Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://127.0.0.1:27060 |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109200621.0000000000C3A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/account/cookiepreferences/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109200621.0000000000C3A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/privacy_agreement/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109200621.0000000000C3A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/subscriber_agreement/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://www.valvesoftware.com/legal.htm |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://api.steampowered.com/ |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://broadcast.st.dl.eccdnx.com |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cdn.fastly.steamstatic.com/steamcommunity/public/assets/ |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://checkout.steampowered.com/ |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109260380.0000000000C2A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000002.2110456689.0000000000C2A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/applications/community/main.css?v=Lj6X7NKUMfzk&a |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/globalv2.css?v=hzEgqbtRcI5V&l=english&_c |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/skin_1/fatalerror.css?v=OFUqlcDNiD6y&l=engli |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/skin_1/header.css?v=EM4kCu67DNda&l=english&a |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109200621.0000000000C3A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1 |
Source: LopCYSStr3.exe, 00000000.00000003.2109260380.0000000000C2A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000002.2110456689.0000000000C2A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6 |
Source: LopCYSStr3.exe, 00000000.00000003.2109260380.0000000000C2A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000002.2110456689.0000000000C2A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/applications/community/main.js?v=_92TWn81 |
Source: LopCYSStr3.exe, 00000000.00000003.2109260380.0000000000C2A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000002.2110456689.0000000000C2A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/applications/community/manifest.js?v=hyEE |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/global.js?v=jWc2JLWHx5Kn&l=english&am |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=gQHVlrK4-jX-&l |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/prototype-1.7.js?v=npJElBnrEO6W&l=eng |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=pbdAKOcDIgbC |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/buttons.css?v=qhQgyjWi6LgJ&l=english& |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/motiva_sans.css?v=-yZgCk0Nu7kH&l=engl |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/shared_global.css?v=wuA4X_n5-mo0&l=en |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/shared_responsive.css?v=JL1e4uQSrVGe& |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016 |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/responsive/header_logo.png |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/auth_refresh.js?v=w6QbwI-5-j2S& |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/shared_global.js?v=Gr6TbGRvDtNE&am |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=tvQ |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/tooltip.js?v=QYkT4eS5mbTN&l=en |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://help.steampowered.com/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://help.steampowered.com/en/ |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://login.steampowered.com/ |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lv.queniujq.cn |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://medal.tv |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://player.vimeo.com |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://recaptcha.net |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://recaptcha.net/recaptcha/; |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://s.ytimg.com; |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sketchfab.com |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steam.tv/ |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcast-test.akamaized.net |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcast.akamaized.net |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcastchat.akamaized.net |
Source: LopCYSStr3.exe, 00000000.00000003.2109260380.0000000000C2A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000002.2110456689.0000000000C2A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/?subsection=broadcasts |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/discussions/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109200621.0000000000C3A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org |
Source: LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900 |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/market/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/my/wishlist/ |
Source: LopCYSStr3.exe, 00000000.00000002.2110456689.0000000000C12000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109260380.0000000000C12000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900 |
Source: LopCYSStr3.exe, 00000000.00000003.2109260380.0000000000C2A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000002.2110456689.0000000000C2A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900)) |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/workshop/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109260380.0000000000C2A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000002.2110456689.0000000000C2A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com:443/profiles/76561199724331900 |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109200621.0000000000C78000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109200621.0000000000C46000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C78000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/; |
Source: LopCYSStr3.exe, 00000000.00000003.2109200621.0000000000C46000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7C185ce35c568ebbb |
Source: LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/about/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/explore/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109200621.0000000000C3A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/legal/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/mobile |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/news/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/points/shop |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/points/shop/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/privacy_agreement/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/stats/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/steam_refunds/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/subscriber_agreement/ |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com/recaptcha/ |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.gstatic.cn/recaptcha/ |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.gstatic.com/recaptcha/ |
Source: LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C88000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109161928.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109200621.0000000000C3A000.00000004.00000020.00020000.00000000.sdmp, LopCYSStr3.exe, 00000000.00000003.2109328652.0000000000C92000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.youtube.com |
Source: LopCYSStr3.exe, 00000000.00000002.2110525613.0000000000C46000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.youtube.com/ |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00188850 | 0_2_00188850 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0018ACF0 | 0_2_0018ACF0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00278035 | 0_2_00278035 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0029E01A | 0_2_0029E01A |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00286011 | 0_2_00286011 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002FC06E | 0_2_002FC06E |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002E4078 | 0_2_002E4078 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00312069 | 0_2_00312069 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0026C07C | 0_2_0026C07C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0027E04B | 0_2_0027E04B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00296045 | 0_2_00296045 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00216056 | 0_2_00216056 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0022005E | 0_2_0022005E |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001EC09F | 0_2_001EC09F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_003140A2 | 0_2_003140A2 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002080B4 | 0_2_002080B4 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0020C0B9 | 0_2_0020C0B9 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002740FA | 0_2_002740FA |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0020E0C7 | 0_2_0020E0C7 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002480D2 | 0_2_002480D2 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0028E0D1 | 0_2_0028E0D1 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002CC0D7 | 0_2_002CC0D7 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002F4129 | 0_2_002F4129 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0034C12B | 0_2_0034C12B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00298119 | 0_2_00298119 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0025011E | 0_2_0025011E |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002B8168 | 0_2_002B8168 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002F6162 | 0_2_002F6162 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002BA174 | 0_2_002BA174 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00212141 | 0_2_00212141 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002E2141 | 0_2_002E2141 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002AC15B | 0_2_002AC15B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002CA15D | 0_2_002CA15D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001F4166 | 0_2_001F4166 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002EE155 | 0_2_002EE155 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002AA1AB | 0_2_002AA1AB |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002E01AC | 0_2_002E01AC |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001A2190 | 0_2_001A2190 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0028A1B2 | 0_2_0028A1B2 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002561BA | 0_2_002561BA |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0022618B | 0_2_0022618B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0025A197 | 0_2_0025A197 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_003001F1 | 0_2_003001F1 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001F81DB | 0_2_001F81DB |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002B61EF | 0_2_002B61EF |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002301E4 | 0_2_002301E4 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001A41C0 | 0_2_001A41C0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002B21F0 | 0_2_002B21F0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002381C8 | 0_2_002381C8 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002521D4 | 0_2_002521D4 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002FE1DC | 0_2_002FE1DC |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0026C1DB | 0_2_0026C1DB |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002581DB | 0_2_002581DB |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00314233 | 0_2_00314233 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0034423C | 0_2_0034423C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0027C22D | 0_2_0027C22D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0030C23C | 0_2_0030C23C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00228230 | 0_2_00228230 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0030A222 | 0_2_0030A222 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0026A207 | 0_2_0026A207 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00260207 | 0_2_00260207 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002D821E | 0_2_002D821E |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002C8214 | 0_2_002C8214 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001F025A | 0_2_001F025A |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00218275 | 0_2_00218275 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002B027F | 0_2_002B027F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0030426B | 0_2_0030426B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002DA270 | 0_2_002DA270 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002A0275 | 0_2_002A0275 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001E8271 | 0_2_001E8271 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0021024E | 0_2_0021024E |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00234255 | 0_2_00234255 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00196263 | 0_2_00196263 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001E0265 | 0_2_001E0265 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00262259 | 0_2_00262259 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0019E290 | 0_2_0019E290 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00186280 | 0_2_00186280 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001E2281 | 0_2_001E2281 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00282282 | 0_2_00282282 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002F0285 | 0_2_002F0285 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0024A28B | 0_2_0024A28B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0025C29C | 0_2_0025C29C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_003022EE | 0_2_003022EE |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002DE2C6 | 0_2_002DE2C6 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001F2317 | 0_2_001F2317 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002A6323 | 0_2_002A6323 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001A830D | 0_2_001A830D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001AA33F | 0_2_001AA33F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00188330 | 0_2_00188330 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002DC307 | 0_2_002DC307 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00184320 | 0_2_00184320 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002D2377 | 0_2_002D2377 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0021A340 | 0_2_0021A340 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00276352 | 0_2_00276352 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0027C3A5 | 0_2_0027C3A5 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0030E3BA | 0_2_0030E3BA |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002CE3BC | 0_2_002CE3BC |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001A4380 | 0_2_001A4380 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002FC38F | 0_2_002FC38F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0025438C | 0_2_0025438C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0028E398 | 0_2_0028E398 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0024439E | 0_2_0024439E |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001EE3A1 | 0_2_001EE3A1 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_003043F3 | 0_2_003043F3 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002923F1 | 0_2_002923F1 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001FC3C2 | 0_2_001FC3C2 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001AC3FC | 0_2_001AC3FC |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0021C429 | 0_2_0021C429 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0022442D | 0_2_0022442D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002E4432 | 0_2_002E4432 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0028C40A | 0_2_0028C40A |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00284401 | 0_2_00284401 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002F4401 | 0_2_002F4401 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00258414 | 0_2_00258414 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002BC41C | 0_2_002BC41C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00240462 | 0_2_00240462 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0031247B | 0_2_0031247B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002AC467 | 0_2_002AC467 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0028847F | 0_2_0028847F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002F8477 | 0_2_002F8477 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002C044F | 0_2_002C044F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0026644A | 0_2_0026644A |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002BE454 | 0_2_002BE454 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0026E4AA | 0_2_0026E4AA |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0020A4B8 | 0_2_0020A4B8 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002EE4E7 | 0_2_002EE4E7 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001EC4D4 | 0_2_001EC4D4 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002504FF | 0_2_002504FF |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001A2510 | 0_2_001A2510 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0029450F | 0_2_0029450F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002E0509 | 0_2_002E0509 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0024C51B | 0_2_0024C51B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001E655D | 0_2_001E655D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001F855B | 0_2_001F855B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001FC556 | 0_2_001FC556 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0027E571 | 0_2_0027E571 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0027A579 | 0_2_0027A579 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0020C547 | 0_2_0020C547 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002DE55F | 0_2_002DE55F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00252551 | 0_2_00252551 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0025E553 | 0_2_0025E553 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00236554 | 0_2_00236554 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002B8552 | 0_2_002B8552 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0029C553 | 0_2_0029C553 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0023E5A3 | 0_2_0023E5A3 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002A25B5 | 0_2_002A25B5 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00298583 | 0_2_00298583 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0033659C | 0_2_0033659C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002EC5E2 | 0_2_002EC5E2 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002F25FF | 0_2_002F25FF |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002085F8 | 0_2_002085F8 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_003005E9 | 0_2_003005E9 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002C85F0 | 0_2_002C85F0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002385CF | 0_2_002385CF |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002825D8 | 0_2_002825D8 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0023C5DA | 0_2_0023C5DA |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00256621 | 0_2_00256621 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0026A62D | 0_2_0026A62D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001E060C | 0_2_001E060C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0022863E | 0_2_0022863E |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002A660F | 0_2_002A660F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0020260A | 0_2_0020260A |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002B2606 | 0_2_002B2606 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002A461F | 0_2_002A461F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002E2611 | 0_2_002E2611 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001E4650 | 0_2_001E4650 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00262677 | 0_2_00262677 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002C6678 | 0_2_002C6678 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002B6672 | 0_2_002B6672 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0030666B | 0_2_0030666B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0027467B | 0_2_0027467B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002D0643 | 0_2_002D0643 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002D8642 | 0_2_002D8642 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0024A658 | 0_2_0024A658 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002B0657 | 0_2_002B0657 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002A86A9 | 0_2_002A86A9 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0021E6AD | 0_2_0021E6AD |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002AC6B9 | 0_2_002AC6B9 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002186BB | 0_2_002186BB |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002E868F | 0_2_002E868F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00234681 | 0_2_00234681 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00308697 | 0_2_00308697 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001A66D0 | 0_2_001A66D0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002CC6FD | 0_2_002CC6FD |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002FC6F7 | 0_2_002FC6F7 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001A86C0 | 0_2_001A86C0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0030C6D2 | 0_2_0030C6D2 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001F46FA | 0_2_001F46FA |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_003126C3 | 0_2_003126C3 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002D46D5 | 0_2_002D46D5 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002446DB | 0_2_002446DB |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0021A725 | 0_2_0021A725 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00186710 | 0_2_00186710 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0023A73B | 0_2_0023A73B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002AE735 | 0_2_002AE735 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0028070A | 0_2_0028070A |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0034A713 | 0_2_0034A713 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00268710 | 0_2_00268710 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00242776 | 0_2_00242776 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0024E776 | 0_2_0024E776 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0022A77F | 0_2_0022A77F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002E6773 | 0_2_002E6773 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002DE74D | 0_2_002DE74D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002EE75E | 0_2_002EE75E |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00198792 | 0_2_00198792 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002647A9 | 0_2_002647A9 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002CA7BC | 0_2_002CA7BC |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0018A780 | 0_2_0018A780 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0026A7BD | 0_2_0026A7BD |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002F8789 | 0_2_002F8789 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002FE788 | 0_2_002FE788 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002A079D | 0_2_002A079D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0022279F | 0_2_0022279F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002787EC | 0_2_002787EC |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_003127E5 | 0_2_003127E5 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0019E7C0 | 0_2_0019E7C0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002BC7F0 | 0_2_002BC7F0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0028C7DA | 0_2_0028C7DA |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0025C824 | 0_2_0025C824 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001B8810 | 0_2_001B8810 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002AC80D | 0_2_002AC80D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00310802 | 0_2_00310802 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0019682D | 0_2_0019682D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0021C816 | 0_2_0021C816 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00304809 | 0_2_00304809 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0030E876 | 0_2_0030E876 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00226874 | 0_2_00226874 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002E4878 | 0_2_002E4878 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002F2878 | 0_2_002F2878 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00290842 | 0_2_00290842 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00250852 | 0_2_00250852 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002D6857 | 0_2_002D6857 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002D28AD | 0_2_002D28AD |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002EA8AE | 0_2_002EA8AE |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002C88B4 | 0_2_002C88B4 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002B28B0 | 0_2_002B28B0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00240885 | 0_2_00240885 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0022C880 | 0_2_0022C880 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0018C8B6 | 0_2_0018C8B6 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00220893 | 0_2_00220893 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0026C897 | 0_2_0026C897 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002248E2 | 0_2_002248E2 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0022E8EC | 0_2_0022E8EC |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001A88CB | 0_2_001A88CB |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002AA8F9 | 0_2_002AA8F9 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002948DE | 0_2_002948DE |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001EE8E4 | 0_2_001EE8E4 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002DA93D | 0_2_002DA93D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0030A92A | 0_2_0030A92A |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002CE930 | 0_2_002CE930 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0031292D | 0_2_0031292D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001A0939 | 0_2_001A0939 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00314901 | 0_2_00314901 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002A491F | 0_2_002A491F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002F6914 | 0_2_002F6914 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002FA912 | 0_2_002FA912 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0024C91A | 0_2_0024C91A |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001B0940 | 0_2_001B0940 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0030496B | 0_2_0030496B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0025894A | 0_2_0025894A |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001EA965 | 0_2_001EA965 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002149AE | 0_2_002149AE |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0020C9B2 | 0_2_0020C9B2 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002369BC | 0_2_002369BC |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001E49B7 | 0_2_001E49B7 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0026698C | 0_2_0026698C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00248999 | 0_2_00248999 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002409E9 | 0_2_002409E9 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_003089EB | 0_2_003089EB |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002D09CE | 0_2_002D09CE |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001EC9FA | 0_2_001EC9FA |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0029A9C1 | 0_2_0029A9C1 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_003009DB | 0_2_003009DB |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0023A9DA | 0_2_0023A9DA |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_003349CC | 0_2_003349CC |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0021EA21 | 0_2_0021EA21 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00244A25 | 0_2_00244A25 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0030EA31 | 0_2_0030EA31 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0018EA10 | 0_2_0018EA10 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00202A2C | 0_2_00202A2C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0027EA3D | 0_2_0027EA3D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0028AA17 | 0_2_0028AA17 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002BEA66 | 0_2_002BEA66 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001ACA49 | 0_2_001ACA49 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002C2A79 | 0_2_002C2A79 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001E0A7B | 0_2_001E0A7B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00272A57 | 0_2_00272A57 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002FCA5F | 0_2_002FCA5F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00230A5C | 0_2_00230A5C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0030CAB3 | 0_2_0030CAB3 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00260ABD | 0_2_00260ABD |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002CCAB1 | 0_2_002CCAB1 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002C0A8A | 0_2_002C0A8A |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00274A8A | 0_2_00274A8A |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002D8A9D | 0_2_002D8A9D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002B6A91 | 0_2_002B6A91 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0020AA9C | 0_2_0020AA9C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00208AE4 | 0_2_00208AE4 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001ACAD0 | 0_2_001ACAD0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002EEACB | 0_2_002EEACB |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001F6AF0 | 0_2_001F6AF0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00218AD7 | 0_2_00218AD7 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002AEB29 | 0_2_002AEB29 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002C6B28 | 0_2_002C6B28 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002BAB2C | 0_2_002BAB2C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001ACB11 | 0_2_001ACB11 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002B8B27 | 0_2_002B8B27 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00256B37 | 0_2_00256B37 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001B6B08 | 0_2_001B6B08 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0028CB34 | 0_2_0028CB34 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002ECB30 | 0_2_002ECB30 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002A0B0D | 0_2_002A0B0D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001ACB22 | 0_2_001ACB22 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0021AB1C | 0_2_0021AB1C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00268B18 | 0_2_00268B18 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00314B74 | 0_2_00314B74 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001A6B50 | 0_2_001A6B50 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001F4B4D | 0_2_001F4B4D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002F8B7D | 0_2_002F8B7D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00246B72 | 0_2_00246B72 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002D4B7B | 0_2_002D4B7B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0019CB40 | 0_2_0019CB40 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00288B57 | 0_2_00288B57 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0025EBAF | 0_2_0025EBAF |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0025CBB2 | 0_2_0025CBB2 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002B0BBC | 0_2_002B0BBC |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002FCBB0 | 0_2_002FCBB0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002C4B8C | 0_2_002C4B8C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0028AB89 | 0_2_0028AB89 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002DEB9F | 0_2_002DEB9F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001E8BA2 | 0_2_001E8BA2 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0030CBF7 | 0_2_0030CBF7 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00200BED | 0_2_00200BED |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00348BE2 | 0_2_00348BE2 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002CABF4 | 0_2_002CABF4 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00252BC7 | 0_2_00252BC7 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00258BCA | 0_2_00258BCA |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00272BDA | 0_2_00272BDA |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0024EBDA | 0_2_0024EBDA |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002B2C2D | 0_2_002B2C2D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002F4C3C | 0_2_002F4C3C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002CCC35 | 0_2_002CCC35 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001EEC04 | 0_2_001EEC04 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00276C3D | 0_2_00276C3D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0026CC12 | 0_2_0026CC12 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00254C1E | 0_2_00254C1E |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002A2C62 | 0_2_002A2C62 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00244C68 | 0_2_00244C68 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002E4C74 | 0_2_002E4C74 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00278C45 | 0_2_00278C45 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00184C60 | 0_2_00184C60 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001E6C65 | 0_2_001E6C65 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00286C53 | 0_2_00286C53 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002BCCAA | 0_2_002BCCAA |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002DACAE | 0_2_002DACAE |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00202CA6 | 0_2_00202CA6 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001AAC90 | 0_2_001AAC90 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0029EC9D | 0_2_0029EC9D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001BECA0 | 0_2_001BECA0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0022ECE3 | 0_2_0022ECE3 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00234CE5 | 0_2_00234CE5 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00302CE0 | 0_2_00302CE0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0023ECF1 | 0_2_0023ECF1 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002E8CF2 | 0_2_002E8CF2 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0026ACD0 | 0_2_0026ACD0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002E0CD6 | 0_2_002E0CD6 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002EACD4 | 0_2_002EACD4 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001EED1B | 0_2_001EED1B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002ACD25 | 0_2_002ACD25 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002C8D3C | 0_2_002C8D3C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001F0D0C | 0_2_001F0D0C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00220D37 | 0_2_00220D37 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00260D3E | 0_2_00260D3E |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00284D34 | 0_2_00284D34 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00206D63 | 0_2_00206D63 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00282D66 | 0_2_00282D66 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001EAD4D | 0_2_001EAD4D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0018CD46 | 0_2_0018CD46 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001F8D6E | 0_2_001F8D6E |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00290D5D | 0_2_00290D5D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0023CDA8 | 0_2_0023CDA8 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002DCDB8 | 0_2_002DCDB8 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00296DBF | 0_2_00296DBF |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0029CDB0 | 0_2_0029CDB0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00226DB9 | 0_2_00226DB9 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00214DBD | 0_2_00214DBD |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002BED89 | 0_2_002BED89 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002B4D91 | 0_2_002B4D91 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0023ADF6 | 0_2_0023ADF6 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00306DC3 | 0_2_00306DC3 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00308DCD | 0_2_00308DCD |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00222E21 | 0_2_00222E21 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00312E32 | 0_2_00312E32 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001FAE19 | 0_2_001FAE19 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00298E24 | 0_2_00298E24 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001ECE0D | 0_2_001ECE0D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002C4E03 | 0_2_002C4E03 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002CCE1E | 0_2_002CCE1E |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002E4E60 | 0_2_002E4E60 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002EAE7D | 0_2_002EAE7D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001B6E74 | 0_2_001B6E74 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0021EE50 | 0_2_0021EE50 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002A6E5F | 0_2_002A6E5F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002C0EAC | 0_2_002C0EAC |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00216EA0 | 0_2_00216EA0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002A2EA3 | 0_2_002A2EA3 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00210EB0 | 0_2_00210EB0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00268EBA | 0_2_00268EBA |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002D2E87 | 0_2_002D2E87 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002ACE84 | 0_2_002ACE84 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00218EE1 | 0_2_00218EE1 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001BAEC0 | 0_2_001BAEC0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00238EFC | 0_2_00238EFC |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00254EC0 | 0_2_00254EC0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002C6EC6 | 0_2_002C6EC6 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0028AEDF | 0_2_0028AEDF |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001E4EE2 | 0_2_001E4EE2 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001E2EE0 | 0_2_001E2EE0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002E8F2E | 0_2_002E8F2E |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002D4F2F | 0_2_002D4F2F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0021CF29 | 0_2_0021CF29 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002C2F20 | 0_2_002C2F20 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002B2F3B | 0_2_002B2F3B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002B0F36 | 0_2_002B0F36 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00242F14 | 0_2_00242F14 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00306F71 | 0_2_00306F71 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001B8F59 | 0_2_001B8F59 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00182F50 | 0_2_00182F50 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001A0F50 | 0_2_001A0F50 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0025CF74 | 0_2_0025CF74 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002F4F73 | 0_2_002F4F73 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002D8F4F | 0_2_002D8F4F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002BAF4E | 0_2_002BAF4E |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00300F55 | 0_2_00300F55 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001ACF74 | 0_2_001ACF74 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00212F4F | 0_2_00212F4F |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00246FA5 | 0_2_00246FA5 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002A0FAD | 0_2_002A0FAD |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002BEFB9 | 0_2_002BEFB9 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002FCFBB | 0_2_002FCFBB |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0022EFB4 | 0_2_0022EFB4 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001EAF82 | 0_2_001EAF82 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001F4F83 | 0_2_001F4F83 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00272FBB | 0_2_00272FBB |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00280FB5 | 0_2_00280FB5 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0026EF82 | 0_2_0026EF82 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001FAFB5 | 0_2_001FAFB5 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001BEFB0 | 0_2_001BEFB0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001E0FB0 | 0_2_001E0FB0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00230F90 | 0_2_00230F90 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001F2FA1 | 0_2_001F2FA1 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002FAFE3 | 0_2_002FAFE3 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0020AFF2 | 0_2_0020AFF2 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0028CFFB | 0_2_0028CFFB |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00252FF2 | 0_2_00252FF2 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00314FD7 | 0_2_00314FD7 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002AAFC1 | 0_2_002AAFC1 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0021AFD2 | 0_2_0021AFD2 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002CCFD5 | 0_2_002CCFD5 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002E6FD5 | 0_2_002E6FD5 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001F6FE1 | 0_2_001F6FE1 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002E9020 | 0_2_002E9020 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0020F03B | 0_2_0020F03B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00263000 | 0_2_00263000 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0025100C | 0_2_0025100C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00287015 | 0_2_00287015 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0030B07D | 0_2_0030B07D |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0023F073 | 0_2_0023F073 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002BD070 | 0_2_002BD070 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0022D07E | 0_2_0022D07E |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0025507A | 0_2_0025507A |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001EF07C | 0_2_001EF07C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0020D04B | 0_2_0020D04B |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00259056 | 0_2_00259056 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_003030B3 | 0_2_003030B3 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0024F0AA | 0_2_0024F0AA |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_003090A5 | 0_2_003090A5 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002F909E | 0_2_002F909E |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00283093 | 0_2_00283093 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001E70A3 | 0_2_001E70A3 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_003410D8 | 0_2_003410D8 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0027F0D0 | 0_2_0027F0D0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0024D13E | 0_2_0024D13E |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0024B139 | 0_2_0024B139 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00209101 | 0_2_00209101 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0020311C | 0_2_0020311C |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002A7148 | 0_2_002A7148 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00311142 | 0_2_00311142 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002DB158 | 0_2_002DB158 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001F1162 | 0_2_001F1162 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_0022B1B2 | 0_2_0022B1B2 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002B71BB | 0_2_002B71BB |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001891B0 | 0_2_001891B0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_00293183 | 0_2_00293183 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002E1184 | 0_2_002E1184 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002A3181 | 0_2_002A3181 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001A91DD | 0_2_001A91DD |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002DF1EA | 0_2_002DF1EA |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_002271E8 | 0_2_002271E8 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | Code function: 0_2_001BB1D0 | 0_2_001BB1D0 |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 1D82E1 second address: 1D82E7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 1D82E7 second address: 1D82EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 351B11 second address: 351B17 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 351B17 second address: 351B1C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 351B1C second address: 351B59 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 jmp 00007F13590914CDh 0x00000008 jmp 00007F13590914D1h 0x0000000d pop esi 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007F13590914D9h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 350B52 second address: 350B5D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007F1359094356h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 350F8D second address: 350F9D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jnp 00007F13590914C6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f pop eax 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3512B5 second address: 3512BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3512BD second address: 3512C3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 35141F second address: 351447 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F1359094361h 0x00000007 jmp 00007F1359094360h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push edi 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 35408C second address: 354097 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jnc 00007F13590914C6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3542C7 second address: 3542CB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3542CB second address: 354322 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edx 0x00000007 jmp 00007F13590914D8h 0x0000000c pop edx 0x0000000d popad 0x0000000e mov dword ptr [esp], eax 0x00000011 mov dword ptr [ebp+122D1C8Eh], eax 0x00000017 push 00000000h 0x00000019 jmp 00007F13590914CDh 0x0000001e pushad 0x0000001f mov cx, B250h 0x00000023 mov bl, B2h 0x00000025 popad 0x00000026 push C41614B7h 0x0000002b pushad 0x0000002c pushad 0x0000002d jmp 00007F13590914CDh 0x00000032 push eax 0x00000033 push edx 0x00000034 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 354322 second address: 35432F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jng 00007F135909435Ch 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 35432F second address: 3543FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 add dword ptr [esp], 3BE9EBC9h 0x0000000c call 00007F13590914CFh 0x00000011 call 00007F13590914D4h 0x00000016 mov di, 7605h 0x0000001a pop edx 0x0000001b pop esi 0x0000001c push 00000003h 0x0000001e or edi, dword ptr [ebp+122D2E07h] 0x00000024 push ebx 0x00000025 jnc 00007F13590914D0h 0x0000002b pop esi 0x0000002c push 00000000h 0x0000002e mov esi, dword ptr [ebp+122D2F3Eh] 0x00000034 mov ecx, ebx 0x00000036 push 00000003h 0x00000038 jnc 00007F13590914C8h 0x0000003e push 90850B4Ah 0x00000043 jmp 00007F13590914D9h 0x00000048 add dword ptr [esp], 2F7AF4B6h 0x0000004f jmp 00007F13590914D9h 0x00000054 lea ebx, dword ptr [ebp+1244FFF7h] 0x0000005a mov esi, dword ptr [ebp+122D205Bh] 0x00000060 xchg eax, ebx 0x00000061 jne 00007F13590914D9h 0x00000067 push eax 0x00000068 push eax 0x00000069 push edx 0x0000006a push eax 0x0000006b push edx 0x0000006c push edi 0x0000006d pop edi 0x0000006e rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3543FD second address: 354410 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F135909435Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 354410 second address: 354416 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 365133 second address: 365147 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b jne 00007F1359094356h 0x00000011 pushad 0x00000012 popad 0x00000013 popad 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 374458 second address: 37445F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 37445F second address: 374465 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 37231C second address: 372387 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F13590914D1h 0x00000008 jmp 00007F13590914D1h 0x0000000d popad 0x0000000e ja 00007F13590914D2h 0x00000014 pop edx 0x00000015 pop eax 0x00000016 push edi 0x00000017 jmp 00007F13590914D9h 0x0000001c push eax 0x0000001d push edx 0x0000001e jmp 00007F13590914D5h 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 372387 second address: 37238B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 37238B second address: 372391 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 372630 second address: 372634 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 372A0C second address: 372A10 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 372A10 second address: 372A1A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push edi 0x00000009 pop edi 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 372CCA second address: 372CD6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007F13590914C6h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 372CD6 second address: 372D0A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push ebx 0x00000006 push eax 0x00000007 pop eax 0x00000008 jmp 00007F1359094363h 0x0000000d pop ebx 0x0000000e pop edi 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F1359094365h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 373185 second address: 373195 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a jl 00007F13590914C6h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 373195 second address: 373199 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 373199 second address: 37319F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 37319F second address: 3731A4 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3732F6 second address: 3732FA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3732FA second address: 373303 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ecx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 373482 second address: 373488 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 373488 second address: 3734B5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 jg 00007F1359094356h 0x0000000d pushad 0x0000000e popad 0x0000000f pop eax 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007F1359094367h 0x00000018 pushad 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3734B5 second address: 3734D1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 jmp 00007F13590914D3h 0x0000000d popad 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3734D1 second address: 3734DA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3734DA second address: 3734F5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F13590914D2h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 36AD7C second address: 36ADA0 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F1359094356h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jmp 00007F1359094367h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 36ADA0 second address: 36ADC4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 push esi 0x00000007 pop esi 0x00000008 popad 0x00000009 pushad 0x0000000a push esi 0x0000000b pop esi 0x0000000c push edx 0x0000000d pop edx 0x0000000e pushad 0x0000000f popad 0x00000010 popad 0x00000011 jng 00007F13590914D7h 0x00000017 jmp 00007F13590914CBh 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 373E84 second address: 373E8B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop eax 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 373E8B second address: 373E91 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 373E91 second address: 373E97 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 373E97 second address: 373E9B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 373E9B second address: 373EA9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jc 00007F1359094362h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 373EA9 second address: 373EAF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 340178 second address: 3401C2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jo 00007F1359094356h 0x00000009 pushad 0x0000000a popad 0x0000000b jmp 00007F1359094367h 0x00000010 jno 00007F1359094356h 0x00000016 popad 0x00000017 push edx 0x00000018 jmp 00007F135909435Bh 0x0000001d pop edx 0x0000001e pop edx 0x0000001f pop eax 0x00000020 pushad 0x00000021 pushad 0x00000022 je 00007F1359094356h 0x00000028 push edx 0x00000029 pop edx 0x0000002a pushad 0x0000002b popad 0x0000002c pushad 0x0000002d popad 0x0000002e popad 0x0000002f pushad 0x00000030 push eax 0x00000031 push edx 0x00000032 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 341C2D second address: 341C4A instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jnc 00007F13590914C6h 0x00000010 jmp 00007F13590914CDh 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 341C4A second address: 341C77 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 jmp 00007F1359094361h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jmp 00007F135909435Bh 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 jl 00007F1359094356h 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 341C77 second address: 341C7B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 341C7B second address: 341C81 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 37B1A6 second address: 37B1AA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 346CCC second address: 346CD2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 380589 second address: 38058E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38058E second address: 38059F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push esi 0x00000007 pop esi 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push esi 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 380CE1 second address: 380CEE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jl 00007F13590914CCh 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 380E94 second address: 380E9A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 380E9A second address: 380EA0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 380EA0 second address: 380EA4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 381887 second address: 38188D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38188D second address: 3818D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edi 0x00000006 add dword ptr [esp], 7E6D4B6Fh 0x0000000d push 00000000h 0x0000000f push edx 0x00000010 call 00007F1359094358h 0x00000015 pop edx 0x00000016 mov dword ptr [esp+04h], edx 0x0000001a add dword ptr [esp+04h], 0000001Ah 0x00000022 inc edx 0x00000023 push edx 0x00000024 ret 0x00000025 pop edx 0x00000026 ret 0x00000027 sub dword ptr [ebp+122D1DE4h], eax 0x0000002d jmp 00007F135909435Ah 0x00000032 call 00007F1359094359h 0x00000037 push ecx 0x00000038 pushad 0x00000039 push eax 0x0000003a push edx 0x0000003b rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3818D9 second address: 3818DF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3818DF second address: 381900 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop ecx 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F1359094368h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 381900 second address: 381905 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 381905 second address: 381922 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [esp+04h] 0x0000000d pushad 0x0000000e jl 00007F135909435Ch 0x00000014 pushad 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 381922 second address: 381948 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 popad 0x00000008 mov eax, dword ptr [eax] 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d jmp 00007F13590914D6h 0x00000012 pushad 0x00000013 popad 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 381948 second address: 381952 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jg 00007F1359094356h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 381A1E second address: 381A24 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 381A24 second address: 381A28 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 381BB2 second address: 381BEC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jno 00007F13590914DAh 0x0000000c popad 0x0000000d push eax 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007F13590914D6h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 381BEC second address: 381BF3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 381E99 second address: 381E9D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 382531 second address: 382549 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F1359094364h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 382928 second address: 382934 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 popad 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 382934 second address: 38293A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38293A second address: 38293F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3836B7 second address: 3836D9 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F135909435Ch 0x00000008 jc 00007F1359094356h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 pushad 0x00000012 jc 00007F1359094358h 0x00000018 pushad 0x00000019 popad 0x0000001a push eax 0x0000001b push edx 0x0000001c jng 00007F1359094356h 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 384743 second address: 384747 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 384747 second address: 38474B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38474B second address: 384751 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 384751 second address: 38476E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F1359094369h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3872FF second address: 387346 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 js 00007F13590914C6h 0x0000000b pop ebx 0x0000000c popad 0x0000000d mov dword ptr [esp], eax 0x00000010 push 00000000h 0x00000012 and esi, dword ptr [ebp+122D2A3Eh] 0x00000018 push 00000000h 0x0000001a mov si, cx 0x0000001d mov edi, dword ptr [ebp+122D2BFBh] 0x00000023 xchg eax, ebx 0x00000024 pushad 0x00000025 push ebx 0x00000026 pushad 0x00000027 popad 0x00000028 pop ebx 0x00000029 jmp 00007F13590914D8h 0x0000002e popad 0x0000002f push eax 0x00000030 push esi 0x00000031 pushad 0x00000032 push eax 0x00000033 push edx 0x00000034 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 387DCB second address: 387DD1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 387DD1 second address: 387E39 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], eax 0x0000000b jmp 00007F13590914D8h 0x00000010 push 00000000h 0x00000012 push 00000000h 0x00000014 push edi 0x00000015 call 00007F13590914C8h 0x0000001a pop edi 0x0000001b mov dword ptr [esp+04h], edi 0x0000001f add dword ptr [esp+04h], 00000016h 0x00000027 inc edi 0x00000028 push edi 0x00000029 ret 0x0000002a pop edi 0x0000002b ret 0x0000002c sbb esi, 69C9DF69h 0x00000032 push 00000000h 0x00000034 xchg eax, ebx 0x00000035 jmp 00007F13590914D6h 0x0000003a push eax 0x0000003b push ecx 0x0000003c push eax 0x0000003d push edx 0x0000003e pushad 0x0000003f popad 0x00000040 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38C745 second address: 38C749 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38D689 second address: 38D68D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38E7F3 second address: 38E80C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 jmp 00007F135909435Eh 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38E80C second address: 38E811 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38E811 second address: 38E816 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38EB1C second address: 38EB20 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38EB20 second address: 38EB26 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38EB26 second address: 38EB2B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3928A2 second address: 3928D1 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 jmp 00007F1359094363h 0x00000008 pop ecx 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c jnc 00007F1359094356h 0x00000012 jnp 00007F1359094356h 0x00000018 popad 0x00000019 pop edx 0x0000001a pop eax 0x0000001b push ecx 0x0000001c push eax 0x0000001d pushad 0x0000001e popad 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 393197 second address: 39319D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 39319D second address: 3931A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 39420D second address: 39422E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 push ecx 0x00000006 pop ecx 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e jmp 00007F13590914D2h 0x00000013 pop eax 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3931A1 second address: 3931B4 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F1359094356h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 394FEA second address: 394FF6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push ebx 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3931B4 second address: 3931B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 394FF6 second address: 394FFA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 39422E second address: 3942AE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F1359094367h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a mov ebx, 6A8D6292h 0x0000000f push dword ptr fs:[00000000h] 0x00000016 mov bx, C921h 0x0000001a mov dword ptr fs:[00000000h], esp 0x00000021 jmp 00007F1359094367h 0x00000026 mov eax, dword ptr [ebp+122D0FF5h] 0x0000002c mov ebx, ecx 0x0000002e push FFFFFFFFh 0x00000030 mov dword ptr [ebp+122D2F47h], ebx 0x00000036 nop 0x00000037 js 00007F135909436Eh 0x0000003d jmp 00007F1359094368h 0x00000042 push eax 0x00000043 push eax 0x00000044 push edx 0x00000045 push eax 0x00000046 push edx 0x00000047 push eax 0x00000048 push edx 0x00000049 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3931B8 second address: 3931C6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F13590914CAh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3942AE second address: 3942B2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3931C6 second address: 3931CB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3942B2 second address: 3942CF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F1359094369h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3931CB second address: 3931D1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3960C8 second address: 3960DC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F135909435Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3960DC second address: 3960E0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 395182 second address: 395186 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 39616B second address: 396194 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F13590914D4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push esi 0x0000000d jmp 00007F13590914CCh 0x00000012 pop esi 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 39522D second address: 395232 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 395232 second address: 39523C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 je 00007F13590914C6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 39A122 second address: 39A153 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F1359094358h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov dword ptr [esp], eax 0x0000000d jmp 00007F135909435Dh 0x00000012 push 00000000h 0x00000014 and ebx, 652B9A00h 0x0000001a push 00000000h 0x0000001c clc 0x0000001d push eax 0x0000001e js 00007F1359094360h 0x00000024 pushad 0x00000025 push eax 0x00000026 push edx 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 39BF0C second address: 39BF22 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jno 00007F13590914C6h 0x00000009 pop ebx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push esi 0x0000000e push eax 0x0000000f push edx 0x00000010 jnl 00007F13590914C6h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 39BF22 second address: 39BF92 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 nop 0x00000008 push 00000000h 0x0000000a push edi 0x0000000b call 00007F1359094358h 0x00000010 pop edi 0x00000011 mov dword ptr [esp+04h], edi 0x00000015 add dword ptr [esp+04h], 0000001Ah 0x0000001d inc edi 0x0000001e push edi 0x0000001f ret 0x00000020 pop edi 0x00000021 ret 0x00000022 mov ebx, dword ptr [ebp+122D2CA3h] 0x00000028 mov bl, F2h 0x0000002a push 00000000h 0x0000002c push 00000000h 0x0000002e push ebx 0x0000002f call 00007F1359094358h 0x00000034 pop ebx 0x00000035 mov dword ptr [esp+04h], ebx 0x00000039 add dword ptr [esp+04h], 0000001Dh 0x00000041 inc ebx 0x00000042 push ebx 0x00000043 ret 0x00000044 pop ebx 0x00000045 ret 0x00000046 jng 00007F135909435Ah 0x0000004c mov bx, 8C3Bh 0x00000050 push 00000000h 0x00000052 push eax 0x00000053 jbe 00007F1359094368h 0x00000059 push eax 0x0000005a push edx 0x0000005b push eax 0x0000005c push edx 0x0000005d rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 39BF92 second address: 39BF96 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 39BF96 second address: 39BF9A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 39844F second address: 398453 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 398453 second address: 398459 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 396313 second address: 3963D6 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp], eax 0x0000000a push 00000000h 0x0000000c push ecx 0x0000000d call 00007F13590914C8h 0x00000012 pop ecx 0x00000013 mov dword ptr [esp+04h], ecx 0x00000017 add dword ptr [esp+04h], 0000001Ch 0x0000001f inc ecx 0x00000020 push ecx 0x00000021 ret 0x00000022 pop ecx 0x00000023 ret 0x00000024 clc 0x00000025 mov ebx, dword ptr [ebp+122D2CDBh] 0x0000002b push dword ptr fs:[00000000h] 0x00000032 jmp 00007F13590914D9h 0x00000037 mov dword ptr fs:[00000000h], esp 0x0000003e push edx 0x0000003f push esi 0x00000040 pop ebx 0x00000041 pop edi 0x00000042 mov eax, dword ptr [ebp+122D0381h] 0x00000048 jmp 00007F13590914D5h 0x0000004d push FFFFFFFFh 0x0000004f mov edi, eax 0x00000051 pushad 0x00000052 push ebx 0x00000053 mov ebx, dword ptr [ebp+122D1FC4h] 0x00000059 pop ebx 0x0000005a call 00007F13590914CFh 0x0000005f jmp 00007F13590914CEh 0x00000064 pop esi 0x00000065 popad 0x00000066 nop 0x00000067 jmp 00007F13590914D5h 0x0000006c push eax 0x0000006d push eax 0x0000006e push edx 0x0000006f push edi 0x00000070 push eax 0x00000071 push edx 0x00000072 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 39E04F second address: 39E07E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pushad 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 jmp 00007F1359094366h 0x0000000d jmp 00007F1359094360h 0x00000012 popad 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3963D6 second address: 3963DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 343767 second address: 34376D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 34376D second address: 343773 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 39C0C7 second address: 39C0CB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 343773 second address: 34377C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 34377C second address: 343780 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 39C0CB second address: 39C0DD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 push eax 0x00000008 jnp 00007F13590914D0h 0x0000000e push eax 0x0000000f push edx 0x00000010 push esi 0x00000011 pop esi 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 39C0DD second address: 39C183 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 nop 0x00000007 mov dword ptr [ebp+122D2323h], edi 0x0000000d push dword ptr fs:[00000000h] 0x00000014 jns 00007F135909436Ch 0x0000001a mov dword ptr fs:[00000000h], esp 0x00000021 push 00000000h 0x00000023 push ebp 0x00000024 call 00007F1359094358h 0x00000029 pop ebp 0x0000002a mov dword ptr [esp+04h], ebp 0x0000002e add dword ptr [esp+04h], 00000015h 0x00000036 inc ebp 0x00000037 push ebp 0x00000038 ret 0x00000039 pop ebp 0x0000003a ret 0x0000003b or edi, 60B5A15Fh 0x00000041 mov eax, dword ptr [ebp+122D0879h] 0x00000047 call 00007F135909435Ah 0x0000004c mov edi, dword ptr [ebp+122D21E6h] 0x00000052 pop edi 0x00000053 push FFFFFFFFh 0x00000055 push 00000000h 0x00000057 push ebp 0x00000058 call 00007F1359094358h 0x0000005d pop ebp 0x0000005e mov dword ptr [esp+04h], ebp 0x00000062 add dword ptr [esp+04h], 0000001Ah 0x0000006a inc ebp 0x0000006b push ebp 0x0000006c ret 0x0000006d pop ebp 0x0000006e ret 0x0000006f mov dword ptr [ebp+12454BB0h], esi 0x00000075 push eax 0x00000076 push eax 0x00000077 push edx 0x00000078 jp 00007F1359094358h 0x0000007e rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 39E6F8 second address: 39E6FE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 39E6FE second address: 39E76F instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 push 00000000h 0x0000000b push ecx 0x0000000c call 00007F1359094358h 0x00000011 pop ecx 0x00000012 mov dword ptr [esp+04h], ecx 0x00000016 add dword ptr [esp+04h], 00000015h 0x0000001e inc ecx 0x0000001f push ecx 0x00000020 ret 0x00000021 pop ecx 0x00000022 ret 0x00000023 add di, 705Ch 0x00000028 jmp 00007F135909435Ah 0x0000002d push 00000000h 0x0000002f push 00000000h 0x00000031 push ebp 0x00000032 call 00007F1359094358h 0x00000037 pop ebp 0x00000038 mov dword ptr [esp+04h], ebp 0x0000003c add dword ptr [esp+04h], 00000014h 0x00000044 inc ebp 0x00000045 push ebp 0x00000046 ret 0x00000047 pop ebp 0x00000048 ret 0x00000049 jmp 00007F1359094360h 0x0000004e push 00000000h 0x00000050 push ebx 0x00000051 or di, 36B2h 0x00000056 pop edi 0x00000057 push eax 0x00000058 push edx 0x00000059 pushad 0x0000005a push eax 0x0000005b push edx 0x0000005c rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3A6998 second address: 3A69C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007F13590914C6h 0x0000000a jp 00007F13590914C6h 0x00000010 popad 0x00000011 pushad 0x00000012 pushad 0x00000013 popad 0x00000014 pushad 0x00000015 popad 0x00000016 push edi 0x00000017 pop edi 0x00000018 jbe 00007F13590914C6h 0x0000001e popad 0x0000001f jno 00007F13590914C8h 0x00000025 push eax 0x00000026 push edx 0x00000027 pushad 0x00000028 popad 0x00000029 push eax 0x0000002a push edx 0x0000002b rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3A69C5 second address: 3A69C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3A69C9 second address: 3A6A00 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F13590914D2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a pushad 0x0000000b pushad 0x0000000c jmp 00007F13590914D2h 0x00000011 jns 00007F13590914C6h 0x00000017 pushad 0x00000018 popad 0x00000019 popad 0x0000001a push edi 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3A6A00 second address: 3A6A0E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pushad 0x00000006 jnp 00007F1359094356h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3A60F7 second address: 3A6103 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push edi 0x00000009 pop edi 0x0000000a push edx 0x0000000b pop edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3A6103 second address: 3A6109 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3A6109 second address: 3A6127 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F13590914C8h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F13590914CCh 0x00000011 push ecx 0x00000012 pushad 0x00000013 popad 0x00000014 pop ecx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3A6548 second address: 3A654E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3A654E second address: 3A6552 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3A6552 second address: 3A6556 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3ACC93 second address: 3ACCEB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 mov eax, dword ptr [esp+04h] 0x00000009 push esi 0x0000000a push edi 0x0000000b jg 00007F13590914C6h 0x00000011 pop edi 0x00000012 pop esi 0x00000013 mov eax, dword ptr [eax] 0x00000015 jmp 00007F13590914D7h 0x0000001a mov dword ptr [esp+04h], eax 0x0000001e pushad 0x0000001f jmp 00007F13590914D0h 0x00000024 push eax 0x00000025 push edx 0x00000026 jmp 00007F13590914D5h 0x0000002b rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3ACCEB second address: 3ACCEF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3ACDA8 second address: 3ACDAC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3ACDAC second address: 3ACDB2 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3ACDB2 second address: 3ACDDB instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [esp+04h] 0x0000000c jng 00007F13590914F3h 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007F13590914D5h 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3ACDDB second address: 3ACE05 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F1359094362h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [eax] 0x0000000b ja 00007F135909435Ah 0x00000011 push esi 0x00000012 pushad 0x00000013 popad 0x00000014 pop esi 0x00000015 mov dword ptr [esp+04h], eax 0x00000019 push edx 0x0000001a pushad 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3ACE05 second address: 3ACE0B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3ACED4 second address: 3ACEE4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 popad 0x00000006 mov eax, dword ptr [esp+04h] 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3ACEE4 second address: 3ACEE8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3ACEE8 second address: 3ACEF2 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F1359094356h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B1622 second address: 3B1633 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007F13590914C6h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f push esi 0x00000010 pop esi 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B1633 second address: 3B1637 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B1637 second address: 3B1641 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B1641 second address: 3B1645 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B1C68 second address: 3B1C70 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B1C70 second address: 3B1C76 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B1DC2 second address: 3B1DC6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B1F42 second address: 3B1F48 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B1F48 second address: 3B1F52 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B1F52 second address: 3B1F5B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push edi 0x00000007 pop edi 0x00000008 popad 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B237B second address: 3B23B6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 jmp 00007F13590914D8h 0x0000000c pop eax 0x0000000d pushad 0x0000000e jmp 00007F13590914D8h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B2524 second address: 3B2528 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B2528 second address: 3B253F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F13590914CDh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B253F second address: 3B2545 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B2545 second address: 3B2549 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B2549 second address: 3B2570 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F1359094368h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push edi 0x0000000c jl 00007F1359094356h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B7C00 second address: 3B7C09 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B7C09 second address: 3B7C0F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B7C0F second address: 3B7C13 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B7C13 second address: 3B7C17 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B6BE0 second address: 3B6BF5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 je 00007F13590914C6h 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f jl 00007F13590914C6h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B6BF5 second address: 3B6C0B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F1359094362h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B6C0B second address: 3B6C39 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push esi 0x00000004 pop esi 0x00000005 jmp 00007F13590914D2h 0x0000000a pop ecx 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F13590914D4h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B6F0F second address: 3B6F14 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 387B89 second address: 387B8D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B7487 second address: 3B749F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F1359094364h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B749F second address: 3B74B1 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F13590914C6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ebx 0x0000000b jno 00007F13590914C6h 0x00000011 pop ebx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3B75F1 second address: 3B7609 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jg 00007F1359094356h 0x0000000c pushad 0x0000000d popad 0x0000000e popad 0x0000000f pushad 0x00000010 jng 00007F1359094356h 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38A64C second address: 36AD7C instructions: 0x00000000 rdtsc 0x00000002 jo 00007F13590914CCh 0x00000008 jbe 00007F13590914C6h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F13590914CDh 0x00000017 pop edx 0x00000018 nop 0x00000019 pushad 0x0000001a mov eax, dword ptr [ebp+12474012h] 0x00000020 mov ah, ch 0x00000022 popad 0x00000023 call dword ptr [ebp+122D1D48h] 0x00000029 pushad 0x0000002a push eax 0x0000002b push edx 0x0000002c pushad 0x0000002d popad 0x0000002e rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38A75B second address: 38A75F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38A75F second address: 38A77A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F13590914D1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b push edi 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38AC7E second address: 38AC82 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38AC82 second address: 38AC88 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38AC88 second address: 38AC92 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jne 00007F1359094356h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38AC92 second address: 38AC96 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38AD60 second address: 38AD64 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38AD64 second address: 38AD8B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov eax, dword ptr [eax] 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b jno 00007F13590914C6h 0x00000011 jmp 00007F13590914D5h 0x00000016 popad 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38AE8A second address: 38AE9E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F135909435Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop eax 0x0000000a push eax 0x0000000b push ebx 0x0000000c push ecx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38AEEC second address: 38AF4E instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 push eax 0x00000008 jnl 00007F13590914CEh 0x0000000e xchg eax, esi 0x0000000f push 00000000h 0x00000011 push edx 0x00000012 call 00007F13590914C8h 0x00000017 pop edx 0x00000018 mov dword ptr [esp+04h], edx 0x0000001c add dword ptr [esp+04h], 00000019h 0x00000024 inc edx 0x00000025 push edx 0x00000026 ret 0x00000027 pop edx 0x00000028 ret 0x00000029 nop 0x0000002a jmp 00007F13590914D5h 0x0000002f push eax 0x00000030 push eax 0x00000031 push edx 0x00000032 jmp 00007F13590914D1h 0x00000037 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38AF4E second address: 38AF58 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F135909435Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38B226 second address: 38B241 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F13590914D7h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38B241 second address: 38B25F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F1359094369h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38B25F second address: 38B2D1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 nop 0x00000008 push 00000000h 0x0000000a push edx 0x0000000b call 00007F13590914C8h 0x00000010 pop edx 0x00000011 mov dword ptr [esp+04h], edx 0x00000015 add dword ptr [esp+04h], 00000019h 0x0000001d inc edx 0x0000001e push edx 0x0000001f ret 0x00000020 pop edx 0x00000021 ret 0x00000022 push 00000004h 0x00000024 push 00000000h 0x00000026 push esi 0x00000027 call 00007F13590914C8h 0x0000002c pop esi 0x0000002d mov dword ptr [esp+04h], esi 0x00000031 add dword ptr [esp+04h], 00000016h 0x00000039 inc esi 0x0000003a push esi 0x0000003b ret 0x0000003c pop esi 0x0000003d ret 0x0000003e sub dx, 84DEh 0x00000043 nop 0x00000044 jne 00007F13590914D8h 0x0000004a push eax 0x0000004b push eax 0x0000004c push edx 0x0000004d push edx 0x0000004e jl 00007F13590914C6h 0x00000054 pop edx 0x00000055 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38BA06 second address: 38BA0A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38BA0A second address: 38BA1E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F13590914CAh 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38BA1E second address: 38BA46 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pushad 0x00000004 popad 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 push edx 0x0000000a mov dword ptr [ebp+12474012h], edi 0x00000010 pop edi 0x00000011 lea eax, dword ptr [ebp+124863F4h] 0x00000017 and edx, 221457BFh 0x0000001d push eax 0x0000001e jc 00007F1359094373h 0x00000024 push eax 0x00000025 push edx 0x00000026 pushad 0x00000027 popad 0x00000028 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38BA46 second address: 38BAAA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F13590914D5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c push 00000000h 0x0000000e push ebx 0x0000000f call 00007F13590914C8h 0x00000014 pop ebx 0x00000015 mov dword ptr [esp+04h], ebx 0x00000019 add dword ptr [esp+04h], 00000018h 0x00000021 inc ebx 0x00000022 push ebx 0x00000023 ret 0x00000024 pop ebx 0x00000025 ret 0x00000026 or dword ptr [ebp+1244EBCEh], ecx 0x0000002c lea eax, dword ptr [ebp+124863B0h] 0x00000032 mov edi, dword ptr [ebp+122D1C9Fh] 0x00000038 push eax 0x00000039 push eax 0x0000003a push edx 0x0000003b pushad 0x0000003c jmp 00007F13590914CFh 0x00000041 push ebx 0x00000042 pop ebx 0x00000043 popad 0x00000044 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38BAAA second address: 38BAAF instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38BAAF second address: 36B8C1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov dword ptr [esp], eax 0x0000000a mov edx, dword ptr [ebp+122D2331h] 0x00000010 call dword ptr [ebp+122D208Fh] 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 36B8C1 second address: 36B8CF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F135909435Ah 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 36B8CF second address: 36B8E1 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F13590914CCh 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C15F0 second address: 3C15F4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C15F4 second address: 3C1607 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F13590914CDh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C1607 second address: 3C160E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C192C second address: 3C1932 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C1A86 second address: 3C1A8C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C1A8C second address: 3C1AA9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F13590914C6h 0x0000000a popad 0x0000000b jo 00007F13590914D2h 0x00000011 jmp 00007F13590914CAh 0x00000016 pushad 0x00000017 popad 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C1AA9 second address: 3C1AD1 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F1359094358h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jmp 00007F1359094368h 0x00000010 push ecx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C1AD1 second address: 3C1AD7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C1AD7 second address: 3C1AE7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 pushad 0x00000009 popad 0x0000000a popad 0x0000000b pushad 0x0000000c pushad 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C1AE7 second address: 3C1AED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C1C1B second address: 3C1C3B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 js 00007F1359094367h 0x0000000b jmp 00007F1359094361h 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C1C3B second address: 3C1C41 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C1C41 second address: 3C1C47 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C1EFB second address: 3C1F01 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C207C second address: 3C2080 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C2080 second address: 3C2084 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C2084 second address: 3C208D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C208D second address: 3C2094 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop ebx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C65E8 second address: 3C65EC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C6BCF second address: 3C6BD3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C6BD3 second address: 3C6BDE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push ebx 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C6D2A second address: 3C6D60 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007F13590914C6h 0x0000000a jne 00007F13590914C6h 0x00000010 jmp 00007F13590914D4h 0x00000015 popad 0x00000016 push edx 0x00000017 jmp 00007F13590914CEh 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C70EF second address: 3C70F3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C70F3 second address: 3C70F9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3C7861 second address: 3C787F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F135909435Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jno 00007F135909435Eh 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3CAA63 second address: 3CAA67 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3CAA67 second address: 3CAA95 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jp 00007F1359094367h 0x0000000c jmp 00007F135909435Fh 0x00000011 push ebx 0x00000012 pop ebx 0x00000013 popad 0x00000014 pushad 0x00000015 jl 00007F135909435Ch 0x0000001b jo 00007F1359094356h 0x00000021 push ecx 0x00000022 push eax 0x00000023 push edx 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3CC3D6 second address: 3CC3F3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F13590914D8h 0x00000009 pop edi 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3CC3F3 second address: 3CC3F9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3CC3F9 second address: 3CC40F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F13590914D2h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3CF248 second address: 3CF252 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F1359094356h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3CF252 second address: 3CF258 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3CF258 second address: 3CF25C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3CF25C second address: 3CF265 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3CEB21 second address: 3CEB25 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3CEB25 second address: 3CEB37 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F13590914C6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jl 00007F13590914CEh 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3D3A18 second address: 3D3A56 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F1359094360h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007F1359094365h 0x0000000f js 00007F1359094368h 0x00000015 jmp 00007F135909435Ch 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3D2D32 second address: 3D2D38 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3D2D38 second address: 3D2D3C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3D2D3C second address: 3D2D40 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3D2D40 second address: 3D2D4D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3D2D4D second address: 3D2D51 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3D2D51 second address: 3D2D55 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3D2EB8 second address: 3D2EBE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3D2EBE second address: 3D2EC2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3D3048 second address: 3D304C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3D6059 second address: 3D605F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3D6352 second address: 3D6358 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3D667C second address: 3D6680 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3D6680 second address: 3D6686 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3D6686 second address: 3D668C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3D668C second address: 3D66C5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 js 00007F13590914C6h 0x0000000b pushad 0x0000000c popad 0x0000000d push esi 0x0000000e pop esi 0x0000000f popad 0x00000010 jo 00007F13590914DCh 0x00000016 jmp 00007F13590914CCh 0x0000001b jmp 00007F13590914CAh 0x00000020 pop edx 0x00000021 pop eax 0x00000022 push esi 0x00000023 push eax 0x00000024 push edx 0x00000025 jng 00007F13590914C6h 0x0000002b push eax 0x0000002c pop eax 0x0000002d rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3D66C5 second address: 3D66E0 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F1359094356h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F135909435Fh 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3D66E0 second address: 3D66E4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3DC0CF second address: 3DC0EA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F135909435Fh 0x00000009 push edi 0x0000000a pop edi 0x0000000b popad 0x0000000c pop edx 0x0000000d push ecx 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3DC0EA second address: 3DC0F0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3DC0F0 second address: 3DC0F6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3DA8A3 second address: 3DA8A7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3DA8A7 second address: 3DA8C5 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F1359094356h 0x00000008 jmp 00007F1359094364h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3DA8C5 second address: 3DA8F7 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F13590914E2h 0x00000008 jnc 00007F13590914C6h 0x0000000e jmp 00007F13590914D6h 0x00000013 pop edx 0x00000014 pop eax 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007F13590914CAh 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3DA8F7 second address: 3DA902 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jnp 00007F1359094356h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 38B51A second address: 38B59D instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F13590914C6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edi 0x0000000b push eax 0x0000000c ja 00007F13590914D6h 0x00000012 nop 0x00000013 push 00000000h 0x00000015 push edx 0x00000016 call 00007F13590914C8h 0x0000001b pop edx 0x0000001c mov dword ptr [esp+04h], edx 0x00000020 add dword ptr [esp+04h], 00000015h 0x00000028 inc edx 0x00000029 push edx 0x0000002a ret 0x0000002b pop edx 0x0000002c ret 0x0000002d mov dl, A9h 0x0000002f mov ebx, dword ptr [ebp+124863EFh] 0x00000035 sbb ecx, 7ABBD291h 0x0000003b add eax, ebx 0x0000003d push 00000000h 0x0000003f push edx 0x00000040 call 00007F13590914C8h 0x00000045 pop edx 0x00000046 mov dword ptr [esp+04h], edx 0x0000004a add dword ptr [esp+04h], 0000001Bh 0x00000052 inc edx 0x00000053 push edx 0x00000054 ret 0x00000055 pop edx 0x00000056 ret 0x00000057 mov edi, dword ptr [ebp+122D2E73h] 0x0000005d push eax 0x0000005e pushad 0x0000005f push eax 0x00000060 push eax 0x00000061 pop eax 0x00000062 pop eax 0x00000063 push eax 0x00000064 push edx 0x00000065 push ebx 0x00000066 pop ebx 0x00000067 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3DB2F9 second address: 3DB2FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3DB2FF second address: 3DB31D instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F13590914C6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007F13590914CEh 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 popad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3DB31D second address: 3DB321 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3DB321 second address: 3DB32B instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3DB32B second address: 3DB32F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3DB32F second address: 3DB333 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3DBD80 second address: 3DBDA6 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F1359094356h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a js 00007F1359094370h 0x00000010 jmp 00007F1359094364h 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3DBDA6 second address: 3DBDAE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3DBDAE second address: 3DBDB2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3DBDB2 second address: 3DBDD8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F13590914CFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F13590914D1h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3DBDD8 second address: 3DBDDC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3E3474 second address: 3E3479 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3E3479 second address: 3E34A8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pushad 0x00000006 jmp 00007F135909435Fh 0x0000000b jmp 00007F1359094368h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3E4603 second address: 3E4607 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3E4607 second address: 3E4613 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3E4613 second address: 3E4617 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3E4617 second address: 3E461F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3E7C1C second address: 3E7C24 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3E7DB8 second address: 3E7DC2 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F1359094356h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3E7DC2 second address: 3E7DE2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jo 00007F13590914C6h 0x0000000d jmp 00007F13590914D1h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3E7DE2 second address: 3E7DF1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jns 00007F1359094356h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3E7DF1 second address: 3E7DF5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3E7DF5 second address: 3E7DF9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3E8268 second address: 3E827F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push esi 0x00000007 pushad 0x00000008 popad 0x00000009 pop esi 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e push edx 0x0000000f pop edx 0x00000010 push edi 0x00000011 pop edi 0x00000012 popad 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3E827F second address: 3E8285 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3E8285 second address: 3E8291 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F13590914C6h 0x00000008 push edx 0x00000009 pop edx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3E8535 second address: 3E8539 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3E8539 second address: 3E8558 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F13590914CAh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F13590914CBh 0x00000012 pushad 0x00000013 popad 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3F46A6 second address: 3F46AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3F46AB second address: 3F46B3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3F46B3 second address: 3F46E9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F135909435Bh 0x00000007 jmp 00007F135909435Bh 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007F1359094367h 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3F46E9 second address: 3F4703 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F13590914D2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3F4703 second address: 3F4707 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3F4707 second address: 3F4714 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F13590914C6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push esi 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3F501B second address: 3F501F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3F501F second address: 3F5025 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3F5025 second address: 3F502A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3F502A second address: 3F5030 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3F5030 second address: 3F5043 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F135909435Dh 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3F5A58 second address: 3F5A78 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 push edi 0x00000008 jmp 00007F13590914D5h 0x0000000d pushad 0x0000000e popad 0x0000000f pop edi 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3F5A78 second address: 3F5A93 instructions: 0x00000000 rdtsc 0x00000002 je 00007F1359094358h 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F135909435Dh 0x0000000f push edx 0x00000010 pop edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3F6137 second address: 3F6141 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F13590914C6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3F6141 second address: 3F6147 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3FC8C6 second address: 3FC8EC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F13590914D9h 0x00000009 jne 00007F13590914C6h 0x0000000f pushad 0x00000010 popad 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 3FC443 second address: 3FC450 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 push eax 0x0000000a push edx 0x0000000b push edi 0x0000000c pop edi 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 40954B second address: 40956E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 jnp 00007F13590914C6h 0x0000000d jmp 00007F13590914D6h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 40956E second address: 40957C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b pop eax 0x0000000c push ecx 0x0000000d pop ecx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 40957C second address: 409599 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F13590914C6h 0x00000008 jmp 00007F13590914CBh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 jno 00007F13590914C6h 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 409101 second address: 409105 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 409105 second address: 40912A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F13590914D9h 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 40912A second address: 409136 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 jc 00007F1359094356h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 40C36A second address: 40C382 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F13590914CFh 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 40C382 second address: 40C38A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 40C38A second address: 40C3BF instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push edx 0x00000004 pop edx 0x00000005 pop ebx 0x00000006 push esi 0x00000007 jc 00007F13590914C6h 0x0000000d pop esi 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007F13590914D3h 0x00000019 jmp 00007F13590914CEh 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 40C3BF second address: 40C3CD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jns 00007F1359094358h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 40BE8E second address: 40BEA9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F13590914CBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c jne 00007F13590914C6h 0x00000012 pushad 0x00000013 popad 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 40C032 second address: 40C094 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F1359094367h 0x00000007 pushad 0x00000008 push edx 0x00000009 pop edx 0x0000000a js 00007F1359094356h 0x00000010 jmp 00007F1359094363h 0x00000015 popad 0x00000016 pop edx 0x00000017 pop eax 0x00000018 js 00007F135909437Fh 0x0000001e jnc 00007F1359094369h 0x00000024 pushad 0x00000025 jp 00007F1359094356h 0x0000002b pushad 0x0000002c popad 0x0000002d push eax 0x0000002e push edx 0x0000002f rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 419E3E second address: 419E42 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 419E42 second address: 419E5D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 je 00007F1359094378h 0x0000000d jnp 00007F135909435Ah 0x00000013 push ebx 0x00000014 pop ebx 0x00000015 pushad 0x00000016 popad 0x00000017 push eax 0x00000018 push edx 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 419E5D second address: 419E63 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 419E63 second address: 419E67 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 419E67 second address: 419E6B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 41E9E2 second address: 41EA09 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 js 00007F1359094356h 0x0000000b popad 0x0000000c jmp 00007F135909435Eh 0x00000011 pop edx 0x00000012 pop eax 0x00000013 push eax 0x00000014 push edx 0x00000015 push esi 0x00000016 je 00007F1359094356h 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 41EA09 second address: 41EA24 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 jmp 00007F13590914CBh 0x0000000d jnp 00007F13590914C6h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 41EA24 second address: 41EA29 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 41EA29 second address: 41EA2E instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 41EA2E second address: 41EA38 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edi 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 428CC3 second address: 428CCC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 4279CE second address: 4279DA instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 jbe 00007F1359094356h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 4279DA second address: 427A07 instructions: 0x00000000 rdtsc 0x00000002 je 00007F13590914DBh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jnc 00007F13590914CCh 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 42C866 second address: 42C86C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 42C5DB second address: 42C5EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 pop eax 0x0000000a push ecx 0x0000000b pushad 0x0000000c push ebx 0x0000000d pop ebx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 4349E0 second address: 434A06 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 pushad 0x0000000a jmp 00007F1359094368h 0x0000000f push eax 0x00000010 push edx 0x00000011 push esi 0x00000012 pop esi 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 43619B second address: 4361BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pushad 0x00000006 jmp 00007F13590914D4h 0x0000000b jp 00007F13590914C6h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 4361BD second address: 4361C2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 43ED6E second address: 43ED7E instructions: 0x00000000 rdtsc 0x00000002 jno 00007F13590914C8h 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 43ED7E second address: 43ED82 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 43EC17 second address: 43EC20 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 43EC20 second address: 43EC24 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 438536 second address: 43853C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 44CDB4 second address: 44CDEA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F1359094361h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jo 00007F135909435Ah 0x0000000f pushad 0x00000010 popad 0x00000011 pushad 0x00000012 popad 0x00000013 jne 00007F135909435Ch 0x00000019 popad 0x0000001a pushad 0x0000001b pushad 0x0000001c jc 00007F1359094356h 0x00000022 push eax 0x00000023 push edx 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 44C94A second address: 44C94E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 44C94E second address: 44C962 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F1359094360h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 44C962 second address: 44C967 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 461173 second address: 46117D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F1359094356h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 46001C second address: 460020 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 460334 second address: 46034A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F135909435Eh 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 46034A second address: 46034E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 46034E second address: 460352 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 46092C second address: 460936 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push esi 0x00000007 push edx 0x00000008 pop edx 0x00000009 pop esi 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 460936 second address: 46093C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 46093C second address: 460940 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 460940 second address: 460963 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b pushad 0x0000000c jmp 00007F1359094365h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 460963 second address: 4609A8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F13590914D3h 0x00000009 popad 0x0000000a jmp 00007F13590914D7h 0x0000000f push esi 0x00000010 push eax 0x00000011 pop eax 0x00000012 pushad 0x00000013 popad 0x00000014 pop esi 0x00000015 push eax 0x00000016 push edx 0x00000017 push edi 0x00000018 pop edi 0x00000019 jmp 00007F13590914CCh 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 4609A8 second address: 4609AC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 460CAB second address: 460CC5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F13590914D4h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 460CC5 second address: 460CDB instructions: 0x00000000 rdtsc 0x00000002 jg 00007F135909435Ch 0x00000008 jnl 00007F1359094356h 0x0000000e push eax 0x0000000f push edx 0x00000010 jne 00007F1359094356h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 460E08 second address: 460E0C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 460E0C second address: 460E41 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jne 00007F135909437Fh 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 460E41 second address: 460E67 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jmp 00007F13590914D2h 0x0000000a push eax 0x0000000b pop eax 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pushad 0x00000010 pushad 0x00000011 jbe 00007F13590914C6h 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 460E67 second address: 460E97 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F1359094356h 0x0000000a jmp 00007F135909435Bh 0x0000000f popad 0x00000010 pushad 0x00000011 push ecx 0x00000012 pop ecx 0x00000013 jmp 00007F135909435Ch 0x00000018 je 00007F1359094356h 0x0000001e popad 0x0000001f push eax 0x00000020 push edx 0x00000021 push eax 0x00000022 push edx 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 460E97 second address: 460E9D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 465700 second address: 465706 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 465706 second address: 46574A instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a jnc 00007F13590914C8h 0x00000010 jmp 00007F13590914CAh 0x00000015 popad 0x00000016 nop 0x00000017 mov dword ptr [ebp+122D2A38h], edi 0x0000001d push dword ptr [ebp+122D22EEh] 0x00000023 push eax 0x00000024 mov dword ptr [ebp+122D2739h], ebx 0x0000002a pop edx 0x0000002b push 287B4CE7h 0x00000030 pushad 0x00000031 push edx 0x00000032 pushad 0x00000033 popad 0x00000034 pop edx 0x00000035 je 00007F13590914CCh 0x0000003b push eax 0x0000003c push edx 0x0000003d rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 466EB8 second address: 466EC8 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F1359094356h 0x00000008 jno 00007F1359094356h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 466A7B second address: 466AA0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F13590914D5h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push ebx 0x0000000c pushad 0x0000000d popad 0x0000000e jnl 00007F13590914C6h 0x00000014 pop ebx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\LopCYSStr3.exe | RDTSC instruction interceptor: First address: 384105 second address: 384144 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F1359094369h 0x00000008 js 00007F1359094356h 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push eax 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007F1359094367h 0x00000019 rdtsc |