Source: LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://127.0.0.1:27060 |
Source: LNn56KMkEE.exe, 00000000.00000003.1818318321.00000000058CE000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0 |
Source: LNn56KMkEE.exe, 00000000.00000003.1818318321.00000000058CE000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B |
Source: LNn56KMkEE.exe, 00000000.00000003.1818318321.00000000058CE000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0 |
Source: LNn56KMkEE.exe, 00000000.00000003.1818318321.00000000058CE000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07 |
Source: LNn56KMkEE.exe, 00000000.00000003.1818318321.00000000058CE000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0= |
Source: LNn56KMkEE.exe, 00000000.00000003.1818318321.00000000058CE000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00 |
Source: LNn56KMkEE.exe, 00000000.00000003.1818318321.00000000058CE000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0? |
Source: LNn56KMkEE.exe, 00000000.00000003.1818318321.00000000058CE000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0 |
Source: LNn56KMkEE.exe, 00000000.00000003.1818318321.00000000058CE000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.rootca1.amazontrust.com0: |
Source: LNn56KMkEE.exe, 00000000.00000003.1752668180.0000000001006000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774699395.000000000106A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/account/cookiepreferences/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774699395.000000000106A000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001009000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/privacy_agreement/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774699395.000000000106A000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001009000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/subscriber_agreement/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://www.valvesoftware.com/legal.htm |
Source: LNn56KMkEE.exe, 00000000.00000003.1818318321.00000000058CE000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://x1.c.lencr.org/0 |
Source: LNn56KMkEE.exe, 00000000.00000003.1818318321.00000000058CE000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://x1.i.lencr.org/0 |
Source: LNn56KMkEE.exe, 00000000.00000003.1775552354.00000000058D0000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1775431150.00000000058D3000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1775489902.00000000058D0000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://ac.ecosia.org/autocomplete?q= |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://api.steampowered.com/ |
Source: LNn56KMkEE.exe | String found in binary or memory: https://avatars.fastly.steam |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1924283803.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845356512.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846827846.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844004127.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1847300280.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845854080.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845086320.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001009000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000002.1929359767.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://avatars.fastly.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg |
Source: LNn56KMkEE.exe | String found in binary or memory: https://bridge.lga1.admarke |
Source: LNn56KMkEE.exe, 00000000.00000003.1843859744.000000000588C000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1843320427.000000000588C000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1843924713.000000000589B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417. |
Source: LNn56KMkEE.exe, LNn56KMkEE.exe, 00000000.00000003.1843859744.000000000588C000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1843320427.000000000588C000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1843987961.0000000005891000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&cta |
Source: LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://broadcast.st.dl.eccdnx.com |
Source: LNn56KMkEE.exe, 00000000.00000003.1775552354.00000000058D0000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1775431150.00000000058D3000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1775489902.00000000058D0000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q= |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.000000000100D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cdn.fastly.steamstatic.com/steamcommunity/public/assets/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1775552354.00000000058D0000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1775431150.00000000058D3000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1775489902.00000000058D0000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search |
Source: LNn56KMkEE.exe, 00000000.00000003.1775552354.00000000058D0000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1775431150.00000000058D3000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1775489902.00000000058D0000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command= |
Source: LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://checkout.steampowered.com/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1846125522.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845589560.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844526538.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846392780.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845356512.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846827846.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844004127.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845854080.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845086320.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamsduqyc |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774736780.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001009000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/applications/community/main.css?v=Lj6X7NKUMfzk&a |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/globalv2.css?v=hzEgqbtRcI5V&l=english&_c |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/promo/summer2017/stickers.css?v=Ncr6N09yZIap& |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/skin_1/header.css?v=EM4kCu67DNda&l=english&a |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/skin_1/modalContent.css?v=WXAusLHclDIt&l=eng |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/skin_1/profilev2.css?v=fe66ET2uI50l&l=englis |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001009000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/images/skin_1/arrowDn9x5.gif |
Source: LNn56KMkEE.exe, LNn56KMkEE.exe, 00000000.00000003.1846125522.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845589560.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844526538.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846392780.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1872542215.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774699395.000000000106A000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1924283803.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845356512.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846827846.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844004127.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1847300280.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845854080.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845086320.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001009000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000002.1929359767.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1 |
Source: LNn56KMkEE.exe, 00000000.00000003.1846125522.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845589560.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844526538.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846392780.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1872542215.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1924283803.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845356512.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846827846.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844004127.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1847300280.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845854080.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845086320.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000002.1929359767.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/applications/com |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001009000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6 |
Source: LNn56KMkEE.exe, LNn56KMkEE.exe, 00000000.00000003.1846125522.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845589560.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844526538.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846392780.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1872542215.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1924283803.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845356512.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846827846.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844004127.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1847300280.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845854080.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845086320.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001009000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000002.1929359767.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/applications/community/main.js?v=_92TWn81 |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001009000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/applications/community/manifest.js?v=hyEE |
Source: LNn56KMkEE.exe, 00000000.00000003.1846125522.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845589560.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844526538.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846392780.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1872542215.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845356512.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846827846.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844004127.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1847300280.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845854080.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845086320.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/global.js?v=jWc2JLWHx5Kn&l=english&am |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=gQHVlrK4-jX-&l |
Source: LNn56KMkEE.exe, 00000000.00000003.1846125522.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845589560.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844526538.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846392780.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1872542215.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1924283803.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845356512.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846827846.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844004127.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1847300280.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845854080.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845086320.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000002.1929359767.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/modalContent.js?v=uqf5ttWTRe7l&l=engl |
Source: LNn56KMkEE.exe, LNn56KMkEE.exe, 00000000.00000003.1846125522.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845589560.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844526538.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846392780.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1872542215.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1924283803.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845356512.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846827846.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844004127.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1847300280.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845854080.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845086320.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000002.1929359767.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/modalv2.js?v=zBXEuexVQ0FZ&l=english&a |
Source: LNn56KMkEE.exe | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/profile.js?v=GeQ6v03mWpAc&l=englis |
Source: LNn56KMkEE.exe, 00000000.00000003.1846125522.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845589560.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844526538.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846392780.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1872542215.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1924283803.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845356512.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846827846.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844004127.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1847300280.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845854080.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845086320.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000002.1929359767.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/profile.js?v=GeQ6v03mWpAc&l=english&a |
Source: LNn56KMkEE.exe, 00000000.00000003.1846125522.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845589560.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844526538.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846392780.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1872542215.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1924283803.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845356512.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846827846.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844004127.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1847300280.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845854080.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845086320.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000002.1929359767.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/promo/stickers.js?v=CcLRHsa04otQ&l=en |
Source: LNn56KMkEE.exe, 00000000.00000003.1846125522.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845589560.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844526538.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846392780.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1872542215.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1924283803.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845356512.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846827846.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844004127.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1847300280.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845854080.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845086320.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000002.1929359767.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/prototype-1.7.js?v=npJElBnrEO6W&l=eng |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/reportedcontent.js?v=-lZqrarogJr8&l=e |
Source: LNn56KMkEE.exe | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/scriptaculous/_combined.js?v |
Source: LNn56KMkEE.exe, 00000000.00000003.1846125522.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845589560.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844526538.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846392780.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1872542215.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845356512.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846827846.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844004127.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1847300280.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845854080.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845086320.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=pbdAKOcDIgbC |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/webui/clientcom.js?v=St3gSJx2HFUZ&l=e |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/buttons.css?v=qhQgyjWi6LgJ&l=english& |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/motiva_sans.css?v=-yZgCk0Nu7kH&l=engl |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/shared_global.css?v=wuA4X_n5-mo0&l=en |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/shared_responsive.css?v=JL1e4uQSrVGe& |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016 |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/responsive/header_logo.png |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/auth_refresh.js?v=w6QbwI-5-j2S& |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/shared_global.js?v=Gr6TbGRvDtNE&am |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=tvQ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/tooltip.js?v=QYkT4eS5mbTN&l=en |
Source: LNn56KMkEE.exe, LNn56KMkEE.exe, 00000000.00000003.1843859744.000000000588C000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1843320427.000000000588C000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1843924713.000000000589B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://contile-images.services.mozilla.com/0TegrVVRalreHILhR2WvtD_CFzj13HCDcLqqpvXSOuY.10862.jpg |
Source: LNn56KMkEE.exe, 00000000.00000003.1843859744.000000000588C000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1843320427.000000000588C000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1843987961.0000000005891000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg |
Source: LNn56KMkEE.exe, 00000000.00000003.1775552354.00000000058D0000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1775431150.00000000058D3000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1775489902.00000000058D0000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://duckduckgo.com/ac/?q= |
Source: LNn56KMkEE.exe, 00000000.00000003.1775552354.00000000058D0000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1775431150.00000000058D3000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1775489902.00000000058D0000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://duckduckgo.com/chrome_newtab |
Source: LNn56KMkEE.exe, 00000000.00000003.1775552354.00000000058D0000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1775431150.00000000058D3000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1775489902.00000000058D0000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q= |
Source: LNn56KMkEE.exe | String found in binary or memory: https://help.steampowered.c |
Source: LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://help.steampowered.com/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://help.steampowered.com/en/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1843320427.000000000588C000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1843924713.000000000589B000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1843987961.0000000005891000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4QqmfZfYfQfafZbXfpbWfpbX7ReNxR3UIG8zInwYIFIVs9eYi |
Source: LNn56KMkEE.exe, LNn56KMkEE.exe, 00000000.00000002.1929359767.0000000001075000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000002.1929021676.0000000000FD2000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1872487701.0000000001075000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1887045609.0000000001075000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1924201177.0000000001075000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1798241314.0000000005895000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1924363076.0000000000FD2000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1798154813.0000000005895000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844004127.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752668180.0000000000FD2000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/(a |
Source: LNn56KMkEE.exe, 00000000.00000003.1844004127.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/V7 |
Source: LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/api |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752624907.000000000101F000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/api/ |
Source: LNn56KMkEE.exe, 00000000.00000002.1931358953.0000000005880000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/apiD; |
Source: LNn56KMkEE.exe, 00000000.00000003.1774736780.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.000000000101F000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/apip |
Source: LNn56KMkEE.exe, 00000000.00000002.1929359767.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/apiq |
Source: LNn56KMkEE.exe, 00000000.00000003.1846125522.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845589560.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844526538.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846392780.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1872542215.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1924283803.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845356512.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846827846.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844004127.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1847300280.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845854080.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845086320.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000002.1929359767.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/apiy |
Source: LNn56KMkEE.exe, 00000000.00000003.1872487701.0000000001075000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/es~7 |
Source: LNn56KMkEE.exe, 00000000.00000002.1929359767.0000000001075000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1887045609.0000000001075000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1924201177.0000000001075000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/n7 |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774736780.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752624907.000000000101F000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000002.1929359767.0000000001075000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1887045609.0000000001075000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1924201177.0000000001075000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.000000000101F000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/pi |
Source: LNn56KMkEE.exe, 00000000.00000003.1872487701.0000000001075000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/s |
Source: LNn56KMkEE.exe, 00000000.00000003.1846125522.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1847242984.0000000001075000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845589560.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846708407.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1872487701.0000000001075000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1887045609.0000000001075000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844526538.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1924201177.0000000001075000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846753898.0000000001073000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846392780.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845356512.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844004127.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845854080.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845086320.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/vo0~ |
Source: LNn56KMkEE.exe, 00000000.00000002.1929359767.000000000105D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1886865197.000000000105D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com:443/api |
Source: LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://login.steampowered.com/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lv.queniujq.cn |
Source: LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://medal.tv |
Source: LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://player.vimeo.com |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://recaptcha.net |
Source: LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://recaptcha.net/recaptcha/; |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774736780.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://s.ytimg.com; |
Source: LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sketchfab.com |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steam.tv/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcast-test.akamaized.net |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774736780.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcast.akamaized.net |
Source: LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcastchat.akamaized.net |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845356512.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846827846.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844004127.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1847300280.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845854080.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845086320.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/?subsection=broadcasts |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/discussions/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774699395.000000000106A000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001009000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900 |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/market/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/my/wishlist/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1846125522.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845589560.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844526538.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846392780.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1872542215.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1924283803.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845356512.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1846827846.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844004127.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1847300280.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845854080.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1845086320.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001009000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000002.1929359767.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900/badges |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774699395.000000000106A000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001009000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900/inventory/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/workshop/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/; |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774736780.000000000100D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7C185ce35c568ebbb |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/about/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/explore/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774699395.000000000106A000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001009000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/legal/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/mobile |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/news/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/points/shop/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/privacy_agreement/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/stats/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/steam_refunds/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/subscriber_agreement/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1776196742.00000000058E5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.microsof |
Source: LNn56KMkEE.exe, 00000000.00000003.1819509405.000000000599F000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br |
Source: LNn56KMkEE.exe, 00000000.00000003.1819509405.000000000599F000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.mozilla.org/products/firefoxgro.all |
Source: LNn56KMkEE.exe, 00000000.00000003.1798001188.00000000058DF000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1776244890.00000000058DE000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1798274391.00000000058DF000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1798111491.00000000058DF000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1776196742.00000000058E5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016 |
Source: LNn56KMkEE.exe, 00000000.00000003.1776244890.00000000058BA000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples |
Source: LNn56KMkEE.exe, 00000000.00000003.1798001188.00000000058DF000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1776244890.00000000058DE000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1798274391.00000000058DF000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1798111491.00000000058DF000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1776196742.00000000058E5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17 |
Source: LNn56KMkEE.exe, 00000000.00000003.1776244890.00000000058BA000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install |
Source: LNn56KMkEE.exe | String found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575 |
Source: LNn56KMkEE.exe, 00000000.00000003.1843859744.000000000588C000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1843320427.000000000588C000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1843987961.0000000005891000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94 |
Source: LNn56KMkEE.exe, 00000000.00000003.1775552354.00000000058D0000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1775431150.00000000058D3000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1775489902.00000000058D0000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.ecosia.org/newtab/ |
Source: LNn56KMkEE.exe, LNn56KMkEE.exe, 00000000.00000003.1843859744.000000000588C000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1843320427.000000000588C000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1843924713.000000000589B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.expedia.com/?locale=en_US&siteid=1&semcid=US.UB.ADMARKETPLACE.GT-C-EN.HOTEL&SEMDTL=a1219 |
Source: LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com |
Source: LNn56KMkEE.exe, 00000000.00000003.1775552354.00000000058D0000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1775431150.00000000058D3000.00000004.00000800.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1775489902.00000000058D0000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico |
Source: LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com/recaptcha/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774736780.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.gstatic.cn/recaptcha/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774736780.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.gstatic.com/recaptcha/ |
Source: LNn56KMkEE.exe, 00000000.00000003.1819509405.000000000599F000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.VsJpOAWrHqB2 |
Source: LNn56KMkEE.exe, 00000000.00000003.1819509405.000000000599F000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.n0g9CLHwD9nR |
Source: LNn56KMkEE.exe, 00000000.00000003.1819509405.000000000599F000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox |
Source: LNn56KMkEE.exe, 00000000.00000003.1819509405.000000000599F000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig |
Source: LNn56KMkEE.exe, 00000000.00000003.1819509405.000000000599F000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www. |
Source: LNn56KMkEE.exe, 00000000.00000003.1752480769.0000000001059000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774736780.000000000100D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.youtube.co: |
Source: LNn56KMkEE.exe, 00000000.00000003.1844241993.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.youtube.com |
Source: LNn56KMkEE.exe, 00000000.00000003.1752549202.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774736780.000000000100D000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1752549202.0000000001044000.00000004.00000020.00020000.00000000.sdmp, LNn56KMkEE.exe, 00000000.00000003.1774788879.0000000001044000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.youtube.com/ |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 67529E second address: 6752AF instructions: 0x00000000 rdtsc 0x00000002 jno 00007F2ADCE7BD66h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6752AF second address: 6752B6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6752B6 second address: 6752D5 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 pop eax 0x00000005 pop edi 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F2ADCE7BD77h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6742B0 second address: 6742CD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B43h 0x00000007 jg 00007F2ADCE78B36h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6742CD second address: 6742EC instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pushad 0x00000004 popad 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 jmp 00007F2ADCE7BD70h 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6742EC second address: 6742F0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6742F0 second address: 6742FE instructions: 0x00000000 rdtsc 0x00000002 jp 00007F2ADCE7BD66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6742FE second address: 674302 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 674302 second address: 674308 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 674442 second address: 674469 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B49h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push edx 0x0000000a push edx 0x0000000b pop edx 0x0000000c jne 00007F2ADCE78B36h 0x00000012 pop edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 674469 second address: 67447D instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 pop edx 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F2ADCE7BD6Ah 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 67473D second address: 674741 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6748D8 second address: 6748DC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6748DC second address: 6748E2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 674BBA second address: 674BD7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD77h 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 674BD7 second address: 674BDB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 677EE3 second address: 677EED instructions: 0x00000000 rdtsc 0x00000002 jo 00007F2ADCE7BD66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 677EED second address: 677EF3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 677EF3 second address: 677EF7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 677EF7 second address: 677EFB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6781AA second address: 6781E0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD76h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [esp+04h] 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F2ADCE7BD76h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6781E0 second address: 6781EA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jc 00007F2ADCE78B36h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6781EA second address: 6781EE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6781EE second address: 678288 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [eax] 0x0000000a jmp 00007F2ADCE78B42h 0x0000000f mov dword ptr [esp+04h], eax 0x00000013 jbe 00007F2ADCE78B3Eh 0x00000019 pop eax 0x0000001a push 00000000h 0x0000001c push ebx 0x0000001d call 00007F2ADCE78B38h 0x00000022 pop ebx 0x00000023 mov dword ptr [esp+04h], ebx 0x00000027 add dword ptr [esp+04h], 0000001Bh 0x0000002f inc ebx 0x00000030 push ebx 0x00000031 ret 0x00000032 pop ebx 0x00000033 ret 0x00000034 mov esi, 668CA51Ah 0x00000039 push 00000003h 0x0000003b add dword ptr [ebp+122D1AC0h], edi 0x00000041 jmp 00007F2ADCE78B43h 0x00000046 push 00000000h 0x00000048 mov edi, 1EB64E3Fh 0x0000004d push 00000003h 0x0000004f call 00007F2ADCE78B39h 0x00000054 pushad 0x00000055 jmp 00007F2ADCE78B42h 0x0000005a push eax 0x0000005b push eax 0x0000005c push edx 0x0000005d rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 678288 second address: 6782C2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 popad 0x00000006 push eax 0x00000007 jns 00007F2ADCE7BD72h 0x0000000d mov eax, dword ptr [esp+04h] 0x00000011 jnc 00007F2ADCE7BD6Eh 0x00000017 mov eax, dword ptr [eax] 0x00000019 pushad 0x0000001a push edi 0x0000001b jne 00007F2ADCE7BD66h 0x00000021 pop edi 0x00000022 push eax 0x00000023 push edx 0x00000024 push ebx 0x00000025 pop ebx 0x00000026 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6782C2 second address: 6782C6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6782C6 second address: 678328 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp+04h], eax 0x0000000b jnc 00007F2ADCE7BD70h 0x00000011 pop eax 0x00000012 or cx, A56Eh 0x00000017 mov edi, dword ptr [ebp+122D27ECh] 0x0000001d lea ebx, dword ptr [ebp+12453D56h] 0x00000023 push 00000000h 0x00000025 push edx 0x00000026 call 00007F2ADCE7BD68h 0x0000002b pop edx 0x0000002c mov dword ptr [esp+04h], edx 0x00000030 add dword ptr [esp+04h], 00000018h 0x00000038 inc edx 0x00000039 push edx 0x0000003a ret 0x0000003b pop edx 0x0000003c ret 0x0000003d xchg eax, ebx 0x0000003e jo 00007F2ADCE7BD6Ah 0x00000044 push edx 0x00000045 pushad 0x00000046 popad 0x00000047 pop edx 0x00000048 push eax 0x00000049 push ebx 0x0000004a js 00007F2ADCE7BD6Ch 0x00000050 push eax 0x00000051 push edx 0x00000052 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6891C0 second address: 6891C6 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 662505 second address: 662524 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push esi 0x00000004 pop esi 0x00000005 jmp 00007F2ADCE7BD78h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 662524 second address: 66252A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 66252A second address: 662561 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F2ADCE7BD78h 0x0000000c jmp 00007F2ADCE7BD78h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 695EA2 second address: 695EBC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B46h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6962B0 second address: 6962CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 pushad 0x0000000a popad 0x0000000b push ebx 0x0000000c pop ebx 0x0000000d jns 00007F2ADCE7BD66h 0x00000013 popad 0x00000014 push ecx 0x00000015 push edx 0x00000016 pop edx 0x00000017 pushad 0x00000018 popad 0x00000019 pop ecx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 696CFF second address: 696D03 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 68D23B second address: 68D247 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007F2ADCE7BD66h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 68D247 second address: 68D24C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 68D24C second address: 68D258 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 jne 00007F2ADCE7BD66h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 68D258 second address: 68D25C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 68D25C second address: 68D262 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 66099D second address: 6609AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2ADCE78B3Ch 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 697147 second address: 69714D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 69714D second address: 69716C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 jmp 00007F2ADCE78B43h 0x0000000a pushad 0x0000000b popad 0x0000000c pop edi 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 69716C second address: 697172 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 697172 second address: 697176 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6979D8 second address: 6979DE instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6979DE second address: 697A04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 ja 00007F2ADCE78B36h 0x0000000e jmp 00007F2ADCE78B48h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 697A04 second address: 697A33 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD74h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jmp 00007F2ADCE7BD73h 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 697A33 second address: 697A3B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 697B9D second address: 697BA1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 697BA1 second address: 697BA7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 697BA7 second address: 697BAE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 69A191 second address: 69A197 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 69A197 second address: 69A1A1 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F2ADCE7BD66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6692E3 second address: 6692E9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 69EC34 second address: 69EC38 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6A38F7 second address: 6A38FB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6A3DD4 second address: 6A3DDA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6A41A1 second address: 6A41B6 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push esi 0x00000007 jng 00007F2ADCE78B36h 0x0000000d pop esi 0x0000000e popad 0x0000000f push eax 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6A82D0 second address: 6A82FC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jl 00007F2ADCE7BD66h 0x00000009 push eax 0x0000000a pop eax 0x0000000b push esi 0x0000000c pop esi 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007F2ADCE7BD76h 0x00000015 jl 00007F2ADCE7BD66h 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6A7877 second address: 6A78A1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B43h 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F2ADCE78B43h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6A7A21 second address: 6A7A26 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6A7A26 second address: 6A7A3F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B44h 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6A8005 second address: 6A800B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6A800B second address: 6A8020 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 jmp 00007F2ADCE78B3Dh 0x0000000a push edi 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6A8020 second address: 6A8029 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AA108 second address: 6AA10E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AA10E second address: 6AA112 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AA112 second address: 6AA118 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AA118 second address: 6AA128 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F2ADCE7BD72h 0x00000008 jne 00007F2ADCE7BD66h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6ABFED second address: 6AC076 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push edx 0x00000004 pop edx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xor dword ptr [esp], 06AEEFF6h 0x0000000f push 00000000h 0x00000011 push edi 0x00000012 call 00007F2ADCE78B38h 0x00000017 pop edi 0x00000018 mov dword ptr [esp+04h], edi 0x0000001c add dword ptr [esp+04h], 00000018h 0x00000024 inc edi 0x00000025 push edi 0x00000026 ret 0x00000027 pop edi 0x00000028 ret 0x00000029 mov dword ptr [ebp+122D1B47h], ecx 0x0000002f call 00007F2ADCE78B39h 0x00000034 jmp 00007F2ADCE78B42h 0x00000039 push eax 0x0000003a jmp 00007F2ADCE78B42h 0x0000003f mov eax, dword ptr [esp+04h] 0x00000043 jmp 00007F2ADCE78B46h 0x00000048 mov eax, dword ptr [eax] 0x0000004a js 00007F2ADCE78B54h 0x00000050 push eax 0x00000051 push edx 0x00000052 push eax 0x00000053 push edx 0x00000054 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AC076 second address: 6AC07A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AC3BF second address: 6AC3C3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AC3C3 second address: 6AC3D1 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F2ADCE7BD66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AC3D1 second address: 6AC3D5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AC3D5 second address: 6AC3D9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AC3D9 second address: 6AC3EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c jnl 00007F2ADCE78B36h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AC3EB second address: 6AC3EF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AC3EF second address: 6AC3F5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AC61E second address: 6AC623 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6ACB97 second address: 6ACBB7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2ADCE78B44h 0x00000009 popad 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6ACBB7 second address: 6ACBBD instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6ACC28 second address: 6ACC2E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AD193 second address: 6AD198 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AD198 second address: 6AD1CF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F2ADCE78B36h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d nop 0x0000000e push 00000000h 0x00000010 push eax 0x00000011 call 00007F2ADCE78B38h 0x00000016 pop eax 0x00000017 mov dword ptr [esp+04h], eax 0x0000001b add dword ptr [esp+04h], 00000016h 0x00000023 inc eax 0x00000024 push eax 0x00000025 ret 0x00000026 pop eax 0x00000027 ret 0x00000028 push eax 0x00000029 push eax 0x0000002a push edx 0x0000002b js 00007F2ADCE78B3Ch 0x00000031 push eax 0x00000032 push edx 0x00000033 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AD1CF second address: 6AD1D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AE003 second address: 6AE022 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F2ADCE78B47h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AE022 second address: 6AE042 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD70h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jl 00007F2ADCE7BD68h 0x00000013 push eax 0x00000014 pop eax 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AE042 second address: 6AE05E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F2ADCE78B48h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6B082B second address: 6B0831 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6B11EF second address: 6B121A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F2ADCE78B48h 0x00000008 pushad 0x00000009 popad 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push esi 0x00000011 ja 00007F2ADCE78B36h 0x00000017 pop esi 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6B121A second address: 6B1224 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jo 00007F2ADCE7BD66h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6B4CDB second address: 6B4CE0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6B5331 second address: 6B5335 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6B5598 second address: 6B55A7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 jo 00007F2ADCE78B36h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6B64EB second address: 6B64F1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6B64F1 second address: 6B64F5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6B9874 second address: 6B987A instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6BAB0D second address: 6BAB27 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b jns 00007F2ADCE78B44h 0x00000011 pushad 0x00000012 jo 00007F2ADCE78B36h 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6BBAAB second address: 6BBAAF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6BBAAF second address: 6BBAB5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6BDB19 second address: 6BDB3D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD70h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ecx 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jg 00007F2ADCE7BD6Ch 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6BBAB5 second address: 6BBAD6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jne 00007F2ADCE78B36h 0x00000009 push ebx 0x0000000a pop ebx 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push eax 0x00000010 push edx 0x00000011 je 00007F2ADCE78B40h 0x00000017 jmp 00007F2ADCE78B3Ah 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C10D8 second address: 6C10F1 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F2ADCE7BD6Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c push edi 0x0000000d pushad 0x0000000e popad 0x0000000f pop edi 0x00000010 push ebx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C11BB second address: 6C11CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 jng 00007F2ADCE78B44h 0x0000000b push eax 0x0000000c push edx 0x0000000d jp 00007F2ADCE78B36h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C227D second address: 6C2283 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C2283 second address: 6C228D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnp 00007F2ADCE78B36h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C228D second address: 6C2291 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C13DB second address: 6C13DF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C13DF second address: 6C13F8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD75h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C13F8 second address: 6C13FD instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C33C7 second address: 6C343A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop ebx 0x00000006 mov dword ptr [esp], eax 0x00000009 push 00000000h 0x0000000b push edi 0x0000000c call 00007F2ADCE7BD68h 0x00000011 pop edi 0x00000012 mov dword ptr [esp+04h], edi 0x00000016 add dword ptr [esp+04h], 0000001Bh 0x0000001e inc edi 0x0000001f push edi 0x00000020 ret 0x00000021 pop edi 0x00000022 ret 0x00000023 push 00000000h 0x00000025 sub di, 6ABBh 0x0000002a push 00000000h 0x0000002c push 00000000h 0x0000002e push edi 0x0000002f call 00007F2ADCE7BD68h 0x00000034 pop edi 0x00000035 mov dword ptr [esp+04h], edi 0x00000039 add dword ptr [esp+04h], 00000019h 0x00000041 inc edi 0x00000042 push edi 0x00000043 ret 0x00000044 pop edi 0x00000045 ret 0x00000046 mov bx, 19C0h 0x0000004a pushad 0x0000004b jmp 00007F2ADCE7BD6Ah 0x00000050 mov bl, 73h 0x00000052 popad 0x00000053 push eax 0x00000054 push eax 0x00000055 push edx 0x00000056 je 00007F2ADCE7BD6Ch 0x0000005c push eax 0x0000005d push edx 0x0000005e rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C343A second address: 6C343E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C2503 second address: 6C2508 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C2508 second address: 6C250E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C250E second address: 6C2512 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C2512 second address: 6C2521 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d push ebx 0x0000000e pop ebx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C2521 second address: 6C2525 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C2525 second address: 6C252B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C252B second address: 6C2535 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F2ADCE7BD6Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C4546 second address: 6C4550 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jne 00007F2ADCE78B36h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C4550 second address: 6C4564 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F2ADCE7BD66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 pushad 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C4564 second address: 6C4569 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C6375 second address: 6C6381 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 pushad 0x00000008 push eax 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C6381 second address: 6C63DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 mov dword ptr [esp], eax 0x00000009 push 00000000h 0x0000000b push edx 0x0000000c call 00007F2ADCE78B38h 0x00000011 pop edx 0x00000012 mov dword ptr [esp+04h], edx 0x00000016 add dword ptr [esp+04h], 00000017h 0x0000001e inc edx 0x0000001f push edx 0x00000020 ret 0x00000021 pop edx 0x00000022 ret 0x00000023 and bx, 0512h 0x00000028 and edi, dword ptr [ebp+122D29FCh] 0x0000002e push 00000000h 0x00000030 jmp 00007F2ADCE78B3Eh 0x00000035 push 00000000h 0x00000037 mov dword ptr [ebp+122D1887h], ebx 0x0000003d mov bx, si 0x00000040 xchg eax, esi 0x00000041 jne 00007F2ADCE78B59h 0x00000047 push eax 0x00000048 push edx 0x00000049 jnc 00007F2ADCE78B36h 0x0000004f rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C63DE second address: 6C6408 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD77h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jl 00007F2ADCE7BD6Ch 0x00000012 jns 00007F2ADCE7BD66h 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C7410 second address: 6C7414 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6C7414 second address: 6C7422 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jne 00007F2ADCE7BD66h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6CF84C second address: 6CF859 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 je 00007F2ADCE78B36h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6CF27B second address: 6CF283 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6CF283 second address: 6CF290 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 pushad 0x00000007 popad 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6CF290 second address: 6CF294 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6CF294 second address: 6CF298 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6CF3EF second address: 6CF40E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007F2ADCE7BD66h 0x0000000a push edi 0x0000000b pop edi 0x0000000c popad 0x0000000d pop esi 0x0000000e pushad 0x0000000f jmp 00007F2ADCE7BD6Bh 0x00000014 pushad 0x00000015 pushad 0x00000016 popad 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D3774 second address: 6D3778 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D3778 second address: 6D377E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D377E second address: 6D378D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 pushad 0x00000006 popad 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D378D second address: 6D37B7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop eax 0x00000008 mov eax, dword ptr [esp+04h] 0x0000000c push eax 0x0000000d push edx 0x0000000e jl 00007F2ADCE7BD7Ch 0x00000014 jmp 00007F2ADCE7BD76h 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D37B7 second address: 6D37BC instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D37BC second address: 6D37D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov eax, dword ptr [eax] 0x00000009 push ecx 0x0000000a jnl 00007F2ADCE7BD68h 0x00000010 pop ecx 0x00000011 mov dword ptr [esp+04h], eax 0x00000015 push eax 0x00000016 push edx 0x00000017 push eax 0x00000018 push edx 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D37D9 second address: 6D37DD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D37DD second address: 6D37E3 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D385D second address: 6D3864 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D8832 second address: 6D8838 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D8838 second address: 6D883C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D883C second address: 6D8842 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D8F72 second address: 6D8F85 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jnl 00007F2ADCE78B3Eh 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D8F85 second address: 6D8F95 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jo 00007F2ADCE7BD66h 0x0000000a jp 00007F2ADCE7BD66h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D8F95 second address: 6D8FDD instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jg 00007F2ADCE78B38h 0x0000000c push ecx 0x0000000d pop ecx 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F2ADCE78B49h 0x00000017 pushad 0x00000018 jnl 00007F2ADCE78B36h 0x0000001e jmp 00007F2ADCE78B45h 0x00000023 popad 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D92E0 second address: 6D92F8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F2ADCE7BD74h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D92F8 second address: 6D92FC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D942C second address: 6D9456 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 ja 00007F2ADCE7BD66h 0x0000000b jmp 00007F2ADCE7BD6Ah 0x00000010 jmp 00007F2ADCE7BD6Fh 0x00000015 push edx 0x00000016 pop edx 0x00000017 popad 0x00000018 push eax 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D9720 second address: 6D9745 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2ADCE78B44h 0x00000009 push ebx 0x0000000a pop ebx 0x0000000b ja 00007F2ADCE78B36h 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 push esi 0x00000015 pop esi 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D9745 second address: 6D9749 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D9749 second address: 6D974F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D9A2C second address: 6D9A30 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D9A30 second address: 6D9A41 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 jnp 00007F2ADCE78B36h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6D9A41 second address: 6D9A4F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push edx 0x00000007 pop edx 0x00000008 popad 0x00000009 popad 0x0000000a push eax 0x0000000b push esi 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6DE1D0 second address: 6DE1F0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push edi 0x00000007 pop edi 0x00000008 jmp 00007F2ADCE78B43h 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6DE1F0 second address: 6DE1F4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6DE5FC second address: 6DE602 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6DE602 second address: 6DE60C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6DDBDD second address: 6DDBE9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007F2ADCE78B36h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6DE928 second address: 6DE96B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007F2ADCE7BD6Dh 0x0000000c push edi 0x0000000d pop edi 0x0000000e jmp 00007F2ADCE7BD72h 0x00000013 popad 0x00000014 push eax 0x00000015 push edx 0x00000016 pushad 0x00000017 popad 0x00000018 jmp 00007F2ADCE7BD76h 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6DE96B second address: 6DE975 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F2ADCE78B36h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6DEC38 second address: 6DEC3C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6DEC3C second address: 6DEC42 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AA8F2 second address: 6AA8F8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AA8F8 second address: 6AA90F instructions: 0x00000000 rdtsc 0x00000002 jns 00007F2ADCE78B36h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push edx 0x00000010 jnl 00007F2ADCE78B36h 0x00000016 pop edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AA90F second address: 6AA957 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F2ADCE7BD6Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b push 00000000h 0x0000000d push ebp 0x0000000e call 00007F2ADCE7BD68h 0x00000013 pop ebp 0x00000014 mov dword ptr [esp+04h], ebp 0x00000018 add dword ptr [esp+04h], 00000017h 0x00000020 inc ebp 0x00000021 push ebp 0x00000022 ret 0x00000023 pop ebp 0x00000024 ret 0x00000025 sub dword ptr [ebp+12465AA6h], edi 0x0000002b lea eax, dword ptr [ebp+12486686h] 0x00000031 add dword ptr [ebp+122D1CBFh], esi 0x00000037 nop 0x00000038 push esi 0x00000039 push eax 0x0000003a push edx 0x0000003b pushad 0x0000003c popad 0x0000003d rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AA957 second address: 68D23B instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 push eax 0x00000008 pushad 0x00000009 push ebx 0x0000000a push eax 0x0000000b pop eax 0x0000000c pop ebx 0x0000000d pushad 0x0000000e jbe 00007F2ADCE78B36h 0x00000014 jmp 00007F2ADCE78B3Dh 0x00000019 popad 0x0000001a popad 0x0000001b nop 0x0000001c ja 00007F2ADCE78B3Ch 0x00000022 mov ecx, dword ptr [ebp+122D2A8Ch] 0x00000028 call dword ptr [ebp+122D372Ah] 0x0000002e push eax 0x0000002f push edx 0x00000030 pushad 0x00000031 push eax 0x00000032 push edx 0x00000033 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AAA1F second address: 6AAA37 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jg 00007F2ADCE7BD6Ch 0x0000000c popad 0x0000000d push eax 0x0000000e pushad 0x0000000f push edi 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AAA37 second address: 6AAA50 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F2ADCE78B42h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AAD0A second address: 6AAD10 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AADBE second address: 6AADDD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F2ADCE78B46h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AAE6B second address: 6AAEAD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pushad 0x00000006 jmp 00007F2ADCE7BD75h 0x0000000b jg 00007F2ADCE7BD66h 0x00000011 popad 0x00000012 popad 0x00000013 push eax 0x00000014 jmp 00007F2ADCE7BD70h 0x00000019 mov eax, dword ptr [esp+04h] 0x0000001d push eax 0x0000001e push edx 0x0000001f push eax 0x00000020 push edx 0x00000021 jno 00007F2ADCE7BD66h 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AAEAD second address: 6AAEB3 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AAEB3 second address: 6AAEDF instructions: 0x00000000 rdtsc 0x00000002 jc 00007F2ADCE7BD6Ch 0x00000008 jns 00007F2ADCE7BD66h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 mov eax, dword ptr [eax] 0x00000012 push edi 0x00000013 push eax 0x00000014 push edx 0x00000015 jmp 00007F2ADCE7BD77h 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AAEDF second address: 6AAEEE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 mov dword ptr [esp+04h], eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AB7B7 second address: 6AB7BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AB7BB second address: 6AB81D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B45h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a jc 00007F2ADCE78B41h 0x00000010 jbe 00007F2ADCE78B3Bh 0x00000016 xor edx, 5D027273h 0x0000001c push 0000001Eh 0x0000001e movsx edx, dx 0x00000021 nop 0x00000022 jmp 00007F2ADCE78B3Dh 0x00000027 push eax 0x00000028 pushad 0x00000029 push ebx 0x0000002a push edi 0x0000002b pop edi 0x0000002c pop ebx 0x0000002d pushad 0x0000002e jmp 00007F2ADCE78B45h 0x00000033 push eax 0x00000034 push edx 0x00000035 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AB969 second address: 6AB96D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AB96D second address: 6AB97A instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F2ADCE78B36h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6ABAD6 second address: 6ABAFA instructions: 0x00000000 rdtsc 0x00000002 jno 00007F2ADCE7BD66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d pushad 0x0000000e popad 0x0000000f popad 0x00000010 popad 0x00000011 push eax 0x00000012 push ecx 0x00000013 push ecx 0x00000014 jne 00007F2ADCE7BD66h 0x0000001a pop ecx 0x0000001b pop ecx 0x0000001c mov eax, dword ptr [esp+04h] 0x00000020 push esi 0x00000021 pushad 0x00000022 push eax 0x00000023 push edx 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6ABAFA second address: 6ABB0C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F2ADCE78B36h 0x0000000a popad 0x0000000b pop esi 0x0000000c mov eax, dword ptr [eax] 0x0000000e push eax 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6ABB0C second address: 6ABB12 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6ABB12 second address: 6ABB31 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop eax 0x00000006 mov dword ptr [esp+04h], eax 0x0000000a jg 00007F2ADCE78B4Fh 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F2ADCE78B3Dh 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6ABB31 second address: 6ABB35 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6ABBF9 second address: 6ABC6C instructions: 0x00000000 rdtsc 0x00000002 jns 00007F2ADCE78B36h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop eax 0x0000000b mov dword ptr [esp], eax 0x0000000e push 00000000h 0x00000010 push ebx 0x00000011 call 00007F2ADCE78B38h 0x00000016 pop ebx 0x00000017 mov dword ptr [esp+04h], ebx 0x0000001b add dword ptr [esp+04h], 00000014h 0x00000023 inc ebx 0x00000024 push ebx 0x00000025 ret 0x00000026 pop ebx 0x00000027 ret 0x00000028 lea eax, dword ptr [ebp+124866CAh] 0x0000002e push 00000000h 0x00000030 push eax 0x00000031 call 00007F2ADCE78B38h 0x00000036 pop eax 0x00000037 mov dword ptr [esp+04h], eax 0x0000003b add dword ptr [esp+04h], 00000019h 0x00000043 inc eax 0x00000044 push eax 0x00000045 ret 0x00000046 pop eax 0x00000047 ret 0x00000048 sub edx, 02415BD1h 0x0000004e nop 0x0000004f jnl 00007F2ADCE78B55h 0x00000055 push eax 0x00000056 push edx 0x00000057 jmp 00007F2ADCE78B43h 0x0000005c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6ABC6C second address: 6ABC8E instructions: 0x00000000 rdtsc 0x00000002 jno 00007F2ADCE7BD66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F2ADCE7BD75h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6ABC8E second address: 6ABCE1 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 jo 00007F2ADCE78B36h 0x00000009 pop edx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d mov ecx, dword ptr [ebp+122D3356h] 0x00000013 mov dl, 04h 0x00000015 lea eax, dword ptr [ebp+12486686h] 0x0000001b push 00000000h 0x0000001d push eax 0x0000001e call 00007F2ADCE78B38h 0x00000023 pop eax 0x00000024 mov dword ptr [esp+04h], eax 0x00000028 add dword ptr [esp+04h], 00000017h 0x00000030 inc eax 0x00000031 push eax 0x00000032 ret 0x00000033 pop eax 0x00000034 ret 0x00000035 sbb cx, 347Ch 0x0000003a or ecx, dword ptr [ebp+122D2900h] 0x00000040 nop 0x00000041 pushad 0x00000042 jnl 00007F2ADCE78B38h 0x00000048 pushad 0x00000049 popad 0x0000004a push eax 0x0000004b push edx 0x0000004c pushad 0x0000004d popad 0x0000004e rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6E34EE second address: 6E3508 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2ADCE7BD76h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6E3508 second address: 6E3530 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B41h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jg 00007F2ADCE78B3Eh 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6E39A7 second address: 6E39AD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6E39AD second address: 6E39C5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B44h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6E88F2 second address: 6E88F6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6E9468 second address: 6E948D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007F2ADCE78B36h 0x0000000a pop ecx 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F2ADCE78B46h 0x00000012 push eax 0x00000013 pop eax 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6E948D second address: 6E94AD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jo 00007F2ADCE7BD66h 0x0000000d jmp 00007F2ADCE7BD6Fh 0x00000012 popad 0x00000013 push eax 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6E9729 second address: 6E9733 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F2ADCE78B36h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6E9733 second address: 6E9755 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD6Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jnc 00007F2ADCE7BD74h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6E9B0B second address: 6E9B28 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F2ADCE78B47h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6E9B28 second address: 6E9B30 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6E9B30 second address: 6E9B34 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6E9B34 second address: 6E9B38 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6E863F second address: 6E865C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push esi 0x00000004 pop esi 0x00000005 jmp 00007F2ADCE78B46h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6EEF7E second address: 6EEF84 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6EEF84 second address: 6EEF88 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6F22F7 second address: 6F2303 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 js 00007F2ADCE7BD66h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6F2303 second address: 6F2307 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6F38D1 second address: 6F38F0 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F2ADCE7BD66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d pushad 0x0000000e popad 0x0000000f popad 0x00000010 jne 00007F2ADCE7BD6Ch 0x00000016 pushad 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6F38F0 second address: 6F38F8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6F38F8 second address: 6F38FE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6F6719 second address: 6F673C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F2ADCE78B49h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6F673C second address: 6F6748 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6F6748 second address: 6F6763 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B47h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6F6433 second address: 6F6459 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 jc 00007F2ADCE7BD81h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6F8B03 second address: 6F8B0F instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 ja 00007F2ADCE78B36h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6FD0A1 second address: 6FD0B7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F2ADCE7BD6Eh 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6FD0B7 second address: 6FD0BD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6FD4E9 second address: 6FD4EF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6FD4EF second address: 6FD4F5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6FD4F5 second address: 6FD4F9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6FD4F9 second address: 6FD4FD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6FD4FD second address: 6FD509 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6FD509 second address: 6FD50D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 66FF07 second address: 66FF19 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 pushad 0x00000008 push edx 0x00000009 pop edx 0x0000000a jns 00007F2ADCE7BD66h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 701FB9 second address: 701FBD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7020F8 second address: 70212A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD77h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F2ADCE7BD74h 0x0000000e push ebx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 6AB661 second address: 6AB675 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F2ADCE78B40h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 70308A second address: 70308E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 70659F second address: 7065AF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2ADCE78B3Ah 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7065AF second address: 7065B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 706739 second address: 70675E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B3Ah 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F2ADCE78B47h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 706BB1 second address: 706BB7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 706D0D second address: 706D21 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop eax 0x00000007 jmp 00007F2ADCE78B3Dh 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 706E86 second address: 706EA0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F2ADCE7BD72h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 70FD5E second address: 70FD77 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B3Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c popad 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 70FD77 second address: 70FD91 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD72h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push edx 0x0000000c pop edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 70FD91 second address: 70FD95 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 70FD95 second address: 70FDA4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F2ADCE7BD66h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 70FDA4 second address: 70FDAA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 70FDAA second address: 70FDB0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 70DD34 second address: 70DD39 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 70DE79 second address: 70DEA3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2ADCE7BD79h 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F2ADCE7BD6Ah 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 70E018 second address: 70E04E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 popad 0x00000007 jmp 00007F2ADCE78B46h 0x0000000c jmp 00007F2ADCE78B46h 0x00000011 push esi 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 70E31E second address: 70E325 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 70E5DC second address: 70E5F4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 jmp 00007F2ADCE78B40h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 70EB65 second address: 70EBA6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD78h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F2ADCE7BD6Bh 0x0000000e push esi 0x0000000f jmp 00007F2ADCE7BD75h 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 70EBA6 second address: 70EBAA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 70F419 second address: 70F420 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 70FABA second address: 70FABE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 70FABE second address: 70FAE1 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F2ADCE7BD66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F2ADCE7BD77h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 715325 second address: 715333 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 je 00007F2ADCE78B36h 0x00000009 pop edi 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 715333 second address: 715339 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 715339 second address: 715351 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 jmp 00007F2ADCE78B3Ch 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 71857B second address: 718590 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push ebx 0x00000007 ja 00007F2ADCE7BD66h 0x0000000d pushad 0x0000000e popad 0x0000000f pop ebx 0x00000010 pushad 0x00000011 pushad 0x00000012 popad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 718D69 second address: 718D82 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B45h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 718D82 second address: 718D88 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 718D88 second address: 718D8C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 721BFA second address: 721C16 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop ecx 0x00000007 push ebx 0x00000008 jng 00007F2ADCE7BD6Ch 0x0000000e push eax 0x0000000f push edx 0x00000010 jbe 00007F2ADCE7BD66h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 71FE6F second address: 71FE89 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F2ADCE78B44h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 71FE89 second address: 71FEC2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD72h 0x00000007 jmp 00007F2ADCE7BD78h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 jns 00007F2ADCE7BD66h 0x00000017 pushad 0x00000018 popad 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 71FEC2 second address: 71FECC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 71FECC second address: 71FEE3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2ADCE7BD73h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 720018 second address: 72001C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 720430 second address: 720453 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007F2ADCE7BD66h 0x0000000a popad 0x0000000b pushad 0x0000000c jmp 00007F2ADCE7BD73h 0x00000011 pushad 0x00000012 popad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 720453 second address: 72046C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2ADCE78B3Fh 0x00000009 popad 0x0000000a pop edx 0x0000000b push edx 0x0000000c push edi 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 72070F second address: 720718 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 720718 second address: 72071E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 72071E second address: 720730 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop esi 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a jg 00007F2ADCE7BD66h 0x00000010 push edx 0x00000011 pop edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 720730 second address: 72073C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 js 00007F2ADCE78B36h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 720851 second address: 720855 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7209BA second address: 7209BE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7209BE second address: 7209C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7209C9 second address: 7209CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7209CD second address: 7209D1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7209D1 second address: 7209F5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jne 00007F2ADCE78B3Eh 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F2ADCE78B3Eh 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7209F5 second address: 7209F9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 720B96 second address: 720BA2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnp 00007F2ADCE78B36h 0x0000000a push ecx 0x0000000b pop ecx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 71FAAD second address: 71FAB4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push esi 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 727C5A second address: 727C65 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 727C65 second address: 727C7F instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 jp 00007F2ADCE7BD66h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F2ADCE7BD6Ch 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 727C7F second address: 727C83 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 72A3B3 second address: 72A3D5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jmp 00007F2ADCE7BD6Bh 0x0000000a jnc 00007F2ADCE7BD66h 0x00000010 popad 0x00000011 pop edx 0x00000012 pop eax 0x00000013 push ebx 0x00000014 push eax 0x00000015 push edx 0x00000016 jg 00007F2ADCE7BD66h 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 735022 second address: 735028 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 735198 second address: 7351A8 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jbe 00007F2ADCE7BD66h 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 736C7B second address: 736C7F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 736C7F second address: 736C99 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push esi 0x00000004 pop esi 0x00000005 jmp 00007F2ADCE7BD6Fh 0x0000000a pop eax 0x0000000b push ecx 0x0000000c push eax 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 73C7BD second address: 73C7C2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 73C7C2 second address: 73C7C8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 73C7C8 second address: 73C7F8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 jo 00007F2ADCE78B46h 0x0000000f jmp 00007F2ADCE78B40h 0x00000014 jmp 00007F2ADCE78B3Eh 0x00000019 push ebx 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 73C3AE second address: 73C3B2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 73DE70 second address: 73DE93 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d pop eax 0x0000000e push edx 0x0000000f pop edx 0x00000010 jmp 00007F2ADCE78B42h 0x00000015 popad 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 73DE93 second address: 73DE9A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push esi 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 753730 second address: 753768 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B43h 0x00000007 jmp 00007F2ADCE78B49h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e jo 00007F2ADCE78B3Eh 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 753768 second address: 75376E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 75376E second address: 75377A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnp 00007F2ADCE78B36h 0x0000000a push edx 0x0000000b pop edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 75377A second address: 7537C5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD79h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F2ADCE7BD73h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jnc 00007F2ADCE7BD6Eh 0x00000018 pushad 0x00000019 je 00007F2ADCE7BD66h 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7537C5 second address: 7537CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7537CB second address: 7537D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7523B7 second address: 7523CD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B42h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7523CD second address: 7523EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a jmp 00007F2ADCE7BD74h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7523EB second address: 7523F6 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 pushad 0x00000008 push esi 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7523F6 second address: 75240B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop esi 0x00000007 jnc 00007F2ADCE7BD6Ah 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 75240B second address: 75242E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B45h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jne 00007F2ADCE78B36h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 75242E second address: 752432 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 752432 second address: 752436 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 75256D second address: 752571 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 752571 second address: 75259A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jno 00007F2ADCE78B38h 0x0000000c jmp 00007F2ADCE78B48h 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 75259A second address: 7525AC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b popad 0x0000000c jng 00007F2ADCE7BD66h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7525AC second address: 7525B4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7525B4 second address: 7525C2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pushad 0x00000004 popad 0x00000005 pop eax 0x00000006 js 00007F2ADCE7BD6Ch 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7526FA second address: 75270C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jbe 00007F2ADCE78B36h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pushad 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 75270C second address: 75272B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F2ADCE7BD76h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 752878 second address: 75288A instructions: 0x00000000 rdtsc 0x00000002 jp 00007F2ADCE78B3Ah 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ebx 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 75288A second address: 75289F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2ADCE7BD6Fh 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 752A03 second address: 752A0E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop eax 0x00000006 push ecx 0x00000007 push eax 0x00000008 push edx 0x00000009 push ebx 0x0000000a pop ebx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 752B63 second address: 752B67 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 75618E second address: 7561B8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B3Dh 0x00000007 push eax 0x00000008 push edx 0x00000009 push ebx 0x0000000a pop ebx 0x0000000b jmp 00007F2ADCE78B47h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7561B8 second address: 7561DB instructions: 0x00000000 rdtsc 0x00000002 jng 00007F2ADCE7BD66h 0x00000008 jmp 00007F2ADCE7BD6Ch 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push ecx 0x00000012 push eax 0x00000013 push edx 0x00000014 jng 00007F2ADCE7BD66h 0x0000001a push ecx 0x0000001b pop ecx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7561DB second address: 756201 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B3Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jmp 00007F2ADCE78B43h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 756201 second address: 756207 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 76141F second address: 76142D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007F2ADCE78B36h 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 76142D second address: 76144B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007F2ADCE7BD6Fh 0x0000000a jns 00007F2ADCE7BD6Eh 0x00000010 push eax 0x00000011 pop eax 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 775DA4 second address: 775DAA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 775DAA second address: 775DAE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 775DAE second address: 775DB4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 775DB4 second address: 775DC4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jng 00007F2ADCE7BD6Ah 0x0000000c pushad 0x0000000d popad 0x0000000e push esi 0x0000000f pop esi 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 777E41 second address: 777E45 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7779C2 second address: 7779C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 7779C7 second address: 7779D1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnp 00007F2ADCE78B36h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 777B73 second address: 777B7F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 jg 00007F2ADCE7BD66h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 789F94 second address: 789FAC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B41h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 789FAC second address: 789FB4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 789FB4 second address: 789FC8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2ADCE78B3Fh 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 78EBA9 second address: 78EBAD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 78EBAD second address: 78EBB3 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 78EBB3 second address: 78EBB8 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 78DF93 second address: 78DFAB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B3Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push edx 0x0000000b pop edx 0x0000000c push edx 0x0000000d pop edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 78E68B second address: 78E6B2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 je 00007F2ADCE7BD7Eh 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 791AB3 second address: 791B07 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F2ADCE78B3Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push ebx 0x0000000c push esi 0x0000000d pushad 0x0000000e popad 0x0000000f pop esi 0x00000010 pop ebx 0x00000011 nop 0x00000012 push 00000000h 0x00000014 push ebp 0x00000015 call 00007F2ADCE78B38h 0x0000001a pop ebp 0x0000001b mov dword ptr [esp+04h], ebp 0x0000001f add dword ptr [esp+04h], 00000017h 0x00000027 inc ebp 0x00000028 push ebp 0x00000029 ret 0x0000002a pop ebp 0x0000002b ret 0x0000002c mov dx, B860h 0x00000030 push dword ptr [ebp+122D1C34h] 0x00000036 sub edx, dword ptr [ebp+122D28E8h] 0x0000003c call 00007F2ADCE78B39h 0x00000041 push edi 0x00000042 push edi 0x00000043 push eax 0x00000044 push edx 0x00000045 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 791B07 second address: 791B2C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pop edi 0x00000006 push eax 0x00000007 jmp 00007F2ADCE7BD74h 0x0000000c mov eax, dword ptr [esp+04h] 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 push esi 0x00000015 pop esi 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 791B2C second address: 791B32 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E10347 second address: 4E103AD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD79h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007F2ADCE7BD6Eh 0x0000000f push eax 0x00000010 pushad 0x00000011 mov bh, C7h 0x00000013 pushfd 0x00000014 jmp 00007F2ADCE7BD6Ah 0x00000019 and esi, 45D6A8C8h 0x0000001f jmp 00007F2ADCE7BD6Bh 0x00000024 popfd 0x00000025 popad 0x00000026 xchg eax, ebp 0x00000027 push eax 0x00000028 push edx 0x00000029 jmp 00007F2ADCE7BD75h 0x0000002e rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E103AD second address: 4E103CD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B41h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e mov di, 146Eh 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E103CD second address: 4E103D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E103D2 second address: 4E103D8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E103D8 second address: 4E103DC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E1043F second address: 4E10445 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E10445 second address: 4E1044B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E1044B second address: 4E1044F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E3070E second address: 4E30793 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007F2ADCE7BD73h 0x00000008 pop eax 0x00000009 push edx 0x0000000a pop ecx 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f jmp 00007F2ADCE7BD72h 0x00000014 xchg eax, ebp 0x00000015 pushad 0x00000016 mov dl, al 0x00000018 push edi 0x00000019 mov eax, 1BD54B25h 0x0000001e pop eax 0x0000001f popad 0x00000020 mov ebp, esp 0x00000022 pushad 0x00000023 jmp 00007F2ADCE7BD77h 0x00000028 pushfd 0x00000029 jmp 00007F2ADCE7BD78h 0x0000002e and al, FFFFFF98h 0x00000031 jmp 00007F2ADCE7BD6Bh 0x00000036 popfd 0x00000037 popad 0x00000038 xchg eax, ecx 0x00000039 push eax 0x0000003a push edx 0x0000003b push eax 0x0000003c push edx 0x0000003d pushad 0x0000003e popad 0x0000003f rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30793 second address: 4E30799 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30799 second address: 4E3079F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E3079F second address: 4E307A3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E307A3 second address: 4E307C4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD74h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E307C4 second address: 4E307CA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E307CA second address: 4E30840 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ah, bl 0x00000005 mov bx, cx 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ecx 0x0000000c jmp 00007F2ADCE7BD78h 0x00000011 xchg eax, esi 0x00000012 pushad 0x00000013 pushfd 0x00000014 jmp 00007F2ADCE7BD6Eh 0x00000019 sbb eax, 406E80E8h 0x0000001f jmp 00007F2ADCE7BD6Bh 0x00000024 popfd 0x00000025 pushad 0x00000026 mov edi, ecx 0x00000028 call 00007F2ADCE7BD72h 0x0000002d pop esi 0x0000002e popad 0x0000002f popad 0x00000030 push eax 0x00000031 jmp 00007F2ADCE7BD70h 0x00000036 xchg eax, esi 0x00000037 pushad 0x00000038 push eax 0x00000039 push edx 0x0000003a pushad 0x0000003b popad 0x0000003c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30840 second address: 4E3086F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B3Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 movzx eax, di 0x0000000c popad 0x0000000d lea eax, dword ptr [ebp-04h] 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F2ADCE78B48h 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E3086F second address: 4E30875 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30875 second address: 4E30879 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30879 second address: 4E3087D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E3087D second address: 4E308FB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push esp 0x00000009 pushad 0x0000000a pushfd 0x0000000b jmp 00007F2ADCE78B44h 0x00000010 xor eax, 03DAEA68h 0x00000016 jmp 00007F2ADCE78B3Bh 0x0000001b popfd 0x0000001c mov bx, si 0x0000001f popad 0x00000020 mov dword ptr [esp], eax 0x00000023 jmp 00007F2ADCE78B42h 0x00000028 push dword ptr [ebp+08h] 0x0000002b push eax 0x0000002c push edx 0x0000002d pushad 0x0000002e jmp 00007F2ADCE78B3Dh 0x00000033 pushfd 0x00000034 jmp 00007F2ADCE78B40h 0x00000039 sub ch, 00000028h 0x0000003c jmp 00007F2ADCE78B3Bh 0x00000041 popfd 0x00000042 popad 0x00000043 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30990 second address: 4E30996 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30996 second address: 4E3099C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E3099C second address: 4E309A0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E309A0 second address: 4E309B5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 je 00007F2ADCE78B76h 0x0000000e pushad 0x0000000f mov dx, ax 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E309FE second address: 4E201AA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ah, D0h 0x00000005 pushfd 0x00000006 jmp 00007F2ADCE7BD77h 0x0000000b jmp 00007F2ADCE7BD73h 0x00000010 popfd 0x00000011 popad 0x00000012 pop edx 0x00000013 pop eax 0x00000014 pop esi 0x00000015 jmp 00007F2ADCE7BD76h 0x0000001a leave 0x0000001b jmp 00007F2ADCE7BD70h 0x00000020 retn 0004h 0x00000023 nop 0x00000024 cmp eax, 00000000h 0x00000027 setne al 0x0000002a jmp 00007F2ADCE7BD62h 0x0000002c xor ebx, ebx 0x0000002e test al, 01h 0x00000030 jne 00007F2ADCE7BD67h 0x00000032 sub esp, 04h 0x00000035 mov dword ptr [esp], 0000000Dh 0x0000003c call 00007F2AE17C94ECh 0x00000041 mov edi, edi 0x00000043 push eax 0x00000044 push edx 0x00000045 jmp 00007F2ADCE7BD75h 0x0000004a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E201AA second address: 4E201BA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F2ADCE78B3Ch 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E201BA second address: 4E20239 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD6Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c jmp 00007F2ADCE7BD76h 0x00000011 push eax 0x00000012 pushad 0x00000013 call 00007F2ADCE7BD71h 0x00000018 jmp 00007F2ADCE7BD70h 0x0000001d pop eax 0x0000001e pushfd 0x0000001f jmp 00007F2ADCE7BD6Bh 0x00000024 and cx, D00Eh 0x00000029 jmp 00007F2ADCE7BD79h 0x0000002e popfd 0x0000002f popad 0x00000030 xchg eax, ebp 0x00000031 push eax 0x00000032 push edx 0x00000033 push eax 0x00000034 push edx 0x00000035 pushad 0x00000036 popad 0x00000037 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20239 second address: 4E2024C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B3Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E2024C second address: 4E20264 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F2ADCE7BD74h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20264 second address: 4E202DA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B3Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov ebp, esp 0x0000000d pushad 0x0000000e movzx eax, dx 0x00000011 pushad 0x00000012 mov edx, 27DFFFE2h 0x00000017 movsx edx, cx 0x0000001a popad 0x0000001b popad 0x0000001c sub esp, 2Ch 0x0000001f pushad 0x00000020 pushfd 0x00000021 jmp 00007F2ADCE78B47h 0x00000026 add cx, 658Eh 0x0000002b jmp 00007F2ADCE78B49h 0x00000030 popfd 0x00000031 popad 0x00000032 xchg eax, ebx 0x00000033 jmp 00007F2ADCE78B3Eh 0x00000038 push eax 0x00000039 push eax 0x0000003a push edx 0x0000003b pushad 0x0000003c push eax 0x0000003d pop ebx 0x0000003e mov edx, ecx 0x00000040 popad 0x00000041 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E202DA second address: 4E202F9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov bh, A8h 0x00000005 mov dl, al 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a xchg eax, ebx 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F2ADCE7BD72h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E202F9 second address: 4E20312 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B3Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, edi 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d movsx edi, si 0x00000010 mov al, FAh 0x00000012 popad 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20373 second address: 4E20380 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 sub ebx, ebx 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b mov bl, 64h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20380 second address: 4E20384 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20384 second address: 4E2038D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E2038D second address: 4E203A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2ADCE78B3Ah 0x00000009 popad 0x0000000a popad 0x0000000b sub edi, edi 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 movsx edi, si 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E203A5 second address: 4E203C7 instructions: 0x00000000 rdtsc 0x00000002 mov si, 1BD5h 0x00000006 pop edx 0x00000007 pop eax 0x00000008 movzx esi, bx 0x0000000b popad 0x0000000c inc ebx 0x0000000d jmp 00007F2ADCE7BD6Dh 0x00000012 test al, al 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E203C7 second address: 4E203CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E203CB second address: 4E203D1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E203D1 second address: 4E20406 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B42h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 je 00007F2ADCE78CD0h 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F2ADCE78B47h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E2045E second address: 4E2049D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD79h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a jmp 00007F2ADCE7BD6Eh 0x0000000f push eax 0x00000010 jmp 00007F2ADCE7BD6Bh 0x00000015 nop 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a pushad 0x0000001b popad 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E2049D second address: 4E204A3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E204A3 second address: 4E204A9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E204A9 second address: 4E204AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E204AD second address: 4E204B1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E204CD second address: 4E204D3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E204D3 second address: 4E204E8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a test eax, eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f movsx edx, ax 0x00000012 mov ebx, eax 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E204E8 second address: 4E2054A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B49h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jg 00007F2B4DC76ABDh 0x0000000f pushad 0x00000010 mov bl, al 0x00000012 call 00007F2ADCE78B49h 0x00000017 mov di, ax 0x0000001a pop eax 0x0000001b popad 0x0000001c js 00007F2ADCE78B8Bh 0x00000022 push eax 0x00000023 push edx 0x00000024 jmp 00007F2ADCE78B46h 0x00000029 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E2054A second address: 4E2056D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD6Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 cmp dword ptr [ebp-14h], edi 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f call 00007F2ADCE7BD6Bh 0x00000014 pop esi 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E2056D second address: 4E20572 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20572 second address: 4E20590 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ah, 42h 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jne 00007F2B4DC79C87h 0x0000000e pushad 0x0000000f mov ecx, 2E25BEC5h 0x00000014 popad 0x00000015 mov ebx, dword ptr [ebp+08h] 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c pushad 0x0000001d popad 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20590 second address: 4E205A8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B44h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E205A8 second address: 4E205D1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD6Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 lea eax, dword ptr [ebp-2Ch] 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F2ADCE7BD75h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E205D1 second address: 4E2063C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007F2ADCE78B47h 0x00000008 pop ecx 0x00000009 jmp 00007F2ADCE78B49h 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 xchg eax, esi 0x00000012 pushad 0x00000013 mov cl, 50h 0x00000015 movsx ebx, ax 0x00000018 popad 0x00000019 push eax 0x0000001a jmp 00007F2ADCE78B3Bh 0x0000001f xchg eax, esi 0x00000020 push eax 0x00000021 push edx 0x00000022 pushad 0x00000023 mov ax, bx 0x00000026 call 00007F2ADCE78B47h 0x0000002b pop ecx 0x0000002c popad 0x0000002d rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E2063C second address: 4E20665 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov di, ax 0x00000006 mov si, 2B77h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d nop 0x0000000e jmp 00007F2ADCE7BD6Ah 0x00000013 push eax 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007F2ADCE7BD6Eh 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20665 second address: 4E20677 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F2ADCE78B3Eh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20677 second address: 4E2067B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E2067B second address: 4E20702 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 jmp 00007F2ADCE78B47h 0x0000000e xchg eax, ebx 0x0000000f jmp 00007F2ADCE78B46h 0x00000014 push eax 0x00000015 pushad 0x00000016 pushfd 0x00000017 jmp 00007F2ADCE78B41h 0x0000001c or eax, 745EE846h 0x00000022 jmp 00007F2ADCE78B41h 0x00000027 popfd 0x00000028 call 00007F2ADCE78B40h 0x0000002d mov ecx, 2389AF01h 0x00000032 pop eax 0x00000033 popad 0x00000034 xchg eax, ebx 0x00000035 push eax 0x00000036 push edx 0x00000037 pushad 0x00000038 mov ecx, 2D0A73F5h 0x0000003d mov bx, cx 0x00000040 popad 0x00000041 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20741 second address: 4E20747 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20747 second address: 4E2074B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E2074B second address: 4E2076E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD70h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov esi, eax 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 mov ebx, 2D342C20h 0x00000015 pushad 0x00000016 popad 0x00000017 popad 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E2076E second address: 4E20774 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20774 second address: 4E20778 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20778 second address: 4E20793 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B3Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b test esi, esi 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20793 second address: 4E2079A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov eax, edi 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E2079A second address: 4E207A0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E207A0 second address: 4E207A4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E207A4 second address: 4E20012 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 je 00007F2B4DC769DFh 0x0000000e xor eax, eax 0x00000010 jmp 00007F2ADCE5226Ah 0x00000015 pop esi 0x00000016 pop edi 0x00000017 pop ebx 0x00000018 leave 0x00000019 retn 0004h 0x0000001c nop 0x0000001d xor ebx, ebx 0x0000001f cmp eax, 00000000h 0x00000022 je 00007F2ADCE78C93h 0x00000028 call 00007F2AE17C5FBDh 0x0000002d mov edi, edi 0x0000002f pushad 0x00000030 mov edi, eax 0x00000032 popad 0x00000033 xchg eax, ebp 0x00000034 push eax 0x00000035 push edx 0x00000036 pushad 0x00000037 mov edi, 10D52282h 0x0000003c push edi 0x0000003d pop ecx 0x0000003e popad 0x0000003f rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20012 second address: 4E20018 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20018 second address: 4E2001C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E2001C second address: 4E20038 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a mov dx, 1D7Eh 0x0000000e popad 0x0000000f xchg eax, ebp 0x00000010 pushad 0x00000011 mov edi, eax 0x00000013 popad 0x00000014 mov ebp, esp 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 mov esi, edx 0x0000001b popad 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20038 second address: 4E200B1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B49h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ecx 0x0000000a pushad 0x0000000b movzx ecx, bx 0x0000000e call 00007F2ADCE78B49h 0x00000013 mov dx, ax 0x00000016 pop esi 0x00000017 popad 0x00000018 push eax 0x00000019 pushad 0x0000001a pushad 0x0000001b call 00007F2ADCE78B46h 0x00000020 pop ecx 0x00000021 mov ax, bx 0x00000024 popad 0x00000025 push ebx 0x00000026 mov ecx, 6BF3CEB9h 0x0000002b pop esi 0x0000002c popad 0x0000002d xchg eax, ecx 0x0000002e push eax 0x0000002f push edx 0x00000030 jmp 00007F2ADCE78B40h 0x00000035 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E200B1 second address: 4E200CD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD6Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [ebp-04h], 55534552h 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 popad 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E200CD second address: 4E200D3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E200D3 second address: 4E200F0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F2ADCE7BD79h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E200F0 second address: 4E200F4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E2016F second address: 4E2017F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F2ADCE7BD6Ch 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20B01 second address: 4E20B06 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20BBE second address: 4E20BC2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20BC2 second address: 4E20BC8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20BC8 second address: 4E20C0C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007F2ADCE7BD78h 0x00000008 pop eax 0x00000009 mov edi, 7B3B1AF6h 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push 1D38BD4Ch 0x00000016 push eax 0x00000017 push edx 0x00000018 jmp 00007F2ADCE7BD79h 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20C0C second address: 4E20C71 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B41h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xor dword ptr [esp], 68FE2164h 0x00000010 pushad 0x00000011 pushfd 0x00000012 jmp 00007F2ADCE78B3Ch 0x00000017 or ecx, 3F4EC678h 0x0000001d jmp 00007F2ADCE78B3Bh 0x00000022 popfd 0x00000023 push ecx 0x00000024 mov edi, 13F1249Ah 0x00000029 pop edx 0x0000002a popad 0x0000002b call 00007F2B4DC6DA58h 0x00000030 push 75C12B70h 0x00000035 push dword ptr fs:[00000000h] 0x0000003c mov eax, dword ptr [esp+10h] 0x00000040 mov dword ptr [esp+10h], ebp 0x00000044 lea ebp, dword ptr [esp+10h] 0x00000048 sub esp, eax 0x0000004a push ebx 0x0000004b push esi 0x0000004c push edi 0x0000004d mov eax, dword ptr [75C74538h] 0x00000052 xor dword ptr [ebp-04h], eax 0x00000055 xor eax, ebp 0x00000057 push eax 0x00000058 mov dword ptr [ebp-18h], esp 0x0000005b push dword ptr [ebp-08h] 0x0000005e mov eax, dword ptr [ebp-04h] 0x00000061 mov dword ptr [ebp-04h], FFFFFFFEh 0x00000068 mov dword ptr [ebp-08h], eax 0x0000006b lea eax, dword ptr [ebp-10h] 0x0000006e mov dword ptr fs:[00000000h], eax 0x00000074 ret 0x00000075 push eax 0x00000076 push edx 0x00000077 push eax 0x00000078 push edx 0x00000079 jmp 00007F2ADCE78B48h 0x0000007e rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20C71 second address: 4E20C75 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20C75 second address: 4E20C7B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20C7B second address: 4E20C81 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20D15 second address: 4E20D28 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 je 00007F2B4DC5C79Fh 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20D28 second address: 4E20D2C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E20D2C second address: 4E20D32 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30B64 second address: 4E30B68 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30B68 second address: 4E30B6C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30B6C second address: 4E30B72 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30B72 second address: 4E30B77 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30B77 second address: 4E30B7D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30B7D second address: 4E30B90 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 test esi, esi 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c mov ebx, 0396BD9Ch 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30B90 second address: 4E30B95 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30B95 second address: 4E30BD6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov si, 725Dh 0x00000007 pushfd 0x00000008 jmp 00007F2ADCE78B3Ah 0x0000000d xor esi, 6FCC72B8h 0x00000013 jmp 00007F2ADCE78B3Bh 0x00000018 popfd 0x00000019 popad 0x0000001a pop edx 0x0000001b pop eax 0x0000001c je 00007F2B4DC56331h 0x00000022 push eax 0x00000023 push edx 0x00000024 push eax 0x00000025 push edx 0x00000026 jmp 00007F2ADCE78B40h 0x0000002b rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30BD6 second address: 4E30BDA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30BDA second address: 4E30BE0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30BE0 second address: 4E30BE6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30BE6 second address: 4E30BEA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30BEA second address: 4E30C7D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE7BD78h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b cmp dword ptr [75C7459Ch], 05h 0x00000012 jmp 00007F2ADCE7BD70h 0x00000017 je 00007F2B4DC715DEh 0x0000001d jmp 00007F2ADCE7BD70h 0x00000022 xchg eax, esi 0x00000023 pushad 0x00000024 push eax 0x00000025 pop eax 0x00000026 mov edx, 7CC2CF1Ch 0x0000002b popad 0x0000002c push eax 0x0000002d pushad 0x0000002e pushad 0x0000002f pushfd 0x00000030 jmp 00007F2ADCE7BD6Eh 0x00000035 sub ax, 7C38h 0x0000003a jmp 00007F2ADCE7BD6Bh 0x0000003f popfd 0x00000040 mov ax, 026Fh 0x00000044 popad 0x00000045 mov eax, 6703568Bh 0x0000004a popad 0x0000004b xchg eax, esi 0x0000004c push eax 0x0000004d push edx 0x0000004e jmp 00007F2ADCE7BD6Dh 0x00000053 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30C7D second address: 4E30C82 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30CDF second address: 4E30CEF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F2ADCE7BD6Ch 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30CEF second address: 4E30CFE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, esi 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30CFE second address: 4E30D02 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30D02 second address: 4E30D06 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30D06 second address: 4E30D0C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LNn56KMkEE.exe | RDTSC instruction interceptor: First address: 4E30D42 second address: 4E30D65 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2ADCE78B49h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop esi 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d mov dh, cl 0x0000000f rdtsc |