Source: iaLId0uLUw.exe, 00000000.00000002.2754874613.000000000106D000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2362480430.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375947604.0000000001063000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2376314700.000000000106C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://185.215.113.16/off/def.exe |
Source: iaLId0uLUw.exe, 00000000.00000003.2376281600.000000000105B000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2376134998.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375880438.0000000005711000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E |
Source: iaLId0uLUw.exe, 00000000.00000003.2180847977.000000000573A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0 |
Source: iaLId0uLUw.exe, 00000000.00000003.2180847977.000000000573A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B |
Source: iaLId0uLUw.exe, 00000000.00000003.2375880438.0000000005711000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0 |
Source: iaLId0uLUw.exe, 00000000.00000003.2376281600.000000000105B000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2376134998.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375880438.0000000005711000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C |
Source: iaLId0uLUw.exe, 00000000.00000003.2375880438.0000000005711000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl.globalsign.com/codesigningrootr45.crl0U |
Source: iaLId0uLUw.exe, 00000000.00000003.2376281600.000000000105B000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2376134998.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375880438.0000000005711000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl.globalsign.com/root-r3.crl0G |
Source: iaLId0uLUw.exe, 00000000.00000003.2284172195.000000000104D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl.micro |
Source: iaLId0uLUw.exe, 00000000.00000003.2180847977.000000000573A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0 |
Source: iaLId0uLUw.exe, 00000000.00000003.2375880438.0000000005711000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com |
Source: iaLId0uLUw.exe, 00000000.00000003.2376281600.000000000105B000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2376134998.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375880438.0000000005711000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0 |
Source: iaLId0uLUw.exe, 00000000.00000003.2180847977.000000000573A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07 |
Source: iaLId0uLUw.exe, 00000000.00000003.2180847977.000000000573A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0= |
Source: iaLId0uLUw.exe, 00000000.00000003.2376281600.000000000105B000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2376134998.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375880438.0000000005711000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0 |
Source: iaLId0uLUw.exe, 00000000.00000003.2180847977.000000000573A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00 |
Source: iaLId0uLUw.exe, 00000000.00000003.2180847977.000000000573A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0? |
Source: iaLId0uLUw.exe, 00000000.00000003.2362319023.000000000572D000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000002.2757590651.0000000005D79000.00000002.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2362356236.00000000056C9000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://nsis.sf.net/NSIS_ErrorError |
Source: iaLId0uLUw.exe, 00000000.00000003.2180847977.000000000573A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0 |
Source: iaLId0uLUw.exe, 00000000.00000003.2376281600.000000000105B000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2376134998.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375880438.0000000005711000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0A |
Source: iaLId0uLUw.exe, 00000000.00000003.2376281600.000000000105B000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2376134998.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375880438.0000000005711000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0C |
Source: iaLId0uLUw.exe, 00000000.00000003.2375880438.0000000005711000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0X |
Source: iaLId0uLUw.exe, 00000000.00000003.2375880438.0000000005711000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.globalsign.com/codesigningrootr450F |
Source: iaLId0uLUw.exe, 00000000.00000003.2376281600.000000000105B000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2376134998.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375880438.0000000005711000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.globalsign.com/rootr30; |
Source: iaLId0uLUw.exe, 00000000.00000003.2180847977.000000000573A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.rootca1.amazontrust.com0: |
Source: iaLId0uLUw.exe, 00000000.00000003.2375880438.0000000005711000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://secure.globalsign.com/cacert/codesigningrootr45.crt0A |
Source: iaLId0uLUw.exe, 00000000.00000003.2376281600.000000000105B000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2376134998.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375880438.0000000005711000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://secure.globalsign.com/cacert/root-r3.crt06 |
Source: Amcache.hve.5.dr | String found in binary or memory: http://upx.sf.net |
Source: iaLId0uLUw.exe, 00000000.00000003.2180847977.000000000573A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://x1.c.lencr.org/0 |
Source: iaLId0uLUw.exe, 00000000.00000003.2180847977.000000000573A000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://x1.i.lencr.org/0 |
Source: iaLId0uLUw.exe, 00000000.00000003.2126276115.00000000056BB000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2126010108.00000000056BE000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2126107439.00000000056BB000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://ac.ecosia.org/autocomplete?q= |
Source: iaLId0uLUw.exe, 00000000.00000002.2754772662.0000000001066000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://aui-cdn.atlassian.com/ |
Source: iaLId0uLUw.exe, 00000000.00000002.2754772662.0000000001066000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bbc-frontbucket-canary.prod-east.frontend.public.atl-paas.net |
Source: iaLId0uLUw.exe, 00000000.00000002.2754772662.0000000001066000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bbc-frontbucket-exp.prod-east.frontend.public.atl-paas.net |
Source: iaLId0uLUw.exe, 00000000.00000002.2754772662.0000000001066000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bbc-frontbucket-static.prod-east.frontend.public.atl-paas.net |
Source: iaLId0uLUw.exe, 00000000.00000002.2754772662.0000000001066000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bbc-frontbucket-static.stg-east.frontend.public.atl-paas.net |
Source: iaLId0uLUw.exe, 00000000.00000003.2376134998.000000000104D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bbc-object-storage--frontbucket.us-east- |
Source: iaLId0uLUw.exe, 00000000.00000002.2754772662.0000000001066000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/ |
Source: iaLId0uLUw.exe, 00000000.00000002.2754772662.0000000001066000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/; |
Source: iaLId0uLUw.exe, 00000000.00000002.2754772662.0000000001066000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bbc-object-storage--frontbucket.us-east-1.staging.public.atl-paas.net/ |
Source: iaLId0uLUw.exe, 00000000.00000002.2754874613.000000000106D000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2362480430.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375947604.0000000001063000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2376314700.000000000106C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bbuseruploads.s3.amazonaws.com/ |
Source: iaLId0uLUw.exe, 00000000.00000003.2376314700.000000000106C000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2362356236.00000000056C9000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000002.2754549626.0000000000FF8000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bbuseruploads.s3.amazonaws.com/70e84e0b-e14f-45c5-ab65-07760e9609fc/downloads/eaef3307-3cc1- |
Source: iaLId0uLUw.exe, 00000000.00000003.2362480430.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375947604.0000000001063000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2376314700.000000000106C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bbuseruploads.s3.amazonaws.com/7dd; |
Source: iaLId0uLUw.exe, 00000000.00000003.2362480430.0000000001056000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bbuseruploads.s3.amazonaws.com:443/70e84e0b-e14f-45c5-ab65-07760e9609fc/downloads/eaef3307-3 |
Source: iaLId0uLUw.exe, 00000000.00000002.2754874613.000000000106D000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2362480430.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375947604.0000000001063000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2376314700.000000000106C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bitbucket.org/ |
Source: iaLId0uLUw.exe, 00000000.00000002.2754549626.0000000000FE2000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2362480430.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375947604.0000000001063000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000002.2754772662.0000000001066000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000002.2754549626.0000000000FF8000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bitbucket.org/mynewworkspace123312/scnd/downloads/FormattingCharitable.exe |
Source: iaLId0uLUw.exe, 00000000.00000002.2754362482.0000000000CFA000.00000004.00000010.00020000.00000000.sdmp | String found in binary or memory: https://bitbucket.org/mynewworkspace123312/scnd/downloads/FormattingCharitable.exe.0 |
Source: iaLId0uLUw.exe, 00000000.00000003.2362480430.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375947604.0000000001063000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000002.2754772662.0000000001066000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://bitbucket.org/mynewworkspace123312/scnd/downloads/FormattingCharitable.exeU |
Source: iaLId0uLUw.exe, 00000000.00000002.2754772662.0000000001066000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cdn.cookielaw.org/ |
Source: iaLId0uLUw.exe, 00000000.00000003.2126276115.00000000056BB000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2126010108.00000000056BE000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2126107439.00000000056BB000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q= |
