Source: LP4a6BowQN.exe, 00000000.00000003.1662850371.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990318345.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662634082.0000000000BFA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E |
Source: LP4a6BowQN.exe, 00000000.00000003.1450197489.00000000054BC000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0 |
Source: LP4a6BowQN.exe, 00000000.00000003.1450197489.00000000054BC000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B |
Source: LP4a6BowQN.exe, 00000000.00000003.1662850371.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990318345.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662634082.0000000000BFA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0 |
Source: LP4a6BowQN.exe, 00000000.00000003.1662850371.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990318345.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662634082.0000000000BFA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C |
Source: LP4a6BowQN.exe, 00000000.00000003.1662983578.0000000000BF8000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662962189.0000000000BF5000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662713332.0000000000BEE000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990583895.0000000000BF9000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl.globalsign.com/codesigningrootr45.crl0U |
Source: LP4a6BowQN.exe, 00000000.00000003.1662983578.0000000000BF8000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662850371.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662962189.0000000000BF5000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662713332.0000000000BEE000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990583895.0000000000BF9000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990318345.0000000000B98000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl.globalsign.com/root-r3.crl0G |
Source: LP4a6BowQN.exe, LP4a6BowQN.exe, 00000000.00000003.1399414782.0000000000BA3000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1519966217.0000000000BA3000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662713332.0000000000BEE000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1506334302.0000000000BE3000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1479177875.0000000000BA3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl.microH |
Source: LP4a6BowQN.exe, 00000000.00000003.1450197489.00000000054BC000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0 |
Source: LP4a6BowQN.exe, 00000000.00000003.1662850371.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990318345.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662634082.0000000000BFA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0 |
Source: LP4a6BowQN.exe, 00000000.00000003.1450197489.00000000054BC000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07 |
Source: LP4a6BowQN.exe, 00000000.00000003.1450197489.00000000054BC000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0= |
Source: LP4a6BowQN.exe, 00000000.00000003.1662850371.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990318345.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662634082.0000000000BFA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0 |
Source: LP4a6BowQN.exe, 00000000.00000003.1662850371.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990318345.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662634082.0000000000BFA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0 |
Source: LP4a6BowQN.exe, 00000000.00000003.1450197489.00000000054BC000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00 |
Source: LP4a6BowQN.exe, 00000000.00000003.1450197489.00000000054BC000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0? |
Source: LP4a6BowQN.exe, 00000000.00000002.1994446587.0000000005AF9000.00000002.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662614324.0000000000C23000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662371385.0000000005557000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://nsis.sf.net/NSIS_ErrorError |
Source: LP4a6BowQN.exe, 00000000.00000003.1450197489.00000000054BC000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0 |
Source: LP4a6BowQN.exe, 00000000.00000003.1662850371.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990318345.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662634082.0000000000BFA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0A |
Source: LP4a6BowQN.exe, 00000000.00000003.1662850371.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990318345.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662634082.0000000000BFA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0C |
Source: LP4a6BowQN.exe, 00000000.00000003.1662850371.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990318345.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662634082.0000000000BFA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0X |
Source: LP4a6BowQN.exe, 00000000.00000003.1662983578.0000000000BF8000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662962189.0000000000BF5000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662713332.0000000000BEE000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990583895.0000000000BF9000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.globalsign.com/codesigningrootr450F |
Source: LP4a6BowQN.exe, 00000000.00000003.1662983578.0000000000BF8000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662850371.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662962189.0000000000BF5000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662713332.0000000000BEE000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990583895.0000000000BF9000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990318345.0000000000B98000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.globalsign.com/rootr30; |
Source: LP4a6BowQN.exe, 00000000.00000003.1450197489.00000000054BC000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.rootca1.amazontrust.com0: |
Source: LP4a6BowQN.exe, 00000000.00000003.1662983578.0000000000BF8000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662962189.0000000000BF5000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662713332.0000000000BEE000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990583895.0000000000BF9000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://secure.globalsign.com/cacert/codesigningrootr45.crt0A |
Source: LP4a6BowQN.exe, 00000000.00000003.1662983578.0000000000BF8000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662850371.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662962189.0000000000BF5000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662713332.0000000000BEE000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990583895.0000000000BF9000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990318345.0000000000B98000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://secure.globalsign.com/cacert/root-r3.crt06 |
Source: Amcache.hve.6.dr | String found in binary or memory: http://upx.sf.net |
Source: LP4a6BowQN.exe, 00000000.00000003.1450197489.00000000054BC000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://x1.c.lencr.org/0 |
Source: LP4a6BowQN.exe, 00000000.00000003.1450197489.00000000054BC000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://x1.i.lencr.org/0 |
Source: LP4a6BowQN.exe, 00000000.00000003.1400298929.00000000054DD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1400223917.00000000054DD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1400160474.00000000054DF000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://ac.ecosia.org/autocomplete?q= |
Source: LP4a6BowQN.exe, 00000000.00000003.1662738750.00000000054AD000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://aui-cdn.atlassian.com/ |
Source: LP4a6BowQN.exe, 00000000.00000003.1662738750.00000000054AD000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-frontbucket-canary.prod-east.frontend.public.atl-paas.net |
Source: LP4a6BowQN.exe, 00000000.00000003.1662738750.00000000054AD000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-frontbucket-exp.prod-east.frontend.public.atl-paas.net |
Source: LP4a6BowQN.exe, 00000000.00000003.1662738750.00000000054AD000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-frontbucket-static.prod-east.frontend.public.atl-paas.net |
Source: LP4a6BowQN.exe, 00000000.00000003.1662738750.00000000054AD000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-frontbucket-static.stg-east.frontend.public.atl-paas.net |
Source: LP4a6BowQN.exe | String found in binary or memory: https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl |
Source: LP4a6BowQN.exe, 00000000.00000003.1662738750.00000000054AD000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/ |
Source: LP4a6BowQN.exe, 00000000.00000003.1662738750.00000000054AD000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/; |
Source: LP4a6BowQN.exe, 00000000.00000003.1662738750.00000000054AD000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-object-storage--frontbucket.us-east-1.staging.public.atl-paas.net/ |
Source: LP4a6BowQN.exe, 00000000.00000003.1662634082.0000000000BFF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bbuseruploads.s3.amazonaws.com/ |
Source: LP4a6BowQN.exe, 00000000.00000003.1662738750.00000000054AD000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbuseruploads.s3.amazonaws.com/70e84e0b-e14f-45c5-ab65-07760e9609fc/downloads/eaef3307-3cc1- |
Source: LP4a6BowQN.exe, 00000000.00000003.1662850371.0000000000BA3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bbuseruploads.s3.amazonaws.com:443/70e84e0b-e14f-45c5-ab65-07760e9609fc/downloads/eaef3307-3 |
Source: LP4a6BowQN.exe, 00000000.00000002.1993802166.0000000005497000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662850371.0000000000BA3000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662850371.0000000000B82000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bitbucket.org/mynewworkspace123312/scnd/downloads/FormattingCharitable.exe |
Source: LP4a6BowQN.exe, 00000000.00000002.1984216252.00000000006FA000.00000004.00000010.00020000.00000000.sdmp | String found in binary or memory: https://bitbucket.org/mynewworkspace123312/scnd/downloads/FormattingCharitable.exe.0.0 |
Source: LP4a6BowQN.exe, 00000000.00000002.1990318345.0000000000B82000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662850371.0000000000B82000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bitbucket.org/mynewworkspace123312/scnd/downloads/FormattingCharitable.exeX |
Source: LP4a6BowQN.exe, 00000000.00000002.1993802166.0000000005497000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bitbucket.org/mynewworkspace123312/scnd/downloads/FormattingCharitable.exed |
Source: LP4a6BowQN.exe, 00000000.00000003.1452753970.00000000054A0000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696490019400400000.2&ci=1696490019252. |
Source: LP4a6BowQN.exe, 00000000.00000003.1474687846.0000000005496000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1475117260.000000000549C000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696490019400400000.1&ci=1696490019252.12791&cta |
Source: LP4a6BowQN.exe, 00000000.00000003.1662738750.00000000054AD000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://cdn.cookielaw.org/ |
Source: LP4a6BowQN.exe, 00000000.00000003.1400298929.00000000054DD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1400223917.00000000054DD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1400160474.00000000054DF000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q= |
Source: LP4a6BowQN.exe, 00000000.00000003.1400298929.00000000054DD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1400223917.00000000054DD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1400160474.00000000054DF000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search |
Source: LP4a6BowQN.exe, 00000000.00000003.1400298929.00000000054DD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1400223917.00000000054DD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1400160474.00000000054DF000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command= |
Source: LP4a6BowQN.exe, 00000000.00000003.1452753970.00000000054A0000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpg |
Source: LP4a6BowQN.exe, 00000000.00000003.1474687846.0000000005496000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1475117260.000000000549C000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg |
Source: LP4a6BowQN.exe, 00000000.00000003.1475117260.000000000549C000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1449717243.000000000549D000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1505886935.000000000549D000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1399489133.0000000000B82000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/ |
Source: LP4a6BowQN.exe, 00000000.00000003.1520684768.0000000000C13000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/7 |
Source: LP4a6BowQN.exe, 00000000.00000003.1425120047.000000000549E000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1424948648.0000000005499000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/a |
Source: LP4a6BowQN.exe, 00000000.00000003.1399414782.0000000000BA3000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1450463340.000000000549D000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1450513722.00000000054A0000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1520684768.0000000000BFF000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1424948648.0000000005499000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1399414782.0000000000B9A000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1519966217.0000000000B8B000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1449717243.000000000549D000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1506045565.0000000000C13000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1452753970.00000000054A0000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1449804953.00000000054A0000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/api |
Source: LP4a6BowQN.exe, 00000000.00000003.1449986604.00000000054A1000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1450463340.000000000549D000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1450513722.00000000054A0000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1449717243.000000000549D000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1452753970.00000000054A0000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1449804953.00000000054A0000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/apim |
Source: LP4a6BowQN.exe, 00000000.00000003.1399414782.0000000000BA3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/d |
Source: LP4a6BowQN.exe, 00000000.00000003.1399414782.0000000000BA3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/pi |
Source: LP4a6BowQN.exe, 00000000.00000003.1506045565.0000000000C13000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/t |
Source: LP4a6BowQN.exe, LP4a6BowQN.exe, 00000000.00000003.1519966217.0000000000BA3000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1399414782.0000000000B9A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz:443/api |
Source: LP4a6BowQN.exe, 00000000.00000003.1400298929.00000000054DD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1400223917.00000000054DD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1400160474.00000000054DF000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://duckduckgo.com/ac/?q= |
Source: LP4a6BowQN.exe, 00000000.00000003.1400298929.00000000054DD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1400223917.00000000054DD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1400160474.00000000054DF000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://duckduckgo.com/chrome_newtab |
Source: LP4a6BowQN.exe, 00000000.00000003.1400298929.00000000054DD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1400223917.00000000054DD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1400160474.00000000054DF000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q= |
Source: LP4a6BowQN.exe | String found in binary or memory: https://dz8aopenkvv6s.cloudfront. |
Source: LP4a6BowQN.exe, 00000000.00000003.1662962189.0000000000BF5000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1993802166.0000000005497000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662713332.0000000000BEE000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1993802166.00000000054AD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662738750.00000000054AD000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://dz8aopenkvv6s.cloudfront.net |
Source: LP4a6BowQN.exe, 00000000.00000003.1474687846.0000000005496000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1475117260.000000000549C000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1452753970.00000000054A0000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pqWfpl%2B4pbW4pbWfpbW7ReNxR3UIG8zInwYIFIVs9e |
Source: LP4a6BowQN.exe, LP4a6BowQN.exe, 00000000.00000003.1662962189.0000000000BF5000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1993802166.0000000005497000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662713332.0000000000BEE000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1993802166.00000000054AD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662738750.00000000054AD000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://remote-app-switcher.prod-east.frontend.public.atl-paas.net |
Source: LP4a6BowQN.exe, LP4a6BowQN.exe, 00000000.00000003.1662962189.0000000000BF5000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1993802166.0000000005497000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662713332.0000000000BEE000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1993802166.00000000054AD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662738750.00000000054AD000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://remote-app-switcher.stg-east.frontend.public.atl-paas.net |
Source: LP4a6BowQN.exe, 00000000.00000003.1452009343.00000000055B8000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br |
Source: LP4a6BowQN.exe, 00000000.00000003.1452009343.00000000055B8000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.mozilla.org/products/firefoxgro.all |
Source: LP4a6BowQN.exe, LP4a6BowQN.exe, 00000000.00000003.1662962189.0000000000BF5000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1993802166.0000000005497000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662713332.0000000000BEE000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1993802166.00000000054AD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662738750.00000000054AD000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://web-security-reports.services.atlassian.com/csp-report/bb-website |
Source: LP4a6BowQN.exe, 00000000.00000003.1474687846.0000000005496000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1475117260.000000000549C000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_ef0fa27a12d43fbd45649e195429e8a63ddcad7cf7e128c0 |
Source: LP4a6BowQN.exe, 00000000.00000003.1400298929.00000000054DD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1400223917.00000000054DD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1400160474.00000000054DF000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.ecosia.org/newtab/ |
Source: LP4a6BowQN.exe, 00000000.00000003.1662983578.0000000000BF8000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662850371.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662962189.0000000000BF5000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1662713332.0000000000BEE000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990583895.0000000000BF9000.00000004.00000020.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000002.1990318345.0000000000B98000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.globalsign.com/repository/0 |
Source: LP4a6BowQN.exe, 00000000.00000003.1400298929.00000000054DD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1400223917.00000000054DD000.00000004.00000800.00020000.00000000.sdmp, LP4a6BowQN.exe, 00000000.00000003.1400160474.00000000054DF000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico |
Source: LP4a6BowQN.exe, 00000000.00000003.1452009343.00000000055B8000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.jXqaKJMO4ZEP |
Source: LP4a6BowQN.exe, 00000000.00000003.1452009343.00000000055B8000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.NYz0wxyUaYSW |
Source: LP4a6BowQN.exe, 00000000.00000003.1452009343.00000000055B8000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/gro.allizom.www.d |
Source: LP4a6BowQN.exe, 00000000.00000003.1452009343.00000000055B8000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig |
Source: LP4a6BowQN.exe, 00000000.00000003.1452009343.00000000055B8000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www. |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 837D6A second address: 837D6E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9B940F second address: 9B941F instructions: 0x00000000 rdtsc 0x00000002 jno 00007FC8BCD07016h 0x00000008 jnc 00007FC8BCD07016h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9B86B1 second address: 9B86C7 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pushad 0x00000004 popad 0x00000005 jno 00007FC8BCFEEF06h 0x0000000b pop edx 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 push edx 0x00000013 pop edx 0x00000014 push eax 0x00000015 pop eax 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9B86C7 second address: 9B86EC instructions: 0x00000000 rdtsc 0x00000002 jne 00007FC8BCD07016h 0x00000008 push esi 0x00000009 pop esi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jmp 00007FC8BCD07029h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9B86EC second address: 9B870C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jl 00007FC8BCFEEF06h 0x00000009 jmp 00007FC8BCFEEF11h 0x0000000e push edi 0x0000000f pop edi 0x00000010 popad 0x00000011 push edi 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9B8C8A second address: 9B8CC5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC8BCD07023h 0x00000009 jmp 00007FC8BCD07023h 0x0000000e jp 00007FC8BCD0701Eh 0x00000014 pushad 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9B8CC5 second address: 9B8CCB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB59F second address: 9BB5AA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push edi 0x00000008 pop edi 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB5AA second address: 9BB5C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 mov eax, dword ptr [eax] 0x00000008 jl 00007FC8BCFEEF18h 0x0000000e push eax 0x0000000f push edx 0x00000010 jno 00007FC8BCFEEF06h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB5C0 second address: 9BB5C4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB691 second address: 9BB6A5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF10h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB6FB second address: 9BB72E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pop ecx 0x00000006 mov dword ptr [esp], eax 0x00000009 mov dword ptr [ebp+122D1EEDh], esi 0x0000000f push 00000000h 0x00000011 mov di, 6F78h 0x00000015 push 20362766h 0x0000001a push eax 0x0000001b push edx 0x0000001c push eax 0x0000001d jmp 00007FC8BCD07025h 0x00000022 pop eax 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB72E second address: 9BB739 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jno 00007FC8BCFEEF06h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB739 second address: 9BB772 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 xor dword ptr [esp], 203627E6h 0x0000000e mov edi, esi 0x00000010 push 00000003h 0x00000012 mov edi, dword ptr [ebp+122D38E6h] 0x00000018 push 00000000h 0x0000001a push 00000003h 0x0000001c mov dword ptr [ebp+122D2F14h], edi 0x00000022 call 00007FC8BCD07019h 0x00000027 push eax 0x00000028 push edx 0x00000029 jp 00007FC8BCD0701Ch 0x0000002f jg 00007FC8BCD07016h 0x00000035 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB772 second address: 9BB778 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB778 second address: 9BB77C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB77C second address: 9BB7A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a jmp 00007FC8BCFEEF17h 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB7A1 second address: 9BB7A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB7A5 second address: 9BB7B6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b push eax 0x0000000c push edx 0x0000000d push ecx 0x0000000e pushad 0x0000000f popad 0x00000010 pop ecx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB7B6 second address: 9BB7F8 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FC8BCD0702Bh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov eax, dword ptr [eax] 0x0000000c push eax 0x0000000d push edx 0x0000000e jnc 00007FC8BCD0702Fh 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB7F8 second address: 9BB81E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF0Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp+04h], eax 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 jmp 00007FC8BCFEEF0Eh 0x00000015 pushad 0x00000016 popad 0x00000017 popad 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB81E second address: 9BB823 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB8C6 second address: 9BB920 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FC8BCFEEF06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ebx 0x0000000b push ebx 0x0000000c pop ebx 0x0000000d pop ebx 0x0000000e popad 0x0000000f mov dword ptr [esp], eax 0x00000012 push 00000000h 0x00000014 push ebp 0x00000015 call 00007FC8BCFEEF08h 0x0000001a pop ebp 0x0000001b mov dword ptr [esp+04h], ebp 0x0000001f add dword ptr [esp+04h], 0000001Dh 0x00000027 inc ebp 0x00000028 push ebp 0x00000029 ret 0x0000002a pop ebp 0x0000002b ret 0x0000002c push 00000000h 0x0000002e push esi 0x0000002f jmp 00007FC8BCFEEF14h 0x00000034 pop ecx 0x00000035 push 3CF2C074h 0x0000003a push eax 0x0000003b push edx 0x0000003c push eax 0x0000003d push edx 0x0000003e pushad 0x0000003f popad 0x00000040 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB920 second address: 9BB924 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB924 second address: 9BB92A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9BB92A second address: 9BB992 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FC8BCD07020h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a xor dword ptr [esp], 3CF2C0F4h 0x00000011 stc 0x00000012 push 00000003h 0x00000014 call 00007FC8BCD0701Dh 0x00000019 movzx esi, si 0x0000001c pop edi 0x0000001d jmp 00007FC8BCD0701Dh 0x00000022 push 00000000h 0x00000024 mov dl, 1Bh 0x00000026 push 00000003h 0x00000028 mov dx, 81F6h 0x0000002c push 8B140617h 0x00000031 push eax 0x00000032 push edx 0x00000033 push esi 0x00000034 jmp 00007FC8BCD07029h 0x00000039 pop esi 0x0000003a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9CD9F2 second address: 9CD9FB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9CD9FB second address: 9CDA01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9DB796 second address: 9DB79A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9DB79A second address: 9DB7AA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD0701Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9DB7AA second address: 9DB7B6 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FC8BCFEEF0Eh 0x00000008 push edi 0x00000009 pop edi 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9DB948 second address: 9DB94E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9DB94E second address: 9DB953 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9DBEA3 second address: 9DBEA9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9DBFC7 second address: 9DBFCB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9DC430 second address: 9DC467 instructions: 0x00000000 rdtsc 0x00000002 jo 00007FC8BCD07016h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop eax 0x0000000b pushad 0x0000000c jmp 00007FC8BCD07023h 0x00000011 pushad 0x00000012 jnc 00007FC8BCD07016h 0x00000018 pushad 0x00000019 popad 0x0000001a jp 00007FC8BCD07016h 0x00000020 popad 0x00000021 push eax 0x00000022 push edx 0x00000023 jg 00007FC8BCD07016h 0x00000029 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9D19AB second address: 9D19B1 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9D19B1 second address: 9D19BA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9D19BA second address: 9D19C2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9D19C2 second address: 9D19C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9D19C8 second address: 9D19E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FC8BCFEEF15h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9AEEB2 second address: 9AEEEA instructions: 0x00000000 rdtsc 0x00000002 jp 00007FC8BCD0701Eh 0x00000008 jne 00007FC8BCD0701Ch 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jns 00007FC8BCD07018h 0x00000018 pushad 0x00000019 popad 0x0000001a jmp 00007FC8BCD07020h 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9DD0E3 second address: 9DD0E7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9DD0E7 second address: 9DD128 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007FC8BCD0701Ah 0x0000000c jmp 00007FC8BCD07026h 0x00000011 jmp 00007FC8BCD07029h 0x00000016 popad 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9DD3AA second address: 9DD3AE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9DD3AE second address: 9DD3DA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ebx 0x00000007 push eax 0x00000008 pop eax 0x00000009 push eax 0x0000000a pop eax 0x0000000b pop ebx 0x0000000c je 00007FC8BCD07018h 0x00000012 jmp 00007FC8BCD07022h 0x00000017 popad 0x00000018 pushad 0x00000019 push eax 0x0000001a push edx 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9DD3DA second address: 9DD3DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9DD3DE second address: 9DD3FF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD07023h 0x00000007 jc 00007FC8BCD07016h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push edx 0x00000012 pop edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9DFBBA second address: 9DFBEC instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 push eax 0x00000008 push edx 0x00000009 jbe 00007FC8BCFEEF08h 0x0000000f push ebx 0x00000010 pop ebx 0x00000011 pop edx 0x00000012 mov eax, dword ptr [esp+04h] 0x00000016 jg 00007FC8BCFEEF12h 0x0000001c mov eax, dword ptr [eax] 0x0000001e push eax 0x0000001f push edx 0x00000020 pushad 0x00000021 pushad 0x00000022 popad 0x00000023 pushad 0x00000024 popad 0x00000025 popad 0x00000026 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9DFD60 second address: 9DFD6A instructions: 0x00000000 rdtsc 0x00000002 jo 00007FC8BCD0701Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9E35E2 second address: 9E35E8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9E8647 second address: 9E8652 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pop esi 0x00000006 push ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9E87C4 second address: 9E87CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9E8D6C second address: 9E8D8E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007FC8BCD07016h 0x0000000a jmp 00007FC8BCD07028h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9E8D8E second address: 9E8DA5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC8BCFEEF11h 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9E9091 second address: 9E9097 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EB286 second address: 9EB297 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 jnp 00007FC8BCFEEF0Eh 0x0000000e push esi 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EB30E second address: 9EB318 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FC8BCD07016h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EB318 second address: 9EB362 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FC8BCFEEF08h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d jmp 00007FC8BCFEEF14h 0x00000012 mov eax, dword ptr [esp+04h] 0x00000016 push ecx 0x00000017 jmp 00007FC8BCFEEF18h 0x0000001c pop ecx 0x0000001d mov eax, dword ptr [eax] 0x0000001f pushad 0x00000020 push eax 0x00000021 push edx 0x00000022 jne 00007FC8BCFEEF06h 0x00000028 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EB362 second address: 9EB379 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD0701Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push eax 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EB379 second address: 9EB38F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 mov dword ptr [esp+04h], eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d jl 00007FC8BCFEEF06h 0x00000013 pushad 0x00000014 popad 0x00000015 popad 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EB38F second address: 9EB395 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EB5DD second address: 9EB5E1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EB6B4 second address: 9EB6BE instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FC8BCD07016h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EB789 second address: 9EB78D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EC0C7 second address: 9EC0CB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EC0CB second address: 9EC0D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 je 00007FC8BCFEEF0Ch 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EC3ED second address: 9EC3F1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EC3F1 second address: 9EC3F7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9ECAB4 second address: 9ECAB8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9ECAB8 second address: 9ECABE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9ED46A second address: 9ED46E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9ED46E second address: 9ED48B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF11h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jc 00007FC8BCFEEF06h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9ED48B second address: 9ED4FA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD07022h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a mov dword ptr [esp], eax 0x0000000d jns 00007FC8BCD07034h 0x00000013 add di, 6A4Ah 0x00000018 push 00000000h 0x0000001a mov edi, 4331D629h 0x0000001f movsx esi, cx 0x00000022 push 00000000h 0x00000024 mov edi, eax 0x00000026 xchg eax, ebx 0x00000027 jnc 00007FC8BCD07023h 0x0000002d push eax 0x0000002e pushad 0x0000002f push esi 0x00000030 pushad 0x00000031 popad 0x00000032 pop esi 0x00000033 push eax 0x00000034 push edx 0x00000035 push eax 0x00000036 push edx 0x00000037 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9ED4FA second address: 9ED4FE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EF5FE second address: 9EF602 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F08A4 second address: 9F08B9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC8BCFEEF10h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F13CC second address: 9F13E7 instructions: 0x00000000 rdtsc 0x00000002 jg 00007FC8BCD07016h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007FC8BCD0701Bh 0x0000000f popad 0x00000010 push eax 0x00000011 pushad 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F13E7 second address: 9F13ED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F2946 second address: 9F2950 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FC8BCD07016h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F2950 second address: 9F2956 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F3423 second address: 9F34B3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD0701Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007FC8BCD07020h 0x0000000e popad 0x0000000f push eax 0x00000010 jl 00007FC8BCD0701Ah 0x00000016 push edx 0x00000017 pushad 0x00000018 popad 0x00000019 pop edx 0x0000001a nop 0x0000001b push 00000000h 0x0000001d push ebx 0x0000001e call 00007FC8BCD07018h 0x00000023 pop ebx 0x00000024 mov dword ptr [esp+04h], ebx 0x00000028 add dword ptr [esp+04h], 00000014h 0x00000030 inc ebx 0x00000031 push ebx 0x00000032 ret 0x00000033 pop ebx 0x00000034 ret 0x00000035 xor dword ptr [ebp+122D2472h], ebx 0x0000003b mov dword ptr [ebp+122D2D4Ah], edx 0x00000041 push 00000000h 0x00000043 sbb edi, 221D04EBh 0x00000049 push 00000000h 0x0000004b push 00000000h 0x0000004d push ebx 0x0000004e call 00007FC8BCD07018h 0x00000053 pop ebx 0x00000054 mov dword ptr [esp+04h], ebx 0x00000058 add dword ptr [esp+04h], 00000019h 0x00000060 inc ebx 0x00000061 push ebx 0x00000062 ret 0x00000063 pop ebx 0x00000064 ret 0x00000065 mov dword ptr [ebp+1247FA99h], ecx 0x0000006b xchg eax, ebx 0x0000006c push eax 0x0000006d push edx 0x0000006e push ebx 0x0000006f pushad 0x00000070 popad 0x00000071 pop ebx 0x00000072 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F34B3 second address: 9F34CF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC8BCFEEF18h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F4FEA second address: 9F4FF0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F3D6C second address: 9F3D7B instructions: 0x00000000 rdtsc 0x00000002 jne 00007FC8BCFEEF06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c pop eax 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F4FF0 second address: 9F5015 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD07029h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c push ebx 0x0000000d pop ebx 0x0000000e pushad 0x0000000f popad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9AB926 second address: 9AB92C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9AB92C second address: 9AB931 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9AB931 second address: 9AB938 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F7D97 second address: 9F7D9D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F7D9D second address: 9F7DA7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jns 00007FC8BCFEEF06h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F7DA7 second address: 9F7DB4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a push ebx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F82FF second address: 9F8362 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 mov dword ptr [esp], eax 0x00000008 push 00000000h 0x0000000a push edi 0x0000000b call 00007FC8BCFEEF08h 0x00000010 pop edi 0x00000011 mov dword ptr [esp+04h], edi 0x00000015 add dword ptr [esp+04h], 00000018h 0x0000001d inc edi 0x0000001e push edi 0x0000001f ret 0x00000020 pop edi 0x00000021 ret 0x00000022 push 00000000h 0x00000024 sub bx, F700h 0x00000029 push 00000000h 0x0000002b jl 00007FC8BCFEEF0Eh 0x00000031 pushad 0x00000032 jl 00007FC8BCFEEF0Ch 0x00000038 jnp 00007FC8BCFEEF0Bh 0x0000003e sbb ax, 36D2h 0x00000043 popad 0x00000044 push eax 0x00000045 jo 00007FC8BCFEEF1Dh 0x0000004b push eax 0x0000004c push edx 0x0000004d push eax 0x0000004e push edx 0x0000004f rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F8362 second address: 9F8366 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F84B0 second address: 9F84C7 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FC8BCFEEF08h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f ja 00007FC8BCFEEF08h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F94F0 second address: 9F94F5 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9FA29B second address: 9FA2F8 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 mov dword ptr [esp], eax 0x0000000a adc ebx, 782A5C1Ah 0x00000010 push 00000000h 0x00000012 call 00007FC8BCFEEF0Ah 0x00000017 cmc 0x00000018 pop edi 0x00000019 push 00000000h 0x0000001b push 00000000h 0x0000001d push edx 0x0000001e call 00007FC8BCFEEF08h 0x00000023 pop edx 0x00000024 mov dword ptr [esp+04h], edx 0x00000028 add dword ptr [esp+04h], 0000001Dh 0x00000030 inc edx 0x00000031 push edx 0x00000032 ret 0x00000033 pop edx 0x00000034 ret 0x00000035 movsx ebx, bx 0x00000038 push eax 0x00000039 push eax 0x0000003a push edx 0x0000003b jl 00007FC8BCFEEF12h 0x00000041 jmp 00007FC8BCFEEF0Ch 0x00000046 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F94F5 second address: 9F9573 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov dword ptr [esp], eax 0x0000000a jmp 00007FC8BCD07024h 0x0000000f push dword ptr fs:[00000000h] 0x00000016 mov bx, 27AFh 0x0000001a mov dword ptr fs:[00000000h], esp 0x00000021 mov edi, dword ptr [ebp+122D2427h] 0x00000027 mov eax, dword ptr [ebp+122D09DDh] 0x0000002d push 00000000h 0x0000002f push ebp 0x00000030 call 00007FC8BCD07018h 0x00000035 pop ebp 0x00000036 mov dword ptr [esp+04h], ebp 0x0000003a add dword ptr [esp+04h], 0000001Dh 0x00000042 inc ebp 0x00000043 push ebp 0x00000044 ret 0x00000045 pop ebp 0x00000046 ret 0x00000047 mov dword ptr [ebp+122D1EDBh], eax 0x0000004d push FFFFFFFFh 0x0000004f mov dword ptr [ebp+122D2EBFh], ebx 0x00000055 nop 0x00000056 push eax 0x00000057 push edx 0x00000058 jnl 00007FC8BCD0701Ch 0x0000005e rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F858A second address: 9F8597 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 je 00007FC8BCFEEF0Ch 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9F8597 second address: 9F85BC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 jnl 00007FC8BCD07034h 0x0000000c pushad 0x0000000d jmp 00007FC8BCD07026h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9FC1CD second address: 9FC1EF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jns 00007FC8BCFEEF08h 0x0000000c popad 0x0000000d push eax 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FC8BCFEEF0Fh 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9FC1EF second address: 9FC23F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD0701Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push esi 0x0000000a push edx 0x0000000b pop edx 0x0000000c pop esi 0x0000000d popad 0x0000000e nop 0x0000000f push 00000000h 0x00000011 push ecx 0x00000012 call 00007FC8BCD07018h 0x00000017 pop ecx 0x00000018 mov dword ptr [esp+04h], ecx 0x0000001c add dword ptr [esp+04h], 0000001Ch 0x00000024 inc ecx 0x00000025 push ecx 0x00000026 ret 0x00000027 pop ecx 0x00000028 ret 0x00000029 mov dword ptr [ebp+122D2EBFh], ebx 0x0000002f push 00000000h 0x00000031 push eax 0x00000032 mov edi, ecx 0x00000034 pop ebx 0x00000035 push 00000000h 0x00000037 xchg eax, esi 0x00000038 jnp 00007FC8BCD07035h 0x0000003e pushad 0x0000003f push eax 0x00000040 push edx 0x00000041 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9FC23F second address: 9FC265 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC8BCFEEF17h 0x00000009 popad 0x0000000a push eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e jng 00007FC8BCFEEF06h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9FC265 second address: 9FC26F instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9B248D second address: 9B2493 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9B2493 second address: 9B2497 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9FC3B7 second address: 9FC3BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9FC49D second address: 9FC4AF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push edx 0x0000000b jg 00007FC8BCD07016h 0x00000011 pop edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9FF862 second address: 9FF870 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF0Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9FF870 second address: 9FF87A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jc 00007FC8BCD07016h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9FEA2B second address: 9FEA2F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9FF87A second address: 9FF926 instructions: 0x00000000 rdtsc 0x00000002 je 00007FC8BCD07016h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d mov dword ptr [ebp+122D2ECFh], edx 0x00000013 push ebx 0x00000014 sub ebx, dword ptr [ebp+1247E6D7h] 0x0000001a pop edi 0x0000001b push 00000000h 0x0000001d push 00000000h 0x0000001f push ebp 0x00000020 call 00007FC8BCD07018h 0x00000025 pop ebp 0x00000026 mov dword ptr [esp+04h], ebp 0x0000002a add dword ptr [esp+04h], 00000014h 0x00000032 inc ebp 0x00000033 push ebp 0x00000034 ret 0x00000035 pop ebp 0x00000036 ret 0x00000037 mov di, 53E0h 0x0000003b jmp 00007FC8BCD07023h 0x00000040 push 00000000h 0x00000042 push 00000000h 0x00000044 push edx 0x00000045 call 00007FC8BCD07018h 0x0000004a pop edx 0x0000004b mov dword ptr [esp+04h], edx 0x0000004f add dword ptr [esp+04h], 0000001Ah 0x00000057 inc edx 0x00000058 push edx 0x00000059 ret 0x0000005a pop edx 0x0000005b ret 0x0000005c jnp 00007FC8BCD07019h 0x00000062 xchg eax, esi 0x00000063 push eax 0x00000064 push edx 0x00000065 pushad 0x00000066 jmp 00007FC8BCD07026h 0x0000006b jmp 00007FC8BCD07024h 0x00000070 popad 0x00000071 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9FEA2F second address: 9FEACA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FC8BCFEEF0Fh 0x0000000b popad 0x0000000c mov dword ptr [esp], eax 0x0000000f push 00000000h 0x00000011 push esi 0x00000012 call 00007FC8BCFEEF08h 0x00000017 pop esi 0x00000018 mov dword ptr [esp+04h], esi 0x0000001c add dword ptr [esp+04h], 00000018h 0x00000024 inc esi 0x00000025 push esi 0x00000026 ret 0x00000027 pop esi 0x00000028 ret 0x00000029 push dword ptr fs:[00000000h] 0x00000030 sub dword ptr [ebp+1246A7C5h], eax 0x00000036 mov dword ptr fs:[00000000h], esp 0x0000003d mov eax, dword ptr [ebp+122D09EDh] 0x00000043 jne 00007FC8BCFEEF09h 0x00000049 mov dword ptr [ebp+124675D2h], edx 0x0000004f push FFFFFFFFh 0x00000051 push 00000000h 0x00000053 push esi 0x00000054 call 00007FC8BCFEEF08h 0x00000059 pop esi 0x0000005a mov dword ptr [esp+04h], esi 0x0000005e add dword ptr [esp+04h], 00000017h 0x00000066 inc esi 0x00000067 push esi 0x00000068 ret 0x00000069 pop esi 0x0000006a ret 0x0000006b jmp 00007FC8BCFEEF0Dh 0x00000070 nop 0x00000071 push eax 0x00000072 push edx 0x00000073 jbe 00007FC8BCFEEF0Ch 0x00000079 push eax 0x0000007a push edx 0x0000007b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9FF926 second address: 9FF930 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jo 00007FC8BCD07016h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9FEACA second address: 9FEACE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9FF930 second address: 9FF934 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9FEACE second address: 9FEAD8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jno 00007FC8BCFEEF06h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A00929 second address: A00936 instructions: 0x00000000 rdtsc 0x00000002 jns 00007FC8BCD07016h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A00A8C second address: A00A99 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 pop edi 0x00000008 push eax 0x00000009 push ebx 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A0299E second address: A029F9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jnc 00007FC8BCD07016h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f jng 00007FC8BCD07022h 0x00000015 nop 0x00000016 xor di, 9326h 0x0000001b push 00000000h 0x0000001d mov dword ptr [ebp+12478414h], ebx 0x00000023 push 00000000h 0x00000025 push 00000000h 0x00000027 push ebx 0x00000028 call 00007FC8BCD07018h 0x0000002d pop ebx 0x0000002e mov dword ptr [esp+04h], ebx 0x00000032 add dword ptr [esp+04h], 00000019h 0x0000003a inc ebx 0x0000003b push ebx 0x0000003c ret 0x0000003d pop ebx 0x0000003e ret 0x0000003f mov edi, ebx 0x00000041 xchg eax, esi 0x00000042 push eax 0x00000043 push edx 0x00000044 push eax 0x00000045 push edx 0x00000046 pushad 0x00000047 popad 0x00000048 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A029F9 second address: A02A03 instructions: 0x00000000 rdtsc 0x00000002 je 00007FC8BCFEEF06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A02A03 second address: A02A0A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A02BAF second address: A02BB4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A01ADC second address: A01AE6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jng 00007FC8BCD07016h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A02BB4 second address: A02BBB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A05AE0 second address: A05AF2 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FC8BCD07016h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop ecx 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A01AE6 second address: A01B71 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], eax 0x0000000b push 00000000h 0x0000000d push esi 0x0000000e call 00007FC8BCFEEF08h 0x00000013 pop esi 0x00000014 mov dword ptr [esp+04h], esi 0x00000018 add dword ptr [esp+04h], 00000015h 0x00000020 inc esi 0x00000021 push esi 0x00000022 ret 0x00000023 pop esi 0x00000024 ret 0x00000025 call 00007FC8BCFEEF10h 0x0000002a push ecx 0x0000002b sub dword ptr [ebp+122D1E95h], ecx 0x00000031 pop ebx 0x00000032 pop edi 0x00000033 push dword ptr fs:[00000000h] 0x0000003a jbe 00007FC8BCFEEF0Bh 0x00000040 add di, E3BBh 0x00000045 mov dword ptr [ebp+122D2F23h], ebx 0x0000004b mov dword ptr fs:[00000000h], esp 0x00000052 cld 0x00000053 mov ebx, dword ptr [ebp+122D314Dh] 0x00000059 mov eax, dword ptr [ebp+122D0081h] 0x0000005f mov ebx, 09725B62h 0x00000064 push FFFFFFFFh 0x00000066 jo 00007FC8BCFEEF12h 0x0000006c jns 00007FC8BCFEEF0Ch 0x00000072 sub edi, 0EFAF955h 0x00000078 nop 0x00000079 push edi 0x0000007a pushad 0x0000007b push eax 0x0000007c push edx 0x0000007d rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A05AF2 second address: A05AF8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A05AF8 second address: A05B99 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jp 00007FC8BCFEEF06h 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d push 00000000h 0x0000000f push esi 0x00000010 call 00007FC8BCFEEF08h 0x00000015 pop esi 0x00000016 mov dword ptr [esp+04h], esi 0x0000001a add dword ptr [esp+04h], 0000001Dh 0x00000022 inc esi 0x00000023 push esi 0x00000024 ret 0x00000025 pop esi 0x00000026 ret 0x00000027 movzx edi, cx 0x0000002a or dword ptr [ebp+122D3810h], edx 0x00000030 push 00000000h 0x00000032 movzx ebx, ax 0x00000035 push 00000000h 0x00000037 push 00000000h 0x00000039 push ebx 0x0000003a call 00007FC8BCFEEF08h 0x0000003f pop ebx 0x00000040 mov dword ptr [esp+04h], ebx 0x00000044 add dword ptr [esp+04h], 00000019h 0x0000004c inc ebx 0x0000004d push ebx 0x0000004e ret 0x0000004f pop ebx 0x00000050 ret 0x00000051 mov ebx, 5C2E6F27h 0x00000056 xchg eax, esi 0x00000057 push ebx 0x00000058 jmp 00007FC8BCFEEF13h 0x0000005d pop ebx 0x0000005e push eax 0x0000005f pushad 0x00000060 jmp 00007FC8BCFEEF19h 0x00000065 jbe 00007FC8BCFEEF0Ch 0x0000006b push eax 0x0000006c push edx 0x0000006d rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A04C21 second address: A04C33 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD0701Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push edi 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A06A6C second address: A06ACE instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 nop 0x00000008 push 00000000h 0x0000000a push ebp 0x0000000b call 00007FC8BCFEEF08h 0x00000010 pop ebp 0x00000011 mov dword ptr [esp+04h], ebp 0x00000015 add dword ptr [esp+04h], 00000015h 0x0000001d inc ebp 0x0000001e push ebp 0x0000001f ret 0x00000020 pop ebp 0x00000021 ret 0x00000022 push 00000000h 0x00000024 mov di, dx 0x00000027 push 00000000h 0x00000029 push 00000000h 0x0000002b push ebx 0x0000002c call 00007FC8BCFEEF08h 0x00000031 pop ebx 0x00000032 mov dword ptr [esp+04h], ebx 0x00000036 add dword ptr [esp+04h], 00000014h 0x0000003e inc ebx 0x0000003f push ebx 0x00000040 ret 0x00000041 pop ebx 0x00000042 ret 0x00000043 mov dword ptr [ebp+122D1ED5h], ebx 0x00000049 xchg eax, esi 0x0000004a jmp 00007FC8BCFEEF0Dh 0x0000004f push eax 0x00000050 pushad 0x00000051 push eax 0x00000052 push edx 0x00000053 push edi 0x00000054 pop edi 0x00000055 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A07B8B second address: A07B9D instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jno 00007FC8BCD07018h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A07C91 second address: A07C95 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A07C95 second address: A07C99 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A08AFD second address: A08B01 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A0AB1F second address: A0AB39 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FC8BCD07023h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A0E609 second address: A0E60D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A0E60D second address: A0E613 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A0E613 second address: A0E619 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A12B8F second address: A12B99 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007FC8BCD07016h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A1247E second address: A1248E instructions: 0x00000000 rdtsc 0x00000002 jns 00007FC8BCFEEF06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push ecx 0x0000000d pop ecx 0x0000000e push esi 0x0000000f pop esi 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A1248E second address: A12492 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A125D2 second address: A125DC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A125DC second address: A125EC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC8BCD0701Ch 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A17984 second address: A179E3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 push eax 0x00000006 pop eax 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c jne 00007FC8BCFEEF18h 0x00000012 jns 00007FC8BCFEEF10h 0x00000018 popad 0x00000019 mov eax, dword ptr [esp+04h] 0x0000001d jc 00007FC8BCFEEF0Eh 0x00000023 jg 00007FC8BCFEEF08h 0x00000029 mov eax, dword ptr [eax] 0x0000002b push edx 0x0000002c jnc 00007FC8BCFEEF0Ch 0x00000032 pop edx 0x00000033 mov dword ptr [esp+04h], eax 0x00000037 push ecx 0x00000038 push eax 0x00000039 push eax 0x0000003a push edx 0x0000003b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A1D780 second address: A1D786 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A1D786 second address: A1D7BE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF15h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jbe 00007FC8BCFEEF1Ah 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A1D7BE second address: A1D7C2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A1D7C2 second address: A1D7E8 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FC8BCFEEF18h 0x0000000d jng 00007FC8BCFEEF06h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A1DBC8 second address: A1DBCC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A1DBCC second address: A1DBE9 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a jmp 00007FC8BCFEEF13h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A1E05A second address: A1E08B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007FC8BCD07016h 0x0000000a js 00007FC8BCD07023h 0x00000010 jmp 00007FC8BCD0701Dh 0x00000015 popad 0x00000016 pushad 0x00000017 jmp 00007FC8BCD0701Ch 0x0000001c push eax 0x0000001d push edx 0x0000001e pushad 0x0000001f popad 0x00000020 push ebx 0x00000021 pop ebx 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A218FE second address: A21927 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 js 00007FC8BCFEEF3Bh 0x0000000d pushad 0x0000000e jmp 00007FC8BCFEEF19h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A2729A second address: A2729E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A25E27 second address: A25E34 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop esi 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A25E34 second address: A25E38 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A25E38 second address: A25E61 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF0Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jp 00007FC8BCFEEF19h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A25E61 second address: A25E66 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A265F9 second address: A2661A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pushad 0x00000006 jmp 00007FC8BCFEEF19h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A2661A second address: A26636 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC8BCD07027h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A267BD second address: A267D1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC8BCFEEF0Eh 0x00000009 push ecx 0x0000000a pop ecx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A267D1 second address: A267D5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A2A456 second address: A2A45B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A2D3D6 second address: A2D3DA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 99E35F second address: 99E36B instructions: 0x00000000 rdtsc 0x00000002 jp 00007FC8BCFEEF06h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A32BBD second address: A32BC5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A31B48 second address: A31B75 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF0Bh 0x00000007 jns 00007FC8BCFEEF0Eh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push ebx 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FC8BCFEEF0Bh 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A31B75 second address: A31B79 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A31B79 second address: A31B7D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A32295 second address: A322A4 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FC8BCD0701Ah 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A322A4 second address: A322AA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A323E1 second address: A323F9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FC8BCD0701Dh 0x00000008 jg 00007FC8BCD07016h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A323F9 second address: A32405 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A32405 second address: A3240B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A3240B second address: A32410 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A32556 second address: A32570 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC8BCD07025h 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A32570 second address: A32575 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A32575 second address: A325BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007FC8BCD07016h 0x0000000a pop ebx 0x0000000b jo 00007FC8BCD07022h 0x00000011 jc 00007FC8BCD07016h 0x00000017 jc 00007FC8BCD07016h 0x0000001d pop edx 0x0000001e pop eax 0x0000001f push eax 0x00000020 push edx 0x00000021 jnc 00007FC8BCD07039h 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A325BF second address: A325C9 instructions: 0x00000000 rdtsc 0x00000002 jo 00007FC8BCFEEF0Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A35FCF second address: A35FFF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC8BCD07028h 0x00000009 push eax 0x0000000a pop eax 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 jmp 00007FC8BCD0701Dh 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9E9ACB second address: 9D19AB instructions: 0x00000000 rdtsc 0x00000002 jc 00007FC8BCFEEF0Ch 0x00000008 jnp 00007FC8BCFEEF06h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 nop 0x00000011 mov dword ptr [ebp+122D3877h], edx 0x00000017 mov dl, 1Ah 0x00000019 lea eax, dword ptr [ebp+124857EDh] 0x0000001f mov dword ptr [ebp+122D2600h], eax 0x00000025 push eax 0x00000026 jmp 00007FC8BCFEEF11h 0x0000002b mov dword ptr [esp], eax 0x0000002e mov edx, esi 0x00000030 call dword ptr [ebp+12455F97h] 0x00000036 pushad 0x00000037 push eax 0x00000038 push edx 0x00000039 push ecx 0x0000003a pop ecx 0x0000003b push eax 0x0000003c pop eax 0x0000003d rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9E9BE1 second address: 9E9BE7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9E9FCB second address: 837D6A instructions: 0x00000000 rdtsc 0x00000002 jno 00007FC8BCFEEF15h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b push dword ptr [ebp+122D098Dh] 0x00000011 mov ecx, dword ptr [ebp+122D3A22h] 0x00000017 call dword ptr [ebp+122D2CC2h] 0x0000001d pushad 0x0000001e jne 00007FC8BCFEEF2Bh 0x00000024 xor eax, eax 0x00000026 pushad 0x00000027 mov eax, dword ptr [ebp+122D3A82h] 0x0000002d jg 00007FC8BCFEEF0Bh 0x00000033 sub dx, 13D1h 0x00000038 popad 0x00000039 mov edx, dword ptr [esp+28h] 0x0000003d pushad 0x0000003e mov ax, si 0x00000041 movzx esi, cx 0x00000044 popad 0x00000045 jmp 00007FC8BCFEEF12h 0x0000004a mov dword ptr [ebp+122D3BE2h], eax 0x00000050 cmc 0x00000051 pushad 0x00000052 mov esi, ecx 0x00000054 mov dword ptr [ebp+122D3070h], eax 0x0000005a popad 0x0000005b mov esi, 0000003Ch 0x00000060 jg 00007FC8BCFEEF0Dh 0x00000066 add esi, dword ptr [esp+24h] 0x0000006a sub dword ptr [ebp+122D20B9h], ebx 0x00000070 lodsw 0x00000072 sub dword ptr [ebp+122D2034h], ebx 0x00000078 add eax, dword ptr [esp+24h] 0x0000007c jmp 00007FC8BCFEEF14h 0x00000081 mov ebx, dword ptr [esp+24h] 0x00000085 sub dword ptr [ebp+122D1C62h], esi 0x0000008b push eax 0x0000008c jnp 00007FC8BCFEEF14h 0x00000092 push eax 0x00000093 push edx 0x00000094 pushad 0x00000095 popad 0x00000096 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EA05A second address: 9EA05E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EA05E second address: 9EA0A7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF12h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c jnp 00007FC8BCFEEF06h 0x00000012 popad 0x00000013 popad 0x00000014 push eax 0x00000015 pushad 0x00000016 jno 00007FC8BCFEEF1Eh 0x0000001c push eax 0x0000001d push edx 0x0000001e jnl 00007FC8BCFEEF06h 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EA173 second address: 9EA177 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EA278 second address: 9EA27D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EA343 second address: 9EA371 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 popad 0x00000007 pop edi 0x00000008 mov dword ptr [esp], esi 0x0000000b ja 00007FC8BCD07022h 0x00000011 add dword ptr [ebp+124675D2h], edi 0x00000017 nop 0x00000018 push ebx 0x00000019 pushad 0x0000001a jng 00007FC8BCD07016h 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EA371 second address: 9EA382 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 je 00007FC8BCFEEF08h 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EA382 second address: 9EA388 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EA49E second address: 9EA4A2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EA4A2 second address: 9EA4AE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov eax, dword ptr [eax] 0x00000008 push esi 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EA587 second address: 9EA591 instructions: 0x00000000 rdtsc 0x00000002 je 00007FC8BCFEEF0Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EAA34 second address: 9EAA38 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EAA38 second address: 9EAA48 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF0Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EAA48 second address: 9EAA53 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jl 00007FC8BCD07016h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EAA53 second address: 9EAAAE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov dword ptr [esp], eax 0x0000000a mov cx, ax 0x0000000d jng 00007FC8BCFEEF0Ch 0x00000013 push 0000001Eh 0x00000015 push 00000000h 0x00000017 push esi 0x00000018 call 00007FC8BCFEEF08h 0x0000001d pop esi 0x0000001e mov dword ptr [esp+04h], esi 0x00000022 add dword ptr [esp+04h], 0000001Dh 0x0000002a inc esi 0x0000002b push esi 0x0000002c ret 0x0000002d pop esi 0x0000002e ret 0x0000002f sub dword ptr [ebp+122D230Eh], ecx 0x00000035 nop 0x00000036 jnp 00007FC8BCFEEF0Eh 0x0000003c push eax 0x0000003d pushad 0x0000003e push eax 0x0000003f push edx 0x00000040 pushad 0x00000041 popad 0x00000042 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EAE83 second address: 9EAF13 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 nop 0x00000005 push 00000000h 0x00000007 push ebx 0x00000008 call 00007FC8BCD07018h 0x0000000d pop ebx 0x0000000e mov dword ptr [esp+04h], ebx 0x00000012 add dword ptr [esp+04h], 00000019h 0x0000001a inc ebx 0x0000001b push ebx 0x0000001c ret 0x0000001d pop ebx 0x0000001e ret 0x0000001f call 00007FC8BCD0701Dh 0x00000024 push eax 0x00000025 or dword ptr [ebp+122D20ADh], esi 0x0000002b pop edx 0x0000002c pop edx 0x0000002d pushad 0x0000002e mov eax, 356DE1EDh 0x00000033 pushad 0x00000034 xor dword ptr [ebp+122D3840h], ebx 0x0000003a popad 0x0000003b popad 0x0000003c clc 0x0000003d lea eax, dword ptr [ebp+12485831h] 0x00000043 push 00000000h 0x00000045 push ecx 0x00000046 call 00007FC8BCD07018h 0x0000004b pop ecx 0x0000004c mov dword ptr [esp+04h], ecx 0x00000050 add dword ptr [esp+04h], 0000001Ch 0x00000058 inc ecx 0x00000059 push ecx 0x0000005a ret 0x0000005b pop ecx 0x0000005c ret 0x0000005d clc 0x0000005e mov dword ptr [ebp+122D2D03h], ecx 0x00000064 nop 0x00000065 push eax 0x00000066 push edx 0x00000067 push eax 0x00000068 push edx 0x00000069 jmp 00007FC8BCD0701Eh 0x0000006e rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EAF13 second address: 9EAF19 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EAF19 second address: 9EAF2C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC8BCD0701Fh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EAF2C second address: 9EAF8A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a jbe 00007FC8BCFEEF1Ch 0x00000010 jmp 00007FC8BCFEEF16h 0x00000015 pop eax 0x00000016 nop 0x00000017 mov ecx, esi 0x00000019 lea eax, dword ptr [ebp+124857EDh] 0x0000001f push 00000000h 0x00000021 push edi 0x00000022 call 00007FC8BCFEEF08h 0x00000027 pop edi 0x00000028 mov dword ptr [esp+04h], edi 0x0000002c add dword ptr [esp+04h], 00000019h 0x00000034 inc edi 0x00000035 push edi 0x00000036 ret 0x00000037 pop edi 0x00000038 ret 0x00000039 mov ecx, ebx 0x0000003b nop 0x0000003c push eax 0x0000003d push edx 0x0000003e jne 00007FC8BCFEEF08h 0x00000044 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EAF8A second address: 9EAF94 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FC8BCD0701Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EAF94 second address: 9D258C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 jmp 00007FC8BCFEEF19h 0x0000000c nop 0x0000000d push 00000000h 0x0000000f push esi 0x00000010 call 00007FC8BCFEEF08h 0x00000015 pop esi 0x00000016 mov dword ptr [esp+04h], esi 0x0000001a add dword ptr [esp+04h], 0000001Dh 0x00000022 inc esi 0x00000023 push esi 0x00000024 ret 0x00000025 pop esi 0x00000026 ret 0x00000027 or dword ptr [ebp+122D2B61h], esi 0x0000002d call dword ptr [ebp+1245CFA1h] 0x00000033 pushad 0x00000034 push eax 0x00000035 push edx 0x00000036 jmp 00007FC8BCFEEF19h 0x0000003b pushad 0x0000003c popad 0x0000003d rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A36288 second address: A3629A instructions: 0x00000000 rdtsc 0x00000002 jc 00007FC8BCD07016h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a js 00007FC8BCD07018h 0x00000010 push eax 0x00000011 pop eax 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A3629A second address: A362B9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF12h 0x00000007 push eax 0x00000008 pushad 0x00000009 popad 0x0000000a pop eax 0x0000000b pop edx 0x0000000c pop eax 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A362B9 second address: A362CF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jne 00007FC8BCD07016h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jnc 00007FC8BCD07016h 0x00000014 pushad 0x00000015 popad 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A362CF second address: A362D3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A362D3 second address: A362DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A36A0E second address: A36A17 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 push edx 0x00000006 pop edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A36A17 second address: A36A20 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A36A20 second address: A36A3A instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a je 00007FC8BCFEEF0Ch 0x00000010 jp 00007FC8BCFEEF06h 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A36A3A second address: A36A3E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A36A3E second address: A36A48 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FC8BCFEEF06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A36B8C second address: A36B91 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A36B91 second address: A36BAD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FC8BCFEEF15h 0x00000008 push esi 0x00000009 pop esi 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A36BAD second address: A36BBB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007FC8BCD07016h 0x0000000a popad 0x0000000b push edi 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A36BBB second address: A36BDC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FC8BCFEEF10h 0x0000000e jnc 00007FC8BCFEEF08h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A36D62 second address: A36D8A instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FC8BCD07016h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jp 00007FC8BCD07028h 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A36D8A second address: A36D8E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A36D8E second address: A36D92 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A39EDD second address: A39EEC instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A39EEC second address: A39EF7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A39EF7 second address: A39EFB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A39EFB second address: A39F01 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9A175C second address: 9A1760 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9A1760 second address: 9A1773 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FC8BCD07016h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b je 00007FC8BCD07016h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9A6919 second address: 9A691D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9A691D second address: 9A693D instructions: 0x00000000 rdtsc 0x00000002 jns 00007FC8BCD07018h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jp 00007FC8BCD0702Ah 0x00000010 push eax 0x00000011 push eax 0x00000012 pop eax 0x00000013 pushad 0x00000014 popad 0x00000015 pop eax 0x00000016 push eax 0x00000017 push edx 0x00000018 jnc 00007FC8BCD07016h 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A42F56 second address: A42F66 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pop ecx 0x00000006 ja 00007FC8BCFEEF2Ch 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A430AD second address: A430C6 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 jmp 00007FC8BCD0701Fh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A430C6 second address: A430CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A430CA second address: A430F6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 js 00007FC8BCD07016h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jmp 00007FC8BCD07026h 0x00000011 push eax 0x00000012 push edx 0x00000013 jo 00007FC8BCD07016h 0x00000019 push ebx 0x0000001a pop ebx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A43218 second address: A4321E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A4321E second address: A43230 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 jmp 00007FC8BCD0701Ch 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A4519B second address: A451A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A451A1 second address: A451DA instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jno 00007FC8BCD07018h 0x0000000c jmp 00007FC8BCD07022h 0x00000011 jmp 00007FC8BCD0701Eh 0x00000016 popad 0x00000017 push eax 0x00000018 push edx 0x00000019 push edi 0x0000001a js 00007FC8BCD07016h 0x00000020 pop edi 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A495EA second address: A495F2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A497B3 second address: A497B7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A497B7 second address: A497BE instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push esi 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A49914 second address: A49919 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A49919 second address: A49932 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC8BCFEEF15h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A49932 second address: A49936 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A49936 second address: A4993C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9A9D5B second address: 9A9DA3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD0701Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push ecx 0x0000000a pushad 0x0000000b popad 0x0000000c push ecx 0x0000000d pop ecx 0x0000000e pop ecx 0x0000000f pushad 0x00000010 pushad 0x00000011 pushad 0x00000012 popad 0x00000013 jnc 00007FC8BCD07016h 0x00000019 popad 0x0000001a jmp 00007FC8BCD07021h 0x0000001f pushad 0x00000020 push edx 0x00000021 pop edx 0x00000022 jng 00007FC8BCD07016h 0x00000028 pushad 0x00000029 popad 0x0000002a jnp 00007FC8BCD07016h 0x00000030 popad 0x00000031 push ebx 0x00000032 pushad 0x00000033 popad 0x00000034 push eax 0x00000035 push edx 0x00000036 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A4DF07 second address: A4DF13 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FC8BCFEEF0Eh 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A4DF13 second address: A4DF1D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A4E4CC second address: A4E4D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A55F3C second address: A55F64 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 pushad 0x00000006 popad 0x00000007 pushad 0x00000008 popad 0x00000009 push edx 0x0000000a pop edx 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e push ebx 0x0000000f pop ebx 0x00000010 jmp 00007FC8BCD07028h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A53F3D second address: A53F5C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC8BCFEEF17h 0x00000009 push ecx 0x0000000a pushad 0x0000000b popad 0x0000000c pop ecx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A540C0 second address: A540F4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC8BCD07020h 0x00000009 popad 0x0000000a jmp 00007FC8BCD07029h 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 popad 0x00000013 push edi 0x00000014 pop edi 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A544BD second address: A544C2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A544C2 second address: A544CE instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push edi 0x00000004 pop edi 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A54AD1 second address: A54AED instructions: 0x00000000 rdtsc 0x00000002 jo 00007FC8BCFEEF06h 0x00000008 jmp 00007FC8BCFEEF0Ch 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pop ebx 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A54AED second address: A54AF7 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A54AF7 second address: A54B10 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF0Ch 0x00000007 jp 00007FC8BCFEEF06h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push ecx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A55010 second address: A55016 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A55016 second address: A55032 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC8BCFEEF18h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A55032 second address: A55036 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A5561E second address: A55641 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC8BCFEEF0Dh 0x00000009 jmp 00007FC8BCFEEF0Fh 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A55947 second address: A5594D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A5594D second address: A5595F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC8BCFEEF0Eh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A59E9D second address: A59EC8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD07026h 0x00000007 jmp 00007FC8BCD0701Ch 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pushad 0x0000000f pushad 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A5A024 second address: A5A02A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A5A02A second address: A5A02F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A5A2CD second address: A5A2D1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A5A5C0 second address: A5A5E8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD07021h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007FC8BCD07023h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A5A5E8 second address: A5A612 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF12h 0x00000007 push eax 0x00000008 push edx 0x00000009 push ebx 0x0000000a pop ebx 0x0000000b jmp 00007FC8BCFEEF12h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A5A612 second address: A5A61C instructions: 0x00000000 rdtsc 0x00000002 jno 00007FC8BCD07016h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A67B31 second address: A67B35 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A67B35 second address: A67B41 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A67B41 second address: A67B47 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A67B47 second address: A67B4B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A67B4B second address: A67B57 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FC8BCFEEF06h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A67B57 second address: A67B5C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A67B5C second address: A67B62 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A67B62 second address: A67B6E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007FC8BCD07016h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A65F30 second address: A65F36 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A65F36 second address: A65F3E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push edi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A65F3E second address: A65F44 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A661E1 second address: A661E5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A661E5 second address: A661EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A661EB second address: A66213 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jo 00007FC8BCD07016h 0x00000009 jmp 00007FC8BCD07021h 0x0000000e push ecx 0x0000000f pop ecx 0x00000010 js 00007FC8BCD07016h 0x00000016 popad 0x00000017 pushad 0x00000018 push ecx 0x00000019 pop ecx 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A66351 second address: A6635D instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A6635D second address: A66361 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A66619 second address: A6661D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A6661D second address: A6662C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD0701Bh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A6662C second address: A6664F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a jmp 00007FC8BCFEEF19h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A667A5 second address: A667AA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A667AA second address: A667BE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 push esi 0x00000007 pop esi 0x00000008 popad 0x00000009 pushad 0x0000000a jns 00007FC8BCFEEF06h 0x00000010 push ecx 0x00000011 pop ecx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A66A39 second address: A66A3F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A66A3F second address: A66A45 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A66A45 second address: A66A49 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A672A5 second address: A672C7 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FC8BCFEEF06h 0x00000008 jmp 00007FC8BCFEEF12h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push ebx 0x00000010 push edx 0x00000011 pop edx 0x00000012 push edx 0x00000013 pop edx 0x00000014 pop ebx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A679B8 second address: A679E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 jmp 00007FC8BCD07028h 0x0000000b push ebx 0x0000000c pop ebx 0x0000000d popad 0x0000000e jg 00007FC8BCD07018h 0x00000014 push ebx 0x00000015 pop ebx 0x00000016 push esi 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A679E4 second address: A679EA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A6BA5A second address: A6BA5E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A6BA5E second address: A6BA62 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A6FC37 second address: A6FC3B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A6FC3B second address: A6FC3F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A6F5C6 second address: A6F5D0 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FC8BCD07016h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A6F5D0 second address: A6F5D8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A6F5D8 second address: A6F5DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A6F5DC second address: A6F5F7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF17h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A6F76B second address: A6F78E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jp 00007FC8BCD0702Eh 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A6F78E second address: A6F794 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A6F794 second address: A6F7A8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC8BCD07020h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A6F903 second address: A6F912 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC8BCFEEF0Bh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A6F912 second address: A6F92D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD07025h 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A6F92D second address: A6F932 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A7A1AE second address: A7A1B4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A7EE67 second address: A7EE7C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF11h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A7EE7C second address: A7EEA8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD07025h 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FC8BCD0701Dh 0x0000000e jnl 00007FC8BCD07016h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A7E847 second address: A7E87D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jns 00007FC8BCFEEF12h 0x0000000c popad 0x0000000d pushad 0x0000000e jng 00007FC8BCFEEF12h 0x00000014 jns 00007FC8BCFEEF06h 0x0000001a jl 00007FC8BCFEEF06h 0x00000020 push eax 0x00000021 push edx 0x00000022 ja 00007FC8BCFEEF06h 0x00000028 push eax 0x00000029 push edx 0x0000002a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A7E87D second address: A7E881 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A7E881 second address: A7E88A instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A7E88A second address: A7E89B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007FC8BCD07016h 0x0000000a push esi 0x0000000b pop esi 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A7E89B second address: A7E89F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A7E9CF second address: A7E9DF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jo 00007FC8BCD07016h 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push edi 0x0000000d pop edi 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A91523 second address: A91527 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A91527 second address: A9153F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FC8BCD07022h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9B3E6C second address: 9B3E72 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9B3E72 second address: 9B3E76 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9B3E76 second address: 9B3E81 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A98AA9 second address: A98AD0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD07023h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push eax 0x0000000b pop eax 0x0000000c jmp 00007FC8BCD0701Ch 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A98AD0 second address: A98AE7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF12h 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A98AE7 second address: A98AFE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jg 00007FC8BCD0702Ch 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 pushad 0x00000016 popad 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A98AFE second address: A98B08 instructions: 0x00000000 rdtsc 0x00000002 jp 00007FC8BCFEEF06h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A98F3F second address: A98F4C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007FC8BCD07016h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A98F4C second address: A98F5A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC8BCFEEF0Ah 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A98F5A second address: A98F5E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A98F5E second address: A98F7D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FC8BCFEEF15h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A99123 second address: A99137 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC8BCD07020h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A99137 second address: A9913B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A9913B second address: A99145 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A99145 second address: A9914B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A9914B second address: A9914F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A99CD5 second address: A99CDA instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A9DA6D second address: A9DA71 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A9DA71 second address: A9DAA9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC8BCFEEF19h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jmp 00007FC8BCFEEF19h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: A9D746 second address: A9D750 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FC8BCD07016h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: AA9639 second address: AA963F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: AA963F second address: AA9643 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: AA9643 second address: AA965C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC8BCFEEF0Bh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jc 00007FC8BCFEEF06h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: AA965C second address: AA9680 instructions: 0x00000000 rdtsc 0x00000002 jns 00007FC8BCD07016h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d jmp 00007FC8BCD07025h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: AA9680 second address: AA96A4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 popad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d jmp 00007FC8BCFEEF10h 0x00000012 js 00007FC8BCFEEF06h 0x00000018 popad 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: AADC85 second address: AADCA2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC8BCD07028h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: ABB834 second address: ABB849 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FC8BCFEEF06h 0x0000000a popad 0x0000000b jno 00007FC8BCFEEF0Ah 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: ABB849 second address: ABB862 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jng 00007FC8BCD07016h 0x00000009 jmp 00007FC8BCD0701Eh 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: ACF0B2 second address: ACF0B8 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: ACF0B8 second address: ACF0DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 pushad 0x00000008 pushad 0x00000009 jmp 00007FC8BCD07029h 0x0000000e pushad 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: ACF0DE second address: ACF0EE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 push eax 0x00000009 pop eax 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: ACF50B second address: ACF533 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD07022h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007FC8BCD07022h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: ACF533 second address: ACF559 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FC8BCFEEF0Ah 0x00000008 push esi 0x00000009 pop esi 0x0000000a push esi 0x0000000b pop esi 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FC8BCFEEF16h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: ACF687 second address: ACF68D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: ACF68D second address: ACF693 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: ACFABB second address: ACFABF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: ACFABF second address: ACFAD9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF0Bh 0x00000007 js 00007FC8BCFEEF06h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pushad 0x00000010 push esi 0x00000011 pop esi 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: ACFAD9 second address: ACFAE4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007FC8BCD07016h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: ACFAE4 second address: ACFAEB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: AD2A68 second address: AD2A6E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: AD2A6E second address: AD2A74 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: AD2A74 second address: AD2A78 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: AD2D0D second address: AD2D11 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: AD2DEA second address: AD2DF8 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push edx 0x00000004 pop edx 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: AD2DF8 second address: AD2DFD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: AD3085 second address: AD30AE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD0701Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ecx 0x0000000a push eax 0x0000000b jne 00007FC8BCD0702Ch 0x00000011 pushad 0x00000012 jmp 00007FC8BCD0701Eh 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: AD30AE second address: AD3106 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 nop 0x00000006 or dword ptr [ebp+122D2472h], edx 0x0000000c push dword ptr [ebp+122D1D9Dh] 0x00000012 push 00000000h 0x00000014 push ebp 0x00000015 call 00007FC8BCFEEF08h 0x0000001a pop ebp 0x0000001b mov dword ptr [esp+04h], ebp 0x0000001f add dword ptr [esp+04h], 00000014h 0x00000027 inc ebp 0x00000028 push ebp 0x00000029 ret 0x0000002a pop ebp 0x0000002b ret 0x0000002c pushad 0x0000002d call 00007FC8BCFEEF10h 0x00000032 mov bh, D6h 0x00000034 pop edx 0x00000035 jno 00007FC8BCFEEF0Ch 0x0000003b popad 0x0000003c push 9D613D65h 0x00000041 pushad 0x00000042 push eax 0x00000043 push eax 0x00000044 push edx 0x00000045 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: AD7D60 second address: AD7D72 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pushad 0x00000004 popad 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jo 00007FC8BCD0701Ch 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: AD7D72 second address: AD7D79 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: AD7D79 second address: AD7D80 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: AD7D80 second address: AD7D8A instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FC8BCFEEF0Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EDFC4 second address: 9EDFC8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EE191 second address: 9EE1AF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF17h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EE37B second address: 9EE37F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EE37F second address: 9EE383 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 9EE383 second address: 9EE389 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AB02E1 second address: 4AB035D instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007FC8BCFEEF0Bh 0x00000008 sub si, 9A2Eh 0x0000000d jmp 00007FC8BCFEEF19h 0x00000012 popfd 0x00000013 pop edx 0x00000014 pop eax 0x00000015 mov esi, 5CCE9CB7h 0x0000001a popad 0x0000001b push eax 0x0000001c pushad 0x0000001d jmp 00007FC8BCFEEF13h 0x00000022 pushfd 0x00000023 jmp 00007FC8BCFEEF18h 0x00000028 and ax, EA08h 0x0000002d jmp 00007FC8BCFEEF0Bh 0x00000032 popfd 0x00000033 popad 0x00000034 xchg eax, ebp 0x00000035 push eax 0x00000036 push edx 0x00000037 push eax 0x00000038 push edx 0x00000039 push eax 0x0000003a push edx 0x0000003b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AB035D second address: 4AB0361 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AB0361 second address: 4AB037C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF17h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AB037C second address: 4AB03B8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov esi, ebx 0x00000005 pushfd 0x00000006 jmp 00007FC8BCD0701Bh 0x0000000b xor esi, 2F6E6FAEh 0x00000011 jmp 00007FC8BCD07029h 0x00000016 popfd 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a mov ebp, esp 0x0000001c push eax 0x0000001d push edx 0x0000001e push eax 0x0000001f push edx 0x00000020 pushad 0x00000021 popad 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AB03B8 second address: 4AB03BE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AB03BE second address: 4AB03DD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD07022h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov edx, dword ptr [ebp+0Ch] 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AB03DD second address: 4AB03E1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AB03E1 second address: 4AB03E7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AB03E7 second address: 4AB03FC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov ecx, dword ptr [ebp+08h] 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c mov di, 0B2Ah 0x00000010 mov bx, AFF6h 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AB041F second address: 4AB0425 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0767 second address: 4AD076D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD076D second address: 4AD0771 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0771 second address: 4AD078D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c mov ch, F8h 0x0000000e jmp 00007FC8BCFEEF0Dh 0x00000013 popad 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD078D second address: 4AD07C9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FC8BCD07027h 0x00000009 add si, 2E6Eh 0x0000000e jmp 00007FC8BCD07029h 0x00000013 popfd 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD07C9 second address: 4AD07E5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov ebp, esp 0x00000009 jmp 00007FC8BCFEEF0Ch 0x0000000e xchg eax, ecx 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD07E5 second address: 4AD07EB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD07EB second address: 4AD07FA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC8BCFEEF0Bh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD07FA second address: 4AD0831 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FC8BCD07021h 0x00000012 and esi, 71B276B6h 0x00000018 jmp 00007FC8BCD07021h 0x0000001d popfd 0x0000001e popad 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0831 second address: 4AD0848 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC8BCFEEF13h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0848 second address: 4AD08C8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ecx 0x00000009 pushad 0x0000000a mov bx, 22C6h 0x0000000e pushfd 0x0000000f jmp 00007FC8BCD07027h 0x00000014 sub ax, 914Eh 0x00000019 jmp 00007FC8BCD07029h 0x0000001e popfd 0x0000001f popad 0x00000020 xchg eax, esi 0x00000021 jmp 00007FC8BCD0701Eh 0x00000026 push eax 0x00000027 push eax 0x00000028 push edx 0x00000029 pushad 0x0000002a pushfd 0x0000002b jmp 00007FC8BCD0701Ch 0x00000030 jmp 00007FC8BCD07025h 0x00000035 popfd 0x00000036 movzx eax, di 0x00000039 popad 0x0000003a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD08C8 second address: 4AD08CE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD08CE second address: 4AD08D2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD08D2 second address: 4AD092B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, esi 0x00000009 pushad 0x0000000a mov eax, 731C0AEDh 0x0000000f jmp 00007FC8BCFEEF0Ah 0x00000014 popad 0x00000015 lea eax, dword ptr [ebp-04h] 0x00000018 pushad 0x00000019 call 00007FC8BCFEEF0Eh 0x0000001e mov dx, cx 0x00000021 pop esi 0x00000022 mov edi, 2B67C482h 0x00000027 popad 0x00000028 push ecx 0x00000029 jmp 00007FC8BCFEEF16h 0x0000002e mov dword ptr [esp], eax 0x00000031 pushad 0x00000032 movzx esi, dx 0x00000035 push eax 0x00000036 push edx 0x00000037 mov ax, bx 0x0000003a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD092B second address: 4AD092F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD092F second address: 4AD0950 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push dword ptr [ebp+08h] 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FC8BCFEEF13h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0950 second address: 4AD096D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD07029h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD096D second address: 4AD0973 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0973 second address: 4AD0977 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD099A second address: 4AD099E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD099E second address: 4AD09A4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD09A4 second address: 4AD09AA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD09AA second address: 4AD09AE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0A3F second address: 4AD0A43 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0A43 second address: 4AD0A49 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0A49 second address: 4AD0A78 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ebx, eax 0x00000005 mov ax, 48EFh 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov eax, esi 0x0000000e jmp 00007FC8BCFEEF12h 0x00000013 pop esi 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 jmp 00007FC8BCFEEF0Ah 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0A78 second address: 4AD0A7C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0A7C second address: 4AD0A82 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0A82 second address: 4AD0A88 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0A88 second address: 4AD0A8C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0A8C second address: 4AC01A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 leave 0x00000009 pushad 0x0000000a jmp 00007FC8BCD07022h 0x0000000f mov dx, cx 0x00000012 popad 0x00000013 retn 0004h 0x00000016 nop 0x00000017 cmp eax, 00000000h 0x0000001a setne al 0x0000001d jmp 00007FC8BCD07012h 0x0000001f xor ebx, ebx 0x00000021 test al, 01h 0x00000023 jne 00007FC8BCD07017h 0x00000025 sub esp, 04h 0x00000028 mov dword ptr [esp], 0000000Dh 0x0000002f call 00007FC8C0FB4795h 0x00000034 mov edi, edi 0x00000036 push eax 0x00000037 push edx 0x00000038 pushad 0x00000039 jmp 00007FC8BCD0701Dh 0x0000003e mov ax, 5267h 0x00000042 popad 0x00000043 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC01A1 second address: 4AC01A7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC01A7 second address: 4AC01AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC01AB second address: 4AC01F9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push esi 0x00000009 pushad 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d pushfd 0x0000000e jmp 00007FC8BCFEEF0Ah 0x00000013 and ax, 6FC8h 0x00000018 jmp 00007FC8BCFEEF0Bh 0x0000001d popfd 0x0000001e popad 0x0000001f push ecx 0x00000020 mov edx, 32C60D6Ah 0x00000025 pop ebx 0x00000026 popad 0x00000027 mov dword ptr [esp], ebp 0x0000002a pushad 0x0000002b mov cl, 91h 0x0000002d mov si, bx 0x00000030 popad 0x00000031 mov ebp, esp 0x00000033 push eax 0x00000034 push edx 0x00000035 jmp 00007FC8BCFEEF0Eh 0x0000003a rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC01F9 second address: 4AC0234 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FC8BCD07021h 0x00000009 xor eax, 7B55E246h 0x0000000f jmp 00007FC8BCD07021h 0x00000014 popfd 0x00000015 push ecx 0x00000016 pop edi 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a sub esp, 2Ch 0x0000001d push eax 0x0000001e push edx 0x0000001f push eax 0x00000020 push edx 0x00000021 push eax 0x00000022 push edx 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0234 second address: 4AC0238 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0238 second address: 4AC023C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC023C second address: 4AC0242 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0242 second address: 4AC028E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov di, si 0x00000006 mov ah, 2Eh 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push ebp 0x0000000c pushad 0x0000000d movzx esi, dx 0x00000010 mov edx, 4EA89E2Eh 0x00000015 popad 0x00000016 mov dword ptr [esp], ebx 0x00000019 jmp 00007FC8BCD07025h 0x0000001e xchg eax, edi 0x0000001f pushad 0x00000020 push eax 0x00000021 push edx 0x00000022 pushfd 0x00000023 jmp 00007FC8BCD0701Ah 0x00000028 add al, FFFFFFA8h 0x0000002b jmp 00007FC8BCD0701Bh 0x00000030 popfd 0x00000031 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC028E second address: 4AC02AA instructions: 0x00000000 rdtsc 0x00000002 mov edi, esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 call 00007FC8BCFEEF14h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC02AA second address: 4AC02DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 popad 0x00000006 push eax 0x00000007 pushad 0x00000008 jmp 00007FC8BCD0701Ch 0x0000000d mov si, ED11h 0x00000011 popad 0x00000012 xchg eax, edi 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007FC8BCD07026h 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC02DE second address: 4AC02E4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC02E4 second address: 4AC02EA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC02EA second address: 4AC02EE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC02EE second address: 4AC02F2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC031E second address: 4AC0324 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0324 second address: 4AC0392 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov edi, 00000000h 0x0000000d pushad 0x0000000e mov edi, ecx 0x00000010 pushfd 0x00000011 jmp 00007FC8BCD07020h 0x00000016 jmp 00007FC8BCD07025h 0x0000001b popfd 0x0000001c popad 0x0000001d inc ebx 0x0000001e pushad 0x0000001f push eax 0x00000020 pop esi 0x00000021 popad 0x00000022 test al, al 0x00000024 pushad 0x00000025 mov bh, ah 0x00000027 mov bh, C4h 0x00000029 popad 0x0000002a je 00007FC8BCD0728Eh 0x00000030 jmp 00007FC8BCD07022h 0x00000035 lea ecx, dword ptr [ebp-14h] 0x00000038 push eax 0x00000039 push edx 0x0000003a push eax 0x0000003b push edx 0x0000003c jmp 00007FC8BCD0701Ah 0x00000041 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0392 second address: 4AC0396 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0396 second address: 4AC039C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0417 second address: 4AC041C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC041C second address: 4AC042A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC8BCD0701Ah 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC042A second address: 4AC042E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC042E second address: 4AC0468 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jmp 00007FC8BCD0701Eh 0x0000000e nop 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 pushfd 0x00000013 jmp 00007FC8BCD0701Ch 0x00000018 sbb ecx, 39C71828h 0x0000001e jmp 00007FC8BCD0701Bh 0x00000023 popfd 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC04E2 second address: 4AC0529 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov dh, cl 0x00000005 pushfd 0x00000006 jmp 00007FC8BCFEEF15h 0x0000000b or ecx, 1821D466h 0x00000011 jmp 00007FC8BCFEEF11h 0x00000016 popfd 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a test eax, eax 0x0000001c push eax 0x0000001d push edx 0x0000001e jmp 00007FC8BCFEEF0Dh 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0529 second address: 4AC0560 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD07021h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jg 00007FC92DCA4F64h 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007FC8BCD07028h 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0560 second address: 4AC0564 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0564 second address: 4AC056A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC056A second address: 4AC0571 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ebx, esi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0571 second address: 4AC059D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 js 00007FC8BCD0707Fh 0x0000000d jmp 00007FC8BCD07024h 0x00000012 cmp dword ptr [ebp-14h], edi 0x00000015 push eax 0x00000016 push edx 0x00000017 pushad 0x00000018 mov esi, edi 0x0000001a push ebx 0x0000001b pop eax 0x0000001c popad 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC059D second address: 4AC05A3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC05A3 second address: 4AC05A7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC05A7 second address: 4AC061C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jne 00007FC92DF8CDF2h 0x0000000e pushad 0x0000000f pushfd 0x00000010 jmp 00007FC8BCFEEF16h 0x00000015 sbb eax, 10001D88h 0x0000001b jmp 00007FC8BCFEEF0Bh 0x00000020 popfd 0x00000021 pushad 0x00000022 push eax 0x00000023 pop ebx 0x00000024 movzx ecx, dx 0x00000027 popad 0x00000028 popad 0x00000029 mov ebx, dword ptr [ebp+08h] 0x0000002c push eax 0x0000002d push edx 0x0000002e pushad 0x0000002f movzx esi, bx 0x00000032 pushfd 0x00000033 jmp 00007FC8BCFEEF0Bh 0x00000038 and si, 9A7Eh 0x0000003d jmp 00007FC8BCFEEF19h 0x00000042 popfd 0x00000043 popad 0x00000044 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC061C second address: 4AC0651 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ax, di 0x00000006 call 00007FC8BCD07023h 0x0000000b pop esi 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f lea eax, dword ptr [ebp-2Ch] 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007FC8BCD07021h 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0651 second address: 4AC0657 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0657 second address: 4AC065D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC065D second address: 4AC0661 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0661 second address: 4AC068D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, esi 0x00000009 jmp 00007FC8BCD07022h 0x0000000e push eax 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FC8BCD0701Eh 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC068D second address: 4AC06C9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov edi, 44E9B414h 0x00000008 mov dl, FDh 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d xchg eax, esi 0x0000000e jmp 00007FC8BCFEEF14h 0x00000013 nop 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007FC8BCFEEF17h 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC06C9 second address: 4AC06F5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD07029h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FC8BCD0701Ch 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC06F5 second address: 4AC0755 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movsx edx, si 0x00000006 pushfd 0x00000007 jmp 00007FC8BCFEEF0Ah 0x0000000c sbb ax, 0BB8h 0x00000011 jmp 00007FC8BCFEEF0Bh 0x00000016 popfd 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a nop 0x0000001b jmp 00007FC8BCFEEF16h 0x00000020 xchg eax, ebx 0x00000021 push eax 0x00000022 push edx 0x00000023 pushad 0x00000024 call 00007FC8BCFEEF0Dh 0x00000029 pop eax 0x0000002a jmp 00007FC8BCFEEF11h 0x0000002f popad 0x00000030 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0755 second address: 4AC077E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movsx ebx, si 0x00000006 call 00007FC8BCD07028h 0x0000000b pop eax 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC077E second address: 4AC0782 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0782 second address: 4AC0786 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0786 second address: 4AC078C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC078C second address: 4AC07A9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov dx, si 0x00000006 mov ebx, ecx 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FC8BCD0701Fh 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0018 second address: 4AC003D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF10h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FC8BCFEEF0Eh 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC003D second address: 4AC00B6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD0701Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a pushad 0x0000000b movzx eax, di 0x0000000e pushad 0x0000000f pushfd 0x00000010 jmp 00007FC8BCD07027h 0x00000015 adc ax, 78FEh 0x0000001a jmp 00007FC8BCD07029h 0x0000001f popfd 0x00000020 pushfd 0x00000021 jmp 00007FC8BCD07020h 0x00000026 add eax, 5E6347F8h 0x0000002c jmp 00007FC8BCD0701Bh 0x00000031 popfd 0x00000032 popad 0x00000033 popad 0x00000034 mov ebp, esp 0x00000036 push eax 0x00000037 push edx 0x00000038 push eax 0x00000039 push edx 0x0000003a push eax 0x0000003b push edx 0x0000003c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC00B6 second address: 4AC00BA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC00BA second address: 4AC00C0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC00C0 second address: 4AC00D3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF0Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ecx 0x0000000a pushad 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC00D3 second address: 4AC0114 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007FC8BCD07029h 0x0000000a popad 0x0000000b push eax 0x0000000c jmp 00007FC8BCD07021h 0x00000011 xchg eax, ecx 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007FC8BCD0701Dh 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0DBC second address: 4AC0DC0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0DC0 second address: 4AC0DD1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD0701Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0E6C second address: 4AC0EC4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movsx edx, si 0x00000006 jmp 00007FC8BCFEEF10h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e test al, al 0x00000010 pushad 0x00000011 pushad 0x00000012 mov esi, 222F7383h 0x00000017 pushfd 0x00000018 jmp 00007FC8BCFEEF18h 0x0000001d or ch, 00000048h 0x00000020 jmp 00007FC8BCFEEF0Bh 0x00000025 popfd 0x00000026 popad 0x00000027 popad 0x00000028 je 00007FC92DF729D3h 0x0000002e push eax 0x0000002f push edx 0x00000030 push eax 0x00000031 push edx 0x00000032 push eax 0x00000033 push edx 0x00000034 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0EC4 second address: 4AC0EC8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0EC8 second address: 4AC0ECC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0ECC second address: 4AC0ED2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0ED2 second address: 4AC0ED8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AC0ED8 second address: 4AC0EFC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 cmp dword ptr [ebp+08h], 00002000h 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FC8BCD07023h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0AED second address: 4AD0B51 instructions: 0x00000000 rdtsc 0x00000002 mov ecx, 2BBF3181h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a mov dword ptr [esp], ebp 0x0000000d jmp 00007FC8BCFEEF0Ch 0x00000012 mov ebp, esp 0x00000014 pushad 0x00000015 mov cl, F7h 0x00000017 mov si, di 0x0000001a popad 0x0000001b push ebp 0x0000001c jmp 00007FC8BCFEEF12h 0x00000021 mov dword ptr [esp], esi 0x00000024 jmp 00007FC8BCFEEF10h 0x00000029 mov esi, dword ptr [ebp+0Ch] 0x0000002c push eax 0x0000002d push edx 0x0000002e jmp 00007FC8BCFEEF17h 0x00000033 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0B51 second address: 4AD0B69 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC8BCD07024h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0B69 second address: 4AD0BD3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 test esi, esi 0x0000000a jmp 00007FC8BCFEEF17h 0x0000000f je 00007FC92DF6C733h 0x00000015 jmp 00007FC8BCFEEF16h 0x0000001a cmp dword ptr [75AB459Ch], 05h 0x00000021 pushad 0x00000022 pushfd 0x00000023 jmp 00007FC8BCFEEF0Eh 0x00000028 sbb esi, 08746078h 0x0000002e jmp 00007FC8BCFEEF0Bh 0x00000033 popfd 0x00000034 push eax 0x00000035 push edx 0x00000036 pushad 0x00000037 popad 0x00000038 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0BD3 second address: 4AD0C01 instructions: 0x00000000 rdtsc 0x00000002 call 00007FC8BCD07024h 0x00000007 pop esi 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b je 00007FC92DC9C8C0h 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007FC8BCD0701Ch 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0C01 second address: 4AD0C41 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop eax 0x00000005 pushfd 0x00000006 jmp 00007FC8BCFEEF0Dh 0x0000000b jmp 00007FC8BCFEEF0Bh 0x00000010 popfd 0x00000011 popad 0x00000012 pop edx 0x00000013 pop eax 0x00000014 xchg eax, esi 0x00000015 jmp 00007FC8BCFEEF16h 0x0000001a push eax 0x0000001b push eax 0x0000001c push edx 0x0000001d push eax 0x0000001e push edx 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0C41 second address: 4AD0C45 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0C45 second address: 4AD0C61 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF18h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0C61 second address: 4AD0C67 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0CB8 second address: 4AD0CEC instructions: 0x00000000 rdtsc 0x00000002 movsx ebx, ax 0x00000005 pop edx 0x00000006 pop eax 0x00000007 popad 0x00000008 xchg eax, esi 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FC8BCFEEF11h 0x00000012 and cl, 00000056h 0x00000015 jmp 00007FC8BCFEEF11h 0x0000001a popfd 0x0000001b popad 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0CEC second address: 4AD0D03 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC8BCD07023h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0D03 second address: 4AD0D56 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCFEEF19h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f jmp 00007FC8BCFEEF0Ah 0x00000014 pushfd 0x00000015 jmp 00007FC8BCFEEF12h 0x0000001a and eax, 2E125838h 0x00000020 jmp 00007FC8BCFEEF0Bh 0x00000025 popfd 0x00000026 popad 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0D56 second address: 4AD0D5C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0D5C second address: 4AD0D60 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0D60 second address: 4AD0D75 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, esi 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FC8BCD0701Ah 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0D75 second address: 4AD0D87 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC8BCFEEF0Eh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0D87 second address: 4AD0D8B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0DA5 second address: 4AD0DB7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC8BCFEEF0Eh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0DB7 second address: 4AD0DEE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC8BCD0701Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop esi 0x0000000c jmp 00007FC8BCD07026h 0x00000011 pop ebp 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007FC8BCD0701Ah 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0DEE second address: 4AD0DF4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0DF4 second address: 4AD0DFA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LP4a6BowQN.exe | RDTSC instruction interceptor: First address: 4AD0DFA second address: 4AD0DFE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |