Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF144A second address: CF144E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF144E second address: CF1454 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF1454 second address: CF1462 instructions: 0x00000000 rdtsc 0x00000002 je 00007FD3F95E0CD8h 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF1462 second address: CF1466 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF1466 second address: CF147D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE3h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF172B second address: CF1744 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a jnc 00007FD3F95E0F76h 0x00000010 push eax 0x00000011 pop eax 0x00000012 jnc 00007FD3F95E0F76h 0x00000018 popad 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF18F9 second address: CF18FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF1A61 second address: CF1A65 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF1A65 second address: CF1A69 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF1A69 second address: CF1A75 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007FD3F95E0F76h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF1A75 second address: CF1A7D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 push edi 0x00000007 pop edi 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF1C27 second address: CF1C2D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF36A5 second address: CF36EC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CDAh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [esp+04h] 0x0000000d jc 00007FD3F95E0CDCh 0x00000013 mov eax, dword ptr [eax] 0x00000015 jmp 00007FD3F95E0CE9h 0x0000001a mov dword ptr [esp+04h], eax 0x0000001e push eax 0x0000001f push edx 0x00000020 jnl 00007FD3F95E0CD8h 0x00000026 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF3819 second address: CF38AC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007FD3F95E0F76h 0x0000000a popad 0x0000000b pushad 0x0000000c jmp 00007FD3F95E0F80h 0x00000011 je 00007FD3F95E0F76h 0x00000017 popad 0x00000018 popad 0x00000019 push eax 0x0000001a push edi 0x0000001b jmp 00007FD3F95E0F80h 0x00000020 pop edi 0x00000021 nop 0x00000022 push 00000000h 0x00000024 push ebx 0x00000025 call 00007FD3F95E0F78h 0x0000002a pop ebx 0x0000002b mov dword ptr [esp+04h], ebx 0x0000002f add dword ptr [esp+04h], 0000001Bh 0x00000037 inc ebx 0x00000038 push ebx 0x00000039 ret 0x0000003a pop ebx 0x0000003b ret 0x0000003c mov si, FC00h 0x00000040 push 00000000h 0x00000042 mov edi, dword ptr [ebp+12A23671h] 0x00000048 call 00007FD3F95E0F79h 0x0000004d jne 00007FD3F95E0F8Dh 0x00000053 push eax 0x00000054 push esi 0x00000055 push eax 0x00000056 push edx 0x00000057 push eax 0x00000058 push edx 0x00000059 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF38AC second address: CF38B0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF38B0 second address: CF3903 instructions: 0x00000000 rdtsc 0x00000002 jns 00007FD3F95E0F76h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop esi 0x0000000b mov eax, dword ptr [esp+04h] 0x0000000f jmp 00007FD3F95E0F88h 0x00000014 mov eax, dword ptr [eax] 0x00000016 push eax 0x00000017 pushad 0x00000018 jmp 00007FD3F95E0F86h 0x0000001d push edi 0x0000001e pop edi 0x0000001f popad 0x00000020 pop eax 0x00000021 mov dword ptr [esp+04h], eax 0x00000025 js 00007FD3F95E0F97h 0x0000002b push eax 0x0000002c push edx 0x0000002d pushad 0x0000002e popad 0x0000002f rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF3903 second address: CF3966 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop eax 0x0000000a mov ecx, esi 0x0000000c push 00000003h 0x0000000e push 00000000h 0x00000010 push 00000000h 0x00000012 push ebp 0x00000013 call 00007FD3F95E0CD8h 0x00000018 pop ebp 0x00000019 mov dword ptr [esp+04h], ebp 0x0000001d add dword ptr [esp+04h], 00000017h 0x00000025 inc ebp 0x00000026 push ebp 0x00000027 ret 0x00000028 pop ebp 0x00000029 ret 0x0000002a push 00000003h 0x0000002c call 00007FD3F95E0CDEh 0x00000031 cmc 0x00000032 pop ecx 0x00000033 call 00007FD3F95E0CD9h 0x00000038 push edi 0x00000039 push eax 0x0000003a push edx 0x0000003b pushad 0x0000003c popad 0x0000003d rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF3966 second address: CF3983 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b jmp 00007FD3F95E0F7Bh 0x00000010 jp 00007FD3F95E0F76h 0x00000016 popad 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF3983 second address: CF3A05 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CDEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [esp+04h] 0x0000000d push edx 0x0000000e jg 00007FD3F95E0CE8h 0x00000014 pop edx 0x00000015 mov eax, dword ptr [eax] 0x00000017 jmp 00007FD3F95E0CE3h 0x0000001c mov dword ptr [esp+04h], eax 0x00000020 push ecx 0x00000021 jmp 00007FD3F95E0CDCh 0x00000026 pop ecx 0x00000027 pop eax 0x00000028 mov esi, dword ptr [ebp+12A235C5h] 0x0000002e lea ebx, dword ptr [ebp+12B9B4DDh] 0x00000034 stc 0x00000035 call 00007FD3F95E0CE4h 0x0000003a clc 0x0000003b pop edx 0x0000003c push eax 0x0000003d pushad 0x0000003e pushad 0x0000003f pushad 0x00000040 popad 0x00000041 push eax 0x00000042 push edx 0x00000043 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF3A4E second address: CF3AAE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 ja 00007FD3F95E0F76h 0x00000009 jmp 00007FD3F95E0F86h 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push eax 0x00000012 jns 00007FD3F95E0F82h 0x00000018 nop 0x00000019 add ecx, dword ptr [ebp+12A21ACCh] 0x0000001f push 00000000h 0x00000021 mov dword ptr [ebp+12A21ABDh], ecx 0x00000027 call 00007FD3F95E0F79h 0x0000002c pushad 0x0000002d pushad 0x0000002e jno 00007FD3F95E0F76h 0x00000034 jnc 00007FD3F95E0F76h 0x0000003a popad 0x0000003b push eax 0x0000003c push edx 0x0000003d pushad 0x0000003e popad 0x0000003f rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF3AAE second address: CF3AC4 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FD3F95E0CD6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c jbe 00007FD3F95E0CE0h 0x00000012 push eax 0x00000013 push edx 0x00000014 push ecx 0x00000015 pop ecx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF3AC4 second address: CF3AF3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov eax, dword ptr [esp+04h] 0x0000000a jmp 00007FD3F95E0F89h 0x0000000f mov eax, dword ptr [eax] 0x00000011 push eax 0x00000012 push edx 0x00000013 ja 00007FD3F95E0F78h 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF3AF3 second address: CF3AF9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF3AF9 second address: CF3AFD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF3AFD second address: CF3B17 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp+04h], eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jp 00007FD3F95E0CDCh 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF3B17 second address: CF3B69 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop eax 0x00000009 add ecx, 13EEECF0h 0x0000000f push 00000003h 0x00000011 mov dword ptr [ebp+12A231C9h], ebx 0x00000017 push 00000000h 0x00000019 push 00000000h 0x0000001b push eax 0x0000001c call 00007FD3F95E0F78h 0x00000021 pop eax 0x00000022 mov dword ptr [esp+04h], eax 0x00000026 add dword ptr [esp+04h], 00000014h 0x0000002e inc eax 0x0000002f push eax 0x00000030 ret 0x00000031 pop eax 0x00000032 ret 0x00000033 mov dword ptr [ebp+12A23339h], edx 0x00000039 push 00000003h 0x0000003b xor dword ptr [ebp+12A21A8Dh], ebx 0x00000041 push BC370DF6h 0x00000046 push eax 0x00000047 push edx 0x00000048 push ecx 0x00000049 je 00007FD3F95E0F76h 0x0000004f pop ecx 0x00000050 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF3B69 second address: CF3B6E instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF3B6E second address: CF3B91 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pop edx 0x00000006 pop eax 0x00000007 xor dword ptr [esp], 7C370DF6h 0x0000000e and edi, 634222F7h 0x00000014 lea ebx, dword ptr [ebp+12B9B4E8h] 0x0000001a mov dx, 7337h 0x0000001e xchg eax, ebx 0x0000001f pushad 0x00000020 push eax 0x00000021 push eax 0x00000022 push edx 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CF3B91 second address: CF3BAC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FD3F95E0CE4h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D14780 second address: D14785 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D14785 second address: D1479C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FD3F95E0CDEh 0x00000008 push eax 0x00000009 pop eax 0x0000000a push eax 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CE3B73 second address: CE3B7A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CE3B7A second address: CE3BB6 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 js 00007FD3F95E0CD6h 0x00000009 jc 00007FD3F95E0CD6h 0x0000000f pop edi 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FD3F95E0CE9h 0x00000017 jmp 00007FD3F95E0CE1h 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D12A74 second address: D12A7E instructions: 0x00000000 rdtsc 0x00000002 js 00007FD3F95E0F76h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D12A7E second address: D12A87 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D12A87 second address: D12A95 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop eax 0x00000007 pushad 0x00000008 pushad 0x00000009 popad 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D13087 second address: D13098 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CDDh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D13098 second address: D130A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D134CA second address: D134D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 push eax 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D07FA6 second address: D07FBF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD3F95E0F7Ch 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c jnl 00007FD3F95E0F76h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D07FBF second address: D07FD8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CD7ECF second address: CD7ED9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jo 00007FD3F95E0F76h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CD7ED9 second address: CD7EE9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jo 00007FD3F95E0CDEh 0x0000000c push eax 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D138F1 second address: D1390F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD3F95E0F88h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D1B31E second address: D1B322 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D1C5D5 second address: D1C5DB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D20352 second address: D20358 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D204E9 second address: D204ED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D204ED second address: D204F1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D204F1 second address: D204FB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D204FB second address: D2050D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 push eax 0x00000008 push edx 0x00000009 push ebx 0x0000000a jo 00007FD3F95E0CD6h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D2050D second address: D20512 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D2091B second address: D20921 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D20921 second address: D2092B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pushad 0x00000006 push edi 0x00000007 pop edi 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D20A7F second address: D20A89 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007FD3F95E0CD6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D20A89 second address: D20A8D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D22CEB second address: D22D2F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 jmp 00007FD3F95E0CE1h 0x0000000b mov eax, dword ptr [esp+04h] 0x0000000f jmp 00007FD3F95E0CDFh 0x00000014 mov eax, dword ptr [eax] 0x00000016 jmp 00007FD3F95E0CDFh 0x0000001b mov dword ptr [esp+04h], eax 0x0000001f push eax 0x00000020 push edx 0x00000021 pushad 0x00000022 push eax 0x00000023 push edx 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D22D2F second address: D22D36 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D22EAE second address: D22EB4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D22EB4 second address: D22EB8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D2301D second address: D2302D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jnp 00007FD3F95E0CD8h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D23913 second address: D23937 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp], ebx 0x0000000a sub dword ptr [ebp+12A233CEh], ecx 0x00000010 clc 0x00000011 push eax 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 jmp 00007FD3F95E0F7Ch 0x0000001a pushad 0x0000001b popad 0x0000001c popad 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D23A14 second address: D23A2B instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push esi 0x00000004 pop esi 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jbe 00007FD3F95E0CE2h 0x0000000f jp 00007FD3F95E0CDCh 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D23B85 second address: D23B89 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D23B89 second address: D23B8D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D23B8D second address: D23B97 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D23DA4 second address: D23DB5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pop edi 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push edi 0x0000000a jnp 00007FD3F95E0CD6h 0x00000010 pop edi 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D23E7B second address: D23E7F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D23E7F second address: D23E91 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 push eax 0x00000008 jp 00007FD3F95E0CE4h 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D23E91 second address: D23E95 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D23E95 second address: D23ECF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 nop 0x00000007 push 00000000h 0x00000009 push ecx 0x0000000a call 00007FD3F95E0CD8h 0x0000000f pop ecx 0x00000010 mov dword ptr [esp+04h], ecx 0x00000014 add dword ptr [esp+04h], 0000001Ah 0x0000001c inc ecx 0x0000001d push ecx 0x0000001e ret 0x0000001f pop ecx 0x00000020 ret 0x00000021 or di, 9001h 0x00000026 xchg eax, ebx 0x00000027 jg 00007FD3F95E0CE0h 0x0000002d pushad 0x0000002e pushad 0x0000002f popad 0x00000030 push eax 0x00000031 push edx 0x00000032 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D23ECF second address: D23EDA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D23EDA second address: D23EDE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D23EDE second address: D23EE2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D23EE2 second address: D23EED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D24DEB second address: D24DF5 instructions: 0x00000000 rdtsc 0x00000002 jng 00007FD3F95E0F76h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D24C1E second address: D24C24 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D24C24 second address: D24C28 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D25E0C second address: D25E2D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE3h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b jbe 00007FD3F95E0CDCh 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D27200 second address: D27206 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D27206 second address: D272BA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a js 00007FD3F95E0CF2h 0x00000010 pushad 0x00000011 jmp 00007FD3F95E0CE8h 0x00000016 push esi 0x00000017 pop esi 0x00000018 popad 0x00000019 nop 0x0000001a movzx esi, di 0x0000001d stc 0x0000001e push 00000000h 0x00000020 push 00000000h 0x00000022 push ebp 0x00000023 call 00007FD3F95E0CD8h 0x00000028 pop ebp 0x00000029 mov dword ptr [esp+04h], ebp 0x0000002d add dword ptr [esp+04h], 0000001Dh 0x00000035 inc ebp 0x00000036 push ebp 0x00000037 ret 0x00000038 pop ebp 0x00000039 ret 0x0000003a jmp 00007FD3F95E0CE8h 0x0000003f push 00000000h 0x00000041 push 00000000h 0x00000043 push eax 0x00000044 call 00007FD3F95E0CD8h 0x00000049 pop eax 0x0000004a mov dword ptr [esp+04h], eax 0x0000004e add dword ptr [esp+04h], 00000017h 0x00000056 inc eax 0x00000057 push eax 0x00000058 ret 0x00000059 pop eax 0x0000005a ret 0x0000005b sub dword ptr [ebp+12A22FE5h], ecx 0x00000061 xchg eax, ebx 0x00000062 push ecx 0x00000063 push eax 0x00000064 push edx 0x00000065 jp 00007FD3F95E0CD6h 0x0000006b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D272BA second address: D272BE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D272BE second address: D272D1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 push eax 0x00000008 jns 00007FD3F95E0CE0h 0x0000000e pushad 0x0000000f push edx 0x00000010 pop edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D289DE second address: D289E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D2B3C4 second address: D2B404 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FD3F95E0CD6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b pushad 0x0000000c jnc 00007FD3F95E0CE8h 0x00000012 jmp 00007FD3F95E0CE8h 0x00000017 push eax 0x00000018 push edx 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D2B404 second address: D2B408 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D2CEBF second address: D2CEC5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D2D47F second address: D2D4A8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F80h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jng 00007FD3F95E0F8Eh 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FD3F95E0F7Ch 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D2D4A8 second address: D2D4AC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D2E469 second address: D2E488 instructions: 0x00000000 rdtsc 0x00000002 jns 00007FD3F95E0F7Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d ja 00007FD3F95E0F7Ch 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D2D5CB second address: D2D5D1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D2D6CE second address: D2D6D4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D30626 second address: D30689 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jg 00007FD3F95E0CD6h 0x0000000d jmp 00007FD3F95E0CDCh 0x00000012 popad 0x00000013 popad 0x00000014 nop 0x00000015 jp 00007FD3F95E0CD7h 0x0000001b clc 0x0000001c cmc 0x0000001d push 00000000h 0x0000001f push 00000000h 0x00000021 push ebx 0x00000022 call 00007FD3F95E0CD8h 0x00000027 pop ebx 0x00000028 mov dword ptr [esp+04h], ebx 0x0000002c add dword ptr [esp+04h], 00000015h 0x00000034 inc ebx 0x00000035 push ebx 0x00000036 ret 0x00000037 pop ebx 0x00000038 ret 0x00000039 push 00000000h 0x0000003b jo 00007FD3F95E0CDCh 0x00000041 add dword ptr [ebp+12B9BCA7h], ebx 0x00000047 xchg eax, esi 0x00000048 push eax 0x00000049 push edx 0x0000004a pushad 0x0000004b jmp 00007FD3F95E0CDBh 0x00000050 pushad 0x00000051 popad 0x00000052 popad 0x00000053 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D32555 second address: D3255F instructions: 0x00000000 rdtsc 0x00000002 ja 00007FD3F95E0F76h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D3175F second address: D31764 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D3255F second address: D32576 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FD3F95E0F7Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push ebx 0x0000000e push ebx 0x0000000f pop ebx 0x00000010 pop ebx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D32576 second address: D3257C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D3182A second address: D3182E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D33773 second address: D3378C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FD3F95E0CE4h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D327C9 second address: D327F4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FD3F95E0F83h 0x00000008 push esi 0x00000009 pop esi 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e pushad 0x0000000f pushad 0x00000010 push ecx 0x00000011 pop ecx 0x00000012 jo 00007FD3F95E0F76h 0x00000018 popad 0x00000019 push eax 0x0000001a push edx 0x0000001b push edi 0x0000001c pop edi 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D348D0 second address: D34953 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007FD3F95E0CDBh 0x0000000f nop 0x00000010 je 00007FD3F95E0CD9h 0x00000016 movzx edi, ax 0x00000019 push 00000000h 0x0000001b push 00000000h 0x0000001d push eax 0x0000001e call 00007FD3F95E0CD8h 0x00000023 pop eax 0x00000024 mov dword ptr [esp+04h], eax 0x00000028 add dword ptr [esp+04h], 00000019h 0x00000030 inc eax 0x00000031 push eax 0x00000032 ret 0x00000033 pop eax 0x00000034 ret 0x00000035 push 00000000h 0x00000037 push 00000000h 0x00000039 push ebx 0x0000003a call 00007FD3F95E0CD8h 0x0000003f pop ebx 0x00000040 mov dword ptr [esp+04h], ebx 0x00000044 add dword ptr [esp+04h], 0000001Ch 0x0000004c inc ebx 0x0000004d push ebx 0x0000004e ret 0x0000004f pop ebx 0x00000050 ret 0x00000051 push eax 0x00000052 pushad 0x00000053 pushad 0x00000054 push esi 0x00000055 pop esi 0x00000056 pushad 0x00000057 popad 0x00000058 popad 0x00000059 jnp 00007FD3F95E0CDCh 0x0000005f push eax 0x00000060 push edx 0x00000061 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D34A2A second address: D34A2E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D34A2E second address: D34A3C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jl 00007FD3F95E0CDCh 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D369E8 second address: D369ED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D369ED second address: D369F7 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FD3F95E0CDCh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D369F7 second address: D36A07 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 jng 00007FD3F95E0F7Ch 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D3898C second address: D389EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push eax 0x00000007 pushad 0x00000008 pushad 0x00000009 popad 0x0000000a jnl 00007FD3F95E0CD6h 0x00000010 popad 0x00000011 pop eax 0x00000012 nop 0x00000013 mov dword ptr [ebp+12A23089h], ecx 0x00000019 push 00000000h 0x0000001b mov dword ptr [ebp+12A23178h], ecx 0x00000021 push 00000000h 0x00000023 push 00000000h 0x00000025 push ebx 0x00000026 call 00007FD3F95E0CD8h 0x0000002b pop ebx 0x0000002c mov dword ptr [esp+04h], ebx 0x00000030 add dword ptr [esp+04h], 00000015h 0x00000038 inc ebx 0x00000039 push ebx 0x0000003a ret 0x0000003b pop ebx 0x0000003c ret 0x0000003d movsx edi, ax 0x00000040 mov ebx, 5C016CE6h 0x00000045 xchg eax, esi 0x00000046 push eax 0x00000047 push edx 0x00000048 jmp 00007FD3F95E0CE4h 0x0000004d rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D39928 second address: D3992E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D3A9B3 second address: D3A9BA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edx 0x00000004 pop edx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D3A9BA second address: D3A9CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b push ebx 0x0000000c pop ebx 0x0000000d pushad 0x0000000e popad 0x0000000f popad 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D3A9CA second address: D3A9CF instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D3AA67 second address: D3AA6B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D3AA6B second address: D3AA75 instructions: 0x00000000 rdtsc 0x00000002 jg 00007FD3F95E0CD6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D3AA75 second address: D3AA7A instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D3AA7A second address: D3AA8C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jp 00007FD3F95E0CD8h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D38AF9 second address: D38AFD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D3CB72 second address: D3CB87 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D3BD01 second address: D3BD14 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c jns 00007FD3F95E0F76h 0x00000012 popad 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D3BD14 second address: D3BD1E instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FD3F95E0CDCh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D3BD1E second address: D3BDA3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 nop 0x00000007 jmp 00007FD3F95E0F7Ah 0x0000000c push dword ptr fs:[00000000h] 0x00000013 push 00000000h 0x00000015 push ebx 0x00000016 call 00007FD3F95E0F78h 0x0000001b pop ebx 0x0000001c mov dword ptr [esp+04h], ebx 0x00000020 add dword ptr [esp+04h], 00000016h 0x00000028 inc ebx 0x00000029 push ebx 0x0000002a ret 0x0000002b pop ebx 0x0000002c ret 0x0000002d mov edi, dword ptr [ebp+12A22A89h] 0x00000033 pushad 0x00000034 sbb edi, 6ED35827h 0x0000003a mov esi, dword ptr [ebp+12A21A69h] 0x00000040 popad 0x00000041 mov dword ptr fs:[00000000h], esp 0x00000048 jmp 00007FD3F95E0F89h 0x0000004d mov eax, dword ptr [ebp+12A20CF1h] 0x00000053 mov ebx, dword ptr [ebp+12B987C0h] 0x00000059 push FFFFFFFFh 0x0000005b xor dword ptr [ebp+12BC5F29h], esi 0x00000061 push eax 0x00000062 push eax 0x00000063 push edx 0x00000064 push eax 0x00000065 push edx 0x00000066 pushad 0x00000067 popad 0x00000068 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D3F037 second address: D3F045 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FD3F95E0CD6h 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D3BDA3 second address: D3BDA9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D3F045 second address: D3F04A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D456E2 second address: D456EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D456EB second address: D456F5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007FD3F95E0CD6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D456F5 second address: D45711 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F80h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push edi 0x0000000e pop edi 0x0000000f push edi 0x00000010 pop edi 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D45711 second address: D45717 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D44FA5 second address: D44FCC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD3F95E0F87h 0x00000009 popad 0x0000000a jmp 00007FD3F95E0F7Bh 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D44FCC second address: D44FD7 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 jo 00007FD3F95E0CD6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D452A1 second address: D452BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FD3F95E0F83h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D493E4 second address: D493F9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jne 00007FD3F95E0CD6h 0x0000000c push edx 0x0000000d pop edx 0x0000000e popad 0x0000000f push ecx 0x00000010 pushad 0x00000011 popad 0x00000012 push edx 0x00000013 pop edx 0x00000014 pop ecx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D4E154 second address: D4E171 instructions: 0x00000000 rdtsc 0x00000002 jo 00007FD3F95E0F78h 0x00000008 pushad 0x00000009 popad 0x0000000a jne 00007FD3F95E0F78h 0x00000010 pop edx 0x00000011 pop eax 0x00000012 push esi 0x00000013 jo 00007FD3F95E0F7Ch 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D4E171 second address: D4E17D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007FD3F95E0CDCh 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CEC25B second address: CEC27C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F7Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jns 00007FD3F95E0F7Ah 0x0000000f popad 0x00000010 pushad 0x00000011 push edi 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D5030A second address: D50315 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jo 00007FD3F95E0CD6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D50315 second address: D50352 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 jnc 00007FD3F95E0F80h 0x0000000e mov eax, dword ptr [esp+04h] 0x00000012 push eax 0x00000013 push edx 0x00000014 jns 00007FD3F95E0F8Fh 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CE057C second address: CE0586 instructions: 0x00000000 rdtsc 0x00000002 js 00007FD3F95E0CD6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CE0586 second address: CE058E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CE058E second address: CE0594 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CE0594 second address: CE05C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jng 00007FD3F95E0F7Eh 0x0000000c push esi 0x0000000d pop esi 0x0000000e jne 00007FD3F95E0F76h 0x00000014 pop edx 0x00000015 pop eax 0x00000016 push ecx 0x00000017 jno 00007FD3F95E0F78h 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007FD3F95E0F82h 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D54C92 second address: D54CA8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD3F95E0CE2h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D55251 second address: D55265 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F7Eh 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D55265 second address: D5527E instructions: 0x00000000 rdtsc 0x00000002 je 00007FD3F95E0CD8h 0x00000008 pushad 0x00000009 jbe 00007FD3F95E0CD6h 0x0000000f jne 00007FD3F95E0CD6h 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D5527E second address: D5529F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FD3F95E0F85h 0x0000000e push ecx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D5529F second address: D552A6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop ecx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D5552D second address: D55531 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D559BD second address: D559CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 jg 00007FD3F95E0CD6h 0x0000000c popad 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D559CA second address: D559EA instructions: 0x00000000 rdtsc 0x00000002 jne 00007FD3F95E0F8Ah 0x00000008 jmp 00007FD3F95E0F84h 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D559EA second address: D559EE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D55B54 second address: D55B58 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D55B58 second address: D55B6F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FD3F95E0CDEh 0x0000000b push edi 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D5BCAF second address: D5BCB5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D5BCB5 second address: D5BCC4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 je 00007FD3F95E0CD6h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D5BCC4 second address: D5BCCE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D5BCCE second address: D5BCD4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D5BCD4 second address: D5BCD8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CE5615 second address: CE561F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop esi 0x00000007 push ecx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D21573 second address: D21577 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D21577 second address: D215FA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ecx 0x00000007 push esi 0x00000008 pop esi 0x00000009 pop ecx 0x0000000a popad 0x0000000b mov dword ptr [esp], eax 0x0000000e push 00000000h 0x00000010 push edi 0x00000011 call 00007FD3F95E0CD8h 0x00000016 pop edi 0x00000017 mov dword ptr [esp+04h], edi 0x0000001b add dword ptr [esp+04h], 00000019h 0x00000023 inc edi 0x00000024 push edi 0x00000025 ret 0x00000026 pop edi 0x00000027 ret 0x00000028 mov ch, E7h 0x0000002a lea eax, dword ptr [ebp+12BC92DAh] 0x00000030 push 00000000h 0x00000032 push ebx 0x00000033 call 00007FD3F95E0CD8h 0x00000038 pop ebx 0x00000039 mov dword ptr [esp+04h], ebx 0x0000003d add dword ptr [esp+04h], 00000014h 0x00000045 inc ebx 0x00000046 push ebx 0x00000047 ret 0x00000048 pop ebx 0x00000049 ret 0x0000004a mov dword ptr [ebp+12A219AEh], esi 0x00000050 nop 0x00000051 pushad 0x00000052 pushad 0x00000053 jmp 00007FD3F95E0CE5h 0x00000058 jmp 00007FD3F95E0CDDh 0x0000005d popad 0x0000005e push eax 0x0000005f push edx 0x00000060 pushad 0x00000061 popad 0x00000062 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D215FA second address: D21610 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jnc 00007FD3F95E0F7Ch 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D21610 second address: D07FA6 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jmp 00007FD3F95E0CE5h 0x00000008 pop ebx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b nop 0x0000000c mov dword ptr [ebp+12A231D5h], ebx 0x00000012 call dword ptr [ebp+12A21B97h] 0x00000018 pushad 0x00000019 pushad 0x0000001a jmp 00007FD3F95E0CDDh 0x0000001f je 00007FD3F95E0CD6h 0x00000025 push eax 0x00000026 push edx 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D217E4 second address: D217E9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D21CC6 second address: D21CDF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 xchg eax, esi 0x00000006 movsx ecx, si 0x00000009 sub dword ptr [ebp+12A22C16h], edx 0x0000000f push eax 0x00000010 push ebx 0x00000011 push eax 0x00000012 push edx 0x00000013 je 00007FD3F95E0CD6h 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D21DBE second address: D21DC4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D21DC4 second address: D21DDE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FD3F95E0CE5h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D21DDE second address: D21E01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push ecx 0x00000009 jmp 00007FD3F95E0F81h 0x0000000e pop ecx 0x0000000f mov eax, dword ptr [esp+04h] 0x00000013 pushad 0x00000014 push ebx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D21E01 second address: D21E2C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 jnp 00007FD3F95E0CD8h 0x0000000b push edi 0x0000000c pop edi 0x0000000d popad 0x0000000e mov eax, dword ptr [eax] 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FD3F95E0CE9h 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D21E2C second address: D21E3A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD3F95E0F7Ah 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D22608 second address: D2260D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D2260D second address: D22613 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D22613 second address: D22625 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c jns 00007FD3F95E0CD6h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D22625 second address: D2263B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F82h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D22878 second address: D228B1 instructions: 0x00000000 rdtsc 0x00000002 jng 00007FD3F95E0CEAh 0x00000008 jmp 00007FD3F95E0CE4h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 pushad 0x00000011 js 00007FD3F95E0CE5h 0x00000017 jmp 00007FD3F95E0CDFh 0x0000001c push eax 0x0000001d push edx 0x0000001e pushad 0x0000001f popad 0x00000020 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D228B1 second address: D228B5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D228B5 second address: D2291E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 nop 0x00000008 pushad 0x00000009 sub dl, 00000052h 0x0000000c mov di, bx 0x0000000f popad 0x00000010 lea eax, dword ptr [ebp+12BC931Eh] 0x00000016 push 00000000h 0x00000018 push eax 0x00000019 call 00007FD3F95E0CD8h 0x0000001e pop eax 0x0000001f mov dword ptr [esp+04h], eax 0x00000023 add dword ptr [esp+04h], 0000001Ch 0x0000002b inc eax 0x0000002c push eax 0x0000002d ret 0x0000002e pop eax 0x0000002f ret 0x00000030 nop 0x00000031 jmp 00007FD3F95E0CE4h 0x00000036 push eax 0x00000037 pushad 0x00000038 push eax 0x00000039 push edx 0x0000003a jmp 00007FD3F95E0CE6h 0x0000003f rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D2291E second address: D229E5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F87h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007FD3F95E0F83h 0x0000000e popad 0x0000000f nop 0x00000010 push 00000000h 0x00000012 push ebx 0x00000013 call 00007FD3F95E0F78h 0x00000018 pop ebx 0x00000019 mov dword ptr [esp+04h], ebx 0x0000001d add dword ptr [esp+04h], 0000001Ch 0x00000025 inc ebx 0x00000026 push ebx 0x00000027 ret 0x00000028 pop ebx 0x00000029 ret 0x0000002a mov di, 5259h 0x0000002e lea eax, dword ptr [ebp+12BC92DAh] 0x00000034 push 00000000h 0x00000036 push edx 0x00000037 call 00007FD3F95E0F78h 0x0000003c pop edx 0x0000003d mov dword ptr [esp+04h], edx 0x00000041 add dword ptr [esp+04h], 0000001Dh 0x00000049 inc edx 0x0000004a push edx 0x0000004b ret 0x0000004c pop edx 0x0000004d ret 0x0000004e mov di, bx 0x00000051 call 00007FD3F95E0F86h 0x00000056 mov dword ptr [ebp+12A22D4Fh], eax 0x0000005c pop ecx 0x0000005d nop 0x0000005e pushad 0x0000005f push eax 0x00000060 jmp 00007FD3F95E0F88h 0x00000065 pop eax 0x00000066 push eax 0x00000067 push edx 0x00000068 jc 00007FD3F95E0F76h 0x0000006e rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D229E5 second address: D229E9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D60E9F second address: D60EAA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007FD3F95E0F76h 0x0000000a pop edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D60EAA second address: D60EAF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D612AE second address: D612B2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D612B2 second address: D612D9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CDDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop eax 0x0000000a push esi 0x0000000b push edx 0x0000000c jmp 00007FD3F95E0CDDh 0x00000011 push eax 0x00000012 pop eax 0x00000013 pop edx 0x00000014 push ebx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D617B9 second address: D617BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D61935 second address: D61939 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D677CD second address: D677D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D677D3 second address: D677D7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D677D7 second address: D677FE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F7Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007FD3F95E0F84h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D677FE second address: D6781E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FD3F95E0CE9h 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CDCFF3 second address: CDD013 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F86h 0x00000007 jp 00007FD3F95E0F82h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: CDD013 second address: CDD019 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6615C second address: D6617E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F88h 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push edi 0x0000000c push edi 0x0000000d pop edi 0x0000000e pop edi 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D66360 second address: D66364 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D66364 second address: D6636A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6636A second address: D66370 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D66370 second address: D6637A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FD3F95E0F76h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6691C second address: D66920 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D66920 second address: D66924 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D66924 second address: D66949 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FD3F95E0CE5h 0x0000000b push eax 0x0000000c push edx 0x0000000d jl 00007FD3F95E0CD6h 0x00000013 push esi 0x00000014 pop esi 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D66949 second address: D6694F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D66ED1 second address: D66EFA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD3F95E0CE7h 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FD3F95E0CDBh 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D66EFA second address: D66EFE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6702A second address: D67030 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D67030 second address: D6703B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007FD3F95E0F76h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6703B second address: D6704B instructions: 0x00000000 rdtsc 0x00000002 ja 00007FD3F95E0CE2h 0x00000008 jnc 00007FD3F95E0CD6h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6704B second address: D67052 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D671A8 second address: D671C8 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 jmp 00007FD3F95E0CE1h 0x00000008 jg 00007FD3F95E0CD6h 0x0000000e pop edi 0x0000000f push ebx 0x00000010 pushad 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D65E4C second address: D65E54 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6C159 second address: D6C15F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6C15F second address: D6C175 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push esi 0x00000009 jns 00007FD3F95E0F76h 0x0000000f jns 00007FD3F95E0F76h 0x00000015 pop esi 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6C175 second address: D6C1AE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CDDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jp 00007FD3F95E0CE7h 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007FD3F95E0CDBh 0x00000018 push esi 0x00000019 pop esi 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6C1AE second address: D6C1B4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6C8DB second address: D6C8E0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6C8E0 second address: D6C8EA instructions: 0x00000000 rdtsc 0x00000002 jo 00007FD3F95E0F7Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6C8EA second address: D6C910 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 jmp 00007FD3F95E0CE5h 0x0000000b jmp 00007FD3F95E0CDBh 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6C910 second address: D6C914 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6C914 second address: D6C923 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ecx 0x00000009 push eax 0x0000000a push edx 0x0000000b push esi 0x0000000c pop esi 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6CC64 second address: D6CC68 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6CF5E second address: D6CF64 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6FD05 second address: D6FD1E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FD3F95E0F82h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D6FD1E second address: D6FD33 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CDDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D738CE second address: D738D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D7A46F second address: D7A47C instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 pushad 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D790C2 second address: D790C6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D790C6 second address: D790ED instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jnp 00007FD3F95E0CEEh 0x0000000f push edi 0x00000010 jl 00007FD3F95E0CD6h 0x00000016 pop edi 0x00000017 pushad 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D790ED second address: D790F3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D79219 second address: D79234 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 jng 00007FD3F95E0CD6h 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FD3F95E0CDCh 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D79388 second address: D793AE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 js 00007FD3F95E0F91h 0x0000000b push ecx 0x0000000c pop ecx 0x0000000d jmp 00007FD3F95E0F89h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D793AE second address: D793B9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jc 00007FD3F95E0CD6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D793B9 second address: D793D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 jmp 00007FD3F95E0F86h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D79534 second address: D7953C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D7953C second address: D79540 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D79540 second address: D7954A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D7954A second address: D79550 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D79550 second address: D79554 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D7E2F7 second address: D7E2FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D7D5C1 second address: D7D5D7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD3F95E0CE2h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D7D5D7 second address: D7D5FD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F7Ch 0x00000007 push edi 0x00000008 pop edi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push ecx 0x0000000c push ecx 0x0000000d pop ecx 0x0000000e pop ecx 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FD3F95E0F7Eh 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D7D8BA second address: D7D8CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 jp 00007FD3F95E0CDCh 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D7D8CB second address: D7D8D5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 js 00007FD3F95E0F76h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D7DE0A second address: D7DE35 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pushad 0x00000004 popad 0x00000005 pop esi 0x00000006 jmp 00007FD3F95E0CE9h 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 ja 00007FD3F95E0CD6h 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D7DE35 second address: D7DE4E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F85h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D7DE4E second address: D7DE60 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FD3F95E0CDCh 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D814DE second address: D814E4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D814E4 second address: D814FA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD3F95E0CE2h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D814FA second address: D814FE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D81698 second address: D8169C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D8992C second address: D89940 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 pop eax 0x00000005 jp 00007FD3F95E0F76h 0x0000000b pop ecx 0x0000000c jo 00007FD3F95E0F7Eh 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D8858E second address: D8859C instructions: 0x00000000 rdtsc 0x00000002 jc 00007FD3F95E0CD6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D8859C second address: D885A9 instructions: 0x00000000 rdtsc 0x00000002 jp 00007FD3F95E0F76h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D885A9 second address: D885CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD3F95E0CE1h 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FD3F95E0CDCh 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D885CE second address: D885D4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D885D4 second address: D885D8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D88B50 second address: D88B56 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D88B56 second address: D88B68 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jng 00007FD3F95E0CDCh 0x0000000c jno 00007FD3F95E0CD6h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D890F3 second address: D890FC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D89395 second address: D8939B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D8939B second address: D893AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push edx 0x00000007 pop edx 0x00000008 push esi 0x00000009 pop esi 0x0000000a jns 00007FD3F95E0F76h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D893AD second address: D893DF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 pushad 0x00000007 push eax 0x00000008 pop eax 0x00000009 jmp 00007FD3F95E0CE5h 0x0000000e jmp 00007FD3F95E0CE2h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D893DF second address: D893E7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push edi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D893E7 second address: D893ED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D893ED second address: D893FA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 jns 00007FD3F95E0F76h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D91DF1 second address: D91DF6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D91DF6 second address: D91E3F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F89h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jmp 00007FD3F95E0F81h 0x0000000f push edi 0x00000010 jo 00007FD3F95E0F76h 0x00000016 pop edi 0x00000017 push edx 0x00000018 push ecx 0x00000019 pop ecx 0x0000001a pop edx 0x0000001b push eax 0x0000001c push edx 0x0000001d jne 00007FD3F95E0F76h 0x00000023 jns 00007FD3F95E0F76h 0x00000029 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D90F39 second address: D90F3D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D91214 second address: D91218 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D91218 second address: D91224 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D91224 second address: D9122E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007FD3F95E0F76h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D9122E second address: D9124E instructions: 0x00000000 rdtsc 0x00000002 jg 00007FD3F95E0CD6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jbe 00007FD3F95E0CDAh 0x00000012 push eax 0x00000013 push edx 0x00000014 jnl 00007FD3F95E0CD6h 0x0000001a pushad 0x0000001b popad 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D913A7 second address: D913B5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007FD3F95E0F76h 0x0000000a popad 0x0000000b push esi 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D913B5 second address: D913BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D917C0 second address: D917C6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D917C6 second address: D917D8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jno 00007FD3F95E0CD8h 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D917D8 second address: D917E2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007FD3F95E0F76h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D91969 second address: D919A0 instructions: 0x00000000 rdtsc 0x00000002 jo 00007FD3F95E0CD6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jmp 00007FD3F95E0CE4h 0x00000011 jbe 00007FD3F95E0CD8h 0x00000017 pushad 0x00000018 popad 0x00000019 popad 0x0000001a push ebx 0x0000001b jng 00007FD3F95E0CD8h 0x00000021 pushad 0x00000022 popad 0x00000023 push ecx 0x00000024 pushad 0x00000025 popad 0x00000026 push eax 0x00000027 push edx 0x00000028 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D9A61D second address: D9A623 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D989E0 second