Source: iaLId0uLUw.exe, 00000000.00000003.2126276115.00000000056BB000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2126010108.00000000056BE000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2126107439.00000000056BB000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search |
Source: iaLId0uLUw.exe, 00000000.00000003.2126276115.00000000056BB000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2126010108.00000000056BE000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2126107439.00000000056BB000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command= |
Source: iaLId0uLUw.exe, 00000000.00000003.2126276115.00000000056BB000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2126010108.00000000056BE000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2126107439.00000000056BB000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://duckduckgo.com/ac/?q= |
Source: iaLId0uLUw.exe, 00000000.00000003.2126276115.00000000056BB000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2126010108.00000000056BE000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2126107439.00000000056BB000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://duckduckgo.com/chrome_newtab |
Source: iaLId0uLUw.exe, 00000000.00000003.2126276115.00000000056BB000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2126010108.00000000056BE000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2126107439.00000000056BB000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q= |
Source: iaLId0uLUw.exe, 00000000.00000002.2754772662.0000000001066000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://dz8aopenkvv6s.cloudfront.net |
Source: iaLId0uLUw.exe, 00000000.00000003.2230960487.0000000001067000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2180185979.00000000056FD000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2230044054.000000000106B000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2180509854.000000000570F000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000002.2756974870.0000000005680000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2284368365.0000000005681000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://observerfry.lat/ |
Source: iaLId0uLUw.exe, 00000000.00000002.2757052590.0000000005703000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2234921159.0000000005703000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2204242216.00000000056FE000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2249097151.0000000005703000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2180350301.0000000001078000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2362356236.00000000056C9000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000002.2754549626.0000000000FF8000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://observerfry.lat/api |
Source: iaLId0uLUw.exe, 00000000.00000002.2754874613.000000000106D000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2362480430.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2284290826.0000000001065000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375947604.0000000001063000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2376314700.000000000106C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://observerfry.lat/dowxo |
Source: iaLId0uLUw.exe, 00000000.00000002.2754874613.000000000106D000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2362480430.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2284290826.0000000001065000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375947604.0000000001063000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2376314700.000000000106C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://observerfry.lat/fonpo |
Source: iaLId0uLUw.exe, 00000000.00000003.2230960487.0000000001067000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2230044054.000000000106B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://observerfry.lat/p |
Source: iaLId0uLUw.exe, 00000000.00000003.2230960487.0000000001067000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2230044054.000000000106B000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2284290826.0000000001065000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://observerfry.lat/pi |
Source: iaLId0uLUw.exe, 00000000.00000003.2284290826.0000000001065000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://observerfry.lat/pi8os;g |
Source: iaLId0uLUw.exe, 00000000.00000002.2754874613.000000000106D000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2362480430.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2284290826.0000000001065000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375947604.0000000001063000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2376314700.000000000106C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://observerfry.lat/sC |
Source: iaLId0uLUw.exe, 00000000.00000003.2376314700.000000000106C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://remote-app-switcher.prod-east.frontend.public.atl-paas.net |
Source: iaLId0uLUw.exe, 00000000.00000003.2376314700.000000000106C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://remote-app-switcher.stg-east.frontend.public.atl-paas.net |
Source: iaLId0uLUw.exe, 00000000.00000003.2182012824.00000000059A1000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br |
Source: iaLId0uLUw.exe, 00000000.00000003.2182012824.00000000059A1000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.mozilla.org/products/firefoxgro.all |
Source: iaLId0uLUw.exe, 00000000.00000003.2362356236.000000000571B000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000002.2757170097.000000000571B000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2362480430.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375880438.000000000571B000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2362480430.000000000104F000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375947604.0000000001063000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2376314700.000000000106C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://web-security-reports.services.atlassian.com/csp-report/bb-website |
Source: iaLId0uLUw.exe, 00000000.00000003.2376314700.000000000106C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://web-security-reports.services.atlassian.com/csp-report/bb-websiteX-Frame-OptionsSAMEORIGINX- |
Source: iaLId0uLUw.exe, 00000000.00000003.2126276115.00000000056BB000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2126010108.00000000056BE000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2126107439.00000000056BB000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.ecosia.org/newtab/ |
Source: iaLId0uLUw.exe, 00000000.00000003.2376281600.000000000105B000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2376134998.0000000001056000.00000004.00000020.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2375880438.0000000005711000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.globalsign.com/repository/0 |
Source: iaLId0uLUw.exe, 00000000.00000003.2126276115.00000000056BB000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2126010108.00000000056BE000.00000004.00000800.00020000.00000000.sdmp, iaLId0uLUw.exe, 00000000.00000003.2126107439.00000000056BB000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico |
Source: iaLId0uLUw.exe, 00000000.00000003.2182012824.00000000059A1000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.CDjelnmQJyZc |
Source: iaLId0uLUw.exe, 00000000.00000003.2182012824.00000000059A1000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.b3lOZaxJcpF6 |
Source: iaLId0uLUw.exe, 00000000.00000003.2182012824.00000000059A1000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox |
Source: iaLId0uLUw.exe, 00000000.00000003.2182012824.00000000059A1000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig |
Source: iaLId0uLUw.exe, 00000000.00000003.2182012824.00000000059A1000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/media/img/mozorg/mozilla-256.4720741d4108.jpg |
Source: iaLId0uLUw.exe, 00000000.00000003.2182012824.00000000059A1000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www. |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 3C942F second address: 3C9433 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 540B9A second address: 540BAE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FA948B16F76h 0x0000000a popad 0x0000000b pushad 0x0000000c jns 00007FA948B16F76h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 540BAE second address: 540BC4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FA948C4CB31h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 540BC4 second address: 540BCC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 540BCC second address: 540BD0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 540BD0 second address: 540BE5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F81h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 541036 second address: 54103C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 54103C second address: 541042 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 541042 second address: 541046 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 541046 second address: 54104A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 54104A second address: 541050 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 541050 second address: 541059 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 543ADA second address: 543AFB instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 pushad 0x00000009 pushad 0x0000000a jmp 00007FA948C4CB35h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 543AFB second address: 543B3C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push edx 0x00000006 jmp 00007FA948B16F81h 0x0000000b pop edx 0x0000000c popad 0x0000000d nop 0x0000000e mov esi, dword ptr [ebp+122D3ACAh] 0x00000014 push 00000000h 0x00000016 mov edx, dword ptr [ebp+122D2A9Eh] 0x0000001c push BFB0C46Fh 0x00000021 pushad 0x00000022 jmp 00007FA948B16F7Fh 0x00000027 push eax 0x00000028 push edx 0x00000029 pushad 0x0000002a popad 0x0000002b rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 543B3C second address: 543B94 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 add dword ptr [esp], 404F3C11h 0x0000000e call 00007FA948C4CB2Eh 0x00000013 stc 0x00000014 pop ecx 0x00000015 push 00000003h 0x00000017 sub dword ptr [ebp+122D2746h], eax 0x0000001d je 00007FA948C4CB2Ch 0x00000023 mov dword ptr [ebp+122D2B11h], ebx 0x00000029 push 00000000h 0x0000002b mov edx, dword ptr [ebp+122D382Fh] 0x00000031 push 00000003h 0x00000033 jmp 00007FA948C4CB32h 0x00000038 push A33F3008h 0x0000003d pushad 0x0000003e push eax 0x0000003f push edx 0x00000040 push edx 0x00000041 pop edx 0x00000042 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 543B94 second address: 543C0D instructions: 0x00000000 rdtsc 0x00000002 jno 00007FA948B16F76h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a ja 00007FA948B16F8Ch 0x00000010 jmp 00007FA948B16F86h 0x00000015 popad 0x00000016 xor dword ptr [esp], 633F3008h 0x0000001d mov edi, dword ptr [ebp+122D39F6h] 0x00000023 lea ebx, dword ptr [ebp+1244E7F3h] 0x00000029 push 00000000h 0x0000002b push ebx 0x0000002c call 00007FA948B16F78h 0x00000031 pop ebx 0x00000032 mov dword ptr [esp+04h], ebx 0x00000036 add dword ptr [esp+04h], 00000018h 0x0000003e inc ebx 0x0000003f push ebx 0x00000040 ret 0x00000041 pop ebx 0x00000042 ret 0x00000043 push eax 0x00000044 pushad 0x00000045 push esi 0x00000046 pushad 0x00000047 popad 0x00000048 pop esi 0x00000049 push eax 0x0000004a push edx 0x0000004b jmp 00007FA948B16F87h 0x00000050 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 543CF1 second address: 543D45 instructions: 0x00000000 rdtsc 0x00000002 jo 00007FA948C4CB26h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b mov dword ptr [esp], eax 0x0000000e mov dword ptr [ebp+122D2CE2h], ebx 0x00000014 push 00000000h 0x00000016 push 00000000h 0x00000018 push ebx 0x00000019 call 00007FA948C4CB28h 0x0000001e pop ebx 0x0000001f mov dword ptr [esp+04h], ebx 0x00000023 add dword ptr [esp+04h], 00000015h 0x0000002b inc ebx 0x0000002c push ebx 0x0000002d ret 0x0000002e pop ebx 0x0000002f ret 0x00000030 jmp 00007FA948C4CB32h 0x00000035 push F2FE720Eh 0x0000003a push eax 0x0000003b push edx 0x0000003c push eax 0x0000003d push edx 0x0000003e jo 00007FA948C4CB26h 0x00000044 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 543D45 second address: 543D4B instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 543D4B second address: 543D5C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FA948C4CB2Dh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 543D5C second address: 543E14 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F88h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b add dword ptr [esp], 0D018E72h 0x00000012 jmp 00007FA948B16F7Ch 0x00000017 push 00000003h 0x00000019 push 00000000h 0x0000001b push edi 0x0000001c call 00007FA948B16F78h 0x00000021 pop edi 0x00000022 mov dword ptr [esp+04h], edi 0x00000026 add dword ptr [esp+04h], 00000019h 0x0000002e inc edi 0x0000002f push edi 0x00000030 ret 0x00000031 pop edi 0x00000032 ret 0x00000033 call 00007FA948B16F7Eh 0x00000038 mov dword ptr [ebp+122D1E03h], eax 0x0000003e pop esi 0x0000003f push 00000000h 0x00000041 mov di, B7B5h 0x00000045 push 00000003h 0x00000047 jno 00007FA948B16F8Eh 0x0000004d call 00007FA948B16F79h 0x00000052 pushad 0x00000053 push ecx 0x00000054 jmp 00007FA948B16F89h 0x00000059 pop ecx 0x0000005a push eax 0x0000005b push edx 0x0000005c pushad 0x0000005d popad 0x0000005e rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 543E14 second address: 543E69 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 ja 00007FA948C4CB30h 0x0000000e mov eax, dword ptr [esp+04h] 0x00000012 jmp 00007FA948C4CB34h 0x00000017 mov eax, dword ptr [eax] 0x00000019 pushad 0x0000001a jno 00007FA948C4CB2Ch 0x00000020 jnp 00007FA948C4CB28h 0x00000026 popad 0x00000027 mov dword ptr [esp+04h], eax 0x0000002b jo 00007FA948C4CB2Eh 0x00000031 push ebx 0x00000032 push eax 0x00000033 push edx 0x00000034 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 543E69 second address: 543E9B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop eax 0x00000006 jmp 00007FA948B16F85h 0x0000000b lea ebx, dword ptr [ebp+1244E7FEh] 0x00000011 mov esi, dword ptr [ebp+122D3AE6h] 0x00000017 xchg eax, ebx 0x00000018 jbe 00007FA948B16F84h 0x0000001e push eax 0x0000001f push edx 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 543E9B second address: 543E9F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 543E9F second address: 543EAC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b push edi 0x0000000c pop edi 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 543EAC second address: 543EC1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB31h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 543EC1 second address: 543EC6 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5659C6 second address: 5659F7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007FA948C4CB26h 0x0000000a popad 0x0000000b push ebx 0x0000000c push edx 0x0000000d pop edx 0x0000000e pop ebx 0x0000000f jmp 00007FA948C4CB39h 0x00000014 popad 0x00000015 push eax 0x00000016 pushad 0x00000017 push edx 0x00000018 pop edx 0x00000019 push edi 0x0000001a pop edi 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 563A78 second address: 563A8F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F83h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5642FA second address: 564300 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 564300 second address: 564306 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 564306 second address: 56430A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5645AB second address: 5645B7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 jns 00007FA948B16F76h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5645B7 second address: 5645F0 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 jnp 00007FA948C4CB47h 0x0000000f pushad 0x00000010 jns 00007FA948C4CB26h 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 564720 second address: 564726 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 559EF7 second address: 559F0B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FA948C4CB2Eh 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 559F0B second address: 559F1F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FA948B16F80h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 559F1F second address: 559F29 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push esi 0x00000009 pop esi 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 564B53 second address: 564B62 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 je 00007FA948B16F76h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 565529 second address: 56552D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 56552D second address: 56553C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 je 00007FA948B16F76h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 56553C second address: 565554 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 popad 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FA948C4CB2Eh 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 565877 second address: 56587B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 567A15 second address: 567A19 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 567A19 second address: 567A23 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 567A23 second address: 567A3A instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FA948C4CB2Bh 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 567A3A second address: 567A40 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 567A40 second address: 567A5A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FA948C4CB36h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 566850 second address: 566856 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 566856 second address: 566880 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB2Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FA948C4CB33h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 568439 second address: 56843F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 56843F second address: 568443 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 56CBCD second address: 56CBD7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007FA948B16F76h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 56CBD7 second address: 56CBE8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB2Dh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5701CE second address: 5701D2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5701D2 second address: 5701D8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5701D8 second address: 5701E4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jg 00007FA948B16F76h 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 53A9AD second address: 53A9B5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 53A9B5 second address: 53A9C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 popad 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 53A9C4 second address: 53A9CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 56F6BC second address: 56F6C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 56F6C0 second address: 56F6C6 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 573586 second address: 573590 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jno 00007FA948B16F76h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 573A17 second address: 573A33 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB38h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 573C90 second address: 573C96 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5743CF second address: 5743D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 574621 second address: 574625 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 574625 second address: 57462B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 57462B second address: 574631 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 574631 second address: 574635 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 574635 second address: 574643 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edi 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 574643 second address: 574647 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 576E3A second address: 576E44 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jo 00007FA948B16F76h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 576CCF second address: 576CD5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 576E44 second address: 576E95 instructions: 0x00000000 rdtsc 0x00000002 jg 00007FA948B16F76h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d mov edi, dword ptr [ebp+122D3902h] 0x00000013 mov dword ptr [ebp+122D2AB2h], edx 0x00000019 push 00000000h 0x0000001b jmp 00007FA948B16F86h 0x00000020 push 00000000h 0x00000022 