055 pushad 0x00000056 popad 0x00000057 popad 0x00000058 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BE0A04 second address: BE0A22 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F893453D38Ah 0x00000009 jg 00007F893453D386h 0x0000000f popad 0x00000010 push ebx 0x00000011 je 00007F893453D386h 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BE0A22 second address: BE0A42 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 jbe 00007F8934532D16h 0x0000000b jmp 00007F8934532D0Eh 0x00000010 pushad 0x00000011 popad 0x00000012 popad 0x00000013 pushad 0x00000014 push edi 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BE0A42 second address: BE0A81 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 jp 00007F893453D39Dh 0x0000000b jmp 00007F893453D395h 0x00000010 push eax 0x00000011 push edx 0x00000012 ja 00007F893453D386h 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B85CD2 second address: B85CD7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BE1034 second address: BE1049 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F893453D391h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BDDC72 second address: BDDC8B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F8934532D15h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BDCC07 second address: BDCC1F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F893453D393h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BE20DE second address: BE20ED instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push edx 0x00000004 pop edx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BE20ED second address: BE20F1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BE20F1 second address: BE20FB instructions: 0x00000000 rdtsc 0x00000002 ja 00007F8934532D06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BE11A6 second address: BE11AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BE2387 second address: BE239F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F8934532D14h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BE335E second address: BE340E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F893453D398h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a mov dword ptr [esp], eax 0x0000000d push 00000000h 0x0000000f push ecx 0x00000010 call 00007F893453D388h 0x00000015 pop ecx 0x00000016 mov dword ptr [esp+04h], ecx 0x0000001a add dword ptr [esp+04h], 00000019h 0x00000022 inc ecx 0x00000023 push ecx 0x00000024 ret 0x00000025 pop ecx 0x00000026 ret 0x00000027 movsx edi, cx 0x0000002a push dword ptr fs:[00000000h] 0x00000031 call 00007F893453D38Dh 0x00000036 mov dword ptr [ebp+1246D144h], eax 0x0000003c pop edi 0x0000003d mov dword ptr fs:[00000000h], esp 0x00000044 sub bh, 0000005Fh 0x00000047 clc 0x00000048 mov eax, dword ptr [ebp+122D0B75h] 0x0000004e mov ebx, dword ptr [ebp+122D37E9h] 0x00000054 push FFFFFFFFh 0x00000056 push 00000000h 0x00000058 push ecx 0x00000059 call 00007F893453D388h 0x0000005e pop ecx 0x0000005f mov dword ptr [esp+04h], ecx 0x00000063 add dword ptr [esp+04h], 00000016h 0x0000006b inc ecx 0x0000006c push ecx 0x0000006d ret 0x0000006e pop ecx 0x0000006f ret 0x00000070 jmp 00007F893453D38Bh 0x00000075 push eax 0x00000076 jo 00007F893453D394h 0x0000007c push eax 0x0000007d push edx 0x0000007e jnl 00007F893453D386h 0x00000084 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BEDCC0 second address: BEDCC4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BEDE41 second address: BEDE5C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F893453D396h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BEDE5C second address: BEDE7B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jp 00007F8934532D06h 0x0000000a jmp 00007F8934532D15h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BEE1CE second address: BEE1D7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BEE1D7 second address: BEE1E7 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F8934532D08h 0x00000008 push edi 0x00000009 pop edi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d push ebx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BEE1E7 second address: BEE1F5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pushad 0x00000006 je 00007F893453D386h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BF166F second address: BF168D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp+04h], eax 0x0000000b jnc 00007F8934532D28h 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007F8934532D0Bh 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BF168D second address: A1FAAE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F893453D391h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop eax 0x0000000a jmp 00007F893453D38Ch 0x0000000f push dword ptr [ebp+122D1091h] 0x00000015 clc 0x00000016 call dword ptr [ebp+122D2BC3h] 0x0000001c pushad 0x0000001d jmp 00007F893453D393h 0x00000022 xor eax, eax 0x00000024 sub dword ptr [ebp+122D19BFh], ecx 0x0000002a mov edx, dword ptr [esp+28h] 0x0000002e sub dword ptr [ebp+122D19BFh], esi 0x00000034 mov dword ptr [ebp+122D2904h], eax 0x0000003a add dword ptr [ebp+122D19BFh], edx 0x00000040 mov esi, 0000003Ch 0x00000045 mov dword ptr [ebp+122D19BFh], edx 0x0000004b sub dword ptr [ebp+122D3525h], esi 0x00000051 add esi, dword ptr [esp+24h] 0x00000055 pushad 0x00000056 jne 00007F893453D38Ch 0x0000005c popad 0x0000005d lodsw 0x0000005f mov dword ptr [ebp+122D2045h], eax 0x00000065 add eax, dword ptr [esp+24h] 0x00000069 cld 0x0000006a mov ebx, dword ptr [esp+24h] 0x0000006e sub dword ptr [ebp+122D3525h], ebx 0x00000074 nop 0x00000075 push ecx 0x00000076 jmp 00007F893453D395h 0x0000007b pop ecx 0x0000007c push eax 0x0000007d push eax 0x0000007e push edx 0x0000007f push edx 0x00000080 push eax 0x00000081 push edx 0x00000082 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BF2871 second address: BF2875 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BF2875 second address: BF2879 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BF2879 second address: BF288B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jnp 00007F8934532D0Eh 0x0000000e pushad 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BF288B second address: BF28CF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 jmp 00007F893453D397h 0x0000000a pop edx 0x0000000b jmp 00007F893453D390h 