address: D989E4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D989E4 second address: D989EA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D98C6F second address: D98C75 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D98C75 second address: D98C7B instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D99094 second address: D99099 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D9936E second address: D99372 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D99645 second address: D99650 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jp 00007FD3F95E0CD6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D99650 second address: D99656 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: D99DE1 second address: D99DFE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push ebx 0x00000006 push esi 0x00000007 pop esi 0x00000008 pop ebx 0x00000009 popad 0x0000000a push edi 0x0000000b jmp 00007FD3F95E0CDAh 0x00000010 jg 00007FD3F95E0CDCh 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: DAE7F0 second address: DAE7F4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: DB87BE second address: DB87C6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: DB87C6 second address: DB87CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: DC03B3 second address: DC03C3 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 pop eax 0x00000005 push esi 0x00000006 pop esi 0x00000007 pop ebx 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: DC03C3 second address: DC03C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: DC03C9 second address: DC03CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: DC03CD second address: DC03D7 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FD3F95E0F76h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: DC03D7 second address: DC03DC instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: DC848E second address: DC84B4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007FD3F95E0F88h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jbe 00007FD3F95E0F8Fh 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: DC789C second address: DC78A1 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: DC78A1 second address: DC78BC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD3F95E0F7Eh 0x00000009 pop edx 0x0000000a push eax 0x0000000b push edx 0x0000000c jnl 00007FD3F95E0F76h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: DCC884 second address: DCC8A2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE6h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push edx 0x0000000c pop edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: DCC8A2 second address: DCC8A8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: DCC8A8 second address: DCC8B0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: DCC8B0 second address: DCC8B4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E0C83D second address: E0C843 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E152B8 second address: E152C2 instructions: 0x00000000 rdtsc 0x00000002 jng 00007FD3F95E0F7Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E152C2 second address: E152CC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E152CC second address: E152DD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jo 00007FD3F95E0F76h 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E152DD second address: E152F5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE4h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E0EB00 second address: E0EB04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E0EB04 second address: E0EB2A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jmp 00007FD3F95E0CE7h 0x0000000e pop eax 0x0000000f pushad 0x00000010 pushad 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E2368C second address: E23690 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E23690 second address: E23696 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E23696 second address: E2369C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E2369C second address: E236A2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E236A2 second address: E236A8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E236A8 second address: E236BF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CDCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E236BF second address: E236CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FD3F95E0F76h 0x0000000a pop edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E236CA second address: E236F2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FD3F95E0CE2h 0x00000008 jmp 00007FD3F95E0CE1h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E236F2 second address: E2370D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 jmp 00007FD3F95E0F83h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E234D0 second address: E234D8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E27335 second address: E2734F instructions: 0x00000000 rdtsc 0x00000002 jne 00007FD3F95E0F76h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jnl 00007FD3F95E0F7Ah 0x00000010 push eax 0x00000011 push edx 0x00000012 push esi 0x00000013 pop esi 0x00000014 push edi 0x00000015 pop edi 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E27042 second address: E27054 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CDEh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: E27054 second address: E2705E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push edi 0x00000009 pop edi 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: EEC226 second address: EEC22A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: EEB181 second address: EEB1A6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F87h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push esi 0x0000000b pop esi 0x0000000c jp 00007FD3F95E0F76h 0x00000012 pop eax 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: EEB1A6 second address: EEB1B3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 jo 00007FD3F95E0CD6h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: EEB1B3 second address: EEB1C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jnc 00007FD3F95E0F76h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: EEB1C0 second address: EEB1D8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jnc 00007FD3F95E0CFCh 0x0000000e pushad 0x0000000f pushad 0x00000010 popad 0x00000011 push edx 0x00000012 pop edx 0x00000013 popad 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: EEB1D8 second address: EEB1DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: EEB332 second address: EEB347 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 jmp 00007FD3F95E0CDCh 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: EEB4B7 second address: EEB4CF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007FD3F95E0F7Ch 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: EEB4CF second address: EEB4D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: EEBA1E second address: EEBA24 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: EEBDCE second address: EEBDD7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: EEBDD7 second address: EEBDDB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: EEBDDB second address: EEBDE1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: EEBDE1 second address: EEBDFD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push edx 0x00000009 pop edx 0x0000000a jmp 00007FD3F95E0F82h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: EEBDFD second address: EEBE0E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CDDh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: EF1922 second address: EF192C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jl 00007FD3F95E0F76h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: EF192C second address: EF1930 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 720000A second address: 7200010 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200010 second address: 7200014 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200014 second address: 7200067 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F84h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f mov edx, 205A47E0h 0x00000014 pushfd 0x00000015 jmp 00007FD3F95E0F89h 0x0000001a sbb al, FFFFFFE6h 0x0000001d jmp 00007FD3F95E0F81h 0x00000022 popfd 0x00000023 popad 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200067 second address: 7200086 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov cx, dx 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FD3F95E0CE1h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200086 second address: 720009B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F81h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 720009B second address: 7200113 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FD3F95E0CE7h 0x00000009 xor ecx, 0EE7362Eh 0x0000000f jmp 00007FD3F95E0CE9h 0x00000014 popfd 0x00000015 jmp 00007FD3F95E0CE0h 0x0000001a popad 0x0000001b pop edx 0x0000001c pop eax 0x0000001d xchg eax, ebp 0x0000001e push eax 0x0000001f push edx 0x00000020 pushad 0x00000021 pushfd 0x00000022 jmp 00007FD3F95E0CDDh 0x00000027 add ch, 00000016h 0x0000002a jmp 00007FD3F95E0CE1h 0x0000002f popfd 0x00000030 pushad 0x00000031 popad 0x00000032 popad 0x00000033 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200113 second address: 7200189 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F87h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b jmp 00007FD3F95E0F86h 0x00000010 mov eax, dword ptr fs:[00000030h] 0x00000016 jmp 00007FD3F95E0F80h 0x0000001b sub esp, 18h 0x0000001e jmp 00007FD3F95E0F80h 0x00000023 xchg eax, ebx 0x00000024 push eax 0x00000025 push edx 0x00000026 jmp 00007FD3F95E0F87h 0x0000002b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200189 second address: 72001C0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movsx edx, cx 0x00000006 pushfd 0x00000007 jmp 00007FD3F95E0CE0h 0x0000000c jmp 00007FD3F95E0CE5h 0x00000011 popfd 0x00000012 popad 0x00000013 pop edx 0x00000014 pop eax 0x00000015 push eax 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72001C0 second address: 72001C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72001C4 second address: 72001DE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE6h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72001DE second address: 72002E4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FD3F95E0F81h 0x00000009 jmp 00007FD3F95E0F7Bh 0x0000000e popfd 0x0000000f pushfd 0x00000010 jmp 00007FD3F95E0F88h 0x00000015 sbb ecx, 38C906A8h 0x0000001b jmp 00007FD3F95E0F7Bh 0x00000020 popfd 0x00000021 popad 0x00000022 pop edx 0x00000023 pop eax 0x00000024 xchg eax, ebx 0x00000025 jmp 00007FD3F95E0F86h 0x0000002a mov ebx, dword ptr [eax+10h] 0x0000002d pushad 0x0000002e mov ebx, ecx 0x00000030 pushfd 0x00000031 jmp 00007FD3F95E0F7Ah 0x00000036 adc ah, 00000038h 0x00000039 jmp 00007FD3F95E0F7Bh 0x0000003e popfd 0x0000003f popad 0x00000040 xchg eax, esi 0x00000041 pushad 0x00000042 mov ax, 6E8Bh 0x00000046 movzx eax, di 0x00000049 popad 0x0000004a push eax 0x0000004b pushad 0x0000004c call 00007FD3F95E0F88h 0x00000051 push ecx 0x00000052 pop edi 0x00000053 pop ecx 0x00000054 jmp 00007FD3F95E0F87h 0x00000059 popad 0x0000005a xchg eax, esi 0x0000005b push eax 0x0000005c push edx 0x0000005d pushad 0x0000005e mov cx, di 0x00000061 pushfd 0x00000062 jmp 00007FD3F95E0F87h 0x00000067 adc eax, 1D44C16Eh 0x0000006d jmp 00007FD3F95E0F89h 0x00000072 popfd 0x00000073 popad 0x00000074 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72002E4 second address: 72002EA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72002EA second address: 72002EE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72002EE second address: 720036D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov esi, dword ptr [756006ECh] 0x0000000e jmp 00007FD3F95E0CDFh 0x00000013 test esi, esi 0x00000015 jmp 00007FD3F95E0CE6h 0x0000001a jne 00007FD3F95E1B95h 0x00000020 pushad 0x00000021 pushad 0x00000022 jmp 00007FD3F95E0CDCh 0x00000027 mov cx, 2D51h 0x0000002b popad 0x0000002c popad 0x0000002d push eax 0x0000002e jmp 00007FD3F95E0CE8h 0x00000033 mov dword ptr [esp], edi 0x00000036 push eax 0x00000037 push edx 0x00000038 pushad 0x00000039 jmp 00007FD3F95E0CDDh 0x0000003e movzx esi, di 0x00000041 popad 0x00000042 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 720036D second address: 72003C4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FD3F95E0F84h 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b call dword ptr [755D0B60h] 0x00000011 mov eax, 7696E5E0h 0x00000016 ret 0x00000017 pushad 0x00000018 pushfd 0x00000019 jmp 00007FD3F95E0F7Eh 0x0000001e or ax, 4198h 0x00000023 jmp 00007FD3F95E0F7Bh 0x00000028 popfd 0x00000029 movzx eax, di 0x0000002c popad 0x0000002d push 00000044h 0x0000002f push eax 0x00000030 push edx 0x00000031 jmp 00007FD3F95E0F7Eh 0x00000036 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72003C4 second address: 72003CA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72003CA second address: 72003CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72003CE second address: 72003F1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CDDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop edi 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FD3F95E0CDDh 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72003F1 second address: 7200427 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F81h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, edi 0x0000000a jmp 00007FD3F95E0F7Eh 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007FD3F95E0F7Dh 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200427 second address: 720043C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 720043C second address: 7200442 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200442 second address: 7200446 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200446 second address: 7200463 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, edi 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FD3F95E0F82h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200463 second address: 7200488 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CDBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push dword ptr [eax] 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FD3F95E0CE0h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200488 second address: 7200497 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F7Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 720050C second address: 720051E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edx 0x00000004 pop esi 0x00000005 mov dl, 29h 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov esi, eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 720051E second address: 7200522 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200522 second address: 7200528 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200528 second address: 720052E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 720052E second address: 7200532 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200532 second address: 7200578 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 test esi, esi 0x0000000a jmp 00007FD3F95E0F88h 0x0000000f je 00007FD4679600CAh 0x00000015 pushad 0x00000016 mov ebx, ecx 0x00000018 mov ah, 05h 0x0000001a popad 0x0000001b mov eax, 00000000h 0x00000020 push eax 0x00000021 push edx 0x00000022 jmp 00007FD3F95E0F81h 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200578 second address: 7200599 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop esi 0x00000005 mov edx, 36E9E22Eh 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d mov dword ptr [esi], edi 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FD3F95E0CE0h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200599 second address: 7200610 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F7Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esi+04h], eax 0x0000000c jmp 00007FD3F95E0F86h 0x00000011 mov dword ptr [esi+08h], eax 0x00000014 push eax 0x00000015 push edx 0x00000016 pushad 0x00000017 pushfd 0x00000018 jmp 00007FD3F95E0F7Dh 0x0000001d and ax, 2BC6h 0x00000022 jmp 00007FD3F95E0F81h 0x00000027 popfd 0x00000028 pushfd 0x00000029 jmp 00007FD3F95E0F80h 0x0000002e xor ecx, 1E571468h 0x00000034 jmp 00007FD3F95E0F7Bh 0x00000039 popfd 0x0000003a popad 0x0000003b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200610 second address: 7200616 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200616 second address: 720061A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 720061A second address: 720063B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esi+0Ch], eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FD3F95E0CE3h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 720063B second address: 720066F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushfd 0x00000007 jmp 00007FD3F95E0F84h 0x0000000c or al, 00000028h 0x0000000f jmp 00007FD3F95E0F7Bh 0x00000014 popfd 0x00000015 popad 0x00000016 mov eax, dword ptr [ebx+4Ch] 0x00000019 push eax 0x0000001a push edx 0x0000001b push eax 0x0000001c push edx 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 720066F second address: 7200673 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200673 second address: 7200679 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200679 second address: 7200696 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD3F95E0CE9h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200767 second address: 7200805 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FD3F95E0F7Fh 0x00000009 adc ecx, 52C2D00Eh 0x0000000f jmp 00007FD3F95E0F89h 0x00000014 popfd 0x00000015 movzx esi, bx 0x00000018 popad 0x00000019 pop edx 0x0000001a pop eax 0x0000001b mov dword ptr [esi+1Ch], eax 0x0000001e pushad 0x0000001f mov cl, bh 0x00000021 mov cx, 3021h 0x00000025 popad 0x00000026 mov eax, dword ptr [ebx+5Ch] 0x00000029 push eax 0x0000002a push edx 0x0000002b pushad 0x0000002c pushfd 0x0000002d jmp 00007FD3F95E0F89h 0x00000032 xor si, D5A6h 0x00000037 jmp 00007FD3F95E0F81h 0x0000003c popfd 0x0000003d pushfd 0x0000003e jmp 00007FD3F95E0F80h 0x00000043 adc ax, 6348h 0x00000048 jmp 00007FD3F95E0F7Bh 0x0000004d popfd 0x0000004e popad 0x0000004f rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200805 second address: 720080B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 720080B second address: 7200847 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F7Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov dword ptr [esi+20h], eax 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 pushfd 0x00000012 jmp 00007FD3F95E0F82h 0x00000017 add ecx, 40BB48D8h 0x0000001d jmp 00007FD3F95E0F7Bh 0x00000022 popfd 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200847 second address: 72008F0 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007FD3F95E0CE8h 0x00000008 xor esi, 030C1338h 0x0000000e jmp 00007FD3F95E0CDBh 0x00000013 popfd 0x00000014 pop edx 0x00000015 pop eax 0x00000016 call 00007FD3F95E0CE8h 0x0000001b push ecx 0x0000001c pop edi 0x0000001d pop ecx 0x0000001e popad 0x0000001f mov eax, dword ptr [ebx+60h] 0x00000022 pushad 0x00000023 mov si, di 0x00000026 popad 0x00000027 mov dword ptr [esi+24h], eax 0x0000002a jmp 00007FD3F95E0CE0h 0x0000002f mov eax, dword ptr [ebx+64h] 0x00000032 jmp 00007FD3F95E0CE0h 0x00000037 mov dword ptr [esi+28h], eax 0x0000003a pushad 0x0000003b push eax 0x0000003c call 00007FD3F95E0CDDh 0x00000041 pop ecx 0x00000042 pop edi 0x00000043 mov di, si 0x00000046 popad 0x00000047 mov eax, dword ptr [ebx+68h] 0x0000004a pushad 0x0000004b mov eax, 763735A5h 0x00000050 mov esi, 3B8A8721h 0x00000055 popad 0x00000056 mov dword ptr [esi+2Ch], eax 0x00000059 push eax 0x0000005a push edx 0x0000005b push eax 0x0000005c push edx 0x0000005d pushad 0x0000005e popad 0x0000005f rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72008F0 second address: 7200909 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F85h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200909 second address: 720090F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 720090F second address: 7200945 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ax, word ptr [ebx+6Ch] 0x0000000c jmp 00007FD3F95E0F7Fh 0x00000011 mov word ptr [esi+30h], ax 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007FD3F95E0F85h 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200945 second address: 72009B0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FD3F95E0CE7h 0x00000009 or cl, 0000003Eh 0x0000000c jmp 00007FD3F95E0CE9h 0x00000011 popfd 0x00000012 mov edx, esi 0x00000014 popad 0x00000015 pop edx 0x00000016 pop eax 0x00000017 mov ax, word ptr [ebx+00000088h] 0x0000001e jmp 00007FD3F95E0CDAh 0x00000023 mov word ptr [esi+32h], ax 0x00000027 push eax 0x00000028 push edx 0x00000029 jmp 00007FD3F95E0CE7h 0x0000002e rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72009B0 second address: 72009C8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD3F95E0F84h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72009C8 second address: 7200A92 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CDBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov eax, dword ptr [ebx+0000008Ch] 0x00000011 pushad 0x00000012 push eax 0x00000013 mov eax, edi 0x00000015 pop edx 0x00000016 pushfd 0x00000017 jmp 00007FD3F95E0CDCh 0x0000001c adc si, E228h 0x00000021 jmp 00007FD3F95E0CDBh 0x00000026 popfd 0x00000027 popad 0x00000028 mov dword ptr [esi+34h], eax 0x0000002b pushad 0x0000002c pushfd 0x0000002d jmp 00007FD3F95E0CE4h 0x00000032 and ax, 9488h 0x00000037 jmp 00007FD3F95E0CDBh 0x0000003c popfd 0x0000003d mov ebx, eax 0x0000003f popad 0x00000040 mov eax, dword ptr [ebx+18h] 0x00000043 jmp 00007FD3F95E0CE2h 0x00000048 mov dword ptr [esi+38h], eax 0x0000004b push eax 0x0000004c push edx 0x0000004d pushad 0x0000004e pushfd 0x0000004f jmp 00007FD3F95E0CDDh 0x00000054 sbb cl, 00000056h 0x00000057 jmp 00007FD3F95E0CE1h 0x0000005c popfd 0x0000005d pushfd 0x0000005e jmp 00007FD3F95E0CE0h 0x00000063 and esi, 1EFB5478h 0x00000069 jmp 00007FD3F95E0CDBh 0x0000006e popfd 0x0000006f popad 0x00000070 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200A92 second address: 7200ACE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F89h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [ebx+1Ch] 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FD3F95E0F88h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200ACE second address: 7200AD2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200AD2 second address: 7200AD8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200AD8 second address: 7200BC8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov si, A913h 0x00000007 mov eax, 62D3C36Fh 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f mov dword ptr [esi+3Ch], eax 0x00000012 jmp 00007FD3F95E0CE2h 0x00000017 mov eax, dword ptr [ebx+20h] 0x0000001a jmp 00007FD3F95E0CE0h 0x0000001f mov dword ptr [esi+40h], eax 0x00000022 jmp 00007FD3F95E0CE0h 0x00000027 lea eax, dword ptr [ebx+00000080h] 0x0000002d pushad 0x0000002e pushfd 0x0000002f jmp 00007FD3F95E0CDEh 0x00000034 jmp 00007FD3F95E0CE5h 0x00000039 popfd 0x0000003a pushfd 0x0000003b jmp 00007FD3F95E0CE0h 0x00000040 adc cx, E788h 0x00000045 jmp 00007FD3F95E0CDBh 0x0000004a popfd 0x0000004b popad 0x0000004c push 00000001h 0x0000004e jmp 00007FD3F95E0CE6h 0x00000053 nop 0x00000054 jmp 00007FD3F95E0CE0h 0x00000059 push eax 0x0000005a jmp 00007FD3F95E0CDBh 0x0000005f nop 0x00000060 jmp 00007FD3F95E0CE6h 0x00000065 lea eax, dword ptr [ebp-10h] 0x00000068 push eax 0x00000069 push edx 0x0000006a pushad 0x0000006b mov dl, ADh 0x0000006d pushad 0x0000006e popad 0x0000006f popad 0x00000070 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200BC8 second address: 7200BDC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ebx, 77253966h 0x00000008 mov esi, ebx 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push ecx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 popad 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200BDC second address: 7200BF7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE7h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200BF7 second address: 7200BFD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200BFD second address: 7200C01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200C36 second address: 7200C8C instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007FD3F95E0F89h 0x00000008 jmp 00007FD3F95E0F7Bh 0x0000000d popfd 0x0000000e pop edx 0x0000000f pop eax 0x00000010 call 00007FD3F95E0F88h 0x00000015 movzx esi, dx 0x00000018 pop edx 0x00000019 popad 0x0000001a mov edi, eax 0x0000001c pushad 0x0000001d mov dx, ax 0x00000020 popad 0x00000021 test edi, edi 0x00000023 push eax 0x00000024 push edx 0x00000025 push eax 0x00000026 push edx 0x00000027 push eax 0x00000028 push edx 0x00000029 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200C8C second address: 7200C90 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200C90 second address: 7200CAA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F86h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200CAA second address: 7200CF9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FD3F95E0CE1h 0x00000009 jmp 00007FD3F95E0CDBh 0x0000000e popfd 0x0000000f movzx eax, dx 0x00000012 popad 0x00000013 pop edx 0x00000014 pop eax 0x00000015 js 00007FD46795F6C8h 0x0000001b jmp 00007FD3F95E0CDBh 0x00000020 mov eax, dword ptr [ebp-0Ch] 0x00000023 push eax 0x00000024 push edx 0x00000025 push eax 0x00000026 push edx 0x00000027 jmp 00007FD3F95E0CE0h 0x0000002c rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200CF9 second address: 7200CFD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200CFD second address: 7200D03 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200D03 second address: 7200D31 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F7Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esi+04h], eax 0x0000000c jmp 00007FD3F95E0F80h 0x00000011 lea eax, dword ptr [ebx+78h] 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200D31 second address: 7200D35 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200D35 second address: 7200D3B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200D3B second address: 7200DEB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push 00000001h 0x0000000b jmp 00007FD3F95E0CE0h 0x00000010 nop 0x00000011 pushad 0x00000012 mov ebx, ecx 0x00000014 mov bh, cl 0x00000016 popad 0x00000017 push eax 0x00000018 pushad 0x00000019 pushfd 0x0000001a jmp 00007FD3F95E0CE2h 0x0000001f and si, 03F8h 0x00000024 jmp 00007FD3F95E0CDBh 0x00000029 popfd 0x0000002a mov ax, 952Fh 0x0000002e popad 0x0000002f nop 0x00000030 jmp 00007FD3F95E0CE2h 0x00000035 lea eax, dword ptr [ebp-08h] 0x00000038 pushad 0x00000039 pushfd 0x0000003a jmp 00007FD3F95E0CDEh 0x0000003f sub si, 8D88h 0x00000044 jmp 00007FD3F95E0CDBh 0x00000049 popfd 0x0000004a mov bl, al 0x0000004c popad 0x0000004d push ecx 0x0000004e jmp 00007FD3F95E0CE0h 0x00000053 mov dword ptr [esp], eax 0x00000056 push eax 0x00000057 push edx 0x00000058 push eax 0x00000059 push edx 0x0000005a pushad 0x0000005b popad 0x0000005c rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200DEB second address: 7200DF1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200DF1 second address: 7200DF7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200E17 second address: 7200E34 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F89h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200E34 second address: 7200EBF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 test edi, edi 0x0000000b pushad 0x0000000c mov di, si 0x0000000f pushad 0x00000010 pushfd 0x00000011 jmp 00007FD3F95E0CE6h 0x00000016 and cl, 00000038h 0x00000019 jmp 00007FD3F95E0CDBh 0x0000001e popfd 0x0000001f mov ch, B0h 0x00000021 popad 0x00000022 popad 0x00000023 js 00007FD46795F515h 0x00000029 jmp 00007FD3F95E0CDBh 0x0000002e mov eax, dword ptr [ebp-04h] 0x00000031 pushad 0x00000032 mov cx, 067Bh 0x00000036 pushfd 0x00000037 jmp 00007FD3F95E0CE0h 0x0000003c sub cx, 2BC8h 0x00000041 jmp 00007FD3F95E0CDBh 0x00000046 popfd 0x00000047 popad 0x00000048 mov dword ptr [esi+08h], eax 0x0000004b push eax 0x0000004c push edx 0x0000004d push eax 0x0000004e push edx 0x0000004f pushad 0x00000050 popad 0x00000051 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200EBF second address: 7200EC5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200EC5 second address: 7200ECB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200ECB second address: 7200ECF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200ECF second address: 7200F04 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b lea eax, dword ptr [ebx+70h] 0x0000000e jmp 00007FD3F95E0CE0h 0x00000013 push 00000001h 0x00000015 push eax 0x00000016 push edx 0x00000017 push eax 0x00000018 push edx 0x00000019 pushad 0x0000001a popad 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200F04 second address: 7200F21 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F89h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200F21 second address: 7200F43 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d mov bx, 3A2Eh 0x00000011 mov dx, CB3Ah 0x00000015 popad 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200F43 second address: 7200F8F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push esi 0x00000004 pop edx 0x00000005 pushfd 0x00000006 jmp 00007FD3F95E0F7Ah 0x0000000b or cl, 00000078h 0x0000000e jmp 00007FD3F95E0F7Bh 0x00000013 popfd 0x00000014 popad 0x00000015 pop edx 0x00000016 pop eax 0x00000017 push eax 0x00000018 jmp 00007FD3F95E0F89h 0x0000001d nop 0x0000001e push eax 0x0000001f push edx 0x00000020 jmp 00007FD3F95E0F7Dh 0x00000025 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200F8F second address: 7200F95 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200F95 second address: 7200F99 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200F99 second address: 7200FBF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE3h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b lea eax, dword ptr [ebp-18h] 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 mov ecx, edx 0x00000013 mov bx, 25B2h 0x00000017 popad 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7200FBF second address: 720102E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F88h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a pushad 0x0000000b pushad 0x0000000c mov edx, esi 0x0000000e jmp 00007FD3F95E0F88h 0x00000013 popad 0x00000014 pushfd 0x00000015 jmp 00007FD3F95E0F82h 0x0000001a add si, 0458h 0x0000001f jmp 00007FD3F95E0F7Bh 0x00000024 popfd 0x00000025 popad 0x00000026 push eax 0x00000027 push eax 0x00000028 push edx 0x00000029 push eax 0x0000002a push edx 0x0000002b jmp 00007FD3F95E0F7Bh 0x00000030 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 720102E second address: 7201034 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7201034 second address: 720105D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F84h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d call 00007FD3F95E0F7Ch 0x00000012 pop ecx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7201080 second address: 72010B2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CDBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov edi, eax 0x0000000b jmp 00007FD3F95E0CE6h 0x00000010 test edi, edi 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 movsx edi, ax 0x00000018 mov edx, eax 0x0000001a popad 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7201200 second address: 720120A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov edi, 6128A84Eh 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 720120A second address: 720120F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 720120F second address: 72012CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushfd 0x00000005 jmp 00007FD3F95E0F80h 0x0000000a sbb si, 2598h 0x0000000f jmp 00007FD3F95E0F7Bh 0x00000014 popfd 0x00000015 popad 0x00000016 pop edx 0x00000017 pop eax 0x00000018 mov dword ptr [edx], eax 0x0000001a jmp 00007FD3F95E0F86h 0x0000001f mov eax, dword ptr [esi+04h] 0x00000022 pushad 0x00000023 mov edi, ecx 0x00000025 mov dx, ax 0x00000028 popad 0x00000029 mov dword ptr [edx+04h], eax 0x0000002c pushad 0x0000002d push eax 0x0000002e mov bx, 0DD4h 0x00000032 pop edi 0x00000033 pushfd 0x00000034 jmp 00007FD3F95E0F7Ah 0x00000039 or esi, 70E72A58h 0x0000003f jmp 00007FD3F95E0F7Bh 0x00000044 popfd 0x00000045 popad 0x00000046 mov eax, dword ptr [esi+08h] 0x00000049 jmp 00007FD3F95E0F86h 0x0000004e mov dword ptr [edx+08h], eax 0x00000051 jmp 00007FD3F95E0F80h 0x00000056 mov eax, dword ptr [esi+0Ch] 0x00000059 push eax 0x0000005a push edx 0x0000005b jmp 00007FD3F95E0F87h 0x00000060 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72012CA second address: 72012F6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov esi, edx 0x00000005 push edx 0x00000006 pop eax 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov dword ptr [edx+0Ch], eax 0x0000000d jmp 00007FD3F95E0CDDh 0x00000012 mov eax, dword ptr [esi+10h] 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007FD3F95E0CDDh 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72012F6 second address: 7201315 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F81h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [edx+10h], eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f mov ax, 3769h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7201315 second address: 7201347 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007FD3F95E0CE6h 0x00000008 sbb ax, BE38h 0x0000000d jmp 00007FD3F95E0CDBh 0x00000012 popfd 0x00000013 pop edx 0x00000014 pop eax 0x00000015 push eax 0x00000016 push edx 0x00000017 mov si, D605h 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7201347 second address: 7201370 instructions: 0x00000000 rdtsc 0x00000002 call 00007FD3F95E0F82h 0x00000007 pop esi 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b mov eax, dword ptr [esi+14h] 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FD3F95E0F7Ch 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7201370 second address: 7201395 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FD3F95E0CE1h 0x00000008 pushad 0x00000009 popad 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d mov dword ptr [edx+14h], eax 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 mov di, 363Ch 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7201395 second address: 720139A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 720139A second address: 72013B5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD3F95E0CE7h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72013B5 second address: 72013DC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [esi+18h] 0x0000000b pushad 0x0000000c mov bx, 2A46h 0x00000010 mov dl, A4h 0x00000012 popad 0x00000013 mov dword ptr [edx+18h], eax 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 jmp 00007FD3F95E0F7Bh 0x0000001e mov ebx, eax 0x00000020 popad 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72013DC second address: 72013FE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [esi+1Ch] 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72013FE second address: 7201404 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7201404 second address: 7201424 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [edx+1Ch], eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f pushad 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7201424 second address: 7201429 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7201429 second address: 7201442 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD3F95E0CE5h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7201442 second address: 7201452 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [esi+20h] 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7201452 second address: 7201518 instructions: 0x00000000 rdtsc 0x00000002 mov dx, ADFAh 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push edx 0x00000009 pushfd 0x0000000a jmp 00007FD3F95E0CDEh 0x0000000f or al, 00000038h 0x00000012 jmp 00007FD3F95E0CDBh 0x00000017 popfd 0x00000018 pop esi 0x00000019 popad 0x0000001a mov dword ptr [edx+20h], eax 0x0000001d pushad 0x0000001e mov eax, edi 0x00000020 mov esi, edi 0x00000022 popad 0x00000023 mov eax, dword ptr [esi+24h] 0x00000026 pushad 0x00000027 call 00007FD3F95E0CE9h 0x0000002c movzx esi, di 0x0000002f pop edx 0x00000030 jmp 00007FD3F95E0CDAh 0x00000035 popad 0x00000036 mov dword ptr [edx+24h], eax 0x00000039 jmp 00007FD3F95E0CE0h 0x0000003e mov eax, dword ptr [esi+28h] 0x00000041 jmp 00007FD3F95E0CE0h 0x00000046 mov dword ptr [edx+28h], eax 0x00000049 jmp 00007FD3F95E0CE0h 0x0000004e mov ecx, dword ptr [esi+2Ch] 0x00000051 jmp 00007FD3F95E0CE0h 0x00000056 mov dword ptr [edx+2Ch], ecx 0x00000059 pushad 0x0000005a movzx esi, dx 0x0000005d call 00007FD3F95E0CE3h 0x00000062 push eax 0x00000063 push edx 0x00000064 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7201518 second address: 7201571 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 popad 0x00000006 mov ax, word ptr [esi+30h] 0x0000000a pushad 0x0000000b pushfd 0x0000000c jmp 00007FD3F95E0F7Bh 0x00000011 and ecx, 7A60912Eh 0x00000017 jmp 00007FD3F95E0F89h 0x0000001c popfd 0x0000001d push eax 0x0000001e push edx 0x0000001f pushfd 0x00000020 jmp 00007FD3F95E0F7Eh 0x00000025 sub cx, 36A8h 0x0000002a jmp 00007FD3F95E0F7Bh 0x0000002f popfd 0x00000030 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7201571 second address: 7201575 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7201575 second address: 72015CC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov word ptr [edx+30h], ax 0x0000000b jmp 00007FD3F95E0F84h 0x00000010 mov ax, word ptr [esi+32h] 0x00000014 pushad 0x00000015 push esi 0x00000016 mov eax, edx 0x00000018 pop ebx 0x00000019 mov cl, ABh 0x0000001b popad 0x0000001c mov word ptr [edx+32h], ax 0x00000020 pushad 0x00000021 push eax 0x00000022 push edx 0x00000023 pushfd 0x00000024 jmp 00007FD3F95E0F7Dh 0x00000029 sub ax, 1426h 0x0000002e jmp 00007FD3F95E0F81h 0x00000033 popfd 0x00000034 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72015CC second address: 7201634 instructions: 0x00000000 rdtsc 0x00000002 call 00007FD3F95E0CE0h 0x00000007 pop esi 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push edx 0x0000000b mov ebx, ecx 0x0000000d pop ecx 0x0000000e popad 0x0000000f mov eax, dword ptr [esi+34h] 0x00000012 jmp 00007FD3F95E0CE9h 0x00000017 mov dword ptr [edx+34h], eax 0x0000001a push eax 0x0000001b push edx 0x0000001c pushad 0x0000001d pushfd 0x0000001e jmp 00007FD3F95E0CE3h 0x00000023 jmp 00007FD3F95E0CE3h 0x00000028 popfd 0x00000029 mov bx, ax 0x0000002c popad 0x0000002d rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7201634 second address: 7201680 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F85h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 test ecx, 00000700h 0x0000000f jmp 00007FD3F95E0F7Eh 0x00000014 jne 00007FD46795F02Ch 0x0000001a push eax 0x0000001b push edx 0x0000001c jmp 00007FD3F95E0F87h 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7201680 second address: 72016A9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 or dword ptr [edx+38h], FFFFFFFFh 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 pushad 0x00000011 popad 0x00000012 mov ecx, edi 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72016A9 second address: 72016F3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007FD3F95E0F80h 0x00000008 pop esi 0x00000009 push edi 0x0000000a pop esi 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e or dword ptr [edx+3Ch], FFFFFFFFh 0x00000012 jmp 00007FD3F95E0F7Dh 0x00000017 or dword ptr [edx+40h], FFFFFFFFh 0x0000001b push eax 0x0000001c push edx 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007FD3F95E0F88h 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72016F3 second address: 72016F7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72016F7 second address: 72016FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 72016FD second address: 720170D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov di, ax 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop esi 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 720170D second address: 7201711 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7201711 second address: 7201717 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7250C05 second address: 7250C0B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7250C0B second address: 7250C0F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7250C0F second address: 7250C3B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a mov bx, ax 0x0000000d push ecx 0x0000000e mov edx, 49263CDAh 0x00000013 pop edi 0x00000014 popad 0x00000015 xchg eax, ebp 0x00000016 jmp 00007FD3F95E0F7Eh 0x0000001b mov ebp, esp 0x0000001d push eax 0x0000001e push edx 0x0000001f push eax 0x00000020 push edx 0x00000021 pushad 0x00000022 popad 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7250C3B second address: 7250C3F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7250C3F second address: 7250C45 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7250C45 second address: 7250C4B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 719005F second address: 719007A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F87h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 719071E second address: 7190736 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD3F95E0CE4h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7190736 second address: 7190767 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jmp 00007FD3F95E0F7Eh 0x0000000e xchg eax, ebp 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FD3F95E0F87h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7190767 second address: 71907AC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b pushad 0x0000000c jmp 00007FD3F95E0CDCh 0x00000011 mov edx, eax 0x00000013 popad 0x00000014 pop ebp 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007FD3F95E0CE3h 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71907AC second address: 71907B2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71907B2 second address: 71907B6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71907B6 second address: 71907BA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7190B26 second address: 7190BCF instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007FD3F95E0CDFh 0x00000008 and ch, 0000004Eh 0x0000000b jmp 00007FD3F95E0CE9h 0x00000010 popfd 0x00000011 pop edx 0x00000012 pop eax 0x00000013 pushfd 0x00000014 jmp 00007FD3F95E0CE0h 0x00000019 sub eax, 6FF580C8h 0x0000001f jmp 00007FD3F95E0CDBh 0x00000024 popfd 0x00000025 popad 0x00000026 xchg eax, ebp 0x00000027 pushad 0x00000028 mov cx, 275Bh 0x0000002c mov ch, DEh 0x0000002e popad 0x0000002f push eax 0x00000030 pushad 0x00000031 movzx eax, di 0x00000034 mov eax, ebx 0x00000036 popad 0x00000037 xchg eax, ebp 0x00000038 jmp 00007FD3F95E0CE7h 0x0000003d mov ebp, esp 0x0000003f push eax 0x00000040 push edx 0x00000041 pushad 0x00000042 pushfd 0x00000043 jmp 00007FD3F95E0CDEh 0x00000048 jmp 00007FD3F95E0CE5h 0x0000004d popfd 0x0000004e popad 0x0000004f rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7190BCF second address: 7190BDF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD3F95E0F7Ch 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 7190BDF second address: 7190BE3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71E0AD2 second address: 71E0AD6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71E0AD6 second address: 71E0ADC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71E0ADC second address: 71E0B05 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FD3F95E0F82h 0x00000009 sbb ax, D038h 0x0000000e jmp 00007FD3F95E0F7Bh 0x00000013 popfd 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71E0B05 second address: 71E0B4C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 pop ebp 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b call 00007FD3F95E0CE1h 0x00000010 pop eax 0x00000011 pushfd 0x00000012 jmp 00007FD3F95E0CE1h 0x00000017 or ax, 6986h 0x0000001c jmp 00007FD3F95E0CE1h 0x00000021 popfd 0x00000022 popad 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0C32 second address: 71B0C7F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FD3F95E0F87h 0x00000009 and eax, 271CEB0Eh 0x0000000f jmp 00007FD3F95E0F89h 0x00000014 popfd 0x00000015 pushad 0x00000016 popad 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a push eax 0x0000001b push eax 0x0000001c push edx 0x0000001d jmp 00007FD3F95E0F7Ah 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0C7F second address: 71B0C91 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD3F95E0CDEh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0C91 second address: 71B0CD9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 pushad 0x0000000a movsx edi, ax 0x0000000d mov bl, al 0x0000000f popad 0x00000010 mov ebp, esp 0x00000012 pushad 0x00000013 jmp 00007FD3F95E0F87h 0x00000018 mov dx, si 0x0000001b popad 0x0000001c and esp, FFFFFFF0h 0x0000001f pushad 0x00000020 movzx esi, dx 0x00000023 mov dl, 76h 0x00000025 popad 0x00000026 sub esp, 44h 0x00000029 push eax 0x0000002a push edx 0x0000002b jmp 00007FD3F95E0F7Bh 0x00000030 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0CD9 second address: 71B0CFD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0CFD second address: 71B0D03 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0D03 second address: 71B0D2B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0CE2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FD3F95E0CDDh 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0D2B second address: 71B0D31 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0D31 second address: 71B0D48 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD3F95E0CE3h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0D48 second address: 71B0D63 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FD3F95E0F80h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0D63 second address: 71B0D84 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov bx, 0EA4h 0x00000007 mov si, bx 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push esp 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 mov esi, ebx 0x00000013 jmp 00007FD3F95E0CDDh 0x00000018 popad 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0D84 second address: 71B0DA2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD3F95E0F81h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], esi 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0DA2 second address: 71B0DA8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0DA8 second address: 71B0DAD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0DAD second address: 71B0DEA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov ebx, eax 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, edi 0x0000000a pushad 0x0000000b pushfd 0x0000000c jmp 00007FD3F95E0CE6h 0x00000011 sbb cx, 5A18h 0x00000016 jmp 00007FD3F95E0CDBh 0x0000001b popfd 0x0000001c mov ch, EDh 0x0000001e popad 0x0000001f push eax 0x00000020 push eax 0x00000021 push edx 0x00000022 push eax 0x00000023 push edx 0x00000024 pushad 0x00000025 popad 0x00000026 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0DEA second address: 71B0DEE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0DEE second address: 71B0DF4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0DF4 second address: 71B0E77 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ebx, esi 0x00000005 mov esi, 6D7230B7h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d xchg eax, edi 0x0000000e jmp 00007FD3F95E0F7Ah 0x00000013 mov edi, dword ptr [ebp+08h] 0x00000016 pushad 0x00000017 mov esi, 72650DFDh 0x0000001c pushfd 0x0000001d jmp 00007FD3F95E0F7Ah 0x00000022 xor ecx, 20CEDED8h 0x00000028 jmp 00007FD3F95E0F7Bh 0x0000002d popfd 0x0000002e popad 0x0000002f mov dword ptr [esp+24h], 00000000h 0x00000037 push eax 0x00000038 push edx 0x00000039 pushad 0x0000003a pushfd 0x0000003b jmp 00007FD3F95E0F7Bh 0x00000040 jmp 00007FD3F95E0F83h 0x00000045 popfd 0x00000046 jmp 00007FD3F95E0F88h 0x0000004b popad 0x0000004c rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0E77 second address: 71B0E7D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0E7D second address: 71B0E81 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0E81 second address: 71B0E85 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0E85 second address: 71B0E99 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 lock bts dword ptr [edi], 00000000h 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 mov di, cx 0x00000013 popad 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0E99 second address: 71B0F42 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FD3F95E0CE9h 0x00000009 xor si, 63E6h 0x0000000e jmp 00007FD3F95E0CE1h 0x00000013 popfd 0x00000014 mov ax, 4E17h 0x00000018 popad 0x00000019 pop edx 0x0000001a pop eax 0x0000001b jc 00007FD469862235h 0x00000021 pushad 0x00000022 pushad 0x00000023 mov eax, 4D47B3A5h 0x00000028 mov dl, ch 0x0000002a popad 0x0000002b pushfd 0x0000002c jmp 00007FD3F95E0CE7h 0x00000031 jmp 00007FD3F95E0CE3h 0x00000036 popfd 0x00000037 popad 0x00000038 pop edi 0x00000039 pushad 0x0000003a mov eax, 6DD938FBh 0x0000003f pushfd 0x00000040 jmp 00007FD3F95E0CE0h 0x00000045 or si, CC48h 0x0000004a jmp 00007FD3F95E0CDBh 0x0000004f popfd 0x00000050 popad 0x00000051 pop esi 0x00000052 push eax 0x00000053 push edx 0x00000054 push eax 0x00000055 push edx 0x00000056 pushad 0x00000057 popad 0x00000058 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0F42 second address: 71B0F48 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0F48 second address: 71B0F90 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007FD3F95E0CE8h 0x00000008 pop eax 0x00000009 push edx 0x0000000a pop eax 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pop ebx 0x0000000f jmp 00007FD3F95E0CDDh 0x00000014 mov esp, ebp 0x00000016 jmp 00007FD3F95E0CDEh 0x0000001b pop ebp 0x0000001c push eax 0x0000001d push edx 0x0000001e pushad 0x0000001f movsx edx, ax 0x00000022 push eax 0x00000023 push edx 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71B0F90 second address: 71B0F95 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71F06F5 second address: 71F0748 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FD3F95E0CE9h 0x00000009 or al, FFFFFF96h 0x0000000c jmp 00007FD3F95E0CE1h 0x00000011 popfd 0x00000012 mov ch, D8h 0x00000014 popad 0x00000015 pop edx 0x00000016 pop eax 0x00000017 push eax 0x00000018 push eax 0x00000019 push edx 0x0000001a jmp 00007FD3F95E0CE9h 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71F0748 second address: 71F0782 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FD3F95E0F87h 0x00000008 mov ebx, eax 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d xchg eax, ebp 0x0000000e jmp 00007FD3F95E0F82h 0x00000013 mov ebp, esp 0x00000015 push eax 0x00000016 push edx 0x00000017 push eax 0x00000018 push edx 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71F0782 second address: 71F0786 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\Gy53Tq6BdK.exe |
RDTSC instruction interceptor: First address: 71F0786 second address: 71F078C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |