Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E |
Source: BJQizQ6sqT.exe, 00000000.00000003.2264888134.0000000005900000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0 |
Source: BJQizQ6sqT.exe, 00000000.00000003.2264888134.0000000005900000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0 |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl.globalsign.com/codesigningrootr45.crl0U |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl.globalsign.com/root-r3.crl0G |
Source: BJQizQ6sqT.exe, 00000000.00000003.2368237256.000000000103B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl.microH |
Source: BJQizQ6sqT.exe, 00000000.00000003.2264888134.0000000005900000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0 |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digi6 |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0 |
Source: BJQizQ6sqT.exe, 00000000.00000003.2264888134.0000000005900000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07 |
Source: BJQizQ6sqT.exe, 00000000.00000003.2264888134.0000000005900000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0= |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0 |
Source: BJQizQ6sqT.exe, 00000000.00000003.2264888134.0000000005900000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00 |
Source: BJQizQ6sqT.exe, 00000000.00000003.2264888134.0000000005900000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0? |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468878619.00000000059AA000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000002.2543983298.0000000006029000.00000002.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2468837205.00000000058F6000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://nsis.sf.net/NSIS_ErrorError |
Source: BJQizQ6sqT.exe, 00000000.00000003.2264888134.0000000005900000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0 |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0A |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0C |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0X |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.globalsign.com/codesigningrootr450F |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.globalsign.com/rootr30; |
Source: BJQizQ6sqT.exe, 00000000.00000003.2264888134.0000000005900000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.rootca1.amazontrust.com0: |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://secure.globalsign.com/cacert/codesigningrootr45.crt0A |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://secure.globalsign.com/cacert/root-r3.crt06 |
Source: Amcache.hve.12.dr | String found in binary or memory: http://upx.sf.net |
Source: BJQizQ6sqT.exe, 00000000.00000003.2264888134.0000000005900000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://x1.c.lencr.org/0 |
Source: BJQizQ6sqT.exe, 00000000.00000003.2264888134.0000000005900000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://x1.i.lencr.org/0 |
Source: BJQizQ6sqT.exe, 00000000.00000003.2212200624.0000000005917000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2208114671.0000000005917000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2207176570.000000000591A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://ac.ecosia.org/autocomplete?q= |
Source: BJQizQ6sqT.exe, 00000000.00000003.2469469366.00000000058D4000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000002.2543396017.00000000058E1000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://aui-cdn.atlassian.com/ |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-frontbucket-canary.prod-east.frontend.public.atl-paas.net |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-frontbucket-exp.prod-east.frontend.public.atl-paas.net |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-frontbucket-static.prod-east.frontend.public.atl-paas.net |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-frontbucket-static.stg-east.frontend.public.atl-paas.net |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/ |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/; |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-object-storage--frontbucket.us-east-1.staging.public.atl-paas.net/ |
Source: BJQizQ6sqT.exe, 00000000.00000002.2543339826.00000000058D5000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2469469366.00000000058D4000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbuseruploads.s3.amazonaws.com/ |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbuseruploads.s3.amazonaws.com/70e84e0b-e14f-45c5-ab65-07760e9609fc/downloads/eaef3307-3cc1- |
Source: BJQizQ6sqT.exe, 00000000.00000003.2469003813.0000000001069000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000002.2541077126.0000000001069000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bitbucket.org/ |
Source: BJQizQ6sqT.exe, 00000000.00000003.2469446904.000000000105A000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000002.2540893328.000000000105C000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2469003813.0000000001058000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000002.2540649668.0000000000FE8000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bitbucket.org/mynewworkspace123312/scnd/downloads/FormattingCharitable.exe |
Source: BJQizQ6sqT.exe, 00000000.00000002.2540495872.0000000000E6A000.00000004.00000010.00020000.00000000.sdmp | String found in binary or memory: https://bitbucket.org/mynewworkspace123312/scnd/downloads/FormattingCharitable.exe.0.0 |
Source: BJQizQ6sqT.exe, 00000000.00000003.2469446904.000000000105A000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000002.2540893328.000000000105C000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2469003813.0000000001058000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bitbucket.org/mynewworkspace123312/scnd/downloads/FormattingCharitable.exeoSs |
Source: BJQizQ6sqT.exe, 00000000.00000002.2540649668.0000000000FD3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bitbucket.org/mynewworkspace123312/scnd/downloads/FormattingCharitable.exex |
Source: BJQizQ6sqT.exe, 00000000.00000003.2266586985.00000000058DB000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696484494400800000.2&ci=1696484494189. |
Source: BJQizQ6sqT.exe, 00000000.00000003.2266586985.00000000058DB000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696484494400800000.1&ci=1696484494189.12791&cta |
Source: BJQizQ6sqT.exe, 00000000.00000003.2469469366.00000000058D4000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000002.2543396017.00000000058E1000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://cdn.cookielaw.org/ |
Source: BJQizQ6sqT.exe, 00000000.00000003.2212200624.0000000005917000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2208114671.0000000005917000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2207176570.000000000591A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q= |
Source: BJQizQ6sqT.exe, 00000000.00000003.2212200624.0000000005917000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2208114671.0000000005917000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2207176570.000000000591A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search |
Source: BJQizQ6sqT.exe, 00000000.00000003.2212200624.0000000005917000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2208114671.0000000005917000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2207176570.000000000591A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command= |
Source: BJQizQ6sqT.exe, 00000000.00000003.2266586985.00000000058DB000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://contile-images.services.mozilla.com/T23eBL4EHswiSaF6kya2gYsRHvdfADK-NYjs1mVRNGE.3351.jpg |
Source: BJQizQ6sqT.exe, 00000000.00000003.2266586985.00000000058DB000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg |
Source: BJQizQ6sqT.exe, BJQizQ6sqT.exe, 00000000.00000003.2469003813.0000000001069000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2368445147.0000000001073000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2368644392.0000000000FE8000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2314997008.0000000001073000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000002.2541077126.0000000001069000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2368602207.0000000001073000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000002.2540649668.0000000000FE8000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/ |
Source: BJQizQ6sqT.exe, BJQizQ6sqT.exe, 00000000.00000003.2236263252.00000000058D5000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2368644392.0000000000FE8000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2236423205.00000000058DB000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2239087852.00000000058DD000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/api |
Source: BJQizQ6sqT.exe, 00000000.00000003.2236263252.00000000058D5000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2236423205.00000000058DB000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2239087852.00000000058DD000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/apiime |
Source: BJQizQ6sqT.exe, 00000000.00000003.2368237256.0000000001058000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000002.2540893328.0000000001058000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2469003813.0000000001058000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/apil |
Source: BJQizQ6sqT.exe, 00000000.00000003.2368237256.0000000001058000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000002.2540893328.0000000001058000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2469003813.0000000001058000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/apirepo= |
Source: BJQizQ6sqT.exe, 00000000.00000003.2368237256.0000000001058000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/apiz6d2aulIgapAATu2Q4g14DFmyGQ/HKq |
Source: BJQizQ6sqT.exe, 00000000.00000003.2368445147.0000000001073000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2368602207.0000000001073000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/pih |
Source: BJQizQ6sqT.exe, 00000000.00000003.2314997008.0000000001073000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/s |
Source: BJQizQ6sqT.exe, BJQizQ6sqT.exe, 00000000.00000003.2264300318.000000000107A000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2368644392.0000000000FCC000.00000004.00000020.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000002.2540649668.0000000000FCA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz:443/api |
Source: BJQizQ6sqT.exe, 00000000.00000003.2212200624.0000000005917000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2208114671.0000000005917000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2207176570.000000000591A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://duckduckgo.com/ac/?q= |
Source: BJQizQ6sqT.exe, 00000000.00000003.2212200624.0000000005917000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2208114671.0000000005917000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2207176570.000000000591A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://duckduckgo.com/chrome_newtab |
Source: BJQizQ6sqT.exe, 00000000.00000003.2212200624.0000000005917000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2208114671.0000000005917000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2207176570.000000000591A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q= |
Source: BJQizQ6sqT.exe, 00000000.00000002.2543339826.00000000058D0000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000002.2543396017.00000000058E1000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://dz8aopenkvv6s.cloudfront.net |
Source: BJQizQ6sqT.exe, 00000000.00000003.2266586985.00000000058DB000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pLk4pqk4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://remote-app-switcher.prod-east.frontend.public.atl-paas.net |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://remote-app-switcher.stg-east.frontend.public.atl-paas.net |
Source: BJQizQ6sqT.exe, 00000000.00000003.2266162204.0000000005BF5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br |
Source: BJQizQ6sqT.exe, 00000000.00000003.2266162204.0000000005BF5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.mozilla.org/products/firefoxgro.all |
Source: BJQizQ6sqT.exe, 00000000.00000003.2469469366.00000000058D4000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000002.2543396017.00000000058E1000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://web-security-reports.services.atlassian.com/csp-report/bb-website |
Source: BJQizQ6sqT.exe, 00000000.00000003.2266586985.00000000058DB000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_86277c656a4bd7d619968160e91c45fd066919bb3bd119b3 |
Source: BJQizQ6sqT.exe, 00000000.00000003.2212200624.0000000005917000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2208114671.0000000005917000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2207176570.000000000591A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.ecosia.org/newtab/ |
Source: BJQizQ6sqT.exe, 00000000.00000003.2468908020.00000000058D9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.globalsign.com/repository/0 |
Source: BJQizQ6sqT.exe, 00000000.00000003.2212200624.0000000005917000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2208114671.0000000005917000.00000004.00000800.00020000.00000000.sdmp, BJQizQ6sqT.exe, 00000000.00000003.2207176570.000000000591A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico |
Source: BJQizQ6sqT.exe, 00000000.00000003.2266049972.00000000059DA000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.or |
Source: BJQizQ6sqT.exe, 00000000.00000003.2266049972.00000000059DA000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org |
Source: BJQizQ6sqT.exe, 00000000.00000003.2266162204.0000000005BF5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.bwSC1pmG_zle |
Source: BJQizQ6sqT.exe, 00000000.00000003.2266162204.0000000005BF5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.hjKdHaZH-dbQ |
Source: BJQizQ6sqT.exe, 00000000.00000003.2266162204.0000000005BF5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig |
Source: BJQizQ6sqT.exe, 00000000.00000003.2266586985.00000000058DB000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.t-mobile.com/cell-phones/brand/apple?cmpid=MGPO_PAM_P_EVGRNIPHN_ |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: A87F29 second address: A87F38 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FC040F643F6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BFA57D second address: BFA594 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 popad 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FC0410B9FADh 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BFEBF5 second address: BFEC00 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007FC040F643F6h 0x0000000a pop ebx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BFEC00 second address: BFEC05 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BFEC05 second address: BFEC0B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BFEC0B second address: BFEC11 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BFF34B second address: BFF374 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FC040F64407h 0x0000000c jmp 00007FC040F643FBh 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BFF374 second address: BFF37A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C01BB6 second address: C01BD6 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push edx 0x00000004 pop edx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jmp 00007FC040F643FEh 0x0000000e mov eax, dword ptr [esp+04h] 0x00000012 push esi 0x00000013 push eax 0x00000014 push edx 0x00000015 push edx 0x00000016 pop edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C01BD6 second address: C01BDA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C01BDA second address: C01BE9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 mov eax, dword ptr [eax] 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C01BE9 second address: C01BED instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C01BED second address: C01BF3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C01BF3 second address: C01C37 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FC0410B9FAEh 0x00000008 jmp 00007FC0410B9FAAh 0x0000000d popad 0x0000000e pop edx 0x0000000f pop eax 0x00000010 mov dword ptr [esp+04h], eax 0x00000014 push eax 0x00000015 push edx 0x00000016 pushad 0x00000017 jns 00007FC0410B9FA6h 0x0000001d jmp 00007FC0410B9FB8h 0x00000022 popad 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C01C37 second address: C01C3D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C01D7D second address: C01D81 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C01EB8 second address: C01F44 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop esi 0x00000006 mov dword ptr [esp], eax 0x00000009 and esi, 4425DEC6h 0x0000000f xor dword ptr [ebp+122D2BCAh], esi 0x00000015 push 00000000h 0x00000017 movzx esi, ax 0x0000001a call 00007FC040F643F9h 0x0000001f jbe 00007FC040F6440Bh 0x00000025 jmp 00007FC040F64405h 0x0000002a push eax 0x0000002b jno 00007FC040F64404h 0x00000031 mov eax, dword ptr [esp+04h] 0x00000035 jmp 00007FC040F64402h 0x0000003a mov eax, dword ptr [eax] 0x0000003c jmp 00007FC040F643FFh 0x00000041 mov dword ptr [esp+04h], eax 0x00000045 push eax 0x00000046 push edx 0x00000047 ja 00007FC040F643FCh 0x0000004d rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C01F44 second address: C01F8B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pushad 0x00000004 popad 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop eax 0x00000009 mov edx, dword ptr [ebp+122D3CA2h] 0x0000000f push 00000003h 0x00000011 jmp 00007FC0410B9FB2h 0x00000016 push 00000000h 0x00000018 push 00000003h 0x0000001a push eax 0x0000001b jmp 00007FC0410B9FB2h 0x00000020 pop edi 0x00000021 cld 0x00000022 push 8E0264DAh 0x00000027 pushad 0x00000028 pushad 0x00000029 push ecx 0x0000002a pop ecx 0x0000002b push eax 0x0000002c push edx 0x0000002d rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C01F8B second address: C01FAA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FC040F64408h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C01FAA second address: C01FE3 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FC0410B9FA6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b xor dword ptr [esp], 4E0264DAh 0x00000012 mov dword ptr [ebp+122D2C1Eh], ecx 0x00000018 lea ebx, dword ptr [ebp+1244DAE4h] 0x0000001e jmp 00007FC0410B9FB4h 0x00000023 xchg eax, ebx 0x00000024 push eax 0x00000025 push edx 0x00000026 push edx 0x00000027 pushad 0x00000028 popad 0x00000029 pop edx 0x0000002a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C0209D second address: C020CA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FC040F643FFh 0x00000008 jno 00007FC040F643F6h 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 mov eax, dword ptr [esp+04h] 0x00000015 push eax 0x00000016 push edx 0x00000017 jno 00007FC040F643FCh 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C020CA second address: C021A0 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FC0410B9FBDh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov eax, dword ptr [eax] 0x0000000c jmp 00007FC0410B9FB4h 0x00000011 mov dword ptr [esp+04h], eax 0x00000015 jmp 00007FC0410B9FB9h 0x0000001a pop eax 0x0000001b pushad 0x0000001c sub dword ptr [ebp+122D39A4h], edi 0x00000022 popad 0x00000023 mov edx, dword ptr [ebp+122D3BAAh] 0x00000029 push 00000003h 0x0000002b mov edi, ecx 0x0000002d pushad 0x0000002e mov ecx, dword ptr [ebp+122D3B02h] 0x00000034 jmp 00007FC0410B9FAFh 0x00000039 popad 0x0000003a push 00000000h 0x0000003c push 00000000h 0x0000003e push edi 0x0000003f call 00007FC0410B9FA8h 0x00000044 pop edi 0x00000045 mov dword ptr [esp+04h], edi 0x00000049 add dword ptr [esp+04h], 00000019h 0x00000051 inc edi 0x00000052 push edi 0x00000053 ret 0x00000054 pop edi 0x00000055 ret 0x00000056 mov dword ptr [ebp+122D2CE1h], eax 0x0000005c push 00000003h 0x0000005e sbb edx, 5F94B587h 0x00000064 mov edx, dword ptr [ebp+122D3C8Eh] 0x0000006a push 87626803h 0x0000006f pushad 0x00000070 jmp 00007FC0410B9FB3h 0x00000075 ja 00007FC0410B9FACh 0x0000007b push eax 0x0000007c push edx 0x0000007d rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C021A0 second address: C021EC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 xor dword ptr [esp], 47626803h 0x0000000c xor dword ptr [ebp+122D3578h], esi 0x00000012 lea ebx, dword ptr [ebp+1244DAEFh] 0x00000018 push 00000000h 0x0000001a push ecx 0x0000001b call 00007FC040F643F8h 0x00000020 pop ecx 0x00000021 mov dword ptr [esp+04h], ecx 0x00000025 add dword ptr [esp+04h], 0000001Ah 0x0000002d inc ecx 0x0000002e push ecx 0x0000002f ret 0x00000030 pop ecx 0x00000031 ret 0x00000032 sbb di, 626Ah 0x00000037 push eax 0x00000038 push eax 0x00000039 push edx 0x0000003a jmp 00007FC040F643FAh 0x0000003f rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C021EC second address: C021F1 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C141FA second address: C1422E instructions: 0x00000000 rdtsc 0x00000002 jno 00007FC040F64409h 0x00000008 jmp 00007FC040F64403h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FC040F64404h 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C22458 second address: C2245C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C2245C second address: C22464 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C225A4 second address: C225AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C225AB second address: C225CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC040F643FAh 0x00000009 jmp 00007FC040F64401h 0x0000000e pushad 0x0000000f popad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C22887 second address: C2288C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C2288C second address: C22896 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C22896 second address: C228A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 pushad 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C228A1 second address: C228AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C228AB second address: C228DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007FC0410B9FB9h 0x0000000a push ebx 0x0000000b jp 00007FC0410B9FA6h 0x00000011 pop ebx 0x00000012 pushad 0x00000013 jnl 00007FC0410B9FA6h 0x00000019 pushad 0x0000001a popad 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C22B5C second address: C22B62 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C22B62 second address: C22B93 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC0410B9FACh 0x00000007 push edx 0x00000008 pop edx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jno 00007FC0410B9FB7h 0x00000011 pop edx 0x00000012 pop eax 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 pushad 0x00000018 popad 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C22B93 second address: C22B99 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C22FD0 second address: C22FEC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC0410B9FB2h 0x00000007 jg 00007FC0410B9FAEh 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C23157 second address: C2315B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C2329D second address: C232B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC0410B9FB7h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C232B8 second address: C232CF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F64403h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C23523 second address: C23528 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C23528 second address: C23538 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F643FBh 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BF062B second address: BF0637 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 popad 0x00000006 push ecx 0x00000007 push ebx 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BF0637 second address: BF063F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BF063F second address: BF0645 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C23F5A second address: C23F62 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C23F62 second address: C23F71 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC0410B9FAAh 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C23F71 second address: C23FC2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC040F64402h 0x00000009 pop edx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jl 00007FC040F64432h 0x00000012 pushad 0x00000013 jmp 00007FC040F64409h 0x00000018 jmp 00007FC040F643FFh 0x0000001d popad 0x0000001e jne 00007FC040F64402h 0x00000024 push eax 0x00000025 push edx 0x00000026 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C23FC2 second address: C23FC8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C24133 second address: C24139 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C28472 second address: C2847A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C2847A second address: C2847E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C28892 second address: C288BC instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FC0410B9FB0h 0x0000000b popad 0x0000000c push eax 0x0000000d pushad 0x0000000e pushad 0x0000000f js 00007FC0410B9FA6h 0x00000015 js 00007FC0410B9FA6h 0x0000001b popad 0x0000001c pushad 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BE7D22 second address: BE7D28 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BE7D28 second address: BE7D4B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 jmp 00007FC0410B9FAAh 0x0000000d jne 00007FC0410B9FA6h 0x00000013 pushad 0x00000014 popad 0x00000015 popad 0x00000016 popad 0x00000017 pushad 0x00000018 push eax 0x00000019 push edx 0x0000001a pushad 0x0000001b popad 0x0000001c pushad 0x0000001d popad 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BE7D4B second address: BE7D5B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jng 00007FC040F643FEh 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C2EE04 second address: C2EE09 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C2EE09 second address: C2EE10 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C322A6 second address: C322AA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C324FE second address: C32502 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C32502 second address: C32508 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C32508 second address: C3250E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C32D22 second address: C32D26 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C32D26 second address: C32D2A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C32D2A second address: C32D34 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C32D34 second address: C32D38 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C32D38 second address: C32D59 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FC0410B9FA6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b xchg eax, ebx 0x0000000c add dword ptr [ebp+122D2CC0h], ebx 0x00000012 nop 0x00000013 push eax 0x00000014 push edx 0x00000015 jc 00007FC0410B9FACh 0x0000001b jng 00007FC0410B9FA6h 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C3335B second address: C33369 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C33369 second address: C33373 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FC0410B9FA6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C33373 second address: C33378 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C337ED second address: C337F2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C338A2 second address: C338A7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C338A7 second address: C338B2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 ja 00007FC0410B9FA6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C34161 second address: C34167 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C33FFC second address: C34000 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C34167 second address: C3416E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C34000 second address: C34004 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C34004 second address: C3400E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push edx 0x00000009 pop edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C35BD5 second address: C35C5A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 nop 0x00000007 jmp 00007FC0410B9FB7h 0x0000000c push 00000000h 0x0000000e push 00000000h 0x00000010 push esi 0x00000011 call 00007FC0410B9FA8h 0x00000016 pop esi 0x00000017 mov dword ptr [esp+04h], esi 0x0000001b add dword ptr [esp+04h], 0000001Ch 0x00000023 inc esi 0x00000024 push esi 0x00000025 ret 0x00000026 pop esi 0x00000027 ret 0x00000028 mov edi, 70442A6Eh 0x0000002d push 00000000h 0x0000002f push 00000000h 0x00000031 push edi 0x00000032 call 00007FC0410B9FA8h 0x00000037 pop edi 0x00000038 mov dword ptr [esp+04h], edi 0x0000003c add dword ptr [esp+04h], 0000001Bh 0x00000044 inc edi 0x00000045 push edi 0x00000046 ret 0x00000047 pop edi 0x00000048 ret 0x00000049 mov edi, 0523F348h 0x0000004e push eax 0x0000004f pushad 0x00000050 jg 00007FC0410B9FA8h 0x00000056 jbe 00007FC0410B9FACh 0x0000005c push eax 0x0000005d push edx 0x0000005e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C371F3 second address: C3725E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 push 00000000h 0x0000000b push ebx 0x0000000c call 00007FC040F643F8h 0x00000011 pop ebx 0x00000012 mov dword ptr [esp+04h], ebx 0x00000016 add dword ptr [esp+04h], 0000001Bh 0x0000001e inc ebx 0x0000001f push ebx 0x00000020 ret 0x00000021 pop ebx 0x00000022 ret 0x00000023 push ebx 0x00000024 mov di, 26BAh 0x00000028 pop edi 0x00000029 push 00000000h 0x0000002b push 00000000h 0x0000002d mov si, B9D4h 0x00000031 add edi, dword ptr [ebp+122D3E5Ah] 0x00000037 xchg eax, ebx 0x00000038 jmp 00007FC040F64403h 0x0000003d push eax 0x0000003e push eax 0x0000003f push edx 0x00000040 jmp 00007FC040F64404h 0x00000045 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C378CF second address: C378D5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C378D5 second address: C378D9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C38646 second address: C3866A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FC0410B9FAFh 0x00000008 push eax 0x00000009 pop eax 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 jl 00007FC0410B9FA6h 0x00000017 pushad 0x00000018 popad 0x00000019 popad 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C3AC30 second address: C3AC35 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C3B206 second address: C3B20C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C3C274 second address: C3C27E instructions: 0x00000000 rdtsc 0x00000002 jne 00007FC040F643F6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C3B4D8 second address: C3B4F3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FC0410B9FB2h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C3C27E second address: C3C30A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jo 00007FC040F643F6h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FC040F643FFh 0x00000015 pop edx 0x00000016 nop 0x00000017 push 00000000h 0x00000019 push edi 0x0000001a call 00007FC040F643F8h 0x0000001f pop edi 0x00000020 mov dword ptr [esp+04h], edi 0x00000024 add dword ptr [esp+04h], 00000017h 0x0000002c inc edi 0x0000002d push edi 0x0000002e ret 0x0000002f pop edi 0x00000030 ret 0x00000031 mov ebx, dword ptr [ebp+122D2151h] 0x00000037 push 00000000h 0x00000039 jnl 00007FC040F643F6h 0x0000003f push 00000000h 0x00000041 push 00000000h 0x00000043 push edi 0x00000044 call 00007FC040F643F8h 0x00000049 pop edi 0x0000004a mov dword ptr [esp+04h], edi 0x0000004e add dword ptr [esp+04h], 0000001Bh 0x00000056 inc edi 0x00000057 push edi 0x00000058 ret 0x00000059 pop edi 0x0000005a ret 0x0000005b sbb bl, FFFFFFF1h 0x0000005e xor di, B1B4h 0x00000063 push eax 0x00000064 push eax 0x00000065 push edx 0x00000066 pushad 0x00000067 jmp 00007FC040F643FBh 0x0000006c push eax 0x0000006d push edx 0x0000006e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C3C30A second address: C3C30F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C3D320 second address: C3D324 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C3C49A second address: C3C4A0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C3E39D second address: C3E3A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C3E3A1 second address: C3E3A7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C3E3A7 second address: C3E3AC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C3F22C second address: C3F234 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push edi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C414E7 second address: C414F1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 je 00007FC040F643F6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C405D5 second address: C40602 instructions: 0x00000000 rdtsc 0x00000002 jp 00007FC0410B9FA8h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d pushad 0x0000000e jg 00007FC0410B9FACh 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007FC0410B9FB1h 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C42715 second address: C4271A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C4271A second address: C42724 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 ja 00007FC0410B9FA6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C485C5 second address: C485C9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C456B5 second address: C456BE instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ecx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C485C9 second address: C48662 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jbe 00007FC040F643F6h 0x0000000d jl 00007FC040F643F6h 0x00000013 popad 0x00000014 popad 0x00000015 push eax 0x00000016 js 00007FC040F64402h 0x0000001c je 00007FC040F643FCh 0x00000022 jo 00007FC040F643F6h 0x00000028 nop 0x00000029 push 00000000h 0x0000002b push edi 0x0000002c call 00007FC040F643F8h 0x00000031 pop edi 0x00000032 mov dword ptr [esp+04h], edi 0x00000036 add dword ptr [esp+04h], 00000018h 0x0000003e inc edi 0x0000003f push edi 0x00000040 ret 0x00000041 pop edi 0x00000042 ret 0x00000043 push 00000000h 0x00000045 push 00000000h 0x00000047 push ebx 0x00000048 call 00007FC040F643F8h 0x0000004d pop ebx 0x0000004e mov dword ptr [esp+04h], ebx 0x00000052 add dword ptr [esp+04h], 0000001Ch 0x0000005a inc ebx 0x0000005b push ebx 0x0000005c ret 0x0000005d pop ebx 0x0000005e ret 0x0000005f mov bh, 46h 0x00000061 push 00000000h 0x00000063 ja 00007FC040F643FCh 0x00000069 sbb bx, F4C6h 0x0000006e push eax 0x0000006f push eax 0x00000070 push eax 0x00000071 push edx 0x00000072 jmp 00007FC040F64401h 0x00000077 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C456BE second address: C4573B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 popad 0x00000006 push eax 0x00000007 push eax 0x00000008 push ecx 0x00000009 pushad 0x0000000a popad 0x0000000b pop ecx 0x0000000c pop eax 0x0000000d nop 0x0000000e jmp 00007FC0410B9FB8h 0x00000013 push dword ptr fs:[00000000h] 0x0000001a mov di, ax 0x0000001d mov ebx, 1CBBCA64h 0x00000022 mov dword ptr fs:[00000000h], esp 0x00000029 push 00000000h 0x0000002b push edi 0x0000002c call 00007FC0410B9FA8h 0x00000031 pop edi 0x00000032 mov dword ptr [esp+04h], edi 0x00000036 add dword ptr [esp+04h], 00000018h 0x0000003e inc edi 0x0000003f push edi 0x00000040 ret 0x00000041 pop edi 0x00000042 ret 0x00000043 mov bh, 09h 0x00000045 mov eax, dword ptr [ebp+122D13A9h] 0x0000004b mov edi, dword ptr [ebp+122D391Bh] 0x00000051 push FFFFFFFFh 0x00000053 mov dword ptr [ebp+122D34F1h], edx 0x00000059 push eax 0x0000005a push eax 0x0000005b push edx 0x0000005c jnc 00007FC0410B9FA8h 0x00000062 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C4675C second address: C4676D instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 js 00007FC040F643F6h 0x00000009 pop ecx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push ebx 0x0000000e push eax 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C4676D second address: C467DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop ebx 0x00000006 nop 0x00000007 jbe 00007FC0410B9FAEh 0x0000000d jnc 00007FC0410B9FA8h 0x00000013 push dword ptr fs:[00000000h] 0x0000001a push 00000000h 0x0000001c push ecx 0x0000001d call 00007FC0410B9FA8h 0x00000022 pop ecx 0x00000023 mov dword ptr [esp+04h], ecx 0x00000027 add dword ptr [esp+04h], 0000001Bh 0x0000002f inc ecx 0x00000030 push ecx 0x00000031 ret 0x00000032 pop ecx 0x00000033 ret 0x00000034 mov edi, dword ptr [ebp+122D3C32h] 0x0000003a mov dword ptr fs:[00000000h], esp 0x00000041 mov bl, dl 0x00000043 mov eax, dword ptr [ebp+122D0635h] 0x00000049 jnp 00007FC0410B9FA7h 0x0000004f mov ebx, 6DD3096Bh 0x00000054 push FFFFFFFFh 0x00000056 xor dword ptr [ebp+12485667h], esi 0x0000005c nop 0x0000005d pushad 0x0000005e push eax 0x0000005f push edx 0x00000060 push eax 0x00000061 pop eax 0x00000062 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C467DB second address: C467EF instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FC040F643FCh 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C48787 second address: C4878B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C4878B second address: C4878F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C4A524 second address: C4A54F instructions: 0x00000000 rdtsc 0x00000002 jc 00007FC0410B9FA6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f jmp 00007FC0410B9FB9h 0x00000014 pushad 0x00000015 popad 0x00000016 popad 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C4A54F second address: C4A5B7 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pushad 0x00000004 popad 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 xor bh, FFFFFF93h 0x0000000c push 00000000h 0x0000000e push 00000000h 0x00000010 push ebp 0x00000011 call 00007FC040F643F8h 0x00000016 pop ebp 0x00000017 mov dword ptr [esp+04h], ebp 0x0000001b add dword ptr [esp+04h], 0000001Dh 0x00000023 inc ebp 0x00000024 push ebp 0x00000025 ret 0x00000026 pop ebp 0x00000027 ret 0x00000028 add edi, 72EF3360h 0x0000002e mov dword ptr [ebp+1244CE54h], eax 0x00000034 push 00000000h 0x00000036 push 00000000h 0x00000038 push ebx 0x00000039 call 00007FC040F643F8h 0x0000003e pop ebx 0x0000003f mov dword ptr [esp+04h], ebx 0x00000043 add dword ptr [esp+04h], 00000019h 0x0000004b inc ebx 0x0000004c push ebx 0x0000004d ret 0x0000004e pop ebx 0x0000004f ret 0x00000050 xchg eax, esi 0x00000051 push eax 0x00000052 push edx 0x00000053 pushad 0x00000054 push eax 0x00000055 push edx 0x00000056 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C4A5B7 second address: C4A5BE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C4A5BE second address: C4A5CD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC040F643FBh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C4A5CD second address: C4A5D1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C4978F second address: C49793 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C49793 second address: C497AF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC0410B9FB8h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C4A5D1 second address: C4A5E6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FC040F643FAh 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C4A78B second address: C4A795 instructions: 0x00000000 rdtsc 0x00000002 js 00007FC0410B9FA6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C4DCF6 second address: C4DD19 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pushad 0x00000008 jmp 00007FC040F643FFh 0x0000000d jns 00007FC040F643F6h 0x00000013 popad 0x00000014 push eax 0x00000015 pushad 0x00000016 popad 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C4A795 second address: C4A79A instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C5442B second address: C5442F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C53B9E second address: C53BA4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C53D1E second address: C53D22 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C59652 second address: C59658 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C59658 second address: C5966A instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FC040F643F6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C5966A second address: C5966E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C5966E second address: C59672 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C598CA second address: C598D7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 mov eax, dword ptr [eax] 0x00000009 push esi 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C598D7 second address: C598FA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop esi 0x00000006 mov dword ptr [esp+04h], eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FC040F64407h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C598FA second address: C59900 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C59900 second address: C59904 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BF7171 second address: BF7177 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BF7177 second address: BF7181 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jne 00007FC040F643F6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BF7181 second address: BF71A6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jl 00007FC0410B9FA8h 0x0000000c pushad 0x0000000d popad 0x0000000e pop edx 0x0000000f pop eax 0x00000010 jng 00007FC0410B9FBAh 0x00000016 pushad 0x00000017 pushad 0x00000018 popad 0x00000019 pushad 0x0000001a popad 0x0000001b push ecx 0x0000001c pop ecx 0x0000001d popad 0x0000001e pushad 0x0000001f push edi 0x00000020 pop edi 0x00000021 push eax 0x00000022 pop eax 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C5E8B1 second address: C5E8B6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C5E8B6 second address: C5E8D4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC0410B9FB6h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C5E8D4 second address: C5E8E0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007FC040F643F6h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C5EB8C second address: C5EBC0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC0410B9FB2h 0x00000009 pop esi 0x0000000a pushad 0x0000000b pushad 0x0000000c jmp 00007FC0410B9FB7h 0x00000011 push esi 0x00000012 pop esi 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C5EBC0 second address: C5EBCD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jne 00007FC040F643F6h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C5EBCD second address: C5EBD1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C5F011 second address: C5F026 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC040F64401h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C5F026 second address: C5F03E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC0410B9FADh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c pushad 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C5F196 second address: C5F1C2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC040F64401h 0x00000009 jmp 00007FC040F64405h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BF3B54 second address: BF3B58 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BF3B58 second address: BF3B77 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007FC040F64407h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C687E6 second address: C687F9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 pop eax 0x00000009 jmp 00007FC0410B9FAAh 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C687F9 second address: C687FD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C687FD second address: C6880B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jno 00007FC0410B9FA6h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6D124 second address: C6D12D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6D12D second address: C6D143 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FC0410B9FA6h 0x0000000a jnc 00007FC0410B9FA6h 0x00000010 popad 0x00000011 pushad 0x00000012 push edx 0x00000013 pop edx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6D143 second address: C6D151 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FC040F643F6h 0x0000000a popad 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6D151 second address: C6D19A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007FC0410B9FA6h 0x0000000a jne 00007FC0410B9FA6h 0x00000010 jmp 00007FC0410B9FB6h 0x00000015 popad 0x00000016 popad 0x00000017 push eax 0x00000018 push edx 0x00000019 push eax 0x0000001a jl 00007FC0410B9FA6h 0x00000020 pop eax 0x00000021 jmp 00007FC0410B9FB7h 0x00000026 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6D2FF second address: C6D310 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC040F643FCh 0x00000009 pop ebx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6D310 second address: C6D346 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 ja 00007FC0410B9FA6h 0x00000009 pushad 0x0000000a popad 0x0000000b jmp 00007FC0410B9FB9h 0x00000010 pushad 0x00000011 popad 0x00000012 popad 0x00000013 jno 00007FC0410B9FA8h 0x00000019 pop edx 0x0000001a pop eax 0x0000001b push eax 0x0000001c push edx 0x0000001d push ecx 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6D346 second address: C6D34B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6D4C5 second address: C6D4C9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6D615 second address: C6D630 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FC040F643F6h 0x0000000a popad 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pushad 0x00000011 jl 00007FC040F643FEh 0x00000017 pushad 0x00000018 popad 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6D79D second address: C6D7A3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6D7A3 second address: C6D7B6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push ebx 0x00000006 jnl 00007FC040F643F6h 0x0000000c pushad 0x0000000d popad 0x0000000e pop ebx 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6D7B6 second address: C6D7BA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6D8FF second address: C6D905 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6D905 second address: C6D935 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jmp 00007FC0410B9FABh 0x00000008 pop eax 0x00000009 push edi 0x0000000a jo 00007FC0410B9FA6h 0x00000010 pop edi 0x00000011 pop edx 0x00000012 pop eax 0x00000013 pushad 0x00000014 jmp 00007FC0410B9FB2h 0x00000019 push eax 0x0000001a push edx 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6D935 second address: C6D93B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6D93B second address: C6D94F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007FC0410B9FABh 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6D94F second address: C6D955 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6DABD second address: C6DAD1 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FC0410B9FA6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jc 00007FC0410B9FA6h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C18EA9 second address: C18EB3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6CBE2 second address: C6CBEC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push ebx 0x00000006 pushad 0x00000007 popad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6CBEC second address: C6CBFA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pushad 0x00000006 ja 00007FC040F643F6h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C6CBFA second address: C6CC06 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007FC0410B9FA6h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C74159 second address: C7415D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C7415D second address: C74179 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 jmp 00007FC0410B9FB6h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C74179 second address: C7417D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C73182 second address: C73186 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C73186 second address: C731A4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F64400h 0x00000007 jmp 00007FC040F643FAh 0x0000000c pop edx 0x0000000d pop eax 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C72C79 second address: C72C87 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 jo 00007FC0410B9FC6h 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C72C87 second address: C72C8F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C72C8F second address: C72C9E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jbe 00007FC0410B9FA6h 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C739D2 second address: C739DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FC040F643F6h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C739DE second address: C739F2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 ja 00007FC0410B9FA8h 0x0000000b push eax 0x0000000c pop eax 0x0000000d pushad 0x0000000e pushad 0x0000000f popad 0x00000010 push ebx 0x00000011 pop ebx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C739F2 second address: C73A01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007FC040F643F6h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C73A01 second address: C73A05 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C73A05 second address: C73A0B instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C73B9F second address: C73BA3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C73BA3 second address: C73BC4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F643FAh 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c jbe 00007FC040F643F6h 0x00000012 jl 00007FC040F643F6h 0x00000018 push edi 0x00000019 pop edi 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C73BC4 second address: C73BD1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 ja 00007FC0410B9FACh 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C78A68 second address: C78A6D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C78A6D second address: C78A89 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 jmp 00007FC0410B9FB6h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C3092D second address: C30933 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C30933 second address: C30938 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C31020 second address: C31038 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 mov eax, dword ptr [eax] 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FC040F643FFh 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C31038 second address: C3108E instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FC0410B9FACh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov dword ptr [esp+04h], eax 0x0000000e jnp 00007FC0410B9FAAh 0x00000014 pop eax 0x00000015 js 00007FC0410B9FACh 0x0000001b mov edx, dword ptr [ebp+122D2B02h] 0x00000021 jns 00007FC0410B9FACh 0x00000027 call 00007FC0410B9FA9h 0x0000002c pushad 0x0000002d jmp 00007FC0410B9FADh 0x00000032 js 00007FC0410B9FACh 0x00000038 push eax 0x00000039 push edx 0x0000003a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C3108E second address: C310F3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 pushad 0x00000007 jmp 00007FC040F643FFh 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f jmp 00007FC040F64401h 0x00000014 popad 0x00000015 popad 0x00000016 mov eax, dword ptr [esp+04h] 0x0000001a push ebx 0x0000001b pushad 0x0000001c pushad 0x0000001d popad 0x0000001e jng 00007FC040F643F6h 0x00000024 popad 0x00000025 pop ebx 0x00000026 mov eax, dword ptr [eax] 0x00000028 pushad 0x00000029 pushad 0x0000002a pushad 0x0000002b popad 0x0000002c push ebx 0x0000002d pop ebx 0x0000002e popad 0x0000002f push edi 0x00000030 pushad 0x00000031 popad 0x00000032 pop edi 0x00000033 popad 0x00000034 mov dword ptr [esp+04h], eax 0x00000038 push eax 0x00000039 push edx 0x0000003a push eax 0x0000003b push edx 0x0000003c jmp 00007FC040F64403h 0x00000041 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C310F3 second address: C31108 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC0410B9FB1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C31108 second address: C3110D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C31325 second address: C31329 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C31418 second address: C31430 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F64404h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C31430 second address: C3143A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jno 00007FC0410B9FA6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C3191C second address: C31934 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F643FCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ecx 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push edi 0x0000000e pushad 0x0000000f popad 0x00000010 pop edi 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C31D5A second address: C31D80 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FC0410B9FA8h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FC0410B9FB7h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C31D80 second address: C31DF6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F64405h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a push 00000000h 0x0000000c push esi 0x0000000d call 00007FC040F643F8h 0x00000012 pop esi 0x00000013 mov dword ptr [esp+04h], esi 0x00000017 add dword ptr [esp+04h], 00000017h 0x0000001f inc esi 0x00000020 push esi 0x00000021 ret 0x00000022 pop esi 0x00000023 ret 0x00000024 js 00007FC040F643FEh 0x0000002a pushad 0x0000002b mov cx, dx 0x0000002e and bh, FFFFFFF0h 0x00000031 popad 0x00000032 lea eax, dword ptr [ebp+1247C693h] 0x00000038 nop 0x00000039 jmp 00007FC040F64405h 0x0000003e push eax 0x0000003f push eax 0x00000040 push edx 0x00000041 jmp 00007FC040F64400h 0x00000046 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C31DF6 second address: C31DFD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C31DFD second address: C18EA9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 nop 0x00000008 cmc 0x00000009 lea eax, dword ptr [ebp+1247C64Fh] 0x0000000f mov dx, BA30h 0x00000013 push eax 0x00000014 pushad 0x00000015 jmp 00007FC040F643FEh 0x0000001a push eax 0x0000001b jg 00007FC040F643F6h 0x00000021 pop eax 0x00000022 popad 0x00000023 mov dword ptr [esp], eax 0x00000026 sub dword ptr [ebp+122D2CABh], ebx 0x0000002c call dword ptr [ebp+1244C36Bh] 0x00000032 pushad 0x00000033 push eax 0x00000034 push edx 0x00000035 push edi 0x00000036 pop edi 0x00000037 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C31042 second address: C3108E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov dword ptr [esp+04h], eax 0x0000000a jnp 00007FC0410B9FAAh 0x00000010 push eax 0x00000011 push eax 0x00000012 pop eax 0x00000013 pop eax 0x00000014 pop eax 0x00000015 js 00007FC0410B9FACh 0x0000001b mov edx, dword ptr [ebp+122D2B02h] 0x00000021 jns 00007FC0410B9FACh 0x00000027 call 00007FC0410B9FA9h 0x0000002c pushad 0x0000002d jmp 00007FC0410B9FADh 0x00000032 js 00007FC0410B9FACh 0x00000038 push eax 0x00000039 push edx 0x0000003a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C7B6B0 second address: C7B6B4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C7B6B4 second address: C7B6C6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 pushad 0x0000000a popad 0x0000000b jg 00007FC0410B9FA6h 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C7B6C6 second address: C7B6CB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C7B985 second address: C7B98D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C7B98D second address: C7B991 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C7DFA1 second address: C7DFA5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C7DFA5 second address: C7DFAB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C7DFAB second address: C7DFCF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 pushad 0x00000008 popad 0x00000009 pushad 0x0000000a popad 0x0000000b pop eax 0x0000000c pop ecx 0x0000000d je 00007FC0410B9FCDh 0x00000013 push eax 0x00000014 push edx 0x00000015 jmp 00007FC0410B9FAFh 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C7DFCF second address: C7DFD3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C83C29 second address: C83C2F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C8309F second address: C830BA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC040F64406h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C83787 second address: C83797 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pushad 0x00000008 jg 00007FC0410B9FA6h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BF2065 second address: BF206E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C864D5 second address: C8650C instructions: 0x00000000 rdtsc 0x00000002 jno 00007FC0410B9FA6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007FC0410B9FABh 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FC0410B9FB1h 0x00000017 jc 00007FC0410B9FAEh 0x0000001d pushad 0x0000001e popad 0x0000001f jo 00007FC0410B9FA6h 0x00000025 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C8669F second address: C866A4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C866A4 second address: C866B2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007FC0410B9FA6h 0x0000000a pop eax 0x0000000b push esi 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C86AFE second address: C86B04 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C86B04 second address: C86B57 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FC0410B9FADh 0x00000008 jmp 00007FC0410B9FB5h 0x0000000d js 00007FC0410B9FA6h 0x00000013 popad 0x00000014 pop edx 0x00000015 pop eax 0x00000016 push esi 0x00000017 push eax 0x00000018 jbe 00007FC0410B9FA6h 0x0000001e jmp 00007FC0410B9FB9h 0x00000023 pop eax 0x00000024 pushad 0x00000025 push eax 0x00000026 push edx 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C8B5B7 second address: C8B5BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C8B994 second address: C8B99A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C8B99A second address: C8B9C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC040F64400h 0x00000009 popad 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d jl 00007FC040F643F6h 0x00000013 jnc 00007FC040F643F6h 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C932B5 second address: C932BA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C932BA second address: C932C6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jns 00007FC040F643F6h 0x0000000a push esi 0x0000000b pop esi 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C932C6 second address: C932D2 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C93765 second address: C93787 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007FC040F64404h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jno 00007FC040F643F8h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C93787 second address: C93791 instructions: 0x00000000 rdtsc 0x00000002 js 00007FC0410B9FB2h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C93791 second address: C9379F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FC040F643F6h 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C9379F second address: C937A3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C93A5D second address: C93A64 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C948C5 second address: C948CC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C94E44 second address: C94E52 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 jp 00007FC040F643F6h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C94E52 second address: C94E58 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C9846C second address: C9847E instructions: 0x00000000 rdtsc 0x00000002 jl 00007FC040F643F6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push ecx 0x0000000f pop ecx 0x00000010 push ebx 0x00000011 pop ebx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C9847E second address: C984B7 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FC0410B9FA6h 0x00000008 jmp 00007FC0410B9FB6h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f jmp 00007FC0410B9FAFh 0x00000014 push eax 0x00000015 push edx 0x00000016 pushad 0x00000017 popad 0x00000018 jg 00007FC0410B9FA6h 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C984B7 second address: C984BB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C9877E second address: C98784 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C98CF2 second address: C98CFB instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C98CFB second address: C98D01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C98D01 second address: C98D07 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C9DBC7 second address: C9DBD9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FC0410B9FA6h 0x0000000a push eax 0x0000000b push edx 0x0000000c ja 00007FC0410B9FA6h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA22DF second address: CA22E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA22E4 second address: CA22EA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA22EA second address: CA22F0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA22F0 second address: CA22F4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CAA258 second address: CAA289 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC040F64407h 0x00000009 jmp 00007FC040F64406h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CAA289 second address: CAA28D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA84C0 second address: CA84F1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F64405h 0x00000007 jmp 00007FC040F64400h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 popad 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA84F1 second address: CA84F5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA84F5 second address: CA8542 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F64408h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FC040F64407h 0x00000010 jmp 00007FC040F64408h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA8542 second address: CA8548 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA8548 second address: CA854E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA854E second address: CA8554 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA8AE4 second address: CA8AE8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA8AE8 second address: CA8AFC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007FC0410B9FA6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jbe 00007FC0410B9FB2h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA8AFC second address: CA8B02 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BF2030 second address: BF2038 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: BF2038 second address: BF2065 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 jmp 00007FC040F64406h 0x0000000d push eax 0x0000000e pop eax 0x0000000f popad 0x00000010 pushad 0x00000011 jp 00007FC040F643F8h 0x00000017 push eax 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA8EC8 second address: CA8ECD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA91C4 second address: CA91CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA92F7 second address: CA9313 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jmp 00007FC0410B9FABh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop edi 0x0000000c push eax 0x0000000d push edx 0x0000000e push esi 0x0000000f pushad 0x00000010 popad 0x00000011 pop esi 0x00000012 push esi 0x00000013 pushad 0x00000014 popad 0x00000015 pop esi 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA9313 second address: CA9325 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FC040F643FCh 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA9325 second address: CA9329 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CA9A67 second address: CA9A6C instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CBDD4F second address: CBDD55 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CC0D49 second address: CC0D4D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CC0A3D second address: CC0A43 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CC0A43 second address: CC0A53 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jc 00007FC040F643F6h 0x0000000e push ebx 0x0000000f pop ebx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CC0A53 second address: CC0A5F instructions: 0x00000000 rdtsc 0x00000002 jno 00007FC0410B9FA6h 0x00000008 push edx 0x00000009 pop edx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CC0A5F second address: CC0A7B instructions: 0x00000000 rdtsc 0x00000002 jno 00007FC040F643FEh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jc 00007FC040F64410h 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CC0A7B second address: CC0A81 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CC0A81 second address: CC0A85 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CC0A85 second address: CC0A8B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CCFF84 second address: CCFF88 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CD16B5 second address: CD16BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007FC0410B9FA6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CD16BF second address: CD16C3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CD16C3 second address: CD16CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CD16CB second address: CD16D1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CD16D1 second address: CD16E6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC0410B9FB1h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CD16E6 second address: CD16F7 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FC040F643F6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CD16F7 second address: CD16FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CD16FF second address: CD170C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 ja 00007FC040F643F8h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CD925D second address: CD928D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jns 00007FC0410B9FA6h 0x00000009 pop eax 0x0000000a jno 00007FC0410B9FBCh 0x00000010 pop edx 0x00000011 pop eax 0x00000012 pushad 0x00000013 push ebx 0x00000014 pushad 0x00000015 popad 0x00000016 pop ebx 0x00000017 pushad 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CD81AB second address: CD81D1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007FC040F64409h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CD81D1 second address: CD81D5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CD81D5 second address: CD81F1 instructions: 0x00000000 rdtsc 0x00000002 jg 00007FC040F643F6h 0x00000008 jmp 00007FC040F64402h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CD81F1 second address: CD81F6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CD8351 second address: CD8366 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F643FFh 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CD8366 second address: CD836A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CD8F96 second address: CD8FBC instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 pushad 0x0000000a popad 0x0000000b pushad 0x0000000c popad 0x0000000d jmp 00007FC040F64408h 0x00000012 popad 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CD8FBC second address: CD8FCA instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 jc 00007FC0410B9FA6h 0x00000009 pop edi 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CD8FCA second address: CD8FCE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CDF2B6 second address: CDF2C0 instructions: 0x00000000 rdtsc 0x00000002 js 00007FC0410B9FA6h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CDEE22 second address: CDEE45 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC040F64400h 0x00000009 jp 00007FC040F643F6h 0x0000000f popad 0x00000010 jnp 00007FC040F643F8h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CDEE45 second address: CDEE50 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jc 00007FC0410B9FA6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CDEF97 second address: CDEF9B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CDEF9B second address: CDEFBF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007FC0410B9FA6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d push esi 0x0000000e pop esi 0x0000000f push eax 0x00000010 pop eax 0x00000011 push ecx 0x00000012 pop ecx 0x00000013 jno 00007FC0410B9FA6h 0x00000019 popad 0x0000001a push eax 0x0000001b push edx 0x0000001c pushad 0x0000001d popad 0x0000001e ja 00007FC0410B9FA6h 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CDEFBF second address: CDEFC3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CFA0B2 second address: CFA0DC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jbe 00007FC0410B9FA6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push ecx 0x0000000d push esi 0x0000000e pop esi 0x0000000f pushad 0x00000010 popad 0x00000011 pop ecx 0x00000012 jbe 00007FC0410B9FB0h 0x00000018 popad 0x00000019 pushad 0x0000001a push eax 0x0000001b push edx 0x0000001c push edx 0x0000001d pop edx 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CFA0DC second address: CFA0E0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CFA0E0 second address: CFA0E4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CFA0E4 second address: CFA0EA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CFA0EA second address: CFA0FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnl 00007FC0410B9FA8h 0x0000000c push eax 0x0000000d pushad 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CFC0C8 second address: CFC0CC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CFC0CC second address: CFC0F0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 push eax 0x00000008 push edx 0x00000009 ja 00007FC0410B9FBBh 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CFC0F0 second address: CFC0FC instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pushad 0x00000004 popad 0x00000005 push edx 0x00000006 pop edx 0x00000007 pop ecx 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CFC0FC second address: CFC100 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CFBC30 second address: CFBC36 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CFBC36 second address: CFBC3C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CFBDB6 second address: CFBDD7 instructions: 0x00000000 rdtsc 0x00000002 ja 00007FC040F643F8h 0x00000008 pushad 0x00000009 popad 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e pop eax 0x0000000f popad 0x00000010 pop edx 0x00000011 pop eax 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 jng 00007FC040F643F6h 0x0000001b jns 00007FC040F643F6h 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: CFBDD7 second address: CFBDDD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D1309B second address: D130CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 jng 00007FC040F643F6h 0x0000000c push ecx 0x0000000d pop ecx 0x0000000e popad 0x0000000f push ecx 0x00000010 jmp 00007FC040F64408h 0x00000015 pushad 0x00000016 popad 0x00000017 pop ecx 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D130CA second address: D130D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D130D0 second address: D130D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D11F25 second address: D11F39 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007FC0410B9FA6h 0x0000000a pop edi 0x0000000b push ebx 0x0000000c jne 00007FC0410B9FA6h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D11F39 second address: D11F3E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D12216 second address: D1221A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D1235C second address: D12378 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FC040F643F6h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FC040F643FFh 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D12378 second address: D1237E instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D124C5 second address: D124C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D127BF second address: D127CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FC0410B9FACh 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D127CB second address: D127D7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 jno 00007FC040F643F6h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D127D7 second address: D127DB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D1296D second address: D12995 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007FC040F64400h 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FC040F643FCh 0x00000014 pushad 0x00000015 popad 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D12995 second address: D12999 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D12C54 second address: D12C69 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC040F64401h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D12C69 second address: D12C6F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D12C6F second address: D12C73 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D12C73 second address: D12C77 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D12DE4 second address: D12DF3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push edx 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 jc 00007FC040F643F6h 0x0000000e pop edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D12DF3 second address: D12DFB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 push esi 0x00000007 pop esi 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D17273 second address: D1727D instructions: 0x00000000 rdtsc 0x00000002 jg 00007FC040F643FCh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D18E12 second address: D18E2B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC0410B9FB0h 0x00000009 pop ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D18E2B second address: D18E47 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FC040F643F6h 0x00000008 jnl 00007FC040F643F6h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pop ecx 0x00000011 pushad 0x00000012 jng 00007FC040F643FEh 0x00000018 pushad 0x00000019 popad 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: D1AEEE second address: D1AEF2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: C34E9F second address: C34EB7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push esi 0x00000006 je 00007FC040F643F6h 0x0000000c pop esi 0x0000000d popad 0x0000000e push eax 0x0000000f push edi 0x00000010 je 00007FC040F643FCh 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F6035A second address: 4F60360 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60360 second address: 4F60364 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60364 second address: 4F60375 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ecx 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c mov esi, edi 0x0000000e push ebx 0x0000000f pop eax 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60375 second address: 4F6038E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC040F64405h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F6038E second address: 4F60392 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60392 second address: 4F603A2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], ebp 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F603A2 second address: 4F603A9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F603A9 second address: 4F603C0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F643FBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F603C0 second address: 4F603C6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F603C6 second address: 4F603E3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC040F64409h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F603E3 second address: 4F60420 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov edx, dword ptr [ebp+0Ch] 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e pushfd 0x0000000f jmp 00007FC0410B9FB5h 0x00000014 sbb ecx, 449229D6h 0x0000001a jmp 00007FC0410B9FB1h 0x0000001f popfd 0x00000020 popad 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60420 second address: 4F60426 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60426 second address: 4F6042A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F6042A second address: 4F6043E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ecx, dword ptr [ebp+08h] 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e mov ebx, ecx 0x00000010 movzx ecx, dx 0x00000013 popad 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F6043E second address: 4F60444 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60444 second address: 4F60448 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F80795 second address: 4F8079B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F8079B second address: 4F807A1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F807A1 second address: 4F807D6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC0410B9FB8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f call 00007FC0410B9FACh 0x00000014 pop eax 0x00000015 mov edx, 2F8E3A96h 0x0000001a popad 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F80921 second address: 4F8093C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 je 00007FC040F64434h 0x0000000d pushad 0x0000000e call 00007FC040F643FBh 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F8093C second address: 4F80945 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 mov ch, bh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F8098A second address: 4F809B1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F643FBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 leave 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FC040F64405h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F809B1 second address: 4F70040 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC0410B9FB1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 retn 0004h 0x0000000c nop 0x0000000d cmp eax, 00000000h 0x00000010 setne al 0x00000013 jmp 00007FC0410B9FA2h 0x00000015 xor ebx, ebx 0x00000017 test al, 01h 0x00000019 jne 00007FC0410B9FA7h 0x0000001b sub esp, 04h 0x0000001e mov dword ptr [esp], 0000000Dh 0x00000025 call 00007FC0455C759Bh 0x0000002a mov edi, edi 0x0000002c pushad 0x0000002d jmp 00007FC0410B9FAEh 0x00000032 mov ch, 9Bh 0x00000034 popad 0x00000035 push ebp 0x00000036 pushad 0x00000037 movzx esi, bx 0x0000003a jmp 00007FC0410B9FB5h 0x0000003f popad 0x00000040 mov dword ptr [esp], ebp 0x00000043 pushad 0x00000044 mov edx, eax 0x00000046 mov ch, 4Ah 0x00000048 popad 0x00000049 mov ebp, esp 0x0000004b push eax 0x0000004c push edx 0x0000004d push eax 0x0000004e push edx 0x0000004f pushad 0x00000050 popad 0x00000051 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F70040 second address: 4F7005C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F64408h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F7005C second address: 4F70062 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F70062 second address: 4F70066 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F70066 second address: 4F7006A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F7006A second address: 4F70097 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 sub esp, 2Ch 0x0000000b jmp 00007FC040F64409h 0x00000010 xchg eax, ebx 0x00000011 pushad 0x00000012 mov eax, 562374F3h 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F70097 second address: 4F700BD instructions: 0x00000000 rdtsc 0x00000002 mov di, cx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 popad 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FC0410B9FB9h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F700BD second address: 4F700C1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F700C1 second address: 4F700C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F700C7 second address: 4F7012F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FC040F643FAh 0x00000009 sbb al, 00000058h 0x0000000c jmp 00007FC040F643FBh 0x00000011 popfd 0x00000012 call 00007FC040F64408h 0x00000017 pop ecx 0x00000018 popad 0x00000019 pop edx 0x0000001a pop eax 0x0000001b xchg eax, ebx 0x0000001c jmp 00007FC040F64401h 0x00000021 xchg eax, edi 0x00000022 push eax 0x00000023 push edx 0x00000024 push eax 0x00000025 push edx 0x00000026 jmp 00007FC040F64408h 0x0000002b rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F7012F second address: 4F70135 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F70135 second address: 4F70158 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F643FEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FC040F643FEh 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F70158 second address: 4F7015E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F7015E second address: 4F70162 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F70162 second address: 4F70171 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, edi 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F70171 second address: 4F70175 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F70175 second address: 4F70187 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC0410B9FAEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F701D8 second address: 4F7024D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F643FBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 sub edi, edi 0x0000000b jmp 00007FC040F643FFh 0x00000010 inc ebx 0x00000011 pushad 0x00000012 call 00007FC040F64404h 0x00000017 mov si, 9CB1h 0x0000001b pop esi 0x0000001c mov ah, dl 0x0000001e popad 0x0000001f test al, al 0x00000021 jmp 00007FC040F64406h 0x00000026 je 00007FC040F64599h 0x0000002c jmp 00007FC040F64400h 0x00000031 lea ecx, dword ptr [ebp-14h] 0x00000034 push eax 0x00000035 push edx 0x00000036 push eax 0x00000037 push edx 0x00000038 pushad 0x00000039 popad 0x0000003a rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F7024D second address: 4F7026A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC0410B9FB9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F7026A second address: 4F7027A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC040F643FCh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F7027A second address: 4F7027E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F702FE second address: 4F70304 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F70304 second address: 4F70308 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F70308 second address: 4F7030C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F7036C second address: 4F703BB instructions: 0x00000000 rdtsc 0x00000002 call 00007FC0410B9FB2h 0x00000007 pop ecx 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov edi, 550674A6h 0x0000000f popad 0x00000010 cmp dword ptr [ebp-14h], edi 0x00000013 jmp 00007FC0410B9FADh 0x00000018 jne 00007FC0B2AA80A8h 0x0000001e push eax 0x0000001f push edx 0x00000020 push eax 0x00000021 push edx 0x00000022 jmp 00007FC0410B9FB8h 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F703BB second address: 4F703BF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F703BF second address: 4F703C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F703C5 second address: 4F703E7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F643FEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebx, dword ptr [ebp+08h] 0x0000000c pushad 0x0000000d movzx esi, di 0x00000010 mov ecx, edi 0x00000012 popad 0x00000013 lea eax, dword ptr [ebp-2Ch] 0x00000016 pushad 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F703E7 second address: 4F703FF instructions: 0x00000000 rdtsc 0x00000002 mov al, 7Ah 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov bx, 0D1Ch 0x0000000a popad 0x0000000b push esp 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f mov edi, 30738720h 0x00000014 mov si, bx 0x00000017 popad 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F703FF second address: 4F70442 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FC040F64400h 0x00000008 pushfd 0x00000009 jmp 00007FC040F64402h 0x0000000e sub cx, 1498h 0x00000013 jmp 00007FC040F643FBh 0x00000018 popfd 0x00000019 popad 0x0000001a pop edx 0x0000001b pop eax 0x0000001c mov dword ptr [esp], esi 0x0000001f push eax 0x00000020 push edx 0x00000021 push eax 0x00000022 push edx 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F70442 second address: 4F70446 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F70446 second address: 4F7044C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F7044C second address: 4F70462 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ch, F5h 0x00000005 mov al, dh 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e mov dx, D23Ch 0x00000012 movsx edx, si 0x00000015 popad 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F70462 second address: 4F704B6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movsx edi, ax 0x00000006 pushfd 0x00000007 jmp 00007FC040F64406h 0x0000000c adc al, FFFFFF88h 0x0000000f jmp 00007FC040F643FBh 0x00000014 popfd 0x00000015 popad 0x00000016 pop edx 0x00000017 pop eax 0x00000018 push eax 0x00000019 pushad 0x0000001a jmp 00007FC040F643FFh 0x0000001f popad 0x00000020 nop 0x00000021 push eax 0x00000022 push edx 0x00000023 jmp 00007FC040F64400h 0x00000028 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F704B6 second address: 4F704EE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC0410B9FABh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a pushad 0x0000000b mov si, ABEBh 0x0000000f jmp 00007FC0410B9FB0h 0x00000014 popad 0x00000015 push eax 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a jmp 00007FC0410B9FADh 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F704EE second address: 4F704F2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F704F2 second address: 4F704F8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F704F8 second address: 4F704FE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60D72 second address: 4F60DDA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC0410B9FABh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a pushad 0x0000000b pushfd 0x0000000c jmp 00007FC0410B9FB4h 0x00000011 and cl, 00000038h 0x00000014 jmp 00007FC0410B9FABh 0x00000019 popfd 0x0000001a pushfd 0x0000001b jmp 00007FC0410B9FB8h 0x00000020 sub esi, 462D3598h 0x00000026 jmp 00007FC0410B9FABh 0x0000002b popfd 0x0000002c popad 0x0000002d push eax 0x0000002e push eax 0x0000002f push edx 0x00000030 push eax 0x00000031 push edx 0x00000032 push eax 0x00000033 push edx 0x00000034 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60DDA second address: 4F60DDE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60DDE second address: 4F60DF0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC0410B9FAEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60DF0 second address: 4F60E02 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC040F643FEh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60E02 second address: 4F60E19 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC0410B9FABh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60E19 second address: 4F60E21 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov ax, bx 0x00000007 popad 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60E21 second address: 4F60E3E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC0410B9FB9h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60E3E second address: 4F60E51 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ebp, esp 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d movzx esi, bx 0x00000010 pushad 0x00000011 popad 0x00000012 popad 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60E51 second address: 4F60E57 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60E57 second address: 4F60E5B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60E5B second address: 4F60E88 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC0410B9FB8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ecx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FC0410B9FAAh 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60E88 second address: 4F60E8E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60E8E second address: 4F60E9F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC0410B9FADh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60E9F second address: 4F60F01 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F64401h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c pushad 0x0000000d jmp 00007FC040F64407h 0x00000012 pushfd 0x00000013 jmp 00007FC040F64408h 0x00000018 and esi, 7BC23568h 0x0000001e jmp 00007FC040F643FBh 0x00000023 popfd 0x00000024 popad 0x00000025 xchg eax, ecx 0x00000026 pushad 0x00000027 push eax 0x00000028 push edx 0x00000029 pushad 0x0000002a popad 0x0000002b rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60F01 second address: 4F60F25 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [ebp-04h], 55534552h 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FC0410B9FB4h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60F68 second address: 4F60F6E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F60F6E second address: 4F60F72 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F70A5C second address: 4F70AAE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F643FDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007FC040F643FEh 0x0000000f mov ebp, esp 0x00000011 jmp 00007FC040F64400h 0x00000016 cmp dword ptr [769B459Ch], 05h 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007FC040F64407h 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F70B5E second address: 4F70B64 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F809E6 second address: 4F809EC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F809EC second address: 4F809F0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F809F0 second address: 4F809F4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F809F4 second address: 4F80AB2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 pushad 0x0000000a jmp 00007FC0410B9FB6h 0x0000000f mov si, 68D1h 0x00000013 popad 0x00000014 push eax 0x00000015 jmp 00007FC0410B9FB7h 0x0000001a xchg eax, ebp 0x0000001b jmp 00007FC0410B9FB6h 0x00000020 mov ebp, esp 0x00000022 pushad 0x00000023 pushfd 0x00000024 jmp 00007FC0410B9FAEh 0x00000029 and cx, 40B8h 0x0000002e jmp 00007FC0410B9FABh 0x00000033 popfd 0x00000034 push esi 0x00000035 pushfd 0x00000036 jmp 00007FC0410B9FAFh 0x0000003b adc ax, 227Eh 0x00000040 jmp 00007FC0410B9FB9h 0x00000045 popfd 0x00000046 pop eax 0x00000047 popad 0x00000048 push edx 0x00000049 jmp 00007FC0410B9FACh 0x0000004e mov dword ptr [esp], esi 0x00000051 push eax 0x00000052 push edx 0x00000053 pushad 0x00000054 push eax 0x00000055 push edx 0x00000056 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F80AB2 second address: 4F80AE8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushfd 0x00000005 jmp 00007FC040F64403h 0x0000000a sub ch, 0000003Eh 0x0000000d jmp 00007FC040F64409h 0x00000012 popfd 0x00000013 popad 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F80AE8 second address: 4F80AF8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC0410B9FACh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F80AF8 second address: 4F80B33 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov esi, dword ptr [ebp+0Ch] 0x0000000b jmp 00007FC040F64407h 0x00000010 test esi, esi 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007FC040F64405h 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F80B33 second address: 4F80B43 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC0410B9FACh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F80B43 second address: 4F80B47 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F80B47 second address: 4F80B72 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 je 00007FC0B2A8780Eh 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FC0410B9FB9h 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F80B72 second address: 4F80B78 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F80B78 second address: 4F80BC3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov edx, ecx 0x00000005 push ecx 0x00000006 pop edi 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a cmp dword ptr [769B459Ch], 05h 0x00000011 pushad 0x00000012 pushad 0x00000013 pushad 0x00000014 popad 0x00000015 pushfd 0x00000016 jmp 00007FC0410B9FAAh 0x0000001b and si, 53B8h 0x00000020 jmp 00007FC0410B9FABh 0x00000025 popfd 0x00000026 popad 0x00000027 mov dl, al 0x00000029 popad 0x0000002a je 00007FC0B2A9F890h 0x00000030 push eax 0x00000031 push edx 0x00000032 jmp 00007FC0410B9FAEh 0x00000037 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F80BC3 second address: 4F80BE5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC040F643FBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, esi 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d call 00007FC040F643FBh 0x00000012 pop esi 0x00000013 pushad 0x00000014 popad 0x00000015 popad 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F80BE5 second address: 4F80BF4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC0410B9FABh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F80BF4 second address: 4F80BF8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F80BF8 second address: 4F80C0C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c mov ch, bl 0x0000000e mov esi, 182BB0F9h 0x00000013 popad 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F80C66 second address: 4F80C6A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F80C6A second address: 4F80C87 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC0410B9FB9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F80C87 second address: 4F80CCD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FC040F643FAh 0x00000009 or ax, D928h 0x0000000e jmp 00007FC040F643FBh 0x00000013 popfd 0x00000014 popad 0x00000015 pop edx 0x00000016 pop eax 0x00000017 push eax 0x00000018 pushad 0x00000019 mov esi, edx 0x0000001b mov bx, 6696h 0x0000001f popad 0x00000020 xchg eax, esi 0x00000021 push eax 0x00000022 push edx 0x00000023 jmp 00007FC040F64408h 0x00000028 rdtsc |
Source: C:\Users\user\Desktop\BJQizQ6sqT.exe | RDTSC instruction interceptor: First address: 4F80CCD second address: 4F80CDF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC0410B9FAEh 0x00000009 rdtsc |