Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://127.0.0.1:27060 |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762712045.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000002.1764069051.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/account/cookiepreferences/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762712045.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000002.1764069051.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/privacy_agreement/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762712045.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000002.1764069051.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/subscriber_agreement/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://www.valvesoftware.com/legal.htm |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://api.steampowered.com/ |
Source: VBHyEN96Pw.exe, 00000000.00000002.1763820397.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://aspecteirs.lat:443/apii |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://broadcast.st.dl.eccdnx.com |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cdn.fastly.steamstatic.com/steamcommunity/public/assets/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://checkout.steampowered.com/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762712045.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000002.1764069051.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/applications/community/main.css?v=Lj6X7NKUMfzk&a |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/globalv2.css?v=hzEgqbtRcI5V&l=english&_c |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/skin_1/fatalerror.css?v=OFUqlcDNiD6y&l=engli |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/skin_1/header.css?v=EM4kCu67DNda&l=english&a |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762712045.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000002.1764069051.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1 |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762712045.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000002.1764069051.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6 |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762712045.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000002.1764069051.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/applications/community/main.js?v=_92TWn81 |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762712045.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000002.1764069051.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/applications/community/manifest.js?v=hyEE |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/global.js?v=jWc2JLWHx5Kn&l=english&am |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=gQHVlrK4-jX-&l |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/prototype-1.7.js?v=npJElBnrEO6W&l=eng |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=pbdAKOcDIgbC |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/buttons.css?v=qhQgyjWi6LgJ&l=english& |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/motiva_sans.css?v=-yZgCk0Nu7kH&l=engl |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/shared_global.css?v=wuA4X_n5-mo0&l=en |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/shared_responsive.css?v=JL1e4uQSrVGe& |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016 |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/responsive/header_logo.png |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/auth_refresh.js?v=w6QbwI-5-j2S& |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/shared_global.js?v=Gr6TbGRvDtNE&am |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=tvQ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/tooltip.js?v=QYkT4eS5mbTN&l=en |
Source: VBHyEN96Pw.exe, 00000000.00000002.1763820397.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://crosshuaht.lat:443/api |
Source: VBHyEN96Pw.exe, 00000000.00000002.1763820397.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://discokeyus.lat:443/api1 |
Source: VBHyEN96Pw.exe, 00000000.00000002.1763820397.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://energyaffai.lat:443/api9 |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://help.steampowered.com/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://help.steampowered.com/en/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://login.steampowered.com/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lv.queniujq.cn |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://medal.tv |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://player.vimeo.com |
Source: VBHyEN96Pw.exe, 00000000.00000002.1763820397.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://rapeflowwj.lat:443/api |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://recaptcha.net |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://recaptcha.net/recaptcha/; |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://s.ytimg.com; |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sketchfab.com |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steam.tv/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcast-test.akamaized.net |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcast.akamaized.net |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcastchat.akamaized.net |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762712045.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000002.1764069051.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/?subsection=broadcasts |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/discussions/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762712045.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000002.1764069051.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900 |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/market/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/my/wishlist/ |
Source: VBHyEN96Pw.exe, 00000000.00000002.1763820397.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900 |
Source: VBHyEN96Pw.exe, 00000000.00000002.1763820397.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900& |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/workshop/ |
Source: VBHyEN96Pw.exe, 00000000.00000002.1763820397.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com:443/profiles/76561199724331900w |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/ |
Source: VBHyEN96Pw.exe, 00000000.00000002.1764142788.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000002.1764172998.0000000000CE6000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CE6000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/; |
Source: VBHyEN96Pw.exe, 00000000.00000002.1764142788.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7C185ce35c568ebbb |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/about/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/explore/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762712045.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000002.1764069051.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/legal/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/mobile |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/news/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/points/shop |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/points/shop/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/privacy_agreement/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/stats/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/steam_refunds/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/subscriber_agreement/ |
Source: VBHyEN96Pw.exe, 00000000.00000002.1763820397.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sustainskelet.lat:443/api |
Source: VBHyEN96Pw.exe, 00000000.00000002.1763820397.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sweepyribs.lat:443/api |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com/recaptcha/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.gstatic.cn/recaptcha/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.gstatic.com/recaptcha/ |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762599566.0000000000D18000.00000004.00000020.00020000.00000000.sdmp, VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CD1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.youtube.com |
Source: VBHyEN96Pw.exe, 00000000.00000003.1762636793.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.youtube.com/ |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00848850 | 0_2_00848850 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0084ACF0 | 0_2_0084ACF0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092E090 | 0_2_0092E090 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008FC084 | 0_2_008FC084 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093E085 | 0_2_0093E085 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C40A8 | 0_2_008C40A8 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009200B4 | 0_2_009200B4 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C60AB | 0_2_008C60AB |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093F0BF | 0_2_0093F0BF |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A50A5 | 0_2_008A50A5 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009630C6 | 0_2_009630C6 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008EA0D7 | 0_2_008EA0D7 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F60D0 | 0_2_008F60D0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0094F0E5 | 0_2_0094F0E5 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008CF0F6 | 0_2_008CF0F6 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090801B | 0_2_0090801B |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092D01F | 0_2_0092D01F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093101E | 0_2_0093101E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E001F | 0_2_008E001F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008EF029 | 0_2_008EF029 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00915036 | 0_2_00915036 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00919053 | 0_2_00919053 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B604F | 0_2_008B604F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00918054 | 0_2_00918054 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091705A | 0_2_0091705A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008AE05E | 0_2_008AE05E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091304D | 0_2_0091304D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F207F | 0_2_008F207F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008FD079 | 0_2_008FD079 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091E190 | 0_2_0091E190 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00933197 | 0_2_00933197 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090519F | 0_2_0090519F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00862190 | 0_2_00862190 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B519D | 0_2_008B519D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A6195 | 0_2_008A6195 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F51A0 | 0_2_008F51A0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008491B0 | 0_2_008491B0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008AA1BC | 0_2_008AA1BC |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009361A4 | 0_2_009361A4 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009451AB | 0_2_009451AB |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0094E1D7 | 0_2_0094E1D7 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008631C2 | 0_2_008631C2 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008641C0 | 0_2_008641C0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090B1DF | 0_2_0090B1DF |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090C1C5 | 0_2_0090C1C5 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0087B1D0 | 0_2_0087B1D0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008691DD | 0_2_008691DD |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008AF1D5 | 0_2_008AF1D5 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C81E7 | 0_2_008C81E7 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093C1FC | 0_2_0093C1FC |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009391EB | 0_2_009391EB |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093A113 | 0_2_0093A113 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B310C | 0_2_008B310C |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00914101 | 0_2_00914101 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090A102 | 0_2_0090A102 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092510F | 0_2_0092510F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00916137 | 0_2_00916137 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E613A | 0_2_008E613A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00934127 | 0_2_00934127 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F314F | 0_2_008F314F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00951157 | 0_2_00951157 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091B15A | 0_2_0091B15A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00A07140 | 0_2_00A07140 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C316E | 0_2_008C316E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008BF16D | 0_2_008BF16D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00924174 | 0_2_00924174 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008BA167 | 0_2_008BA167 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008EC174 | 0_2_008EC174 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00846280 | 0_2_00846280 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008FB28A | 0_2_008FB28A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B4286 | 0_2_008B4286 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009F128F | 0_2_009F128F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F429B | 0_2_008F429B |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0085E290 | 0_2_0085E290 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091A28F | 0_2_0091A28F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E42C4 | 0_2_008E42C4 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008652DD | 0_2_008652DD |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0085B2E0 | 0_2_0085B2E0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008FE2E6 | 0_2_008FE2E6 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008DE2F4 | 0_2_008DE2F4 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F9204 | 0_2_008F9204 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A8204 | 0_2_008A8204 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00A0222F | 0_2_00A0222F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00941201 | 0_2_00941201 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E1219 | 0_2_008E1219 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A222A | 0_2_008A222A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008FD22F | 0_2_008FD22F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00855220 | 0_2_00855220 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008DC228 | 0_2_008DC228 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E9222 | 0_2_008E9222 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008CD222 | 0_2_008CD222 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B1239 | 0_2_008B1239 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093B227 | 0_2_0093B227 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00935229 | 0_2_00935229 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00944228 | 0_2_00944228 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092722D | 0_2_0092722D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009FD252 | 0_2_009FD252 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008AB247 | 0_2_008AB247 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E525F | 0_2_008E525F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008EB25A | 0_2_008EB25A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008DF255 | 0_2_008DF255 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0095024E | 0_2_0095024E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00856263 | 0_2_00856263 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008FF267 | 0_2_008FF267 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090027A | 0_2_0090027A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F7263 | 0_2_008F7263 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008BD27E | 0_2_008BD27E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090226D | 0_2_0090226D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A538A | 0_2_008A538A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00864380 | 0_2_00864380 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D6384 | 0_2_008D6384 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092239B | 0_2_0092239B |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E7381 | 0_2_008E7381 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00928387 | 0_2_00928387 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009383A6 | 0_2_009383A6 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009183D5 | 0_2_009183D5 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090F3D6 | 0_2_0090F3D6 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A43CD | 0_2_008A43CD |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F93C8 | 0_2_008F93C8 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D03C2 | 0_2_008D03C2 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E53D6 | 0_2_008E53D6 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008DD3D7 | 0_2_008DD3D7 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F13E0 | 0_2_008F13E0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0086C3FC | 0_2_0086C3FC |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E330D | 0_2_008E330D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008CA30A | 0_2_008CA30A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0086830D | 0_2_0086830D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D4303 | 0_2_008D4303 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E2300 | 0_2_008E2300 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093731D | 0_2_0093731D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0094831A | 0_2_0094831A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B8316 | 0_2_008B8316 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00921332 | 0_2_00921332 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00865327 | 0_2_00865327 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009FB33D | 0_2_009FB33D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00844320 | 0_2_00844320 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D1327 | 0_2_008D1327 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D733E | 0_2_008D733E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00848330 | 0_2_00848330 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008FC33B | 0_2_008FC33B |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0087F330 | 0_2_0087F330 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00926325 | 0_2_00926325 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0086A33F | 0_2_0086A33F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E1348 | 0_2_008E1348 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0087D34D | 0_2_0087D34D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091D373 | 0_2_0091D373 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00906366 | 0_2_00906366 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0094B362 | 0_2_0094B362 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C0370 | 0_2_008C0370 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00919493 | 0_2_00919493 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0085148F | 0_2_0085148F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C6480 | 0_2_008C6480 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091049C | 0_2_0091049C |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00912481 | 0_2_00912481 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00949483 | 0_2_00949483 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00914489 | 0_2_00914489 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C4495 | 0_2_008C4495 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0094F4B5 | 0_2_0094F4B5 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092E4B1 | 0_2_0092E4B1 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008CF4BB | 0_2_008CF4BB |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008ED4B9 | 0_2_008ED4B9 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B64B7 | 0_2_008B64B7 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009154C5 | 0_2_009154C5 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009404C0 | 0_2_009404C0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008EC4DB | 0_2_008EC4DB |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008691DD | 0_2_008691DD |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008AE4DC | 0_2_008AE4DC |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B44EB | 0_2_008B44EB |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008474F0 | 0_2_008474F0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008DB40C | 0_2_008DB40C |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00A00423 | 0_2_00A00423 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00913409 | 0_2_00913409 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090A431 | 0_2_0090A431 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F4421 | 0_2_008F4421 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00917456 | 0_2_00917456 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008BF446 | 0_2_008BF446 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B7459 | 0_2_008B7459 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008BB456 | 0_2_008BB456 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00920472 | 0_2_00920472 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F646A | 0_2_008F646A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00929479 | 0_2_00929479 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C2478 | 0_2_008C2478 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B347D | 0_2_008B347D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090E466 | 0_2_0090E466 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00916591 | 0_2_00916591 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008EA58D | 0_2_008EA58D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00951590 | 0_2_00951590 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092859E | 0_2_0092859E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F7580 | 0_2_008F7580 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008BE599 | 0_2_008BE599 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0085759F | 0_2_0085759F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A2591 | 0_2_008A2591 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C35A4 | 0_2_008C35A4 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D35B1 | 0_2_008D35B1 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009835D2 | 0_2_009835D2 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008FB5C0 | 0_2_008FB5C0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009395C1 | 0_2_009395C1 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F55D9 | 0_2_008F55D9 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091E5C8 | 0_2_0091E5C8 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009505F6 | 0_2_009505F6 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0094A5F1 | 0_2_0094A5F1 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009085E9 | 0_2_009085E9 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A65F0 | 0_2_008A65F0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093B5E9 | 0_2_0093B5E9 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008CB50A | 0_2_008CB50A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00877500 | 0_2_00877500 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00862510 | 0_2_00862510 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092250E | 0_2_0092250E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00925530 | 0_2_00925530 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F3525 | 0_2_008F3525 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008FA541 | 0_2_008FA541 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008BA544 | 0_2_008BA544 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D255D | 0_2_008D255D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00931541 | 0_2_00931541 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00942541 | 0_2_00942541 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093F548 | 0_2_0093F548 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A8554 | 0_2_008A8554 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093C697 | 0_2_0093C697 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008EB699 | 0_2_008EB699 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008AC696 | 0_2_008AC696 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F26AC | 0_2_008F26AC |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009366BC | 0_2_009366BC |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E86B9 | 0_2_008E86B9 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008686C0 | 0_2_008686C0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008DC6C0 | 0_2_008DC6C0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A26C5 | 0_2_008A26C5 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D36DF | 0_2_008D36DF |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E36DD | 0_2_008E36DD |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009326C7 | 0_2_009326C7 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008666D0 | 0_2_008666D0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008CC6D1 | 0_2_008CC6D1 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008636E2 | 0_2_008636E2 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B76E1 | 0_2_008B76E1 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00867603 | 0_2_00867603 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092C615 | 0_2_0092C615 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00923618 | 0_2_00923618 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092761D | 0_2_0092761D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008AF61B | 0_2_008AF61B |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008AA613 | 0_2_008AA613 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091D60B | 0_2_0091D60B |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00A0A601 | 0_2_00A0A601 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B162D | 0_2_008B162D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008BA620 | 0_2_008BA620 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008CD63B | 0_2_008CD63B |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008EF630 | 0_2_008EF630 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008FC659 | 0_2_008FC659 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F966D | 0_2_008F966D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00A05646 | 0_2_00A05646 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090B679 | 0_2_0090B679 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090D679 | 0_2_0090D679 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D5666 | 0_2_008D5666 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A478B | 0_2_008A478B |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0084A780 | 0_2_0084A780 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092179E | 0_2_0092179E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B879E | 0_2_008B879E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00858792 | 0_2_00858792 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00855799 | 0_2_00855799 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009037A7 | 0_2_009037A7 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008CE7C8 | 0_2_008CE7C8 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0085E7C0 | 0_2_0085E7C0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008597C2 | 0_2_008597C2 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C87DC | 0_2_008C87DC |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E47DD | 0_2_008E47DD |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090A7C4 | 0_2_0090A7C4 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092F7C5 | 0_2_0092F7C5 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008ED7D7 | 0_2_008ED7D7 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009027F2 | 0_2_009027F2 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093D7F1 | 0_2_0093D7F1 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009347E2 | 0_2_009347E2 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090C719 | 0_2_0090C719 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008DF71C | 0_2_008DF71C |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008EE71F | 0_2_008EE71F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00846710 | 0_2_00846710 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008BD710 | 0_2_008BD710 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090F735 | 0_2_0090F735 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008BF72D | 0_2_008BF72D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0087F720 | 0_2_0087F720 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093A73D | 0_2_0093A73D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C073C | 0_2_008C073C |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D974D | 0_2_008D974D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00911756 | 0_2_00911756 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0094575E | 0_2_0094575E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B9740 | 0_2_008B9740 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008DD76F | 0_2_008DD76F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F076B | 0_2_008F076B |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D8768 | 0_2_008D8768 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091B778 | 0_2_0091B778 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A5760 | 0_2_008A5760 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00933892 | 0_2_00933892 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C2888 | 0_2_008C2888 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0087D880 | 0_2_0087D880 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C488B | 0_2_008C488B |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093F887 | 0_2_0093F887 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008618A0 | 0_2_008618A0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009438BC | 0_2_009438BC |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B68A1 | 0_2_008B68A1 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0084C8B6 | 0_2_0084C8B6 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008CB8C5 | 0_2_008CB8C5 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008688CB | 0_2_008688CB |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091F8C0 | 0_2_0091F8C0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009028F3 | 0_2_009028F3 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B08E2 | 0_2_008B08E2 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F68FA | 0_2_008F68FA |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C38F9 | 0_2_008C38F9 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009FE8E0 | 0_2_009FE8E0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A9806 | 0_2_008A9806 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008AC806 | 0_2_008AC806 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B581A | 0_2_008B581A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F981D | 0_2_008F981D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00878810 | 0_2_00878810 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008CF815 | 0_2_008CF815 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008FE816 | 0_2_008FE816 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008FF816 | 0_2_008FF816 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0085682D | 0_2_0085682D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E5833 | 0_2_008E5833 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0094F85F | 0_2_0094F85F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F6853 | 0_2_008F6853 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092E84F | 0_2_0092E84F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091084E | 0_2_0091084E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091A84E | 0_2_0091A84E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00913874 | 0_2_00913874 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00863860 | 0_2_00863860 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D7865 | 0_2_008D7865 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090E866 | 0_2_0090E866 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D6872 | 0_2_008D6872 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00905994 | 0_2_00905994 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008CE989 | 0_2_008CE989 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0087D980 | 0_2_0087D980 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F7988 | 0_2_008F7988 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F5986 | 0_2_008F5986 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009B4995 | 0_2_009B4995 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00923980 | 0_2_00923980 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00845990 | 0_2_00845990 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A799F | 0_2_008A799F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090798A | 0_2_0090798A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D89A8 | 0_2_008D89A8 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009049BA | 0_2_009049BA |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0094D9A6 | 0_2_0094D9A6 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092C9AB | 0_2_0092C9AB |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009359D2 | 0_2_009359D2 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008579C1 | 0_2_008579C1 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009179D8 | 0_2_009179D8 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C89D8 | 0_2_008C89D8 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_009279C8 | 0_2_009279C8 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008EF9FC | 0_2_008EF9FC |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E1907 | 0_2_008E1907 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092091F | 0_2_0092091F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092A905 | 0_2_0092A905 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091990E | 0_2_0091990E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093E93D | 0_2_0093E93D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093192A | 0_2_0093192A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00860939 | 0_2_00860939 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00870940 | 0_2_00870940 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A3943 | 0_2_008A3943 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B3946 | 0_2_008B3946 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093694C | 0_2_0093694C |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E597D | 0_2_008E597D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00843970 | 0_2_00843970 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093B967 | 0_2_0093B967 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A897F | 0_2_008A897F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008ADA8F | 0_2_008ADA8F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0087DA80 | 0_2_0087DA80 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00908A9C | 0_2_00908A9C |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008EBA98 | 0_2_008EBA98 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00911ABC | 0_2_00911ABC |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B1ABB | 0_2_008B1ABB |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008DFAB9 | 0_2_008DFAB9 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A9AB2 | 0_2_008A9AB2 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008DAAB0 | 0_2_008DAAB0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E1ACF | 0_2_008E1ACF |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F5ACC | 0_2_008F5ACC |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008AEACE | 0_2_008AEACE |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008FDAC1 | 0_2_008FDAC1 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00930AC1 | 0_2_00930AC1 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0086CAD0 | 0_2_0086CAD0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091BAC7 | 0_2_0091BAC7 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D5ADA | 0_2_008D5ADA |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B8AFD | 0_2_008B8AFD |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D2A0D | 0_2_008D2A0D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00947A11 | 0_2_00947A11 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00916A00 | 0_2_00916A00 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0084EA10 | 0_2_0084EA10 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00926A0C | 0_2_00926A0C |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008AFA15 | 0_2_008AFA15 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C4A21 | 0_2_008C4A21 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008ABA31 | 0_2_008ABA31 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008DEA30 | 0_2_008DEA30 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00901A2D | 0_2_00901A2D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C0A4D | 0_2_008C0A4D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008DDA44 | 0_2_008DDA44 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0086CA49 | 0_2_0086CA49 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0086DA53 | 0_2_0086DA53 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F2A7D | 0_2_008F2A7D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00928A66 | 0_2_00928A66 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B2B8C | 0_2_008B2B8C |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090EB97 | 0_2_0090EB97 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F6B83 | 0_2_008F6B83 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A0B84 | 0_2_008A0B84 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B7B91 | 0_2_008B7B91 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00900BB5 | 0_2_00900BB5 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00944BBC | 0_2_00944BBC |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A5BBB | 0_2_008A5BBB |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00924BA7 | 0_2_00924BA7 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00921BD3 | 0_2_00921BD3 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C8BCE | 0_2_008C8BCE |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00A03BEE | 0_2_00A03BEE |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00937BC2 | 0_2_00937BC2 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0084DBD9 | 0_2_0084DBD9 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B6BE4 | 0_2_008B6BE4 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E7B0B | 0_2_008E7B0B |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C9B07 | 0_2_008C9B07 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00876B08 | 0_2_00876B08 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0089FB19 | 0_2_0089FB19 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E4B1F | 0_2_008E4B1F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D1B1F | 0_2_008D1B1F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D0B1B | 0_2_008D0B1B |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0086CB11 | 0_2_0086CB11 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093AB32 | 0_2_0093AB32 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0086CB22 | 0_2_0086CB22 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D3B2A | 0_2_008D3B2A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090FB39 | 0_2_0090FB39 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00A08B1B | 0_2_00A08B1B |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00915B53 | 0_2_00915B53 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008DCB4E | 0_2_008DCB4E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00939B54 | 0_2_00939B54 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092BB43 | 0_2_0092BB43 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00866B50 | 0_2_00866B50 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0087DB60 | 0_2_0087DB60 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008EEB65 | 0_2_008EEB65 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0090DB7D | 0_2_0090DB7D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D9C81 | 0_2_008D9C81 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0086AC90 | 0_2_0086AC90 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00918C8B | 0_2_00918C8B |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B9CAB | 0_2_008B9CAB |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0087ECA0 | 0_2_0087ECA0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008ACCAD | 0_2_008ACCAD |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008CDCA7 | 0_2_008CDCA7 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B0CA5 | 0_2_008B0CA5 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008CFCB4 | 0_2_008CFCB4 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00931CD5 | 0_2_00931CD5 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092ECC3 | 0_2_0092ECC3 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00916CC5 | 0_2_00916CC5 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D1CDA | 0_2_008D1CDA |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008CECD4 | 0_2_008CECD4 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093ECCC | 0_2_0093ECCC |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B4CEC | 0_2_008B4CEC |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00910CFC | 0_2_00910CFC |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00912CFF | 0_2_00912CFF |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091CC12 | 0_2_0091CC12 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0085DC00 | 0_2_0085DC00 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B5C00 | 0_2_008B5C00 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008BCC00 | 0_2_008BCC00 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008EDC17 | 0_2_008EDC17 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F4C15 | 0_2_008F4C15 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00929C0F | 0_2_00929C0F |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00903C30 | 0_2_00903C30 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00869C2B | 0_2_00869C2B |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008DAC20 | 0_2_008DAC20 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091AC2B | 0_2_0091AC2B |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00930C5A | 0_2_00930C5A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092DC58 | 0_2_0092DC58 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D6C56 | 0_2_008D6C56 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008DBC6E | 0_2_008DBC6E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00844C60 | 0_2_00844C60 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0094BC78 | 0_2_0094BC78 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0085FC75 | 0_2_0085FC75 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F9C70 | 0_2_008F9C70 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008FED87 | 0_2_008FED87 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0093FD83 | 0_2_0093FD83 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00920DB6 | 0_2_00920DB6 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0094DDB8 | 0_2_0094DDB8 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008DEDCC | 0_2_008DEDCC |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008C3DC6 | 0_2_008C3DC6 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00943DC1 | 0_2_00943DC1 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00950DC3 | 0_2_00950DC3 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008FADD5 | 0_2_008FADD5 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00857DEE | 0_2_00857DEE |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00877DF0 | 0_2_00877DF0 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00904DEF | 0_2_00904DEF |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091FD11 | 0_2_0091FD11 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00907D15 | 0_2_00907D15 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008CBD1C | 0_2_008CBD1C |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0091ED09 | 0_2_0091ED09 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A1D2E | 0_2_008A1D2E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008E9D24 | 0_2_008E9D24 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00917D3E | 0_2_00917D3E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008F3D39 | 0_2_008F3D39 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00926D2A | 0_2_00926D2A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0084CD46 | 0_2_0084CD46 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D4D4E | 0_2_008D4D4E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0092CD56 | 0_2_0092CD56 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008A3D4C | 0_2_008A3D4C |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008B1D4D | 0_2_008B1D4D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008EAD5A | 0_2_008EAD5A |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008AAD66 | 0_2_008AAD66 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_00935D7C | 0_2_00935D7C |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008BED7D | 0_2_008BED7D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008AED7D | 0_2_008AED7D |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_0085DE80 | 0_2_0085DE80 |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | Code function: 0_2_008D2E9E | 0_2_008D2E9E |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A0A102 second address: A0A107 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A0E76F second address: A0E7EA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FF6A0F8A556h 0x0000000a popad 0x0000000b push ebx 0x0000000c jmp 00007FF6A0F8A55Bh 0x00000011 pushad 0x00000012 popad 0x00000013 pop ebx 0x00000014 pushad 0x00000015 pushad 0x00000016 popad 0x00000017 js 00007FF6A0F8A556h 0x0000001d ja 00007FF6A0F8A556h 0x00000023 jno 00007FF6A0F8A556h 0x00000029 popad 0x0000002a pushad 0x0000002b push edi 0x0000002c pop edi 0x0000002d pushad 0x0000002e popad 0x0000002f jmp 00007FF6A0F8A55Bh 0x00000034 jmp 00007FF6A0F8A563h 0x00000039 popad 0x0000003a popad 0x0000003b pushad 0x0000003c push ebx 0x0000003d jne 00007FF6A0F8A556h 0x00000043 jmp 00007FF6A0F8A569h 0x00000048 pop ebx 0x00000049 push eax 0x0000004a push edx 0x0000004b push ecx 0x0000004c pop ecx 0x0000004d rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A0E7EA second address: A0E7EE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A0E7EE second address: A0E7F8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A0E7F8 second address: A0E7FE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A0E7FE second address: A0E804 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A0E95E second address: A0E962 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A0E962 second address: A0E97D instructions: 0x00000000 rdtsc 0x00000002 jno 00007FF6A0F8A556h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007FF6A0F8A55Ch 0x0000000f pushad 0x00000010 push eax 0x00000011 pop eax 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A0EADA second address: A0EAE0 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A0EAE0 second address: A0EB07 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007FF6A0F8A561h 0x0000000c push edx 0x0000000d pop edx 0x0000000e jc 00007FF6A0F8A556h 0x00000014 popad 0x00000015 push eax 0x00000016 push edx 0x00000017 push ecx 0x00000018 pop ecx 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A0EB07 second address: A0EB0B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A0EB0B second address: A0EB1D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A0F8A55Eh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A0ECCB second address: A0ECD5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A0F09F second address: A0F0AD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jl 00007FF6A0F8A55Eh 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A0F0AD second address: A0F0BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jc 00007FF6A1754F1Eh 0x0000000c pushad 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A12BF8 second address: A12C02 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FF6A0F8A556h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A12CF3 second address: A12CF7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A12DB6 second address: A12DFC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pushad 0x00000004 popad 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 mov dword ptr [ebp+122D1D4Ah], eax 0x0000000f push 00000000h 0x00000011 push 00000000h 0x00000013 push edx 0x00000014 call 00007FF6A0F8A558h 0x00000019 pop edx 0x0000001a mov dword ptr [esp+04h], edx 0x0000001e add dword ptr [esp+04h], 00000017h 0x00000026 inc edx 0x00000027 push edx 0x00000028 ret 0x00000029 pop edx 0x0000002a ret 0x0000002b sub dl, 00000004h 0x0000002e call 00007FF6A0F8A559h 0x00000033 push eax 0x00000034 push edx 0x00000035 push edx 0x00000036 jc 00007FF6A0F8A556h 0x0000003c pop edx 0x0000003d rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A12DFC second address: A12E07 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jp 00007FF6A1754F16h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A12E07 second address: A12E13 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 pushad 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A12E13 second address: A12E1E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A12EE2 second address: A12F4F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A0F8A55Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xor dword ptr [esp], 7DCE6B73h 0x00000010 push 00000000h 0x00000012 push edi 0x00000013 call 00007FF6A0F8A558h 0x00000018 pop edi 0x00000019 mov dword ptr [esp+04h], edi 0x0000001d add dword ptr [esp+04h], 00000015h 0x00000025 inc edi 0x00000026 push edi 0x00000027 ret 0x00000028 pop edi 0x00000029 ret 0x0000002a jmp 00007FF6A0F8A564h 0x0000002f lea ebx, dword ptr [ebp+1244EAFEh] 0x00000035 and esi, dword ptr [ebp+122D3BD5h] 0x0000003b push eax 0x0000003c push eax 0x0000003d push edx 0x0000003e pushad 0x0000003f push edi 0x00000040 pop edi 0x00000041 jmp 00007FF6A0F8A561h 0x00000046 popad 0x00000047 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A12F4F second address: A12F55 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A12F55 second address: A12F59 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A33365 second address: A3337A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF6A1754F1Fh 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A3337A second address: A3337E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A05191 second address: A05195 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A317C6 second address: A317DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 jmp 00007FF6A0F8A561h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A3194F second address: A31955 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A31955 second address: A31961 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007FF6A0F8A556h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A31EAD second address: A31EB1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A32030 second address: A3203C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jo 00007FF6A0F8A556h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A3203C second address: A32040 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A2652A second address: A26530 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A26530 second address: A2653F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jg 00007FF6A1754F16h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A2653F second address: A26543 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A32572 second address: A32576 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A32C27 second address: A32C2D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A32C2D second address: A32C40 instructions: 0x00000000 rdtsc 0x00000002 jo 00007FF6A1754F16h 0x00000008 jnc 00007FF6A1754F16h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push edi 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A32F34 second address: A32F45 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A0F8A55Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A06C95 second address: A06CA5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jng 00007FF6A1754F16h 0x0000000c popad 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A06CA5 second address: A06CAD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A3DAE6 second address: A3DAF4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 ja 00007FF6A1754F16h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A3DAF4 second address: A3DAFA instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A3DAFA second address: A3DB2B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A1754F24h 0x00000007 pushad 0x00000008 jp 00007FF6A1754F16h 0x0000000e push edx 0x0000000f pop edx 0x00000010 jnl 00007FF6A1754F16h 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 jl 00007FF6A1754F26h 0x0000001f pushad 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A3DE1F second address: A3DE48 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A0F8A55Bh 0x00000007 jmp 00007FF6A0F8A562h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pushad 0x0000000f push edi 0x00000010 push ecx 0x00000011 pop ecx 0x00000012 pop edi 0x00000013 push esi 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A3E117 second address: A3E149 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF6A1754F20h 0x00000009 popad 0x0000000a pop esi 0x0000000b jnp 00007FF6A1754F36h 0x00000011 push esi 0x00000012 pushad 0x00000013 popad 0x00000014 pop esi 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007FF6A1754F20h 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A41A01 second address: A41A22 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A0F8A563h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jbe 00007FF6A0F8A55Eh 0x00000010 push ecx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A41A9A second address: A41AA0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A41AA0 second address: A41AA4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A41C40 second address: A41C46 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A41C46 second address: A41C4B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A41EDE second address: A41EF4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007FF6A1754F16h 0x0000000a popad 0x0000000b pop eax 0x0000000c push eax 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 jns 00007FF6A1754F16h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A428F2 second address: A428F6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A42A42 second address: A42A46 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A42BE8 second address: A42C11 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 jno 00007FF6A0F8A558h 0x0000000d popad 0x0000000e push eax 0x0000000f jnl 00007FF6A0F8A572h 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007FF6A0F8A560h 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A42C11 second address: A42C15 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4309C second address: A430A3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A430A3 second address: A430AA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A44A5E second address: A44AC0 instructions: 0x00000000 rdtsc 0x00000002 jp 00007FF6A0F8A55Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov dword ptr [esp], eax 0x0000000d push 00000000h 0x0000000f push ebx 0x00000010 call 00007FF6A0F8A558h 0x00000015 pop ebx 0x00000016 mov dword ptr [esp+04h], ebx 0x0000001a add dword ptr [esp+04h], 0000001Bh 0x00000022 inc ebx 0x00000023 push ebx 0x00000024 ret 0x00000025 pop ebx 0x00000026 ret 0x00000027 push 00000000h 0x00000029 push edx 0x0000002a pop esi 0x0000002b push 00000000h 0x0000002d mov dword ptr [ebp+122D38D6h], edx 0x00000033 xchg eax, ebx 0x00000034 jbe 00007FF6A0F8A563h 0x0000003a push eax 0x0000003b jmp 00007FF6A0F8A55Bh 0x00000040 pop eax 0x00000041 push eax 0x00000042 jc 00007FF6A0F8A560h 0x00000048 pushad 0x00000049 pushad 0x0000004a popad 0x0000004b push eax 0x0000004c push edx 0x0000004d rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4423F second address: A44245 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A44245 second address: A4424F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jng 00007FF6A0F8A556h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A454D8 second address: A454DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4558D second address: A45591 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A45591 second address: A455AB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A1754F26h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A46B84 second address: A46BDA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 nop 0x00000008 js 00007FF6A0F8A55Bh 0x0000000e add si, A9B3h 0x00000013 push 00000000h 0x00000015 jmp 00007FF6A0F8A55Dh 0x0000001a push 00000000h 0x0000001c push 00000000h 0x0000001e push eax 0x0000001f call 00007FF6A0F8A558h 0x00000024 pop eax 0x00000025 mov dword ptr [esp+04h], eax 0x00000029 add dword ptr [esp+04h], 0000001Ch 0x00000031 inc eax 0x00000032 push eax 0x00000033 ret 0x00000034 pop eax 0x00000035 ret 0x00000036 mov dword ptr [ebp+124732AEh], ebx 0x0000003c xchg eax, ebx 0x0000003d push eax 0x0000003e push edx 0x0000003f pushad 0x00000040 push eax 0x00000041 pop eax 0x00000042 push eax 0x00000043 push edx 0x00000044 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A46BDA second address: A46BDF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A46BDF second address: A46C0B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jg 00007FF6A0F8A556h 0x00000009 jmp 00007FF6A0F8A569h 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push eax 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 pushad 0x00000017 popad 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A46C0B second address: A46C0F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A46C0F second address: A46C15 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A46C15 second address: A46C1B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A46C1B second address: A46C1F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4767A second address: A476AA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A1754F26h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FF6A1754F23h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A47FC9 second address: A47FCD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A47FCD second address: A47FD7 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FF6A1754F16h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4AF6A second address: A4AF6E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A47FD7 second address: A47FF0 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 je 00007FF6A1754F16h 0x00000009 pop ebx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 push eax 0x00000011 pop eax 0x00000012 jng 00007FF6A1754F16h 0x00000018 popad 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A47FF0 second address: A47FF6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4BE84 second address: A4BE99 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A1754F1Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4BE99 second address: A4BE9D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4BE9D second address: A4BEA7 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FF6A1754F16h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4CF02 second address: A4CF06 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4DE17 second address: A4DE1B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4DE1B second address: A4DE2C instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FF6A0F8A556h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b push eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 pop eax 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4DEBC second address: A4DED2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 popad 0x00000008 push eax 0x00000009 pushad 0x0000000a push ecx 0x0000000b js 00007FF6A1754F16h 0x00000011 pop ecx 0x00000012 push eax 0x00000013 push edx 0x00000014 push edx 0x00000015 pop edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4DED2 second address: A4DED6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4EF1C second address: A4EF20 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4F028 second address: A4F032 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnl 00007FF6A0F8A556h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4F032 second address: A4F045 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FF6A1754F16h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 pushad 0x00000011 popad 0x00000012 pop eax 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4F045 second address: A4F04F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jns 00007FF6A0F8A556h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A510AC second address: A510EB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A1754F29h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b pushad 0x0000000c ja 00007FF6A1754F16h 0x00000012 jmp 00007FF6A1754F25h 0x00000017 popad 0x00000018 pushad 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4F04F second address: A4F053 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4F129 second address: A4F146 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop ecx 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push edx 0x0000000a jmp 00007FF6A1754F22h 0x0000000f pop edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A51F20 second address: A51FA9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A0F8A55Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c push edx 0x0000000d pop edx 0x0000000e popad 0x0000000f popad 0x00000010 push eax 0x00000011 jmp 00007FF6A0F8A569h 0x00000016 nop 0x00000017 push 00000000h 0x00000019 push eax 0x0000001a call 00007FF6A0F8A558h 0x0000001f pop eax 0x00000020 mov dword ptr [esp+04h], eax 0x00000024 add dword ptr [esp+04h], 00000014h 0x0000002c inc eax 0x0000002d push eax 0x0000002e ret 0x0000002f pop eax 0x00000030 ret 0x00000031 mov ebx, 686CD682h 0x00000036 push 00000000h 0x00000038 push 00000000h 0x0000003a push esi 0x0000003b call 00007FF6A0F8A558h 0x00000040 pop esi 0x00000041 mov dword ptr [esp+04h], esi 0x00000045 add dword ptr [esp+04h], 00000016h 0x0000004d inc esi 0x0000004e push esi 0x0000004f ret 0x00000050 pop esi 0x00000051 ret 0x00000052 push 00000000h 0x00000054 stc 0x00000055 jmp 00007FF6A0F8A55Dh 0x0000005a push eax 0x0000005b push ebx 0x0000005c pushad 0x0000005d pushad 0x0000005e popad 0x0000005f push eax 0x00000060 push edx 0x00000061 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A01B1E second address: A01B58 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 jne 00007FF6A1754F16h 0x0000000e pushad 0x0000000f popad 0x00000010 popad 0x00000011 push edx 0x00000012 jmp 00007FF6A1754F20h 0x00000017 jmp 00007FF6A1754F24h 0x0000001c pop edx 0x0000001d pushad 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A52179 second address: A521A9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 jmp 00007FF6A0F8A566h 0x0000000a popad 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FF6A0F8A561h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A5472F second address: A54768 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FF6A1754F18h 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push ebx 0x0000000e push eax 0x0000000f pushad 0x00000010 popad 0x00000011 pop eax 0x00000012 pop ebx 0x00000013 nop 0x00000014 mov bl, 36h 0x00000016 push 00000000h 0x00000018 push edi 0x00000019 push eax 0x0000001a pop edi 0x0000001b pop ebx 0x0000001c add ebx, dword ptr [ebp+122D3BADh] 0x00000022 push 00000000h 0x00000024 mov ebx, dword ptr [ebp+122D3B61h] 0x0000002a xchg eax, esi 0x0000002b pushad 0x0000002c push eax 0x0000002d jbe 00007FF6A1754F16h 0x00000033 pop eax 0x00000034 pushad 0x00000035 push eax 0x00000036 pop eax 0x00000037 push eax 0x00000038 push edx 0x00000039 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A5552A second address: A555AD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov dword ptr [esp], eax 0x00000009 sbb bh, 00000054h 0x0000000c mov ebx, 4D7CD252h 0x00000011 push 00000000h 0x00000013 push 00000000h 0x00000015 push ecx 0x00000016 call 00007FF6A0F8A558h 0x0000001b pop ecx 0x0000001c mov dword ptr [esp+04h], ecx 0x00000020 add dword ptr [esp+04h], 00000014h 0x00000028 inc ecx 0x00000029 push ecx 0x0000002a ret 0x0000002b pop ecx 0x0000002c ret 0x0000002d call 00007FF6A0F8A564h 0x00000032 mov dword ptr [ebp+1245617Dh], esi 0x00000038 pop ebx 0x00000039 push 00000000h 0x0000003b push 00000000h 0x0000003d push eax 0x0000003e call 00007FF6A0F8A558h 0x00000043 pop eax 0x00000044 mov dword ptr [esp+04h], eax 0x00000048 add dword ptr [esp+04h], 0000001Bh 0x00000050 inc eax 0x00000051 push eax 0x00000052 ret 0x00000053 pop eax 0x00000054 ret 0x00000055 mov dword ptr [ebp+122D38CEh], ebx 0x0000005b push eax 0x0000005c pushad 0x0000005d push edx 0x0000005e pushad 0x0000005f popad 0x00000060 pop edx 0x00000061 push eax 0x00000062 push edx 0x00000063 jc 00007FF6A0F8A556h 0x00000069 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A555AD second address: A555B1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A56562 second address: A56566 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A56566 second address: A5656C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A5656C second address: A565F5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A0F8A562h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b nop 0x0000000c push 00000000h 0x0000000e push ebp 0x0000000f call 00007FF6A0F8A558h 0x00000014 pop ebp 0x00000015 mov dword ptr [esp+04h], ebp 0x00000019 add dword ptr [esp+04h], 0000001Ah 0x00000021 inc ebp 0x00000022 push ebp 0x00000023 ret 0x00000024 pop ebp 0x00000025 ret 0x00000026 clc 0x00000027 push 00000000h 0x00000029 push 00000000h 0x0000002b push ebp 0x0000002c call 00007FF6A0F8A558h 0x00000031 pop ebp 0x00000032 mov dword ptr [esp+04h], ebp 0x00000036 add dword ptr [esp+04h], 00000018h 0x0000003e inc ebp 0x0000003f push ebp 0x00000040 ret 0x00000041 pop ebp 0x00000042 ret 0x00000043 cld 0x00000044 mov edi, edx 0x00000046 push 00000000h 0x00000048 ja 00007FF6A0F8A559h 0x0000004e xchg eax, esi 0x0000004f push ebx 0x00000050 push eax 0x00000051 push edx 0x00000052 jmp 00007FF6A0F8A569h 0x00000057 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A565F5 second address: A565F9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A57549 second address: A57550 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A57550 second address: A57556 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A56765 second address: A5678E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A0F8A55Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FF6A0F8A564h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A54870 second address: A54874 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A5678E second address: A56794 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A56794 second address: A5679E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnl 00007FF6A1754F16h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A5679E second address: A5686C instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 jnp 00007FF6A0F8A556h 0x0000000f push dword ptr fs:[00000000h] 0x00000016 push 00000000h 0x00000018 push edi 0x00000019 call 00007FF6A0F8A558h 0x0000001e pop edi 0x0000001f mov dword ptr [esp+04h], edi 0x00000023 add dword ptr [esp+04h], 00000018h 0x0000002b inc edi 0x0000002c push edi 0x0000002d ret 0x0000002e pop edi 0x0000002f ret 0x00000030 add dword ptr [ebp+122D1D4Ah], esi 0x00000036 mov dword ptr fs:[00000000h], esp 0x0000003d push 00000000h 0x0000003f push ecx 0x00000040 call 00007FF6A0F8A558h 0x00000045 pop ecx 0x00000046 mov dword ptr [esp+04h], ecx 0x0000004a add dword ptr [esp+04h], 00000019h 0x00000052 inc ecx 0x00000053 push ecx 0x00000054 ret 0x00000055 pop ecx 0x00000056 ret 0x00000057 jmp 00007FF6A0F8A563h 0x0000005c mov eax, dword ptr [ebp+122D00E5h] 0x00000062 jmp 00007FF6A0F8A568h 0x00000067 push FFFFFFFFh 0x00000069 ja 00007FF6A0F8A559h 0x0000006f nop 0x00000070 push eax 0x00000071 jnp 00007FF6A0F8A55Ch 0x00000077 pop eax 0x00000078 push eax 0x00000079 pushad 0x0000007a jmp 00007FF6A0F8A55Dh 0x0000007f push eax 0x00000080 push edx 0x00000081 jmp 00007FF6A0F8A55Eh 0x00000086 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A59C52 second address: A59C56 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A59C56 second address: A59C70 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A0F8A55Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ecx 0x0000000a push eax 0x0000000b push ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e jns 00007FF6A0F8A556h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A5AC46 second address: A5AC4A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A5AC4A second address: A5AC54 instructions: 0x00000000 rdtsc 0x00000002 js 00007FF6A0F8A556h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A5AC54 second address: A5AC71 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A1754F1Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e js 00007FF6A1754F16h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A5AC71 second address: A5AC77 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A5AC77 second address: A5ACF3 instructions: 0x00000000 rdtsc 0x00000002 jng 00007FF6A1754F18h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d push 00000000h 0x0000000f push ebp 0x00000010 call 00007FF6A1754F18h 0x00000015 pop ebp 0x00000016 mov dword ptr [esp+04h], ebp 0x0000001a add dword ptr [esp+04h], 0000001Ch 0x00000022 inc ebp 0x00000023 push ebp 0x00000024 ret 0x00000025 pop ebp 0x00000026 ret 0x00000027 push 00000000h 0x00000029 push 00000000h 0x0000002b push edx 0x0000002c call 00007FF6A1754F18h 0x00000031 pop edx 0x00000032 mov dword ptr [esp+04h], edx 0x00000036 add dword ptr [esp+04h], 0000001Dh 0x0000003e inc edx 0x0000003f push edx 0x00000040 ret 0x00000041 pop edx 0x00000042 ret 0x00000043 push 00000000h 0x00000045 jmp 00007FF6A1754F27h 0x0000004a xchg eax, esi 0x0000004b push eax 0x0000004c push edx 0x0000004d jg 00007FF6A1754F18h 0x00000053 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A5ACF3 second address: A5AD10 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF6A0F8A569h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A5BCDE second address: A5BCE2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A5CD3C second address: A5CDBD instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FF6A0F8A556h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push esi 0x0000000b pushad 0x0000000c popad 0x0000000d pop esi 0x0000000e popad 0x0000000f push eax 0x00000010 jmp 00007FF6A0F8A568h 0x00000015 nop 0x00000016 mov edi, dword ptr [ebp+122D2BD7h] 0x0000001c push 00000000h 0x0000001e pushad 0x0000001f add dword ptr [ebp+122D32EDh], edx 0x00000025 popad 0x00000026 push 00000000h 0x00000028 push 00000000h 0x0000002a push eax 0x0000002b call 00007FF6A0F8A558h 0x00000030 pop eax 0x00000031 mov dword ptr [esp+04h], eax 0x00000035 add dword ptr [esp+04h], 00000018h 0x0000003d inc eax 0x0000003e push eax 0x0000003f ret 0x00000040 pop eax 0x00000041 ret 0x00000042 xor dword ptr [ebp+122D25FFh], edx 0x00000048 xchg eax, esi 0x00000049 jmp 00007FF6A0F8A568h 0x0000004e push eax 0x0000004f push eax 0x00000050 push edx 0x00000051 push eax 0x00000052 push edx 0x00000053 push ebx 0x00000054 pop ebx 0x00000055 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A5CDBD second address: A5CDC3 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A5CEDB second address: A5CEF0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF6A0F8A561h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A608A0 second address: A608A6 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A608A6 second address: A608AC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A63AC3 second address: A63ACA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A63ACA second address: A63AFC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FF6A0F8A567h 0x00000008 jmp 00007FF6A0F8A562h 0x0000000d pushad 0x0000000e popad 0x0000000f popad 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A63AFC second address: A63B41 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 pushad 0x00000008 push eax 0x00000009 jmp 00007FF6A1754F1Bh 0x0000000e je 00007FF6A1754F16h 0x00000014 pop eax 0x00000015 jmp 00007FF6A1754F22h 0x0000001a pushad 0x0000001b jmp 00007FF6A1754F1Ah 0x00000020 jmp 00007FF6A1754F1Bh 0x00000025 push eax 0x00000026 push edx 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A63C95 second address: A63CA0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop esi 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A63CA0 second address: A63CA4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A63CA4 second address: A63CAA instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A63DB6 second address: A63DD3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF6A1754F29h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A63DD3 second address: A63DD7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A6A444 second address: A6A44A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A6A44A second address: A6A461 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 mov dword ptr [esp+04h], eax 0x0000000a pushad 0x0000000b jl 00007FF6A0F8A558h 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A6A614 second address: A6A631 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 popad 0x00000006 mov eax, dword ptr [eax] 0x00000008 push esi 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FF6A1754F22h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A6A6E3 second address: A6A6FB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A0F8A55Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edi 0x0000000a push eax 0x0000000b push ecx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A6A6FB second address: A6A6FF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A6A6FF second address: A6A713 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b push esi 0x0000000c push eax 0x0000000d push edx 0x0000000e jl 00007FF6A0F8A556h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A71520 second address: A71540 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A1754F26h 0x00000007 ja 00007FF6A1754F16h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A71540 second address: A71545 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A7169F second address: A716AA instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A716AA second address: A716B6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007FF6A0F8A556h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A716B6 second address: A716BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A716BB second address: A716C2 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4028E second address: A4029F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A1754F1Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4029F second address: A402A4 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A402A4 second address: A402B1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A402B1 second address: A402C6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF6A0F8A560h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A402C6 second address: A402FB instructions: 0x00000000 rdtsc 0x00000002 ja 00007FF6A1754F1Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b movzx edx, dx 0x0000000e lea eax, dword ptr [ebp+1247C027h] 0x00000014 and dh, 00000023h 0x00000017 push eax 0x00000018 push eax 0x00000019 push edx 0x0000001a jns 00007FF6A1754F25h 0x00000020 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A402FB second address: A2652A instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jmp 00007FF6A0F8A55Dh 0x00000008 pop ebx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov dword ptr [esp], eax 0x0000000e xor dword ptr [ebp+122D26ADh], edi 0x00000014 call dword ptr [ebp+122D1D9Ah] 0x0000001a pushad 0x0000001b pushad 0x0000001c pushad 0x0000001d popad 0x0000001e jmp 00007FF6A0F8A569h 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A407C0 second address: A407CA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jl 00007FF6A1754F16h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A40BA1 second address: A40BDD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pop ecx 0x00000006 push eax 0x00000007 jmp 00007FF6A0F8A567h 0x0000000c mov eax, dword ptr [esp+04h] 0x00000010 push eax 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007FF6A0F8A567h 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A40BDD second address: A40C01 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A1754F1Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop eax 0x0000000a mov eax, dword ptr [eax] 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FF6A1754F1Eh 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A40E1F second address: A40E9D instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 push eax 0x00000008 pushad 0x00000009 jmp 00007FF6A0F8A561h 0x0000000e pushad 0x0000000f jmp 00007FF6A0F8A568h 0x00000014 jmp 00007FF6A0F8A568h 0x00000019 popad 0x0000001a popad 0x0000001b nop 0x0000001c call 00007FF6A0F8A55Bh 0x00000021 pushad 0x00000022 push ecx 0x00000023 pop esi 0x00000024 jmp 00007FF6A0F8A55Dh 0x00000029 popad 0x0000002a pop ecx 0x0000002b push 00000004h 0x0000002d pushad 0x0000002e cmc 0x0000002f movzx esi, ax 0x00000032 popad 0x00000033 nop 0x00000034 push eax 0x00000035 push edx 0x00000036 push eax 0x00000037 push edx 0x00000038 jnc 00007FF6A0F8A556h 0x0000003e rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A40E9D second address: A40EB6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A1754F25h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A41277 second address: A4127D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4127D second address: A412E0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A1754F22h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007FF6A1754F22h 0x0000000f nop 0x00000010 jo 00007FF6A1754F1Eh 0x00000016 pushad 0x00000017 mov dword ptr [ebp+122D26A8h], esi 0x0000001d popad 0x0000001e push 0000001Eh 0x00000020 sub edi, dword ptr [ebp+122D33DBh] 0x00000026 jmp 00007FF6A1754F29h 0x0000002b push eax 0x0000002c push esi 0x0000002d push eax 0x0000002e push edx 0x0000002f jnp 00007FF6A1754F16h 0x00000035 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A41674 second address: A41679 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A270DA second address: A270DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A7B971 second address: A7B9A6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007FF6A0F8A556h 0x0000000a jne 00007FF6A0F8A556h 0x00000010 popad 0x00000011 pushad 0x00000012 pushad 0x00000013 js 00007FF6A0F8A556h 0x00000019 pushad 0x0000001a popad 0x0000001b jmp 00007FF6A0F8A561h 0x00000020 popad 0x00000021 jl 00007FF6A0F8A56Dh 0x00000027 push eax 0x00000028 push edx 0x00000029 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A7BDF4 second address: A7BDF8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A7BDF8 second address: A7BE02 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FF6A0F8A556h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A7BE02 second address: A7BE19 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FF6A1754F21h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A7C0AB second address: A7C0AF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A7C0AF second address: A7C0D2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push edi 0x00000008 pop edi 0x00000009 push edx 0x0000000a pop edx 0x0000000b pushad 0x0000000c popad 0x0000000d popad 0x0000000e pushad 0x0000000f jbe 00007FF6A1754F16h 0x00000015 jmp 00007FF6A1754F1Ch 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A7C0D2 second address: A7C0DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 pushad 0x00000007 push edi 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A82317 second address: A8234A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jmp 00007FF6A1754F21h 0x00000008 pushad 0x00000009 popad 0x0000000a pop eax 0x0000000b pushad 0x0000000c jmp 00007FF6A1754F29h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A824D3 second address: A824E5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A0F8A55Eh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A824E5 second address: A82526 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FF6A1754F21h 0x0000000b push eax 0x0000000c jmp 00007FF6A1754F28h 0x00000011 pop eax 0x00000012 popad 0x00000013 push eax 0x00000014 push edx 0x00000015 jmp 00007FF6A1754F1Dh 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A82526 second address: A82530 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pushad 0x00000004 popad 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A82530 second address: A82543 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF6A1754F1Fh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A826B0 second address: A826B6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A82BE0 second address: A82BF1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FF6A1754F16h 0x0000000a js 00007FF6A1754F16h 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A82D45 second address: A82D49 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A82D49 second address: A82D4F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A82EB0 second address: A82ECC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FF6A0F8A562h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A82ECC second address: A82EEE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 pop eax 0x00000008 popad 0x00000009 jmp 00007FF6A1754F29h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A036B6 second address: A036BA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A036BA second address: A036C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A036C0 second address: A036E5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007FF6A0F8A569h 0x0000000c pushad 0x0000000d popad 0x0000000e push edx 0x0000000f pop edx 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A036E5 second address: A036EA instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A883F6 second address: A883FA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A883FA second address: A88403 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A88403 second address: A8840B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A8840B second address: A88412 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A88412 second address: A8844D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 pushad 0x00000006 popad 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jmp 00007FF6A0F8A566h 0x00000010 jmp 00007FF6A0F8A55Bh 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007FF6A0F8A55Dh 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A880A2 second address: A880C1 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FF6A1754F16h 0x00000008 jmp 00007FF6A1754F25h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A880C1 second address: A880CD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jbe 00007FF6A0F8A556h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A880CD second address: A880D1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A880D1 second address: A880D5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A880D5 second address: A880E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A880E3 second address: A880EF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007FF6A0F8A556h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A890FB second address: A89105 instructions: 0x00000000 rdtsc 0x00000002 je 00007FF6A1754F16h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A89105 second address: A8910E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A8910E second address: A89119 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007FF6A1754F16h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A8C80E second address: A8C813 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A91D74 second address: A91D79 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A91D79 second address: A91D7E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A915A8 second address: A915B6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007FF6A1754F16h 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A915B6 second address: A915BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A9175D second address: A91763 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A95AE4 second address: A95AEE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FF6A0F8A556h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A95AEE second address: A95AF2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A9873C second address: A98748 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A98748 second address: A9874C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A9BCE8 second address: A9BD0D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A0F8A55Ch 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f jmp 00007FF6A0F8A55Fh 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A9BD0D second address: A9BD11 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A9BD11 second address: A9BD36 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push esi 0x0000000a js 00007FF6A0F8A556h 0x00000010 push ecx 0x00000011 pop ecx 0x00000012 pop esi 0x00000013 jmp 00007FF6A0F8A562h 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A9BEE8 second address: A9BEF2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A9BEF2 second address: A9BEF8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A9BEF8 second address: A9BF09 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 jc 00007FF6A1754F3Ah 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A9BF09 second address: A9BF0D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A9C1D9 second address: A9C1DD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A9C1DD second address: A9C1E5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A9C348 second address: A9C34E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A9C4A4 second address: A9C4BB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF6A0F8A563h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A9C4BB second address: A9C4CD instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FF6A1754F16h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jbe 00007FF6A1754F16h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A9C4CD second address: A9C4D1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A9C4D1 second address: A9C506 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d jne 00007FF6A1754F16h 0x00000013 jp 00007FF6A1754F16h 0x00000019 pushad 0x0000001a popad 0x0000001b jmp 00007FF6A1754F1Eh 0x00000020 popad 0x00000021 pushad 0x00000022 jo 00007FF6A1754F16h 0x00000028 pushad 0x00000029 popad 0x0000002a push eax 0x0000002b push edx 0x0000002c rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A9C506 second address: A9C511 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007FF6A0F8A556h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA1E0C second address: AA1E1A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A1754F1Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA1E1A second address: AA1E43 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FF6A0F8A566h 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FF6A0F8A55Dh 0x0000000f push esi 0x00000010 pop esi 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA1FD2 second address: AA1FFB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF6A1754F1Ah 0x00000009 popad 0x0000000a popad 0x0000000b pushad 0x0000000c pushad 0x0000000d jo 00007FF6A1754F16h 0x00000013 jng 00007FF6A1754F16h 0x00000019 jp 00007FF6A1754F16h 0x0000001f popad 0x00000020 push eax 0x00000021 push edx 0x00000022 push ecx 0x00000023 pop ecx 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA2174 second address: AA2191 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A0F8A55Ch 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c je 00007FF6A0F8A556h 0x00000012 pushad 0x00000013 popad 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA2191 second address: AA21D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jnp 00007FF6A1754F4Fh 0x0000000b ja 00007FF6A1754F29h 0x00000011 jmp 00007FF6A1754F23h 0x00000016 pushad 0x00000017 jmp 00007FF6A1754F28h 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA2379 second address: AA237D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA237D second address: AA2395 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FF6A1754F20h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA2395 second address: AA2399 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4110B second address: A4116B instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pushad 0x00000004 popad 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 mov ecx, dword ptr [ebp+122D287Fh] 0x0000000f push 00000004h 0x00000011 push 00000000h 0x00000013 push edi 0x00000014 call 00007FF6A1754F18h 0x00000019 pop edi 0x0000001a mov dword ptr [esp+04h], edi 0x0000001e add dword ptr [esp+04h], 0000001Bh 0x00000026 inc edi 0x00000027 push edi 0x00000028 ret 0x00000029 pop edi 0x0000002a ret 0x0000002b mov dl, C4h 0x0000002d nop 0x0000002e jmp 00007FF6A1754F1Ch 0x00000033 push eax 0x00000034 pushad 0x00000035 push eax 0x00000036 push edx 0x00000037 jmp 00007FF6A1754F29h 0x0000003c rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A41037 second address: A4103B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4103B second address: A4104C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jno 00007FF6A1754F18h 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA26A1 second address: AA26A7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA26A7 second address: AA26AC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA26AC second address: AA26C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF6A0F8A567h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA26C9 second address: AA26D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA26D2 second address: AA26D6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA26D6 second address: AA26DA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA26DA second address: AA26E9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA26E9 second address: AA26F5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA26F5 second address: AA26FA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA26FA second address: AA2700 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA2700 second address: AA2704 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA2873 second address: AA288A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007FF6A1754F16h 0x0000000a push eax 0x0000000b pop eax 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f ja 00007FF6A1754F16h 0x00000015 pushad 0x00000016 popad 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA288A second address: AA2890 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA9ACC second address: AA9AFD instructions: 0x00000000 rdtsc 0x00000002 jns 00007FF6A1754F1Eh 0x00000008 jmp 00007FF6A1754F22h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f jnc 00007FF6A1754F3Bh 0x00000015 pushad 0x00000016 push eax 0x00000017 pop eax 0x00000018 push ebx 0x00000019 pop ebx 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AA9C99 second address: AA9CA1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAA0FD second address: AAA116 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF6A1754F25h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAA116 second address: AAA132 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FF6A0F8A556h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push ecx 0x0000000d pop ecx 0x0000000e jmp 00007FF6A0F8A55Eh 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAA132 second address: AAA13C instructions: 0x00000000 rdtsc 0x00000002 jns 00007FF6A1754F16h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAA420 second address: AAA426 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAA72E second address: AAA73B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 jnp 00007FF6A1754F18h 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAA73B second address: AAA740 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAA740 second address: AAA746 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAA746 second address: AAA757 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pop edx 0x00000006 pop eax 0x00000007 jnp 00007FF6A0F8A56Ch 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAA757 second address: AAA75D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAA75D second address: AAA761 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAACAF second address: AAACE8 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FF6A1754F16h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007FF6A1754F27h 0x0000000f jns 00007FF6A1754F1Ch 0x00000015 popad 0x00000016 pushad 0x00000017 push eax 0x00000018 push edx 0x00000019 jnc 00007FF6A1754F16h 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAACE8 second address: AAACEC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAACEC second address: AAACF0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAAF91 second address: AAAF95 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAAF95 second address: AAAF9B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAFBC6 second address: AAFBE4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 jmp 00007FF6A0F8A568h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAEC45 second address: AAEC49 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAEC49 second address: AAEC59 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 js 00007FF6A0F8A56Fh 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAEC59 second address: AAEC89 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF6A1754F23h 0x00000009 ja 00007FF6A1754F18h 0x0000000f popad 0x00000010 jo 00007FF6A1754F53h 0x00000016 push eax 0x00000017 push edx 0x00000018 jbe 00007FF6A1754F16h 0x0000001e pushad 0x0000001f popad 0x00000020 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAEE2E second address: AAEE34 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAEE34 second address: AAEE38 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAEE38 second address: AAEE42 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAEE42 second address: AAEE46 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAF18B second address: AAF1B1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 jmp 00007FF6A0F8A55Bh 0x0000000a popad 0x0000000b pushad 0x0000000c pushad 0x0000000d push esi 0x0000000e pop esi 0x0000000f push ecx 0x00000010 pop ecx 0x00000011 popad 0x00000012 jng 00007FF6A0F8A562h 0x00000018 jg 00007FF6A0F8A556h 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAF713 second address: AAF72D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A1754F26h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AAF72D second address: AAF733 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AB4595 second address: AB459A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: ABA5FC second address: ABA600 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: ABA600 second address: ABA604 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: ABA79C second address: ABA7A7 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 jg 00007FF6A0F8A556h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: ABAA7A second address: ABAA7E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: ABAA7E second address: ABAA8A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FF6A0F8A556h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: ABAA8A second address: ABAA9E instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 pop eax 0x00000005 js 00007FF6A1754F16h 0x0000000b pop ebx 0x0000000c jbe 00007FF6A1754F1Ch 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: ABAA9E second address: ABAAA9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: ABB00D second address: ABB011 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: ABB011 second address: ABB032 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push edi 0x0000000b pop edi 0x0000000c jmp 00007FF6A0F8A565h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: ABB032 second address: ABB04D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A1754F1Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jg 00007FF6A1754F16h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: ABB319 second address: ABB343 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A0F8A564h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push edx 0x0000000c jmp 00007FF6A0F8A55Dh 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: ABC273 second address: ABC286 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FF6A1754F1Dh 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: ABC286 second address: ABC2A3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF6A0F8A569h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: ABC2A3 second address: ABC2A7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: ABA169 second address: ABA176 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jl 00007FF6A0F8A556h 0x00000009 push esi 0x0000000a pop esi 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AC3ACA second address: AC3AD4 instructions: 0x00000000 rdtsc 0x00000002 jo 00007FF6A1754F16h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AC37E9 second address: AC3801 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A0F8A562h 0x00000007 push edi 0x00000008 pop edi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AC3801 second address: AC3806 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AC3806 second address: AC380C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AD54A6 second address: AD54AF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AE9CEB second address: AE9D4F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A0F8A567h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007FF6A0F8A564h 0x0000000e jno 00007FF6A0F8A571h 0x00000014 popad 0x00000015 jbe 00007FF6A0F8A568h 0x0000001b pushad 0x0000001c jl 00007FF6A0F8A556h 0x00000022 pushad 0x00000023 popad 0x00000024 push edi 0x00000025 pop edi 0x00000026 push eax 0x00000027 push edx 0x00000028 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AF0882 second address: AF089E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF6A1754F26h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AF089E second address: AF08A3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AF08A3 second address: AF08A9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AF08A9 second address: AF08AF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AEF0E7 second address: AEF0EB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AEF261 second address: AEF267 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AEF267 second address: AEF26D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AEF439 second address: AEF43D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AEF43D second address: AEF44D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edi 0x00000009 push esi 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e push eax 0x0000000f pop eax 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AEF5B4 second address: AEF5B9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AEF734 second address: AEF739 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AEF87A second address: AEF87E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AEFB5D second address: AEFB63 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AEFB63 second address: AEFB7F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FF6A0F8A566h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AEFB7F second address: AEFBA6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF6A1754F29h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push ebx 0x0000000a pushad 0x0000000b jno 00007FF6A1754F16h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: AEFBA6 second address: AEFBB2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FF6A0F8A556h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B0EB17 second address: B0EB1B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B0EB1B second address: B0EB3F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jl 00007FF6A0F8A556h 0x00000010 jmp 00007FF6A0F8A564h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B0E9B2 second address: B0E9EC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 ja 00007FF6A1754F2Ch 0x0000000b jmp 00007FF6A1754F21h 0x00000010 jl 00007FF6A1754F1Eh 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B25D35 second address: B25D3F instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FF6A0F8A556h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B25D3F second address: B25D56 instructions: 0x00000000 rdtsc 0x00000002 ja 00007FF6A1754F22h 0x00000008 push esi 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B25D56 second address: B25D68 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FF6A0F8A556h 0x0000000a pop esi 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push esi 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 pop eax 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B25D68 second address: B25D6C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B24F46 second address: B24F6A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop esi 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c jmp 00007FF6A0F8A566h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B24F6A second address: B24F8F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007FF6A1754F16h 0x0000000a popad 0x0000000b jns 00007FF6A1754F2Ah 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B24F8F second address: B24FAC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF6A0F8A569h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B2511E second address: B25122 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B25122 second address: B25126 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B25473 second address: B25477 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B25477 second address: B25495 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FF6A0F8A566h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B25495 second address: B254AF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jns 00007FF6A1754F16h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push edi 0x0000000d push eax 0x0000000e pop eax 0x0000000f pop edi 0x00000010 popad 0x00000011 jl 00007FF6A1754F36h 0x00000017 pushad 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B2572D second address: B2573A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pop ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b push ebx 0x0000000c pop ebx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B2573A second address: B25740 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B25740 second address: B2574E instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 jnl 00007FF6A0F8A556h 0x00000009 pop edi 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B2574E second address: B25760 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF6A1754F1Eh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B25760 second address: B25764 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B25898 second address: B2589C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B2A3BF second address: B2A3C5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: B2BEBE second address: B2BEC4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A4445D second address: A44462 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\VBHyEN96Pw.exe | RDTSC instruction interceptor: First address: A44462 second address: A4447F instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FF6A1754F18h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FF6A1754F1Dh 0x00000013 rdtsc |