Source: FBmz85HS0d.exe, 00000000.00000002.1875057545.0000000001277000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1554154884.0000000001260000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1572945452.0000000001273000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://185.215.113.16/off/def.exe |
Source: FBmz85HS0d.exe, 00000000.00000002.1875057545.0000000001277000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1554154884.0000000001260000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1572945452.0000000001273000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://185.215.113.16/off/def.exentmj |
Source: FBmz85HS0d.exe, 00000000.00000002.1875080577.0000000001293000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1572945452.0000000001273000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E |
Source: FBmz85HS0d.exe, 00000000.00000003.1378243759.000000000592B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0 |
Source: FBmz85HS0d.exe, 00000000.00000003.1378243759.000000000592B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B |
Source: FBmz85HS0d.exe, 00000000.00000002.1875080577.0000000001293000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1572945452.0000000001273000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0 |
Source: FBmz85HS0d.exe, 00000000.00000002.1875080577.0000000001293000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1572945452.0000000001273000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C |
Source: FBmz85HS0d.exe, 00000000.00000002.1875034913.0000000001263000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl.globalsign.com/codesigningrootr45.crl0U |
Source: FBmz85HS0d.exe, 00000000.00000002.1875080577.0000000001293000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1572945452.0000000001273000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl.globalsign.com/root-r3.crl0G |
Source: FBmz85HS0d.exe, 00000000.00000003.1378457678.0000000001224000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1400999806.0000000001224000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1446155060.0000000001254000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1427541815.0000000001224000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1482458559.0000000001260000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1401787404.0000000001225000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1446552557.0000000001254000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1378025809.0000000001224000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl.micro |
Source: FBmz85HS0d.exe, 00000000.00000003.1378243759.000000000592B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0 |
Source: FBmz85HS0d.exe, 00000000.00000002.1875080577.0000000001293000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1572945452.0000000001273000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0 |
Source: FBmz85HS0d.exe, 00000000.00000003.1378243759.000000000592B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07 |
Source: FBmz85HS0d.exe, 00000000.00000003.1378243759.000000000592B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0= |
Source: FBmz85HS0d.exe, 00000000.00000002.1875080577.0000000001293000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1572945452.0000000001273000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0 |
Source: FBmz85HS0d.exe, 00000000.00000002.1875080577.0000000001293000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1572945452.0000000001273000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0 |
Source: FBmz85HS0d.exe, 00000000.00000003.1378243759.000000000592B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00 |
Source: FBmz85HS0d.exe, 00000000.00000003.1378243759.000000000592B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0? |
Source: FBmz85HS0d.exe, 00000000.00000003.1553814190.0000000005925000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1553777662.00000000059A9000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1557542576.00000000059A9000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000002.1877911381.0000000006039000.00000002.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1553935100.00000000058F1000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://nsis.sf.net/NSIS_ErrorError |
Source: FBmz85HS0d.exe, 00000000.00000003.1378243759.000000000592B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0 |
Source: FBmz85HS0d.exe, 00000000.00000002.1875080577.0000000001293000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1572945452.0000000001273000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0A |
Source: FBmz85HS0d.exe, 00000000.00000002.1875080577.0000000001293000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1572945452.0000000001273000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0C |
Source: FBmz85HS0d.exe, 00000000.00000002.1875080577.0000000001293000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1572945452.0000000001273000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0X |
Source: FBmz85HS0d.exe, 00000000.00000002.1875034913.0000000001263000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.globalsign.com/codesigningrootr450F |
Source: FBmz85HS0d.exe, 00000000.00000002.1875080577.0000000001293000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1572945452.0000000001273000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.globalsign.com/rootr30; |
Source: FBmz85HS0d.exe, 00000000.00000003.1378243759.000000000592B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.rootca1.amazontrust.com0: |
Source: FBmz85HS0d.exe, 00000000.00000002.1875034913.0000000001263000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://secure.globalsign.com/cacert/codesigningrootr45.crt0A |
Source: FBmz85HS0d.exe, 00000000.00000002.1875080577.0000000001293000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1572945452.0000000001273000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://secure.globalsign.com/cacert/root-r3.crt06 |
Source: Amcache.hve.11.dr | String found in binary or memory: http://upx.sf.net |
Source: FBmz85HS0d.exe, 00000000.00000003.1378243759.000000000592B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://x1.c.lencr.org/0 |
Source: FBmz85HS0d.exe, 00000000.00000003.1378243759.000000000592B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://x1.i.lencr.org/0 |
Source: FBmz85HS0d.exe, 00000000.00000003.1328496994.000000000593B000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1328246456.000000000593E000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1328645582.000000000593B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://ac.ecosia.org/autocomplete?q= |
Source: FBmz85HS0d.exe, 00000000.00000002.1877067862.0000000005913000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000002.1877331049.00000000059A5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://aui-cdn.atlassian.com/ |
Source: FBmz85HS0d.exe, 00000000.00000002.1877331049.00000000059A5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-frontbucket-canary.prod-east.frontend.public.atl-paas.net |
Source: FBmz85HS0d.exe, 00000000.00000002.1877331049.00000000059A5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-frontbucket-exp.prod-east.frontend.public.atl-paas.net |
Source: FBmz85HS0d.exe, 00000000.00000002.1877331049.00000000059A5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-frontbucket-static.prod-east.frontend.public.atl-paas.net |
Source: FBmz85HS0d.exe, 00000000.00000002.1877331049.00000000059A5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-frontbucket-static.stg-east.frontend.public.atl-paas.net |
Source: FBmz85HS0d.exe, 00000000.00000002.1877331049.00000000059A5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/ |
Source: FBmz85HS0d.exe, 00000000.00000002.1877331049.00000000059A5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/; |
Source: FBmz85HS0d.exe, 00000000.00000002.1877331049.00000000059A5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bbc-object-storage--frontbucket.us-east-1.staging.public.atl-paas.net/ |
Source: FBmz85HS0d.exe, 00000000.00000003.1554154884.0000000001260000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bbuseruploads.s3.amazonaws.com/ |
Source: FBmz85HS0d.exe, 00000000.00000003.1554154884.0000000001260000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1572945452.0000000001273000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000002.1877331049.00000000059A5000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000002.1875034913.0000000001263000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bbuseruploads.s3.amazonaws.com/70e84e0b-e14f-45c5-ab65-07760e9609fc/downloads/eaef3307-3cc1- |
Source: FBmz85HS0d.exe, 00000000.00000002.1875057545.0000000001277000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1554154884.0000000001260000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1572945452.0000000001273000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bitbucket.org/ |
Source: FBmz85HS0d.exe, 00000000.00000002.1875057545.0000000001277000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1554154884.0000000001260000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1572945452.0000000001273000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bitbucket.org/R |
Source: FBmz85HS0d.exe, 00000000.00000002.1874782719.0000000001215000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000002.1874782719.00000000011FB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bitbucket.org/mynewworkspace123312/scnd/downloads/FormattingCharitable.exe |
Source: FBmz85HS0d.exe, 00000000.00000002.1874658046.0000000000EFA000.00000004.00000010.00020000.00000000.sdmp | String found in binary or memory: https://bitbucket.org/mynewworkspace123312/scnd/downloads/FormattingCharitable.exe.0.0 |
Source: FBmz85HS0d.exe, 00000000.00000003.1379525182.0000000005900000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696490019400400000.2&ci=1696490019252. |
Source: FBmz85HS0d.exe, 00000000.00000003.1379525182.0000000005900000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696490019400400000.1&ci=1696490019252.12791&cta |
Source: FBmz85HS0d.exe, 00000000.00000002.1877067862.0000000005913000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000002.1877331049.00000000059A5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://cdn.cookielaw.org/ |
Source: FBmz85HS0d.exe, 00000000.00000003.1328496994.000000000593B000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1328246456.000000000593E000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1328645582.000000000593B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q= |
Source: FBmz85HS0d.exe, 00000000.00000003.1328496994.000000000593B000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1328246456.000000000593E000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1328645582.000000000593B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search |
Source: FBmz85HS0d.exe, 00000000.00000003.1328496994.000000000593B000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1328246456.000000000593E000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1328645582.000000000593B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command= |
Source: FBmz85HS0d.exe, 00000000.00000003.1379525182.0000000005900000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpg |
Source: FBmz85HS0d.exe, 00000000.00000003.1379525182.0000000005900000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg |
Source: FBmz85HS0d.exe, 00000000.00000003.1401268894.0000000001208000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1554154884.0000000001260000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000002.1875034913.0000000001263000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1401268894.00000000011FE000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/ |
Source: FBmz85HS0d.exe, 00000000.00000003.1427588716.0000000001208000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/6x |
Source: FBmz85HS0d.exe, FBmz85HS0d.exe, 00000000.00000003.1402059464.0000000005902000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1400999806.0000000001224000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1401108758.00000000058FE000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000002.1874782719.0000000001215000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1404190506.0000000005902000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1403463916.0000000005902000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1427588716.0000000001208000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1401787404.0000000001225000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1402568335.0000000005902000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1405842571.0000000001273000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1403839409.0000000005902000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1404908309.0000000005902000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1405410023.0000000005902000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1401191621.0000000005901000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1400889425.00000000058F4000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1446443931.0000000001273000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1427375694.0000000001277000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1403050358.0000000005902000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1404566168.0000000005902000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/api |
Source: FBmz85HS0d.exe, 00000000.00000003.1400999806.0000000001224000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1401787404.0000000001225000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1405842571.0000000001273000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1427375694.0000000001277000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/apiB |
Source: FBmz85HS0d.exe, 00000000.00000003.1427375694.0000000001277000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/apiice |
Source: FBmz85HS0d.exe, 00000000.00000002.1874782719.0000000001215000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/apil |
Source: FBmz85HS0d.exe, 00000000.00000003.1427375694.0000000001287000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1446443931.0000000001287000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/aping |
Source: FBmz85HS0d.exe, 00000000.00000003.1400999806.0000000001224000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/apit |
Source: FBmz85HS0d.exe, 00000000.00000003.1401268894.0000000001208000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/d |
Source: FBmz85HS0d.exe, 00000000.00000003.1427588716.0000000001208000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/er.xiK |
Source: FBmz85HS0d.exe, 00000000.00000003.1401268894.0000000001208000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/nx |
Source: FBmz85HS0d.exe, 00000000.00000003.1378457678.0000000001224000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1400999806.0000000001224000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000002.1874782719.0000000001215000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1427541815.0000000001224000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1401787404.0000000001225000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1378025809.0000000001224000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1482628618.0000000001224000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/pi |
Source: FBmz85HS0d.exe, 00000000.00000003.1427588716.0000000001208000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz/s |
Source: FBmz85HS0d.exe, 00000000.00000003.1446443931.0000000001273000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cuddlyready.xyz:443/api |
Source: FBmz85HS0d.exe, 00000000.00000003.1328496994.000000000593B000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1328246456.000000000593E000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1328645582.000000000593B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://duckduckgo.com/ac/?q= |
Source: FBmz85HS0d.exe, 00000000.00000003.1328496994.000000000593B000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1328246456.000000000593E000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1328645582.000000000593B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://duckduckgo.com/chrome_newtab |
Source: FBmz85HS0d.exe, 00000000.00000003.1328496994.000000000593B000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1328246456.000000000593E000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1328645582.000000000593B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q= |
Source: FBmz85HS0d.exe, 00000000.00000003.1554179926.0000000005913000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000002.1877067862.0000000005913000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000002.1877331049.00000000059A5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://dz8aopenkvv6s.cloudfront.net |
Source: FBmz85HS0d.exe, 00000000.00000003.1379525182.0000000005900000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pqWfpl%2B4pbW4pbWfpbW7ReNxR3UIG8zInwYIFIVs9e |
Source: FBmz85HS0d.exe, 00000000.00000003.1554179926.0000000005913000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000002.1877067862.0000000005913000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000002.1877331049.00000000059A5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://remote-app-switcher.prod-east.frontend.public.atl-paas.net |
Source: FBmz85HS0d.exe, 00000000.00000003.1554179926.0000000005913000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000002.1877067862.0000000005913000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000002.1877331049.00000000059A5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://remote-app-switcher.stg-east.frontend.public.atl-paas.net |
Source: FBmz85HS0d.exe, 00000000.00000003.1379201985.0000000005A12000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br |
Source: FBmz85HS0d.exe, 00000000.00000003.1379201985.0000000005A12000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.mozilla.org/products/firefoxgro.all |
Source: FBmz85HS0d.exe, 00000000.00000003.1554179926.0000000005913000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000002.1877067862.0000000005913000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000002.1877331049.00000000059A5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://web-security-reports.services.atlassian.com/csp-report/bb-website |
Source: FBmz85HS0d.exe, 00000000.00000003.1379525182.0000000005900000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_ef0fa27a12d43fbd45649e195429e8a63ddcad7cf7e128c0 |
Source: FBmz85HS0d.exe, 00000000.00000003.1328496994.000000000593B000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1328246456.000000000593E000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1328645582.000000000593B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.ecosia.org/newtab/ |
Source: FBmz85HS0d.exe, 00000000.00000002.1875080577.0000000001293000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1572945452.0000000001273000.00000004.00000020.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000002.1875034913.0000000001263000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.globalsign.com/repository/0 |
Source: FBmz85HS0d.exe, 00000000.00000003.1328496994.000000000593B000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1328246456.000000000593E000.00000004.00000800.00020000.00000000.sdmp, FBmz85HS0d.exe, 00000000.00000003.1328645582.000000000593B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico |
Source: FBmz85HS0d.exe, 00000000.00000003.1379525182.0000000005900000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.invisalign.com/?utm_source=admarketplace&utm_medium=paidsearch&utm_campaign=Invisalign&u |
Source: FBmz85HS0d.exe, 00000000.00000003.1379201985.0000000005A12000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.jXqaKJMO4ZEP |
Source: FBmz85HS0d.exe, 00000000.00000003.1379201985.0000000005A12000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.NYz0wxyUaYSW |
Source: FBmz85HS0d.exe, 00000000.00000003.1379201985.0000000005A12000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/gro.allizom.www.d |
Source: FBmz85HS0d.exe, 00000000.00000003.1379201985.0000000005A12000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig |
Source: FBmz85HS0d.exe, 00000000.00000003.1379201985.0000000005A12000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www. |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 477976 second address: 47797E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 476AD6 second address: 476AFF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C79895h 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push edx 0x0000000c jmp 00007F4EF0C7988Bh 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 476F69 second address: 476F87 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 jmp 00007F4EF0C09E28h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 479A2A second address: 479A7E instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 jnl 00007F4EF0C79886h 0x00000009 pop edx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d jng 00007F4EF0C79890h 0x00000013 pushad 0x00000014 push esi 0x00000015 pop esi 0x00000016 js 00007F4EF0C79886h 0x0000001c popad 0x0000001d nop 0x0000001e call 00007F4EF0C79892h 0x00000023 jnl 00007F4EF0C7988Ch 0x00000029 pop edi 0x0000002a push 00000000h 0x0000002c sbb esi, 47B7C1D3h 0x00000032 push 8E6FBD3Fh 0x00000037 jnc 00007F4EF0C79894h 0x0000003d push eax 0x0000003e push edx 0x0000003f push eax 0x00000040 push edx 0x00000041 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 479A7E second address: 479A82 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 479A82 second address: 479B4B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 add dword ptr [esp], 71904341h 0x0000000d push esi 0x0000000e mov edi, 695DA656h 0x00000013 pop edx 0x00000014 push 00000003h 0x00000016 call 00007F4EF0C79894h 0x0000001b pushad 0x0000001c adc dx, 5CA7h 0x00000021 xor ebx, 540CD5E1h 0x00000027 popad 0x00000028 pop edi 0x00000029 push 00000000h 0x0000002b pushad 0x0000002c jmp 00007F4EF0C79896h 0x00000031 popad 0x00000032 push 00000003h 0x00000034 mov di, 2CABh 0x00000038 call 00007F4EF0C79889h 0x0000003d jg 00007F4EF0C79892h 0x00000043 jng 00007F4EF0C7988Ch 0x00000049 push eax 0x0000004a jnl 00007F4EF0C79899h 0x00000050 jmp 00007F4EF0C79893h 0x00000055 mov eax, dword ptr [esp+04h] 0x00000059 jne 00007F4EF0C798A5h 0x0000005f mov eax, dword ptr [eax] 0x00000061 push eax 0x00000062 push edx 0x00000063 jmp 00007F4EF0C7988Fh 0x00000068 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 479B4B second address: 479BC9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E24h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp+04h], eax 0x0000000d pushad 0x0000000e pushad 0x0000000f jnl 00007F4EF0C09E16h 0x00000015 jnl 00007F4EF0C09E16h 0x0000001b popad 0x0000001c jne 00007F4EF0C09E1Ch 0x00000022 popad 0x00000023 pop eax 0x00000024 push 00000000h 0x00000026 push esi 0x00000027 call 00007F4EF0C09E18h 0x0000002c pop esi 0x0000002d mov dword ptr [esp+04h], esi 0x00000031 add dword ptr [esp+04h], 00000019h 0x00000039 inc esi 0x0000003a push esi 0x0000003b ret 0x0000003c pop esi 0x0000003d ret 0x0000003e add dword ptr [ebp+122D2B2Bh], edx 0x00000044 lea ebx, dword ptr [ebp+124558DCh] 0x0000004a mov dword ptr [ebp+122D1D54h], edi 0x00000050 xchg eax, ebx 0x00000051 pushad 0x00000052 jmp 00007F4EF0C09E1Bh 0x00000057 pushad 0x00000058 pushad 0x00000059 popad 0x0000005a push eax 0x0000005b push edx 0x0000005c rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 479E59 second address: 479E5D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 479E5D second address: 479E67 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 49A917 second address: 49A953 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C7988Fh 0x00000007 push esi 0x00000008 jnl 00007F4EF0C79886h 0x0000000e pop esi 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 jbe 00007F4EF0C79886h 0x0000001b jmp 00007F4EF0C79897h 0x00000020 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 49A953 second address: 49A969 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jnp 00007F4EF0C09E16h 0x0000000d pushad 0x0000000e popad 0x0000000f jc 00007F4EF0C09E16h 0x00000015 popad 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 463899 second address: 46389D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 498A3F second address: 498A46 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop ebx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 498A46 second address: 498A66 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pushad 0x00000004 popad 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 js 00007F4EF0C798CAh 0x0000000e jmp 00007F4EF0C7988Fh 0x00000013 pushad 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 498A66 second address: 498A6C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 498BC9 second address: 498BE6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C79898h 0x00000007 push ebx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 498EAD second address: 498EB1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 499044 second address: 499048 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 499048 second address: 499075 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E1Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push ebx 0x0000000a jbe 00007F4EF0C09E16h 0x00000010 jmp 00007F4EF0C09E20h 0x00000015 pop ebx 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 499075 second address: 499079 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 499079 second address: 49907D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4991C9 second address: 4991DD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 jmp 00007F4EF0C7988Ch 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4991DD second address: 4991E4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 499463 second address: 49947C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F4EF0C7988Fh 0x00000009 jp 00007F4EF0C79886h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4995CB second address: 4995CF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 49972A second address: 499747 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007F4EF0C7988Ch 0x0000000a jmp 00007F4EF0C7988Ah 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 499747 second address: 49974D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 49974D second address: 49978F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4EF0C7988Ch 0x00000009 jc 00007F4EF0C79886h 0x0000000f popad 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 jnp 00007F4EF0C7989Ah 0x00000019 ja 00007F4EF0C7988Eh 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 49978F second address: 499795 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 499795 second address: 49979F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007F4EF0C79886h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4998FB second address: 49990C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 jc 00007F4EF0C09E16h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 