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 push edi 0x00000014 pushad 0x00000015 popad 0x00000016 jmp 00007F893453D38Dh 0x0000001b pop edi 0x0000001c push edx 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BF28CF second address: BF28D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BF89C9 second address: BF89DB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F893453D38Eh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BF89DB second address: BF89E1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BF8CAB second address: BF8CD4 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F893453D386h 0x00000008 jbe 00007F893453D386h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 popad 0x00000014 jmp 00007F893453D395h 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BF8CD4 second address: BF8CD8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BF8CD8 second address: BF8CE0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BF8CE0 second address: BF8D06 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F8934532D08h 0x00000008 pushad 0x00000009 popad 0x0000000a jmp 00007F8934532D16h 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push ebx 0x00000012 push esi 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BF8D06 second address: BF8D16 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007F893453D386h 0x0000000a pop esi 0x0000000b push esi 0x0000000c push edi 0x0000000d pop edi 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B8420A second address: B84214 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F8934532D06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BFF95B second address: BFF97B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F893453D397h 0x00000009 pop eax 0x0000000a pushad 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BFFAFB second address: BFFB01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BFFDD5 second address: BFFDEC instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F893453D38Dh 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BFFDEC second address: BFFE11 instructions: 0x00000000 rdtsc 0x00000002 js 00007F8934532D06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d jmp 00007F8934532D16h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BFFF2E second address: BFFF32 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BFFF32 second address: BFFF36 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BFFF36 second address: BFFF3C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BFFF3C second address: BFFF5C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F8934532D15h 0x0000000b pushad 0x0000000c push eax 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BFFF5C second address: BFFF62 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C000BF second address: C000CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007F8934532D06h 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C000CA second address: C000CF instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD1D76 second address: BD1D7C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD1D7C second address: BD1D8E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F893453D38Eh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD1D8E second address: BD1D92 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD2149 second address: BD2153 instructions: 0x00000000 rdtsc 0x00000002 js 00007F893453D38Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD2242 second address: BD2246 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD2246 second address: BD224C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD224C second address: BD2282 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jo 00007F8934532D06h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e mov eax, dword ptr [eax] 0x00000010 pushad 0x00000011 jmp 00007F8934532D13h 0x00000016 jo 00007F8934532D08h 0x0000001c push edx 0x0000001d pop edx 0x0000001e popad 0x0000001f mov dword ptr [esp+04h], eax 0x00000023 push eax 0x00000024 push edx 0x00000025 pushad 0x00000026 push eax 0x00000027 push edx 0x00000028 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD2282 second address: BD228D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007F893453D386h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD22D7 second address: BD22DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD2324 second address: BD2328 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD2328 second address: BD233B instructions: 0x00000000 rdtsc 0x00000002 jng 00007F8934532D06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jo 00007F8934532D06h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD233B second address: BD238A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 pushad 0x00000008 pushad 0x00000009 jmp 00007F893453D38Ah 0x0000000e pushad 0x0000000f popad 0x00000010 popad 0x00000011 jo 00007F893453D398h 0x00000017 jmp 00007F893453D392h 0x0000001c popad 0x0000001d xchg eax, esi 0x0000001e mov edx, 68EB352Eh 0x00000023 cmc 0x00000024 nop 0x00000025 jbe 00007F893453D38Eh 0x0000002b push eax 0x0000002c push esi 0x0000002d jnc 00007F893453D38Ch 0x00000033 push eax 0x00000034 push edx 0x00000035 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD2408 second address: BD240E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD240E second address: BD2412 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD2B12 second address: BD2B1C instructions: 0x00000000 rdtsc 0x00000002 jc 00007F8934532D0Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD2D66 second address: BD2D6C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD2D6C second address: BD2D70 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD2D70 second address: BD2DCD instructions: 0x00000000 rdtsc 0x00000002 jng 00007F893453D386h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d jmp 00007F893453D394h 0x00000012 nop 0x00000013 push 00000000h 0x00000015 push edi 0x00000016 call 00007F893453D388h 0x0000001b pop edi 0x0000001c mov dword ptr [esp+04h], edi 0x00000020 add dword ptr [esp+04h], 0000001Bh 0x00000028 inc edi 0x00000029 push edi 0x0000002a ret 0x0000002b pop edi 0x0000002c ret 0x0000002d mov dword ptr [ebp+122D3784h], edx 0x00000033 or dh, 00000017h 0x00000036 lea eax, dword ptr [ebp+12485A33h] 0x0000003c movzx edi, si 0x0000003f push eax 0x00000040 pushad 0x00000041 push eax 0x00000042 push edx 0x00000043 push eax 0x00000044 push edx 0x00000045 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD2DCD second address: BD2DD1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C03E5F second address: C03E65 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C03E65 second address: C03E6B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C03F93 second address: C03FAF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F893453D398h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C04151 second address: C04156 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C042BC second address: C042F8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F893453D396h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jng 00007F893453D388h 0x00000011 pushad 0x00000012 popad 0x00000013 jp 00007F893453D38Ah 0x00000019 jo 00007F893453D392h 0x0000001f jnl 00007F893453D386h 0x00000025 push eax 0x00000026 push edx 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C042F8 second address: C0430E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F8934532D0Fh 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0430E second address: C04313 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0458A second address: C0458F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0FDD0 second address: C0FDF0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F893453D393h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jng 00007F893453D386h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0FDF0 second address: C0FDF6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0FDF6 second address: C0FE0A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F893453D38Fh 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0FE0A second address: C0FE15 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jns 00007F8934532D06h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0FE15 second address: C0FE23 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F893453D386h 0x0000000a popad 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0FE23 second address: C0FE2B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0EB44 second address: C0EB48 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0EB48 second address: C0EB5A instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push esi 0x00000009 jp 00007F8934532D06h 0x0000000f pushad 0x00000010 popad 0x00000011 pop esi 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0EB5A second address: C0EB7E instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pushad 0x00000004 popad 0x00000005 pop ebx 0x00000006 jnp 00007F893453D395h 0x0000000c jmp 00007F893453D38Dh 0x00000011 push ecx 0x00000012 pop ecx 0x00000013 pop edx 0x00000014 pop eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 popad 0x0000001a pushad 0x0000001b popad 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0EC9B second address: C0ECA1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0ECA1 second address: C0ECAB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007F893453D386h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0ECAB second address: C0ECB1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0ECB1 second address: C0ECC1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jns 00007F893453D386h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0ECC1 second address: C0ECC5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0EF8E second address: C0EF94 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0F3CB second address: C0F3D1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0F3D1 second address: C0F3D6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0F52D second address: C0F532 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0F6B8 second address: C0F6C1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 popad 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0F6C1 second address: C0F6C7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0F6C7 second address: C0F6CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0F6CD second address: C0F6D1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0E5CD second address: C0E5D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C0E5D3 second address: C0E5E7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop ebx 0x00000006 push ecx 0x00000007 push esi 0x00000008 js 00007F8934532D06h 0x0000000e pushad 0x0000000f popad 0x00000010 pop esi 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C13186 second address: C1318C instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C1318C second address: C131A2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 jmp 00007F8934532D0Bh 0x0000000c pop eax 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C12946 second address: C12959 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F893453D38Dh 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C12959 second address: C12984 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007F8934532D16h 0x0000000a pushad 0x0000000b jmp 00007F8934532D0Bh 0x00000010 push ecx 0x00000011 pop ecx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C12984 second address: C1298C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C12B05 second address: C12B24 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop ebx 0x00000006 push ecx 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b jmp 00007F8934532D14h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C12B24 second address: C12B28 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C12C70 second address: C12C78 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C12C78 second address: C12CCB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F893453D392h 0x00000007 push edi 0x00000008 jbe 00007F893453D386h 0x0000000e pushad 0x0000000f popad 0x00000010 pop edi 0x00000011 pop edx 0x00000012 pop eax 0x00000013 jl 00007F893453D3C3h 0x00000019 jmp 00007F893453D390h 0x0000001e push eax 0x0000001f push edx 0x00000020 jmp 00007F893453D399h 0x00000025 push eax 0x00000026 push edx 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C12CCB second address: C12CCF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C12CCF second address: C12CD3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C12E44 second address: C12E75 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F8934532D17h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F8934532D16h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C15568 second address: C1556C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C1556C second address: C155AD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F8934532D0Ch 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c jmp 00007F8934532D13h 0x00000011 jmp 00007F8934532D18h 0x00000016 push esi 0x00000017 pop esi 0x00000018 popad 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C155AD second address: C155C7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F893453D395h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C150A9 second address: C150B5 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F8934532D06h 0x00000008 push eax 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C15264 second address: C1526E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnp 00007F893453D386h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C1526E second address: C15278 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F8934532D06h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C1AE52 second address: C1AE85 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F893453D398h 0x00000009 jmp 00007F893453D396h 0x0000000e popad 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C1AE85 second address: C1AE96 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F8934532D08h 0x00000008 push edx 0x00000009 pop edx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push esi 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C1AE96 second address: C1AE9B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C1A3D2 second address: C1A3E0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push edx 0x00000006 pushad 0x00000007 popad 0x00000008 pop edx 0x00000009 pushad 0x0000000a push esi 0x0000000b pop esi 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C1A521 second address: C1A52D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F893453D386h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C1A52D second address: C1A536 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C247DE second address: C247F1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F893453D38Fh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: BD28B1 second address: BD2903 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F8934532D0Ch 0x00000009 popad 0x0000000a pop eax 0x0000000b nop 0x0000000c push 00000000h 0x0000000e push edx 0x0000000f call 00007F8934532D08h 0x00000014 pop edx 0x00000015 mov dword ptr [esp+04h], edx 0x00000019 add dword ptr [esp+04h], 0000001Ch 0x00000021 inc edx 0x00000022 push edx 0x00000023 ret 0x00000024 pop edx 0x00000025 ret 0x00000026 mov edi, dword ptr [ebp+122D27C8h] 0x0000002c push 00000004h 0x0000002e and ecx, dword ptr [ebp+122D2A54h] 0x00000034 nop 0x00000035 push eax 0x00000036 push edx 0x00000037 pushad 0x00000038 pushad 0x00000039 popad 0x0000003a js 00007F8934532D06h 0x00000040 popad 0x00000041 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C239D6 second address: C239DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C23B40 second address: C23B46 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C23B46 second address: C23B66 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a jmp 00007F893453D396h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C23B66 second address: C23BA7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F8934532D13h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f jg 00007F8934532D06h 0x00000015 jmp 00007F8934532D17h 0x0000001a popad 0x0000001b push eax 0x0000001c push edx 0x0000001d pushad 0x0000001e popad 0x0000001f push ecx 0x00000020 pop ecx 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C23BA7 second address: C23BAB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C23BAB second address: C23BB1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C23BB1 second address: C23BB6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C23BB6 second address: C23BBE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C2B7C9 second address: C2B7CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C2B7CD second address: C2B7D1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C2B7D1 second address: C2B7D7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C2B7D7 second address: C2B7DD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C2B7DD second address: C2B7E7 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F893453D38Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C29A82 second address: C29A8E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007F8934532D06h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C29A8E second address: C29A99 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push edi 0x00000008 pop edi 0x00000009 push eax 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C2A075 second address: C2A07D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C2A3CA second address: C2A3E0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 push eax 0x00000008 pop eax 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push ebx 0x0000000f jnc 00007F893453D386h 0x00000015 pop ebx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C2A3E0 second address: C2A400 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 jnp 00007F8934532D06h 0x0000000b jmp 00007F8934532D0Ch 0x00000010 push edi 0x00000011 pop edi 0x00000012 popad 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 pop eax 0x00000017 push eax 0x00000018 pop eax 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C2AC5E second address: C2AC86 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F893453D38Ah 0x00000009 pop esi 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F893453D395h 0x00000011 push edx 0x00000012 pop edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C2CE0B second address: C2CE32 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 js 00007F8934532D06h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F8934532D17h 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C2CE32 second address: C2CE56 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F893453D386h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jng 00007F893453D386h 0x00000011 jmp 00007F893453D391h 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C308D4 second address: C308E9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jnc 00007F8934532D06h 0x00000009 jmp 00007F8934532D0Ah 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C308E9 second address: C3093A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push esi 0x00000006 jmp 00007F893453D394h 0x0000000b jg 00007F893453D386h 0x00000011 pop esi 0x00000012 pop edx 0x00000013 pop eax 0x00000014 pushad 0x00000015 jc 00007F893453D3AAh 0x0000001b pushad 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C3093A second address: C30946 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007F8934532D06h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C30C14 second address: C30C3D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F893453D38Eh 0x00000007 jmp 00007F893453D397h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C30C3D second address: C30C47 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F8934532D0Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C30D98 second address: C30DAC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnp 00007F893453D38Eh 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C30DAC second address: C30DC6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F8934532D10h 0x00000009 jno 00007F8934532D06h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C30DC6 second address: C30DCC instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C312B4 second address: C312D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 jmp 00007F8934532D19h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C3B6BE second address: C3B712 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnc 00007F893453D395h 0x0000000c popad 0x0000000d pushad 0x0000000e pushad 0x0000000f pushad 0x00000010 popad 0x00000011 jl 00007F893453D386h 0x00000017 jnc 00007F893453D386h 0x0000001d jmp 00007F893453D399h 0x00000022 popad 0x00000023 push eax 0x00000024 push edx 0x00000025 jnc 00007F893453D386h 0x0000002b jg 00007F893453D386h 0x00000031 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C3B712 second address: C3B716 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C3B716 second address: C3B71C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C3BB9B second address: C3BB9F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C3BB9F second address: C3BBAA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C3BCDF second address: C3BCF5 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F8934532D06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a je 00007F8934532D0Ch 0x00000010 jne 00007F8934532D06h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C3BCF5 second address: C3BD2F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F893453D38Ch 0x00000007 jmp 00007F893453D392h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F893453D394h 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C3BD2F second address: C3BD3B instructions: 0x00000000 rdtsc 0x00000002 je 00007F8934532D06h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C3BD3B second address: C3BD42 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C3BE60 second address: C3BE73 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jnc 00007F8934532D06h 0x00000009 jo 00007F8934532D06h 0x0000000f pushad 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C458F7 second address: C45903 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 js 00007F893453D386h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C45903 second address: C45907 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C45B67 second address: C45BA0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F893453D399h 0x00000008 pushad 0x00000009 popad 0x0000000a popad 0x0000000b jnp 00007F893453D392h 0x00000011 pushad 0x00000012 popad 0x00000013 jmp 00007F893453D38Ah 0x00000018 pop edx 0x00000019 pop eax 0x0000001a push edx 0x0000001b pushad 0x0000001c push edx 0x0000001d pop edx 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C518D9 second address: C518DD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C513FD second address: C5140A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 js 00007F893453D38Ch 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C5140A second address: C5140E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C5140E second address: C51418 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 ja 00007F893453D386h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C51418 second address: C51462 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F8934532D0Bh 0x00000007 jmp 00007F8934532D17h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e jmp 00007F8934532D0Dh 0x00000013 pop edx 0x00000014 pop eax 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007F8934532D13h 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C51462 second address: C51467 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C590AC second address: C590B6 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F8934532D06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C590B6 second address: C590BB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C590BB second address: C590C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007F8934532D06h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C657CF second address: C657DD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F893453D386h 0x0000000a pop esi 0x0000000b push ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C6C93D second address: C6C951 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F8934532D08h 0x00000008 push eax 0x00000009 push edx 0x0000000a jl 00007F8934532D06h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C6C951 second address: C6C955 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C6CAAF second address: C6CAB3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C6CAB3 second address: C6CAB9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C6CAB9 second address: C6CABF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C6CABF second address: C6CAD8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F893453D38Fh 0x00000007 push eax 0x00000008 push edx 0x00000009 jne 00007F893453D386h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C6CD60 second address: C6CD66 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C7048F second address: C704A2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007F893453D386h 0x0000000a popad 0x0000000b jl 00007F893453D392h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C704A2 second address: C704A8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C704A8 second address: C704AC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C705E3 second address: C705FC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F8934532D12h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C705FC second address: C70635 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F893453D391h 0x00000009 jns 00007F893453D386h 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F893453D399h 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C70635 second address: C70639 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C70639 second address: C7063D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C7063D second address: C70654 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c jc 00007F8934532D06h 0x00000012 pushad 0x00000013 popad 0x00000014 pushad 0x00000015 popad 0x00000016 popad 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9186D second address: B9189A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F893453D38Fh 0x0000000b pushad 0x0000000c jmp 00007F893453D391h 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 pop eax 0x00000015 pushad 0x00000016 popad 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: B9189A second address: B918B5 instructions: 0x00000000 rdtsc 0x00000002 je 00007F8934532D06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jbe 00007F8934532D0Eh 0x00000010 push ebx 0x00000011 pop ebx 0x00000012 jo 00007F8934532D06h 0x00000018 pushad 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C79F36 second address: C79F3A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C79F3A second address: C79F44 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F8934532D06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C79F44 second address: C79F49 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C7F739 second address: C7F75A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 js 00007F8934532D06h 0x00000009 jmp 00007F8934532D16h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C7DE16 second address: C7DE1C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: C8D092 second address: C8D096 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CA5346 second address: CA537E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F893453D393h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jg 00007F893453D3A1h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CA5A4D second address: CA5A53 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CA5A53 second address: CA5A6F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F893453D398h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CA5F32 second address: CA5F3C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F8934532D06h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CA5F3C second address: CA5F46 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F893453D386h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CA5F46 second address: CA5F4C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CA5F4C second address: CA5F66 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 pop eax 0x00000005 jmp 00007F893453D390h 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CA5F66 second address: CA5F6C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CA5F6C second address: CA5F70 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CA60A8 second address: CA60AE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CA60AE second address: CA60B2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CA79A4 second address: CA79AD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CA79AD second address: CA79B3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CA79B3 second address: CA79BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pushad 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CA79BD second address: CA79DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F893453D398h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CAA3A1 second address: CAA3A7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CAA3A7 second address: CAA3AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CAA3AB second address: CAA3AF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CAA704 second address: CAA719 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F893453D38Dh 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CAA914 second address: CAA94E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007F8934532D15h 0x0000000a popad 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f push eax 0x00000010 pop eax 0x00000011 jmp 00007F8934532D18h 0x00000016 popad 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CAA94E second address: CAA955 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CAC0DC second address: CAC0F3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F8934532D13h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CAC0F3 second address: CAC0F9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CAC0F9 second address: CAC0FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: CAC0FF second address: CAC10C instructions: 0x00000000 rdtsc 0x00000002 jl 00007F893453D388h 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a push esi 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 533022F second address: 5330233 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5330233 second address: 5330298 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007F893453D38Bh 0x00000008 sub ax, B46Eh 0x0000000d jmp 00007F893453D399h 0x00000012 popfd 0x00000013 pop edx 0x00000014 pop eax 0x00000015 pushfd 0x00000016 jmp 00007F893453D390h 0x0000001b and si, DFE8h 0x00000020 jmp 00007F893453D38Bh 0x00000025 popfd 0x00000026 popad 0x00000027 xchg eax, ebp 0x00000028 push eax 0x00000029 push edx 0x0000002a pushad 0x0000002b call 00007F893453D38Bh 0x00000030 pop esi 0x00000031 mov eax, ebx 0x00000033 popad 0x00000034 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5330298 second address: 5330323 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007F8934532D10h 0x00000008 pop esi 0x00000009 pushfd 0x0000000a jmp 00007F8934532D0Bh 0x0000000f add cx, 2C8Eh 0x00000014 jmp 00007F8934532D19h 0x00000019 popfd 0x0000001a popad 0x0000001b pop edx 0x0000001c pop eax 0x0000001d push eax 0x0000001e push eax 0x0000001f push edx 0x00000020 pushad 0x00000021 pushfd 0x00000022 jmp 00007F8934532D0Ah 0x00000027 sub cx, A708h 0x0000002c jmp 00007F8934532D0Bh 0x00000031 popfd 0x00000032 pushfd 0x00000033 jmp 00007F8934532D18h 0x00000038 and cl, 00000068h 0x0000003b jmp 00007F8934532D0Bh 0x00000040 popfd 0x00000041 popad 0x00000042 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5330323 second address: 5330329 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5330329 second address: 533032D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 533032D second address: 5330351 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F893453D38Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f call 00007F893453D38Bh 0x00000014 pop eax 0x00000015 pushad 0x00000016 popad 0x00000017 popad 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5330351 second address: 5330360 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F8934532D0Bh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5330360 second address: 5330364 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5330364 second address: 5330375 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ebp, esp 0x0000000a pushad 0x0000000b movsx edx, si 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5330375 second address: 53303B7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov ebx, eax 0x00000006 popad 0x00000007 popad 0x00000008 pop ebp 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c push edx 0x0000000d pop ecx 0x0000000e pushfd 0x0000000f jmp 00007F893453D393h 0x00000014 or ax, 801Eh 0x00000019 jmp 00007F893453D399h 0x0000001e popfd 0x0000001f popad 0x00000020 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53303B7 second address: 53303BC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 533040B second address: 5330463 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F893453D399h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d pushfd 0x0000000e jmp 00007F893453D393h 0x00000013 adc eax, 46F8359Eh 0x00000019 jmp 00007F893453D399h 0x0000001e popfd 0x0000001f push eax 0x00000020 pop edi 0x00000021 popad 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5330463 second address: 5330469 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007E18A0 lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,lstrcpy,DeleteFileA,FindNextFileA,FindClose, |
0_2_007E18A0 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007E3910 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,DeleteFileA,CopyFileA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_007E3910 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007E1269 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_007E1269 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007E1250 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_007E1250 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007EE210 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,CopyFileA,lstrcpy,lstrcpy,DeleteFileA,FindNextFileA,FindClose, |
0_2_007EE210 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007E4B29 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA, |
0_2_007E4B29 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007E4B10 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,CopyFileA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,DeleteFileA,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_007E4B10 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007ECBE0 wsprintfA,FindFirstFileA,lstrcat,StrCmpCA,StrCmpCA,wsprintfA,PathMatchSpecA,CoInitialize,CoUninitialize,lstrcat,lstrlen,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,wsprintfA,CopyFileA,CreateFileA,GetFileSizeEx,CloseHandle,CloseHandle,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,lstrcpy,lstrcpy,DeleteFileA,FindNextFileA,FindClose, |
0_2_007ECBE0 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007E23A9 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA, |
0_2_007E23A9 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007DDB99 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrlen,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,StrCmpCA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcpy,DeleteFileA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_007DDB99 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007E2390 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,lstrlen,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,GetFileAttributesA,StrCmpCA,lstrlen,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,GetFileAttributesA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,GetFileAttributesA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA, |
0_2_007E2390 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007DDB80 lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrlen,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,StrCmpCA,StrCmpCA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcpy,DeleteFileA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,StrCmpCA,lstrcpy,GetFileAttributesA,StrCmpCA,lstrcpy,CopyFileA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,StrCmpCA,DeleteFileA,StrCmpCA,lstrcpy,lstrcpy,lstrcpy,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_007DDB80 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007ED530 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcpy,lstrcpy,FindNextFileA,FindClose, |
0_2_007ED530 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007EDD30 GetProcessHeap,RtlAllocateHeap,wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,lstrcat,lstrcat,lstrlen,lstrlen,lstrcpy, |
0_2_007EDD30 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007D16B9 lstrcpy,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,FindFirstFileA, |
0_2_007D16B9 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_007D16A0 lstrcpy,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,GetFileAttributesA,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcpy,lstrlen,lstrcpy,lstrcat,lstrcpy,lstrcat,lstrcpy,CopyFileA,lstrcpy,lstrcpy,DeleteFileA,FindNextFileA,FindClose, |
0_2_007D16A0 |