49990C second address: 499944 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F4EF0C79890h 0x0000000d jne 00007F4EF0C798A0h 0x00000013 push ecx 0x00000014 pop ecx 0x00000015 jmp 00007F4EF0C79898h 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 499944 second address: 49994A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 48DEEE second address: 48DEF2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 48DEF2 second address: 48DEF8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 48DEF8 second address: 48DF20 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 je 00007F4EF0C79888h 0x0000000c pushad 0x0000000d popad 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 jmp 00007F4EF0C79893h 0x00000016 pop edx 0x00000017 pushad 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 46F34F second address: 46F363 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E20h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 46F363 second address: 46F395 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 jnl 00007F4EF0C79886h 0x0000000f jmp 00007F4EF0C79897h 0x00000014 popad 0x00000015 push eax 0x00000016 push edx 0x00000017 pushad 0x00000018 jne 00007F4EF0C79886h 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 46F395 second address: 46F3BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4EF0C09E1Fh 0x00000009 jg 00007F4EF0C09E16h 0x0000000f popad 0x00000010 jmp 00007F4EF0C09E20h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 46F3BF second address: 46F3C5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 499A90 second address: 499AE1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E25h 0x00000007 jmp 00007F4EF0C09E27h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pushad 0x0000000f jmp 00007F4EF0C09E1Fh 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007F4EF0C09E1Dh 0x0000001b push edx 0x0000001c pop edx 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 49A0C5 second address: 49A0E7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007F4EF0C7988Bh 0x0000000b popad 0x0000000c jnl 00007F4EF0C79888h 0x00000012 push eax 0x00000013 push edx 0x00000014 jng 00007F4EF0C79886h 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 49A242 second address: 49A252 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push ecx 0x00000006 pop ecx 0x00000007 push eax 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c push edx 0x0000000d pop edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 49A3D7 second address: 49A3E3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jo 00007F4EF0C79886h 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 466D8C second address: 466DB3 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F4EF0C09E1Ch 0x00000008 pushad 0x00000009 jo 00007F4EF0C09E16h 0x0000000f jl 00007F4EF0C09E16h 0x00000015 popad 0x00000016 pop edx 0x00000017 pop eax 0x00000018 push eax 0x00000019 push edx 0x0000001a push ebx 0x0000001b pushad 0x0000001c popad 0x0000001d pop ebx 0x0000001e pushad 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 466DB3 second address: 466DB9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 466DB9 second address: 466DD5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4EF0C09E25h 0x00000009 push esi 0x0000000a pop esi 0x0000000b popad 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A2A80 second address: 4A2A9A instructions: 0x00000000 rdtsc 0x00000002 jno 00007F4EF0C7988Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e jnp 00007F4EF0C79886h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A12FD second address: 4A131A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 pop edi 0x00000008 push eax 0x00000009 push esi 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F4EF0C09E21h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A2C22 second address: 4A2C28 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A792A second address: 4A7975 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F4EF0C09E29h 0x00000008 jbe 00007F4EF0C09E16h 0x0000000e popad 0x0000000f push esi 0x00000010 push edi 0x00000011 pop edi 0x00000012 pop esi 0x00000013 pop edx 0x00000014 pop eax 0x00000015 pushad 0x00000016 jp 00007F4EF0C09E2Eh 0x0000001c push ebx 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A7975 second address: 4A7986 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 push edx 0x0000000a pop edx 0x0000000b jnl 00007F4EF0C79886h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A7ABA second address: 4A7AC0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A7AC0 second address: 4A7AC4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A7AC4 second address: 4A7AC8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A7AC8 second address: 4A7AD9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007F4EF0C79886h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A7AD9 second address: 4A7AE1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A7AE1 second address: 4A7AE6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A7D2D second address: 4A7D31 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A7D31 second address: 4A7D8D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edx 0x00000007 jmp 00007F4EF0C79895h 0x0000000c pop edx 0x0000000d pushad 0x0000000e jo 00007F4EF0C79886h 0x00000014 push ebx 0x00000015 pop ebx 0x00000016 jc 00007F4EF0C79886h 0x0000001c popad 0x0000001d push ebx 0x0000001e jmp 00007F4EF0C79890h 0x00000023 jmp 00007F4EF0C79893h 0x00000028 pop ebx 0x00000029 popad 0x0000002a pushad 0x0000002b push eax 0x0000002c push edx 0x0000002d jno 00007F4EF0C79886h 0x00000033 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A7D8D second address: 4A7DA4 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F4EF0C09E16h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jmp 00007F4EF0C09E1Ah 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A7DA4 second address: 4A7DC2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 jmp 00007F4EF0C79893h 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A7DC2 second address: 4A7DD7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4EF0C09E21h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A7DD7 second address: 4A7DDD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A7EFB second address: 4A7F01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A7F01 second address: 4A7F06 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4AA845 second address: 4AA84A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4AA9AA second address: 4AA9AE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4AAB86 second address: 4AAB8C instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4AAB8C second address: 4AABA0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F4EF0C79890h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4AAE80 second address: 4AAE86 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4AAE86 second address: 4AAE90 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F4EF0C7988Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4AB638 second address: 4AB63D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4AB87A second address: 4AB897 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 jmp 00007F4EF0C79891h 0x00000008 pop edx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4AC927 second address: 4AC92D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4AC92D second address: 4AC9A3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop eax 0x00000006 nop 0x00000007 jmp 00007F4EF0C79895h 0x0000000c push 00000000h 0x0000000e push 00000000h 0x00000010 push ebp 0x00000011 call 00007F4EF0C79888h 0x00000016 pop ebp 0x00000017 mov dword ptr [esp+04h], ebp 0x0000001b add dword ptr [esp+04h], 00000017h 0x00000023 inc ebp 0x00000024 push ebp 0x00000025 ret 0x00000026 pop ebp 0x00000027 ret 0x00000028 mov esi, ebx 0x0000002a push 00000000h 0x0000002c push 00000000h 0x0000002e push ebp 0x0000002f call 00007F4EF0C79888h 0x00000034 pop ebp 0x00000035 mov dword ptr [esp+04h], ebp 0x00000039 add dword ptr [esp+04h], 00000018h 0x00000041 inc ebp 0x00000042 push ebp 0x00000043 ret 0x00000044 pop ebp 0x00000045 ret 0x00000046 mov edi, dword ptr [ebp+122D1D9Bh] 0x0000004c xchg eax, ebx 0x0000004d push eax 0x0000004e push edx 0x0000004f jo 00007F4EF0C7988Ch 0x00000055 jo 00007F4EF0C79886h 0x0000005b rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4AC9A3 second address: 4AC9A8 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4AC9A8 second address: 4AC9B9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b je 00007F4EF0C79886h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4AEC44 second address: 4AEC56 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E1Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4AEC56 second address: 4AEC5C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4AF9A5 second address: 4AF9C1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F4EF0C09E28h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4B066A second address: 4B0674 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F4EF0C79886h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4B3A32 second address: 4B3A55 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 push eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F4EF0C09E28h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4B0E7F second address: 4B0E84 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4B1954 second address: 4B1962 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c push ecx 0x0000000d pop ecx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4B1962 second address: 4B1974 instructions: 0x00000000 rdtsc 0x00000002 je 00007F4EF0C79886h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jg 00007F4EF0C79886h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4B4C86 second address: 4B4C91 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007F4EF0C09E16h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4B4C91 second address: 4B4C96 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4B78E0 second address: 4B78E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4B5BDD second address: 4B5BE1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4B78E4 second address: 4B797D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E27h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007F4EF0C09E1Fh 0x0000000f nop 0x00000010 push 00000000h 0x00000012 push ebx 0x00000013 call 00007F4EF0C09E18h 0x00000018 pop ebx 0x00000019 mov dword ptr [esp+04h], ebx 0x0000001d add dword ptr [esp+04h], 00000017h 0x00000025 inc ebx 0x00000026 push ebx 0x00000027 ret 0x00000028 pop ebx 0x00000029 ret 0x0000002a mov edi, dword ptr [ebp+124770FAh] 0x00000030 push 00000000h 0x00000032 push 00000000h 0x00000034 push ebp 0x00000035 call 00007F4EF0C09E18h 0x0000003a pop ebp 0x0000003b mov dword ptr [esp+04h], ebp 0x0000003f add dword ptr [esp+04h], 0000001Dh 0x00000047 inc ebp 0x00000048 push ebp 0x00000049 ret 0x0000004a pop ebp 0x0000004b ret 0x0000004c push 00000000h 0x0000004e sub dword ptr [ebp+122D2B26h], eax 0x00000054 xchg eax, esi 0x00000055 jmp 00007F4EF0C09E22h 0x0000005a push eax 0x0000005b push esi 0x0000005c push eax 0x0000005d push edx 0x0000005e pushad 0x0000005f popad 0x00000060 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4B5BE1 second address: 4B5BEB instructions: 0x00000000 rdtsc 0x00000002 jp 00007F4EF0C79886h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4B893A second address: 4B894A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop eax 0x00000006 push eax 0x00000007 js 00007F4EF0C09E1Eh 0x0000000d push ebx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4B7AB5 second address: 4B7AB9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4B894A second address: 4B8990 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 nop 0x00000006 adc bl, FFFFFFBDh 0x00000009 push 00000000h 0x0000000b sbb bl, 00000000h 0x0000000e jnl 00007F4EF0C09E16h 0x00000014 push 00000000h 0x00000016 push 00000000h 0x00000018 push esi 0x00000019 call 00007F4EF0C09E18h 0x0000001e pop esi 0x0000001f mov dword ptr [esp+04h], esi 0x00000023 add dword ptr [esp+04h], 00000019h 0x0000002b inc esi 0x0000002c push esi 0x0000002d ret 0x0000002e pop esi 0x0000002f ret 0x00000030 push edi 0x00000031 pop ebx 0x00000032 push eax 0x00000033 pushad 0x00000034 jno 00007F4EF0C09E18h 0x0000003a push ebx 0x0000003b push eax 0x0000003c push edx 0x0000003d rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4B7B52 second address: 4B7B56 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4B7B56 second address: 4B7B65 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E1Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4B8B44 second address: 4B8B4A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4BA839 second address: 4BA840 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4BA840 second address: 4BA845 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4BA845 second address: 4BA84B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4BC747 second address: 4BC74B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4BC74B second address: 4BC751 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4BC751 second address: 4BC778 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 jmp 00007F4EF0C79894h 0x00000008 pop ecx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c pushad 0x0000000d je 00007F4EF0C79888h 0x00000013 push eax 0x00000014 pop eax 0x00000015 pushad 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4BD69D second address: 4BD6A3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4BD746 second address: 4BD74A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4BD74A second address: 4BD750 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4BD750 second address: 4BD756 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4BAA59 second address: 4BAA5D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4BC9C9 second address: 4BC9CD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4BFE2E second address: 4BFE34 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4BD87A second address: 4BD87E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4BD87E second address: 4BD92F instructions: 0x00000000 rdtsc 0x00000002 jp 00007F4EF0C09E16h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c jmp 00007F4EF0C09E1Eh 0x00000011 nop 0x00000012 push 00000000h 0x00000014 push edx 0x00000015 call 00007F4EF0C09E18h 0x0000001a pop edx 0x0000001b mov dword ptr [esp+04h], edx 0x0000001f add dword ptr [esp+04h], 00000015h 0x00000027 inc edx 0x00000028 push edx 0x00000029 ret 0x0000002a pop edx 0x0000002b ret 0x0000002c jmp 00007F4EF0C09E1Ah 0x00000031 push dword ptr fs:[00000000h] 0x00000038 push 00000000h 0x0000003a push ebp 0x0000003b call 00007F4EF0C09E18h 0x00000040 pop ebp 0x00000041 mov dword ptr [esp+04h], ebp 0x00000045 add dword ptr [esp+04h], 0000001Ch 0x0000004d inc ebp 0x0000004e push ebp 0x0000004f ret 0x00000050 pop ebp 0x00000051 ret 0x00000052 and edi, 48BDCCD4h 0x00000058 mov dword ptr fs:[00000000h], esp 0x0000005f xor ebx, 5BBA1D90h 0x00000065 mov eax, dword ptr [ebp+122D14A9h] 0x0000006b mov bx, E713h 0x0000006f push FFFFFFFFh 0x00000071 nop 0x00000072 je 00007F4EF0C09E2Fh 0x00000078 jmp 00007F4EF0C09E29h 0x0000007d push eax 0x0000007e push eax 0x0000007f push edi 0x00000080 push eax 0x00000081 push edx 0x00000082 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4C0FD6 second address: 4C0FDA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4C0FDA second address: 4C0FFD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E20h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push ecx 0x0000000a jc 00007F4EF0C09E16h 0x00000010 pop ecx 0x00000011 popad 0x00000012 push eax 0x00000013 push ebx 0x00000014 push eax 0x00000015 push edx 0x00000016 pushad 0x00000017 popad 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4C0FFD second address: 4C1073 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 nop 0x00000008 push 00000000h 0x0000000a push ebx 0x0000000b call 00007F4EF0C79888h 0x00000010 pop ebx 0x00000011 mov dword ptr [esp+04h], ebx 0x00000015 add dword ptr [esp+04h], 00000017h 0x0000001d inc ebx 0x0000001e push ebx 0x0000001f ret 0x00000020 pop ebx 0x00000021 ret 0x00000022 mov bx, 2F00h 0x00000026 mov dword ptr [ebp+122D2A53h], esi 0x0000002c push 00000000h 0x0000002e mov ebx, 4F7099E1h 0x00000033 push 00000000h 0x00000035 push 00000000h 0x00000037 push edi 0x00000038 call 00007F4EF0C79888h 0x0000003d pop edi 0x0000003e mov dword ptr [esp+04h], edi 0x00000042 add dword ptr [esp+04h], 00000016h 0x0000004a inc edi 0x0000004b push edi 0x0000004c ret 0x0000004d pop edi 0x0000004e ret 0x0000004f push eax 0x00000050 pushad 0x00000051 push esi 0x00000052 jmp 00007F4EF0C79896h 0x00000057 pop esi 0x00000058 push eax 0x00000059 push edx 0x0000005a push eax 0x0000005b pop eax 0x0000005c rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4C11AD second address: 4C1270 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E27h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jp 00007F4EF0C09E2Eh 0x00000010 nop 0x00000011 push 00000000h 0x00000013 push edi 0x00000014 call 00007F4EF0C09E18h 0x00000019 pop edi 0x0000001a mov dword ptr [esp+04h], edi 0x0000001e add dword ptr [esp+04h], 00000015h 0x00000026 inc edi 0x00000027 push edi 0x00000028 ret 0x00000029 pop edi 0x0000002a ret 0x0000002b mov ebx, dword ptr [ebp+122D2E35h] 0x00000031 push dword ptr fs:[00000000h] 0x00000038 mov bx, E6BCh 0x0000003c mov dword ptr fs:[00000000h], esp 0x00000043 mov eax, dword ptr [ebp+122D0261h] 0x00000049 jmp 00007F4EF0C09E23h 0x0000004e push FFFFFFFFh 0x00000050 push 00000000h 0x00000052 push eax 0x00000053 call 00007F4EF0C09E18h 0x00000058 pop eax 0x00000059 mov dword ptr [esp+04h], eax 0x0000005d add dword ptr [esp+04h], 00000018h 0x00000065 inc eax 0x00000066 push eax 0x00000067 ret 0x00000068 pop eax 0x00000069 ret 0x0000006a mov dword ptr [ebp+12477525h], ecx 0x00000070 jmp 00007F4EF0C09E1Ch 0x00000075 push eax 0x00000076 push eax 0x00000077 push edx 0x00000078 pushad 0x00000079 push eax 0x0000007a push edx 0x0000007b rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4C1270 second address: 4C1277 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4C45FA second address: 4C4600 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4C4600 second address: 4C466B instructions: 0x00000000 rdtsc 0x00000002 ja 00007F4EF0C79888h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov dword ptr [esp], eax 0x0000000d push 00000000h 0x0000000f push esi 0x00000010 call 00007F4EF0C79888h 0x00000015 pop esi 0x00000016 mov dword ptr [esp+04h], esi 0x0000001a add dword ptr [esp+04h], 00000014h 0x00000022 inc esi 0x00000023 push esi 0x00000024 ret 0x00000025 pop esi 0x00000026 ret 0x00000027 xor di, 16D3h 0x0000002c push 00000000h 0x0000002e push 00000000h 0x00000030 push eax 0x00000031 call 00007F4EF0C79888h 0x00000036 pop eax 0x00000037 mov dword ptr [esp+04h], eax 0x0000003b add dword ptr [esp+04h], 00000018h 0x00000043 inc eax 0x00000044 push eax 0x00000045 ret 0x00000046 pop eax 0x00000047 ret 0x00000048 pushad 0x00000049 mov edx, dword ptr [ebp+122D2D17h] 0x0000004f and al, FFFFFFE3h 0x00000052 popad 0x00000053 push 00000000h 0x00000055 mov di, ax 0x00000058 movzx ebx, cx 0x0000005b xchg eax, esi 0x0000005c push eax 0x0000005d push edx 0x0000005e push ebx 0x0000005f push eax 0x00000060 push edx 0x00000061 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4C38AF second address: 4C38B6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4C466B second address: 4C4670 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4C4670 second address: 4C4677 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4C4804 second address: 4C4809 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 46D92D second address: 46D93E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007F4EF0C09E16h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d push esi 0x0000000e pop esi 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4CE0C1 second address: 4CE0E1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4EF0C79898h 0x00000009 pushad 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4CDC8B second address: 4CDC9F instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F4EF0C09E1Ah 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a push esi 0x0000000b pop esi 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 push ebx 0x00000013 pop ebx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4CDC9F second address: 4CDCA3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4CDCA3 second address: 4CDCAD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edx 0x00000007 push edx 0x00000008 pop edx 0x00000009 pop edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4CDCAD second address: 4CDCB3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4CDCB3 second address: 4CDCB7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4CDCB7 second address: 4CDCD4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C7988Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jmp 00007F4EF0C7988Ch 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4D87FD second address: 4D8822 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F4EF0C09E1Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov eax, dword ptr [eax] 0x0000000c push ecx 0x0000000d jnp 00007F4EF0C09E18h 0x00000013 pop ecx 0x00000014 mov dword ptr [esp+04h], eax 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4D8822 second address: 4D8827 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4D8827 second address: 4D882D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4D88F4 second address: 4D88FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F4EF0C79886h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4D88FF second address: 4D8905 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4D8905 second address: 4D8909 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4D8909 second address: 4D8930 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [esp+04h] 0x0000000c jl 00007F4EF0C09E20h 0x00000012 jmp 00007F4EF0C09E1Ah 0x00000017 mov eax, dword ptr [eax] 0x00000019 pushad 0x0000001a jc 00007F4EF0C09E1Ch 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4D8930 second address: 4D8951 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 jnp 00007F4EF0C79886h 0x0000000b jnp 00007F4EF0C79886h 0x00000011 popad 0x00000012 popad 0x00000013 mov dword ptr [esp+04h], eax 0x00000017 push eax 0x00000018 push edx 0x00000019 js 00007F4EF0C79888h 0x0000001f pushad 0x00000020 popad 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4DC98E second address: 4DC9F4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4EF0C09E1Dh 0x00000009 popad 0x0000000a push ecx 0x0000000b pushad 0x0000000c popad 0x0000000d pop ecx 0x0000000e jmp 00007F4EF0C09E28h 0x00000013 jmp 00007F4EF0C09E1Ah 0x00000018 popad 0x00000019 push eax 0x0000001a push edx 0x0000001b jmp 00007F4EF0C09E23h 0x00000020 jmp 00007F4EF0C09E28h 0x00000025 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4DC9F4 second address: 4DC9FA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4DC9FA second address: 4DCA0A instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jbe 00007F4EF0C09E16h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4DCA0A second address: 4DCA0E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4DCE5C second address: 4DCE60 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4DCE60 second address: 4DCE6E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnp 00007F4EF0C7988Ch 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4DD137 second address: 4DD14F instructions: 0x00000000 rdtsc 0x00000002 jl 00007F4EF0C09E16h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jg 00007F4EF0C09E1Eh 0x00000010 push ebx 0x00000011 pop ebx 0x00000012 jp 00007F4EF0C09E16h 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4DD14F second address: 4DD155 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4DD155 second address: 4DD15B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4DD15B second address: 4DD15F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4DD3DE second address: 4DD3E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4DD3E4 second address: 4DD3EC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4DD3EC second address: 4DD3F0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4E2844 second address: 4E284E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F4EF0C79886h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4E2C63 second address: 4E2C8E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 jmp 00007F4EF0C09E28h 0x0000000a js 00007F4EF0C09E22h 0x00000010 jbe 00007F4EF0C09E1Ch 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4E2F6C second address: 4E2F7C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 je 00007F4EF0C79886h 0x0000000a jng 00007F4EF0C79886h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4E322D second address: 4E323A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 je 00007F4EF0C09E16h 0x0000000c popad 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4E33B6 second address: 4E33BA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4E33BA second address: 4E33C0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4E33C0 second address: 4E33C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4E33C4 second address: 4E33D2 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jns 00007F4EF0C09E16h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4E227A second address: 4E227F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4E6B7D second address: 4E6BAB instructions: 0x00000000 rdtsc 0x00000002 jl 00007F4EF0C09E1Eh 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a je 00007F4EF0C09E16h 0x00000010 pop edx 0x00000011 pop eax 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007F4EF0C09E27h 0x00000019 pushad 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4E6BAB second address: 4E6BC6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4EF0C79896h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A9237 second address: 48DEEE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 nop 0x00000007 add edi, dword ptr [ebp+122D1DC0h] 0x0000000d clc 0x0000000e lea eax, dword ptr [ebp+12484F59h] 0x00000014 pushad 0x00000015 mov dword ptr [ebp+122D2A53h], ebx 0x0000001b and ebx, 23B54027h 0x00000021 popad 0x00000022 nop 0x00000023 push eax 0x00000024 push esi 0x00000025 jmp 00007F4EF0C09E1Eh 0x0000002a pop esi 0x0000002b pop eax 0x0000002c push eax 0x0000002d jg 00007F4EF0C09E24h 0x00000033 nop 0x00000034 push 00000000h 0x00000036 push edx 0x00000037 call 00007F4EF0C09E18h 0x0000003c pop edx 0x0000003d mov dword ptr [esp+04h], edx 0x00000041 add dword ptr [esp+04h], 00000015h 0x00000049 inc edx 0x0000004a push edx 0x0000004b ret 0x0000004c pop edx 0x0000004d ret 0x0000004e mov dword ptr [ebp+122D1D54h], edx 0x00000054 sbb edx, 46A2C6E0h 0x0000005a call dword ptr [ebp+122D3410h] 0x00000060 jmp 00007F4EF0C09E1Ch 0x00000065 pushad 0x00000066 push eax 0x00000067 push edx 0x00000068 pushad 0x00000069 popad 0x0000006a push eax 0x0000006b push edx 0x0000006c rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A948C second address: 4A9496 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F4EF0C7988Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A97D8 second address: 4A97DE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A9843 second address: 4A989B instructions: 0x00000000 rdtsc 0x00000002 je 00007F4EF0C79886h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ebx 0x0000000b jmp 00007F4EF0C79893h 0x00000010 pop ebx 0x00000011 popad 0x00000012 xor dword ptr [esp], 42EC9857h 0x00000019 and di, B42Ah 0x0000001e call 00007F4EF0C79889h 0x00000023 jp 00007F4EF0C79892h 0x00000029 jnc 00007F4EF0C7988Ch 0x0000002f push eax 0x00000030 push eax 0x00000031 push edx 0x00000032 push edi 0x00000033 jmp 00007F4EF0C7988Ch 0x00000038 pop edi 0x00000039 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A989B second address: 4A98CC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 jc 00007F4EF0C09E16h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e mov eax, dword ptr [esp+04h] 0x00000012 jmp 00007F4EF0C09E28h 0x00000017 mov eax, dword ptr [eax] 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c pushad 0x0000001d popad 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A99D7 second address: 4A99DC instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A9BC3 second address: 4A9BC7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A9CFB second address: 4A9D23 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 jmp 00007F4EF0C7988Ch 0x0000000b nop 0x0000000c sub dword ptr [ebp+122D2F04h], ebx 0x00000012 mov dx, bx 0x00000015 push 00000004h 0x00000017 push esi 0x00000018 mov cl, F3h 0x0000001a pop ecx 0x0000001b push eax 0x0000001c pushad 0x0000001d push eax 0x0000001e push edx 0x0000001f push eax 0x00000020 pop eax 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4AA10A second address: 4AA114 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F4EF0C09E16h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EE08B second address: 4EE0AB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C79896h 0x00000007 push eax 0x00000008 push edx 0x00000009 jbe 00007F4EF0C79886h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4AA2B6 second address: 4AA2BA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EE1E6 second address: 4EE1EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EE1EB second address: 4EE1F5 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F4EF0C09E1Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EE4AC second address: 4EE4B1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EE4B1 second address: 4EE4D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jo 00007F4EF0C09E16h 0x0000000c popad 0x0000000d pushad 0x0000000e push ecx 0x0000000f pop ecx 0x00000010 jnp 00007F4EF0C09E16h 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 push eax 0x0000001a push edx 0x0000001b jp 00007F4EF0C09E18h 0x00000021 push edi 0x00000022 pop edi 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EE61E second address: 4EE64A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007F4EF0C79886h 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F4EF0C7988Bh 0x00000011 jmp 00007F4EF0C79895h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EE64A second address: 4EE64E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EE64E second address: 4EE65E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007F4EF0C79886h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EE65E second address: 4EE668 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F4EF0C09E16h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EE902 second address: 4EE906 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EE906 second address: 4EE90C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EE90C second address: 4EE91A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jl 00007F4EF0C7988Ch 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EE91A second address: 4EE922 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EE922 second address: 4EE937 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4EF0C79891h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EEA7C second address: 4EEA86 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 je 00007F4EF0C09E16h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EEA86 second address: 4EEAA7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F4EF0C79897h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EEAA7 second address: 4EEAAB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EEAAB second address: 4EEAB8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EEAB8 second address: 4EEAE3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4EF0C09E1Bh 0x00000009 jne 00007F4EF0C09E16h 0x0000000f jmp 00007F4EF0C09E25h 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EEAE3 second address: 4EEAE9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EEAE9 second address: 4EEAFD instructions: 0x00000000 rdtsc 0x00000002 jng 00007F4EF0C09E16h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jbe 00007F4EF0C09E16h 0x00000012 push ebx 0x00000013 pop ebx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4EEAFD second address: 4EEB01 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F4660 second address: 4F4681 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push esi 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F4EF0C09E25h 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F4681 second address: 4F4685 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F4685 second address: 4F468B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F3337 second address: 4F3346 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edx 0x00000004 pop edx 0x00000005 pushad 0x00000006 popad 0x00000007 jg 00007F4EF0C79886h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F3659 second address: 4F365D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F365D second address: 4F3661 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F40BC second address: 4F40C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F4EF0C09E18h 0x0000000a push edx 0x0000000b pop edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F96C6 second address: 4F96CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F96CA second address: 4F96D0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F96D0 second address: 4F96DA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnc 00007F4EF0C79886h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F96DA second address: 4F96E6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push esi 0x00000009 pop esi 0x0000000a push edi 0x0000000b pop edi 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F8F6A second address: 4F8F87 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F4EF0C79886h 0x00000008 jmp 00007F4EF0C7988Ch 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pop esi 0x00000010 push eax 0x00000011 push edx 0x00000012 push ecx 0x00000013 pushad 0x00000014 popad 0x00000015 pop ecx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F8F87 second address: 4F8F8D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F9122 second address: 4F9152 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jno 00007F4EF0C7989Fh 0x0000000e jnp 00007F4EF0C7989Ch 0x00000014 pushad 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F9152 second address: 4F9158 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F9292 second address: 4F92AF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 pop esi 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b jne 00007F4EF0C79886h 0x00000011 jmp 00007F4EF0C7988Ch 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F92AF second address: 4F92B3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F92B3 second address: 4F92C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jl 00007F4EF0C79888h 0x0000000c push eax 0x0000000d push edx 0x0000000e push esi 0x0000000f pop esi 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 5006CB second address: 5006D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 5006D3 second address: 5006E2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 jg 00007F4EF0C79886h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 500807 second address: 50083D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F4EF0C09E1Ch 0x0000000b pushad 0x0000000c jmp 00007F4EF0C09E1Bh 0x00000011 jmp 00007F4EF0C09E26h 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 500C60 second address: 500C64 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 500C64 second address: 500C83 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F4EF0C09E16h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jg 00007F4EF0C09E1Ch 0x00000010 pop edx 0x00000011 push eax 0x00000012 push edx 0x00000013 push edx 0x00000014 pushad 0x00000015 popad 0x00000016 push edi 0x00000017 pop edi 0x00000018 pop edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 500C83 second address: 500C89 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 500C89 second address: 500C8D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 500C8D second address: 500C91 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 500E18 second address: 500E1D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 500E1D second address: 500E3E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pushad 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a jmp 00007F4EF0C79895h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 50564A second address: 505650 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 505650 second address: 505659 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 505A19 second address: 505A29 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4EF0C09E1Ch 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 505A29 second address: 505A61 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C79899h 0x00000007 jmp 00007F4EF0C7988Ah 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pop esi 0x0000000f push eax 0x00000010 push edx 0x00000011 push ebx 0x00000012 pushad 0x00000013 popad 0x00000014 pushad 0x00000015 popad 0x00000016 pop ebx 0x00000017 push eax 0x00000018 push edx 0x00000019 jbe 00007F4EF0C79886h 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 505A61 second address: 505A65 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 505A65 second address: 505A6D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A9EF2 second address: 4A9EF6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A9EF6 second address: 4A9F7C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C7988Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F4EF0C7988Ah 0x0000000e popad 0x0000000f push eax 0x00000010 pushad 0x00000011 push ecx 0x00000012 push ecx 0x00000013 pop ecx 0x00000014 pop ecx 0x00000015 push esi 0x00000016 js 00007F4EF0C79886h 0x0000001c pop esi 0x0000001d popad 0x0000001e nop 0x0000001f call 00007F4EF0C7988Eh 0x00000024 mov ecx, dword ptr [ebp+122D3B47h] 0x0000002a pop ecx 0x0000002b mov ebx, dword ptr [ebp+12484F98h] 0x00000031 push 00000000h 0x00000033 push edx 0x00000034 call 00007F4EF0C79888h 0x00000039 pop edx 0x0000003a mov dword ptr [esp+04h], edx 0x0000003e add dword ptr [esp+04h], 00000017h 0x00000046 inc edx 0x00000047 push edx 0x00000048 ret 0x00000049 pop edx 0x0000004a ret 0x0000004b stc 0x0000004c add eax, ebx 0x0000004e jmp 00007F4EF0C7988Dh 0x00000053 push eax 0x00000054 push eax 0x00000055 push edx 0x00000056 jnc 00007F4EF0C7988Ch 0x0000005c rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A9F7C second address: 4A9FBF instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pushad 0x00000004 popad 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], eax 0x0000000b push 00000000h 0x0000000d push ebx 0x0000000e call 00007F4EF0C09E18h 0x00000013 pop ebx 0x00000014 mov dword ptr [esp+04h], ebx 0x00000018 add dword ptr [esp+04h], 00000016h 0x00000020 inc ebx 0x00000021 push ebx 0x00000022 ret 0x00000023 pop ebx 0x00000024 ret 0x00000025 and dx, 2867h 0x0000002a push 00000004h 0x0000002c jmp 00007F4EF0C09E1Dh 0x00000031 push eax 0x00000032 push eax 0x00000033 push edx 0x00000034 pushad 0x00000035 push eax 0x00000036 push edx 0x00000037 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4A9FBF second address: 4A9FC6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 506016 second address: 50601A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 50601A second address: 506054 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 jnc 00007F4EF0C79886h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 jmp 00007F4EF0C79893h 0x00000015 jng 00007F4EF0C79886h 0x0000001b push esi 0x0000001c pop esi 0x0000001d pushad 0x0000001e popad 0x0000001f popad 0x00000020 jmp 00007F4EF0C7988Ch 0x00000025 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 506054 second address: 506066 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jp 00007F4EF0C09E16h 0x00000009 push edi 0x0000000a pop edi 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f pop eax 0x00000010 push eax 0x00000011 pop eax 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 506066 second address: 506070 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F4EF0C79886h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 50DA8C second address: 50DA97 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 pop eax 0x00000009 push ebx 0x0000000a pop ebx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 50DA97 second address: 50DA9B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 50DA9B second address: 50DAA1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 50DAA1 second address: 50DAA6 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 50DAA6 second address: 50DAC6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F4EF0C09E29h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 50E33D second address: 50E347 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F4EF0C79886h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 50E347 second address: 50E370 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F4EF0C09E26h 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f jns 00007F4EF0C09E16h 0x00000015 push ecx 0x00000016 pop ecx 0x00000017 popad 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 50EC02 second address: 50EC06 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 50EC06 second address: 50EC0A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 50F466 second address: 50F488 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F4EF0C798A4h 0x00000008 jmp 00007F4EF0C79898h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 5138AB second address: 5138BA instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F4EF0C09E16h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 5138BA second address: 5138BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 5129B0 second address: 5129B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 512C9C second address: 512CA2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 512CA2 second address: 512CA6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 512CA6 second address: 512CAA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 512CAA second address: 512CCF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F4EF0C09E16h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push ebx 0x0000000f pop ebx 0x00000010 jmp 00007F4EF0C09E25h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 512CCF second address: 512CDE instructions: 0x00000000 rdtsc 0x00000002 jno 00007F4EF0C79886h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 5130F4 second address: 513112 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 jo 00007F4EF0C09E22h 0x0000000e push ebx 0x0000000f push esi 0x00000010 pop esi 0x00000011 pop ebx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 513112 second address: 513127 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F4EF0C79888h 0x00000008 pushad 0x00000009 popad 0x0000000a pushad 0x0000000b je 00007F4EF0C79886h 0x00000011 push esi 0x00000012 pop esi 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 513412 second address: 51341D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 51341D second address: 513421 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 513584 second address: 513588 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 51826D second address: 518280 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F4EF0C79888h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 518280 second address: 518285 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 460244 second address: 460248 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 460248 second address: 46024C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 520A36 second address: 520A6F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jp 00007F4EF0C79886h 0x00000009 jmp 00007F4EF0C7988Eh 0x0000000e popad 0x0000000f jmp 00007F4EF0C79891h 0x00000014 pop edx 0x00000015 pop eax 0x00000016 push eax 0x00000017 push edx 0x00000018 push edi 0x00000019 pushad 0x0000001a popad 0x0000001b pop edi 0x0000001c jbe 00007F4EF0C7988Ch 0x00000022 push eax 0x00000023 push edx 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 520A6F second address: 520A73 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 520A73 second address: 520A9B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F4EF0C79892h 0x00000008 jmp 00007F4EF0C7988Fh 0x0000000d popad 0x0000000e push eax 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 51EE41 second address: 51EE45 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 51EE45 second address: 51EE4B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 51EE4B second address: 51EE60 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F4EF0C09E20h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 51F2BC second address: 51F2C6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007F4EF0C79886h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 51F2C6 second address: 51F2E0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F4EF0C09E22h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 51F2E0 second address: 51F2E5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 51FA95 second address: 51FA9C instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push edi 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 5201CB second address: 5201E1 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F4EF0C79888h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jg 00007F4EF0C798D5h 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 5201E1 second address: 5201FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4EF0C09E28h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 5201FD second address: 520201 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 520201 second address: 52020D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 52020D second address: 520213 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 522E87 second address: 522E8D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 52862B second address: 528639 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F4EF0C79886h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 528639 second address: 52863D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 52863D second address: 528643 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 46A36C second address: 46A38E instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 push esi 0x00000008 pushad 0x00000009 jmp 00007F4EF0C09E27h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 45E64C second address: 45E651 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 45E651 second address: 45E657 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 45E657 second address: 45E67A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a ja 00007F4EF0C79886h 0x00000010 jnc 00007F4EF0C79886h 0x00000016 jnp 00007F4EF0C79886h 0x0000001c jp 00007F4EF0C79886h 0x00000022 popad 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 53939E second address: 5393AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F4EF0C09E16h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d push edi 0x0000000e pop edi 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 53FF37 second address: 53FF4C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push esi 0x00000006 jmp 00007F4EF0C7988Dh 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 53FF4C second address: 53FF59 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 jp 00007F4EF0C09E16h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 53FF59 second address: 53FF5D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 548850 second address: 548856 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 548856 second address: 548861 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 548861 second address: 548865 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 548865 second address: 548869 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 548869 second address: 548879 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F4EF0C09E16h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 5486E6 second address: 5486FF instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F4EF0C79892h 0x00000008 pushad 0x00000009 push esi 0x0000000a pop esi 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 5486FF second address: 548705 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 548705 second address: 548718 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jng 00007F4EF0C7989Ch 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 popad 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 548718 second address: 548724 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 54FF4F second address: 54FF76 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F4EF0C79896h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b popad 0x0000000c ja 00007F4EF0C798A3h 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 54FF76 second address: 54FF89 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4EF0C09E1Fh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 5573C7 second address: 5573E2 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jl 00007F4EF0C79888h 0x0000000c pushad 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007F4EF0C7988Bh 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 564DA0 second address: 564DA4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 564DA4 second address: 564DAA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 564DAA second address: 564DB6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 js 00007F4EF0C09E16h 0x0000000a push edi 0x0000000b pop edi 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 571A1D second address: 571A34 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4EF0C79892h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 571A34 second address: 571A55 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F4EF0C09E21h 0x00000009 jmp 00007F4EF0C09E1Ch 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 587315 second address: 587333 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F4EF0C79886h 0x00000008 jmp 00007F4EF0C79891h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 587333 second address: 587339 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 5863D4 second address: 5863D9 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 5863D9 second address: 5863E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 5863E4 second address: 586427 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F4EF0C79886h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d je 00007F4EF0C79888h 0x00000013 push edi 0x00000014 pop edi 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007F4EF0C79898h 0x0000001c jmp 00007F4EF0C79894h 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 586583 second address: 586589 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 586589 second address: 58658D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 58658D second address: 586591 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 586721 second address: 586735 instructions: 0x00000000 rdtsc 0x00000002 je 00007F4EF0C79886h 0x00000008 jno 00007F4EF0C79886h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 popad 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 586F14 second address: 586F52 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F4EF0C09E16h 0x0000000a ja 00007F4EF0C09E16h 0x00000010 popad 0x00000011 push eax 0x00000012 pushad 0x00000013 popad 0x00000014 pop eax 0x00000015 pushad 0x00000016 jmp 00007F4EF0C09E29h 0x0000001b push edi 0x0000001c ja 00007F4EF0C09E16h 0x00000022 pop edi 0x00000023 pushad 0x00000024 pushad 0x00000025 popad 0x00000026 pushad 0x00000027 popad 0x00000028 push eax 0x00000029 push edx 0x0000002a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 58B616 second address: 58B61B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 58B66C second address: 58B670 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 58B670 second address: 58B699 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 mov dword ptr [esp], eax 0x0000000a mov dword ptr [ebp+124674AFh], edi 0x00000010 mov dx, si 0x00000013 push 00000004h 0x00000015 clc 0x00000016 sub dx, 4D17h 0x0000001b call 00007F4EF0C79889h 0x00000020 pushad 0x00000021 push eax 0x00000022 push edx 0x00000023 push eax 0x00000024 pop eax 0x00000025 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 58B699 second address: 58B6FA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E25h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F4EF0C09E29h 0x0000000e popad 0x0000000f push eax 0x00000010 jmp 00007F4EF0C09E24h 0x00000015 mov eax, dword ptr [esp+04h] 0x00000019 pushad 0x0000001a push eax 0x0000001b push edx 0x0000001c jmp 00007F4EF0C09E22h 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 58B6FA second address: 58B72B instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F4EF0C7988Fh 0x0000000b popad 0x0000000c mov eax, dword ptr [eax] 0x0000000e jmp 00007F4EF0C7988Dh 0x00000013 mov dword ptr [esp+04h], eax 0x00000017 push eax 0x00000018 push edx 0x00000019 pushad 0x0000001a push ebx 0x0000001b pop ebx 0x0000001c push edx 0x0000001d pop edx 0x0000001e popad 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 58B960 second address: 58B9C8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jng 00007F4EF0C09E16h 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d push 00000000h 0x0000000f push edx 0x00000010 call 00007F4EF0C09E18h 0x00000015 pop edx 0x00000016 mov dword ptr [esp+04h], edx 0x0000001a add dword ptr [esp+04h], 00000017h 0x00000022 inc edx 0x00000023 push edx 0x00000024 ret 0x00000025 pop edx 0x00000026 ret 0x00000027 push dword ptr [ebp+12455F54h] 0x0000002d push 00000000h 0x0000002f push esi 0x00000030 call 00007F4EF0C09E18h 0x00000035 pop esi 0x00000036 mov dword ptr [esp+04h], esi 0x0000003a add dword ptr [esp+04h], 00000017h 0x00000042 inc esi 0x00000043 push esi 0x00000044 ret 0x00000045 pop esi 0x00000046 ret 0x00000047 ja 00007F4EF0C09E1Ch 0x0000004d push C08624F7h 0x00000052 push eax 0x00000053 push edx 0x00000054 push eax 0x00000055 push edx 0x00000056 push esi 0x00000057 pop esi 0x00000058 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 58B9C8 second address: 58B9D9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C7988Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 58B9D9 second address: 58B9DF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 58B9DF second address: 58B9E3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 58D1DB second address: 58D1DF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4AD426 second address: 4AD43A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F4EF0C7988Fh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F50354 second address: 4F5035A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F5035A second address: 4F50372 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C7988Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d mov si, C5D3h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F50372 second address: 4F50377 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F50377 second address: 4F503CF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C7988Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007F4EF0C79896h 0x0000000f mov ebp, esp 0x00000011 jmp 00007F4EF0C79890h 0x00000016 mov edx, dword ptr [ebp+0Ch] 0x00000019 push eax 0x0000001a push edx 0x0000001b jmp 00007F4EF0C79897h 0x00000020 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F503CF second address: 4F503FE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E29h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ecx, dword ptr [ebp+08h] 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F4EF0C09E1Dh 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F7064E second address: 4F70654 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F70654 second address: 4F70663 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F70663 second address: 4F70680 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C79899h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F70680 second address: 4F706A1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E21h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], ecx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f mov dh, A0h 0x00000011 mov dx, si 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F706A1 second address: 4F706B1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F4EF0C7988Ch 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F706B1 second address: 4F706BD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ecx 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F706BD second address: 4F70762 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushfd 0x00000007 jmp 00007F4EF0C79895h 0x0000000c sub eax, 0B0AC756h 0x00000012 jmp 00007F4EF0C79891h 0x00000017 popfd 0x00000018 popad 0x00000019 mov dword ptr [esp], esi 0x0000001c pushad 0x0000001d mov al, B2h 0x0000001f mov cx, di 0x00000022 popad 0x00000023 lea eax, dword ptr [ebp-04h] 0x00000026 jmp 00007F4EF0C7988Bh 0x0000002b nop 0x0000002c jmp 00007F4EF0C79896h 0x00000031 push eax 0x00000032 jmp 00007F4EF0C7988Bh 0x00000037 nop 0x00000038 pushad 0x00000039 pushfd 0x0000003a jmp 00007F4EF0C79894h 0x0000003f sbb cx, 6E38h 0x00000044 jmp 00007F4EF0C7988Bh 0x00000049 popfd 0x0000004a mov di, ax 0x0000004d popad 0x0000004e push dword ptr [ebp+08h] 0x00000051 push eax 0x00000052 push edx 0x00000053 push eax 0x00000054 push edx 0x00000055 push eax 0x00000056 push edx 0x00000057 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F70762 second address: 4F70766 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F70766 second address: 4F7077D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C79893h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F707A5 second address: 4F707C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 call 00007F4EF0C09E29h 0x00000009 pop esi 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F707C4 second address: 4F707D6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007F4EF0C7988Ch 0x00000008 pop esi 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F707D6 second address: 4F70818 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 cmp dword ptr [ebp-04h], 00000000h 0x0000000b pushad 0x0000000c mov ebx, 13EEB4A0h 0x00000011 mov edi, 109A7ACCh 0x00000016 popad 0x00000017 mov esi, eax 0x00000019 pushad 0x0000001a movsx ebx, si 0x0000001d movzx esi, dx 0x00000020 popad 0x00000021 je 00007F4EF0C09E92h 0x00000027 push eax 0x00000028 push edx 0x00000029 push eax 0x0000002a push edx 0x0000002b jmp 00007F4EF0C09E27h 0x00000030 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F70818 second address: 4F7081C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F7081C second address: 4F70822 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F70822 second address: 4F70828 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F70828 second address: 4F7082C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F70851 second address: 4F70855 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F70855 second address: 4F7085B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F7085B second address: 4F708CC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007F4EF0C7988Ch 0x00000008 pop eax 0x00000009 jmp 00007F4EF0C7988Bh 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 mov eax, esi 0x00000013 pushad 0x00000014 jmp 00007F4EF0C7988Bh 0x00000019 popad 0x0000001a pop esi 0x0000001b pushad 0x0000001c pushad 0x0000001d mov esi, 006F4511h 0x00000022 jmp 00007F4EF0C7988Eh 0x00000027 popad 0x00000028 jmp 00007F4EF0C79892h 0x0000002d popad 0x0000002e leave 0x0000002f push eax 0x00000030 push edx 0x00000031 jmp 00007F4EF0C79897h 0x00000036 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F708CC second address: 4F60020 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E29h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 retn 0004h 0x0000000c nop 0x0000000d cmp eax, 00000000h 0x00000010 setne al 0x00000013 jmp 00007F4EF0C09E12h 0x00000015 xor ebx, ebx 0x00000017 test al, 01h 0x00000019 jne 00007F4EF0C09E17h 0x0000001b sub esp, 04h 0x0000001e mov dword ptr [esp], 0000000Dh 0x00000025 call 00007F4EF589740Bh 0x0000002a mov edi, edi 0x0000002c pushad 0x0000002d jmp 00007F4EF0C09E1Ch 0x00000032 mov ax, 9DE1h 0x00000036 popad 0x00000037 xchg eax, ebp 0x00000038 pushad 0x00000039 mov di, cx 0x0000003c push eax 0x0000003d push edx 0x0000003e mov ecx, 1C849BDBh 0x00000043 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F60020 second address: 4F60053 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007F4EF0C79890h 0x00000008 and cx, 3DA8h 0x0000000d jmp 00007F4EF0C7988Bh 0x00000012 popfd 0x00000013 pop edx 0x00000014 pop eax 0x00000015 popad 0x00000016 push eax 0x00000017 push eax 0x00000018 push edx 0x00000019 pushad 0x0000001a mov cx, 3C31h 0x0000001e movzx eax, di 0x00000021 popad 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F60053 second address: 4F600B8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F4EF0C09E26h 0x00000009 sbb esi, 15722B38h 0x0000000f jmp 00007F4EF0C09E1Bh 0x00000014 popfd 0x00000015 mov bx, cx 0x00000018 popad 0x00000019 pop edx 0x0000001a pop eax 0x0000001b xchg eax, ebp 0x0000001c pushad 0x0000001d pushad 0x0000001e mov edx, esi 0x00000020 call 00007F4EF0C09E1Ah 0x00000025 pop ecx 0x00000026 popad 0x00000027 mov esi, edi 0x00000029 popad 0x0000002a mov ebp, esp 0x0000002c push eax 0x0000002d push edx 0x0000002e pushad 0x0000002f jmp 00007F4EF0C09E26h 0x00000034 mov dx, si 0x00000037 popad 0x00000038 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F600B8 second address: 4F600C6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F4EF0C7988Ah 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F600C6 second address: 4F600CA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F600CA second address: 4F600DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 sub esp, 2Ch 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F600DB second address: 4F600F3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E24h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F600F3 second address: 4F601A9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ch, bh 0x00000005 pushfd 0x00000006 jmp 00007F4EF0C7988Ah 0x0000000b jmp 00007F4EF0C79895h 0x00000010 popfd 0x00000011 popad 0x00000012 pop edx 0x00000013 pop eax 0x00000014 xchg eax, ebx 0x00000015 pushad 0x00000016 mov ax, C683h 0x0000001a mov ax, 47DFh 0x0000001e popad 0x0000001f push eax 0x00000020 jmp 00007F4EF0C79895h 0x00000025 xchg eax, ebx 0x00000026 pushad 0x00000027 push esi 0x00000028 pop edi 0x00000029 mov ecx, 6E711ADBh 0x0000002e popad 0x0000002f xchg eax, edi 0x00000030 pushad 0x00000031 pushfd 0x00000032 jmp 00007F4EF0C7988Ch 0x00000037 sbb ax, 10A8h 0x0000003c jmp 00007F4EF0C7988Bh 0x00000041 popfd 0x00000042 pushfd 0x00000043 jmp 00007F4EF0C79898h 0x00000048 or cx, 0308h 0x0000004d jmp 00007F4EF0C7988Bh 0x00000052 popfd 0x00000053 popad 0x00000054 push eax 0x00000055 push eax 0x00000056 push edx 0x00000057 jmp 00007F4EF0C79894h 0x0000005c rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F601DA second address: 4F601DE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F601DE second address: 4F601E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F601E4 second address: 4F601EA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F601EA second address: 4F601EE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F601EE second address: 4F60223 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 sub ebx, ebx 0x0000000a jmp 00007F4EF0C09E23h 0x0000000f sub edi, edi 0x00000011 jmp 00007F4EF0C09E1Fh 0x00000016 inc ebx 0x00000017 push eax 0x00000018 push edx 0x00000019 pushad 0x0000001a pushad 0x0000001b popad 0x0000001c popad 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F60223 second address: 4F60229 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F60229 second address: 4F60264 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 test al, al 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d mov edi, ecx 0x0000000f pushfd 0x00000010 jmp 00007F4EF0C09E28h 0x00000015 adc esi, 2E230218h 0x0000001b jmp 00007F4EF0C09E1Bh 0x00000020 popfd 0x00000021 popad 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F60350 second address: 4F60356 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F60356 second address: 4F6035A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F6035A second address: 4F6038B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C7988Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b test eax, eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F4EF0C79898h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F6038B second address: 4F6038F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F6038F second address: 4F60395 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F60395 second address: 4F603DC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E1Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jg 00007F4F61707EFBh 0x0000000f jmp 00007F4EF0C09E20h 0x00000014 js 00007F4EF0C09E77h 0x0000001a push eax 0x0000001b push edx 0x0000001c jmp 00007F4EF0C09E27h 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F603DC second address: 4F603E2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F603E2 second address: 4F603E6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F603E6 second address: 4F6042D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 cmp dword ptr [ebp-14h], edi 0x0000000b jmp 00007F4EF0C79897h 0x00000010 jne 00007F4F61777919h 0x00000016 jmp 00007F4EF0C79896h 0x0000001b mov ebx, dword ptr [ebp+08h] 0x0000001e push eax 0x0000001f push edx 0x00000020 push eax 0x00000021 push edx 0x00000022 push eax 0x00000023 push edx 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F6042D second address: 4F60431 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F60431 second address: 4F60437 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F60437 second address: 4F60484 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movzx eax, bx 0x00000006 mov cl, dl 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b lea eax, dword ptr [ebp-2Ch] 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 pushfd 0x00000012 jmp 00007F4EF0C09E1Bh 0x00000017 sub cx, 575Eh 0x0000001c jmp 00007F4EF0C09E29h 0x00000021 popfd 0x00000022 jmp 00007F4EF0C09E20h 0x00000027 popad 0x00000028 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F60484 second address: 4F604D8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov bh, 5Dh 0x00000005 mov edi, ecx 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a xchg eax, esi 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007F4EF0C79892h 0x00000012 jmp 00007F4EF0C79895h 0x00000017 popfd 0x00000018 mov di, si 0x0000001b popad 0x0000001c push eax 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007F4EF0C79898h 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F604D8 second address: 4F60552 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ecx, edx 0x00000005 mov dl, 37h 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a xchg eax, esi 0x0000000b pushad 0x0000000c mov ah, 1Dh 0x0000000e pushfd 0x0000000f jmp 00007F4EF0C09E27h 0x00000014 and eax, 0065D23Eh 0x0000001a jmp 00007F4EF0C09E29h 0x0000001f popfd 0x00000020 popad 0x00000021 nop 0x00000022 jmp 00007F4EF0C09E1Eh 0x00000027 push eax 0x00000028 jmp 00007F4EF0C09E1Bh 0x0000002d nop 0x0000002e push eax 0x0000002f push edx 0x00000030 jmp 00007F4EF0C09E25h 0x00000035 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F60552 second address: 4F60562 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F4EF0C7988Ch 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F60562 second address: 4F60571 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ecx 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c pushad 0x0000000d popad 0x0000000e popad 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F60571 second address: 4F605A1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C79890h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F4EF0C79897h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F605EC second address: 4F605F0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F605F0 second address: 4F50EAC instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007F4EF0C7988Ah 0x00000008 adc ecx, 352F1A48h 0x0000000e jmp 00007F4EF0C7988Bh 0x00000013 popfd 0x00000014 pop edx 0x00000015 pop eax 0x00000016 mov cx, 5DBFh 0x0000001a popad 0x0000001b je 00007F4F617778C5h 0x00000021 xor eax, eax 0x00000023 jmp 00007F4EF0C52FBAh 0x00000028 pop esi 0x00000029 pop edi 0x0000002a pop ebx 0x0000002b leave 0x0000002c retn 0004h 0x0000002f nop 0x00000030 xor ebx, ebx 0x00000032 cmp eax, 00000000h 0x00000035 je 00007F4EF0C799E3h 0x0000003b call 00007F4EF58F7BABh 0x00000040 mov edi, edi 0x00000042 pushad 0x00000043 mov cx, di 0x00000046 popad 0x00000047 xchg eax, ebp 0x00000048 push eax 0x00000049 push edx 0x0000004a pushad 0x0000004b mov ebx, ecx 0x0000004d popad 0x0000004e rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F50EAC second address: 4F50EB2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F50EB2 second address: 4F50EB6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F50EB6 second address: 4F50EF9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jmp 00007F4EF0C09E1Ah 0x0000000e xchg eax, ebp 0x0000000f jmp 00007F4EF0C09E20h 0x00000014 mov ebp, esp 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 mov bl, 23h 0x0000001b call 00007F4EF0C09E26h 0x00000020 pop eax 0x00000021 popad 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F50EF9 second address: 4F50F14 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F4EF0C79897h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F50F14 second address: 4F50F3D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E29h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ecx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f mov cx, dx 0x00000012 mov dl, B8h 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F50F3D second address: 4F50F99 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov edi, 0388B302h 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c pushad 0x0000000d jmp 00007F4EF0C79892h 0x00000012 pushfd 0x00000013 jmp 00007F4EF0C79892h 0x00000018 xor ax, 51C8h 0x0000001d jmp 00007F4EF0C7988Bh 0x00000022 popfd 0x00000023 popad 0x00000024 xchg eax, ecx 0x00000025 pushad 0x00000026 mov esi, 0270DC5Bh 0x0000002b push ecx 0x0000002c pushad 0x0000002d popad 0x0000002e pop edx 0x0000002f popad 0x00000030 mov dword ptr [ebp-04h], 55534552h 0x00000037 pushad 0x00000038 push eax 0x00000039 push edx 0x0000003a mov edx, esi 0x0000003c rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F60B1F second address: 4F60B6E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E29h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 cmp dword ptr [75AB459Ch], 05h 0x00000010 jmp 00007F4EF0C09E1Eh 0x00000015 je 00007F4F616F7CC4h 0x0000001b jmp 00007F4EF0C09E20h 0x00000020 pop ebp 0x00000021 push eax 0x00000022 push edx 0x00000023 push eax 0x00000024 push edx 0x00000025 pushad 0x00000026 popad 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F60B6E second address: 4F60B72 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F60B72 second address: 4F60B78 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F7091F second address: 4F70923 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F70923 second address: 4F70927 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F70927 second address: 4F7092D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F7092D second address: 4F70933 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F70933 second address: 4F70937 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F70937 second address: 4F70996 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, esi 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007F4EF0C09E1Fh 0x00000012 or esi, 6534C12Eh 0x00000018 jmp 00007F4EF0C09E29h 0x0000001d popfd 0x0000001e pushfd 0x0000001f jmp 00007F4EF0C09E20h 0x00000024 sbb ax, E6A8h 0x00000029 jmp 00007F4EF0C09E1Bh 0x0000002e popfd 0x0000002f popad 0x00000030 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F70996 second address: 4F709AE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F4EF0C79894h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F709AE second address: 4F709B2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F709B2 second address: 4F70A84 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a pushfd 0x0000000b jmp 00007F4EF0C7988Ch 0x00000010 adc esi, 57549438h 0x00000016 jmp 00007F4EF0C7988Bh 0x0000001b popfd 0x0000001c mov esi, 4511FA6Fh 0x00000021 popad 0x00000022 xchg eax, esi 0x00000023 jmp 00007F4EF0C79892h 0x00000028 mov esi, dword ptr [ebp+0Ch] 0x0000002b pushad 0x0000002c pushfd 0x0000002d jmp 00007F4EF0C7988Eh 0x00000032 or si, CDC8h 0x00000037 jmp 00007F4EF0C7988Bh 0x0000003c popfd 0x0000003d pushfd 0x0000003e jmp 00007F4EF0C79898h 0x00000043 and al, 00000028h 0x00000046 jmp 00007F4EF0C7988Bh 0x0000004b popfd 0x0000004c popad 0x0000004d test esi, esi 0x0000004f push eax 0x00000050 push edx 0x00000051 pushad 0x00000052 call 00007F4EF0C7988Bh 0x00000057 pop esi 0x00000058 pushfd 0x00000059 jmp 00007F4EF0C79899h 0x0000005e sub ax, 76F6h 0x00000063 jmp 00007F4EF0C79891h 0x00000068 popfd 0x00000069 popad 0x0000006a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F70A84 second address: 4F70AEB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E21h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 je 00007F4F616E7734h 0x0000000f pushad 0x00000010 mov dl, cl 0x00000012 call 00007F4EF0C09E29h 0x00000017 pop edi 0x00000018 popad 0x00000019 cmp dword ptr [75AB459Ch], 05h 0x00000020 jmp 00007F4EF0C09E1Ah 0x00000025 je 00007F4F616FF7DFh 0x0000002b jmp 00007F4EF0C09E20h 0x00000030 xchg eax, esi 0x00000031 push eax 0x00000032 push edx 0x00000033 pushad 0x00000034 push ebx 0x00000035 pop eax 0x00000036 popad 0x00000037 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F70AEB second address: 4F70B1C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C79895h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b pushad 0x0000000c pushad 0x0000000d popad 0x0000000e popad 0x0000000f mov cl, FBh 0x00000011 popad 0x00000012 xchg eax, esi 0x00000013 push eax 0x00000014 push edx 0x00000015 jmp 00007F4EF0C7988Ch 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | RDTSC instruction interceptor: First address: 4F70C0E second address: 4F70C61 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4EF0C09E29h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d push ebx 0x0000000e pop ecx 0x0000000f pushfd 0x00000010 jmp 00007F4EF0C09E1Fh 0x00000015 and cx, 87FEh 0x0000001a jmp 00007F4EF0C09E29h 0x0000001f popfd 0x00000020 popad 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeachknmefphepccionboohckonoeemg | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dngmlblcodfobpdpecaadgfbcggfjfnm | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgmpcpglpngdoalbgeoldeajfclnhafa | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flpiciilemghbmfalicajoolhkkenfe | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejjladinnckdgjemekebdpeokbikhfci | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fijngjgcjhjmmpcmkeiomlglpeiijkld | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\abogmiocnneedmmepnohnhlijcjpcifd | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkcjlnjfpbikmcmbachjpdbijejflpcm | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oeljdldpnmdbchonielidgobddfffla | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilgcnhelpchnceeipipijaljkblbcob | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data For Account | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\formhistory.sqlite | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ijmpgkjfkbfhoebgogflfebnmejmfbm | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\prefs.js | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnmamaachppnkjgnildpdmkaakejnhae | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhmfendgdocmcbmfikdcogofphimnkno | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdph | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\anokgmphncpekkhclmingpimjmcooifb | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\efbglgofoippbgcjepnhiblaibcnclgk | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For Account | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejbalbakoplchlghecdalmeeeajnimhm | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpojfbodiccabbabgimdeohkkpjfpbnf | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kjmoohlgokccodicjjfebfomlbljgfhk | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hdokiejnpimakedhajhdlcegeplioahd | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acmacodkjbdgmoleebolmdjonilkdbch | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mmmjbcfofconkannjonfmjjajpllddbg | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aiifbnbfobpmeekipheeijimdpnlpgpp | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aholpfdialjgjfhomihkjbmgjidlcdno | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\klnaejjgbibmhlephnhpmaofohgkpgkd | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cihmoadaighcejopammfbmddcmdekcje | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mopnmbcafieddcagagdcbnhejhlodfdd | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jojhfeoedkpkglbfimdfabpdfjaoolaf | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeblfdkhhhdcdjpifhhbdiojplfjncoa | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhhhlbepdkbapadjdnnojkbgioiodbic | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmkamcknogkgcdfhhbddcghachkejeap | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlcobpjiigpikoobohmabehhmhfoodbb | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\infeboajgfhgbjpjbeppbkgnabfdkdaf | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dkdedlpgdmmkkfjabffeganieamfklkm | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ookjlbkiijinhpmnjffcofjonbfbgaoc | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nngceckbapebfimnlniiiahkandclblb | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pioclpoplcdbaefihamjohnefbikjilc | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kkpllkodjeloidieedojogacfhpaihoh | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ppbibelpcjmhbdihakflkdcoccbgbkpo | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\cert9.db | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ojggmchlghnjlapmfbnjholfjkiidbch | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kppfdiipphfccemcignhifpjkapfbihd | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jiidiaalihmmhddjgbnbgdfflelocpak | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hcflpincpppdclinealmandijcmnkbgn | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\cookies.sqlite | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfnaelmomeimhlpmgjnjophhpkkoljpa | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ocjdpmoallmgmjbbogfiiaofphbjgchh | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkpegjkblkkefacfnmkajcjmabijhclg | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onofpnbbkehpmmoabgpcpmigafmmnjh | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlgbhdfgdhgbiamfdfmbikcdghidoadd | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afbcbjpbpfadlkmhmclhkeeodmamcflc | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\logins.json | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nknhiehlklippafakaeklbeglecifhad | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\places.sqlite | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ilgcnhelpchnceeipipijaljkblbcob | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opcgpfmipidbgpenhmajoajpbobppdil | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mcohilncbfahbmgdjkbpemcciiolgcge | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgaaimajipbpdogpdglhaphldakikgef | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnlgamecbpmbajjfhmmmlhejkemejdma | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\oeljdldpnmdbchonielidgobddfffla | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imloifkgjagghnncjkhggdhalmcnfklk | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\phkbamefinggmakgklpkljjmgibohnba | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\key4.db | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bcopgchhojmggmffilplmbdicgaihlkp | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hifafgmccdpekplomjjkcfgodnhcellj | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnncmdhjacpkmjmkcafchppbnpnhdmon | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lpfcbjknijpeeillifnkikgncikgfhdo | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aflkmfhebedbjioipglgcbcmnbpgliof | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lodccjjbdhfakaekdiahmedfbieldgik | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\heefohaffomkkkphnlpohglngmbcclhi | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbai | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnfifefkajgofkcjkemidiaecocnkjeh | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcfcfllfndlomdhbehjjcoimbgofdncg | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onhogfjeacnfoofkfgppdlbmlmnplgbn | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\loinekcabhlmhjjbocijdoimmejangoa | Jump to behavior |
Source: C:\Users\user\Desktop\FBmz85HS0d.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idnnbdplmphpflfnlkomgpfbpcgelopg | Jump to behavior |