mov dword ptr [ebp+122D1E3Bh], esi 0x00000028 xchg eax, ebx 0x00000029 jmp 00007FA948B16F7Dh 0x0000002e push eax 0x0000002f push edi 0x00000030 push eax 0x00000031 push edx 0x00000032 jng 00007FA948B16F76h 0x00000038 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 576CD5 second address: 576CE4 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push esi 0x0000000d pop esi 0x0000000e pop eax 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 577F68 second address: 577FF8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop esi 0x00000006 push eax 0x00000007 jp 00007FA948B16F7Eh 0x0000000d nop 0x0000000e push 00000000h 0x00000010 push esi 0x00000011 call 00007FA948B16F78h 0x00000016 pop esi 0x00000017 mov dword ptr [esp+04h], esi 0x0000001b add dword ptr [esp+04h], 00000016h 0x00000023 inc esi 0x00000024 push esi 0x00000025 ret 0x00000026 pop esi 0x00000027 ret 0x00000028 mov edi, 4F625769h 0x0000002d push 00000000h 0x0000002f push 00000000h 0x00000031 push eax 0x00000032 call 00007FA948B16F78h 0x00000037 pop eax 0x00000038 mov dword ptr [esp+04h], eax 0x0000003c add dword ptr [esp+04h], 00000019h 0x00000044 inc eax 0x00000045 push eax 0x00000046 ret 0x00000047 pop eax 0x00000048 ret 0x00000049 mov di, 3230h 0x0000004d call 00007FA948B16F7Dh 0x00000052 jmp 00007FA948B16F7Bh 0x00000057 pop edi 0x00000058 push 00000000h 0x0000005a movsx esi, cx 0x0000005d push eax 0x0000005e pushad 0x0000005f push eax 0x00000060 jns 00007FA948B16F76h 0x00000066 pop eax 0x00000067 jnp 00007FA948B16F7Ch 0x0000006d push eax 0x0000006e push edx 0x0000006f rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 57A1BA second address: 57A236 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB35h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c sbb esi, 1CBC47A3h 0x00000012 push 00000000h 0x00000014 push 00000000h 0x00000016 push 00000000h 0x00000018 push edx 0x00000019 call 00007FA948C4CB28h 0x0000001e pop edx 0x0000001f mov dword ptr [esp+04h], edx 0x00000023 add dword ptr [esp+04h], 00000015h 0x0000002b inc edx 0x0000002c push edx 0x0000002d ret 0x0000002e pop edx 0x0000002f ret 0x00000030 jnp 00007FA948C4CB3Fh 0x00000036 xchg eax, ebx 0x00000037 push eax 0x00000038 push edx 0x00000039 pushad 0x0000003a ja 00007FA948C4CB26h 0x00000040 jmp 00007FA948C4CB2Fh 0x00000045 popad 0x00000046 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 57A236 second address: 57A23C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 57A23C second address: 57A24D instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c pushad 0x0000000d popad 0x0000000e pushad 0x0000000f popad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 579F95 second address: 579F9B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 579F9B second address: 579F9F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 57AD81 second address: 57AD85 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 57F6FC second address: 57F703 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 57F703 second address: 57F709 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 57F709 second address: 57F780 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FA948C4CB26h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d push 00000000h 0x0000000f push ebp 0x00000010 call 00007FA948C4CB28h 0x00000015 pop ebp 0x00000016 mov dword ptr [esp+04h], ebp 0x0000001a add dword ptr [esp+04h], 00000016h 0x00000022 inc ebp 0x00000023 push ebp 0x00000024 ret 0x00000025 pop ebp 0x00000026 ret 0x00000027 cld 0x00000028 movzx ebx, di 0x0000002b jmp 00007FA948C4CB2Fh 0x00000030 push 00000000h 0x00000032 push 00000000h 0x00000034 push 00000000h 0x00000036 push ebp 0x00000037 call 00007FA948C4CB28h 0x0000003c pop ebp 0x0000003d mov dword ptr [esp+04h], ebp 0x00000041 add dword ptr [esp+04h], 00000015h 0x00000049 inc ebp 0x0000004a push ebp 0x0000004b ret 0x0000004c pop ebp 0x0000004d ret 0x0000004e xchg eax, esi 0x0000004f jmp 00007FA948C4CB32h 0x00000054 push eax 0x00000055 push edx 0x00000056 pushad 0x00000057 push eax 0x00000058 push edx 0x00000059 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5806CA second address: 5806D0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 581530 second address: 581535 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 580865 second address: 58087B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 push esi 0x00000008 jne 00007FA948B16F76h 0x0000000e pop esi 0x0000000f popad 0x00000010 push eax 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 581535 second address: 581588 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FA948C4CB2Eh 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov dword ptr [esp], eax 0x0000000f push 00000000h 0x00000011 push ebx 0x00000012 call 00007FA948C4CB28h 0x00000017 pop ebx 0x00000018 mov dword ptr [esp+04h], ebx 0x0000001c add dword ptr [esp+04h], 0000001Ah 0x00000024 inc ebx 0x00000025 push ebx 0x00000026 ret 0x00000027 pop ebx 0x00000028 ret 0x00000029 mov dword ptr [ebp+1245F012h], esi 0x0000002f push 00000000h 0x00000031 mov edi, dword ptr [ebp+122D38DEh] 0x00000037 push 00000000h 0x00000039 movzx edi, cx 0x0000003c push eax 0x0000003d push esi 0x0000003e push eax 0x0000003f push edx 0x00000040 push ecx 0x00000041 pop ecx 0x00000042 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58087B second address: 580886 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007FA948B16F76h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 580886 second address: 580890 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jg 00007FA948C4CB26h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5825C0 second address: 5825C6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5825C6 second address: 5825CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5825CA second address: 5825CE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58273F second address: 58277F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB2Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ecx 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e jmp 00007FA948C4CB33h 0x00000013 jmp 00007FA948C4CB39h 0x00000018 popad 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5837FD second address: 583801 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 583801 second address: 58380F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FA948C4CB2Ah 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58380F second address: 583813 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58565F second address: 585663 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 583813 second address: 583826 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d jc 00007FA948B16F76h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 585663 second address: 585669 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 583826 second address: 58382C instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 585669 second address: 585670 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58667F second address: 586684 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 586684 second address: 5866E2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push eax 0x00000009 push edi 0x0000000a push ebx 0x0000000b pop ebx 0x0000000c pop edi 0x0000000d pop eax 0x0000000e nop 0x0000000f mov edi, dword ptr [ebp+12456397h] 0x00000015 push 00000000h 0x00000017 mov bl, 26h 0x00000019 push 00000000h 0x0000001b push 00000000h 0x0000001d push edi 0x0000001e call 00007FA948C4CB28h 0x00000023 pop edi 0x00000024 mov dword ptr [esp+04h], edi 0x00000028 add dword ptr [esp+04h], 00000017h 0x00000030 inc edi 0x00000031 push edi 0x00000032 ret 0x00000033 pop edi 0x00000034 ret 0x00000035 xchg eax, esi 0x00000036 jno 00007FA948C4CB34h 0x0000003c push eax 0x0000003d push edx 0x0000003e push eax 0x0000003f push edx 0x00000040 jmp 00007FA948C4CB2Bh 0x00000045 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5866E2 second address: 5866E6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58681E second address: 586822 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 586822 second address: 586828 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 586828 second address: 58683F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FA948C4CB33h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58683F second address: 586851 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push esi 0x0000000a jng 00007FA948B16F7Ch 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5306BC second address: 5306C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5306C0 second address: 5306EE instructions: 0x00000000 rdtsc 0x00000002 jp 00007FA948B16F76h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pop edi 0x0000000d push eax 0x0000000e push edx 0x0000000f push ecx 0x00000010 jmp 00007FA948B16F83h 0x00000015 pop ecx 0x00000016 pushad 0x00000017 pushad 0x00000018 popad 0x00000019 push edi 0x0000001a pop edi 0x0000001b push edi 0x0000001c pop edi 0x0000001d pushad 0x0000001e popad 0x0000001f popad 0x00000020 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 589A4E second address: 589A53 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 589A53 second address: 589ACA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007FA948B16F76h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e ja 00007FA948B16F84h 0x00000014 nop 0x00000015 push 00000000h 0x00000017 push 00000000h 0x00000019 push ecx 0x0000001a call 00007FA948B16F78h 0x0000001f pop ecx 0x00000020 mov dword ptr [esp+04h], ecx 0x00000024 add dword ptr [esp+04h], 00000014h 0x0000002c inc ecx 0x0000002d push ecx 0x0000002e ret 0x0000002f pop ecx 0x00000030 ret 0x00000031 xor dword ptr [ebp+12460F10h], eax 0x00000037 movsx edi, dx 0x0000003a mov bx, si 0x0000003d push 00000000h 0x0000003f push 00000000h 0x00000041 push edx 0x00000042 call 00007FA948B16F78h 0x00000047 pop edx 0x00000048 mov dword ptr [esp+04h], edx 0x0000004c add dword ptr [esp+04h], 0000001Bh 0x00000054 inc edx 0x00000055 push edx 0x00000056 ret 0x00000057 pop edx 0x00000058 ret 0x00000059 push eax 0x0000005a pushad 0x0000005b pushad 0x0000005c push eax 0x0000005d push edx 0x0000005e rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 589ACA second address: 589AD4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58A998 second address: 58AA1F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov dword ptr [esp], eax 0x00000009 push eax 0x0000000a mov dword ptr [ebp+124698DEh], esi 0x00000010 pop ebx 0x00000011 push 00000000h 0x00000013 push 00000000h 0x00000015 push ebp 0x00000016 call 00007FA948B16F78h 0x0000001b pop ebp 0x0000001c mov dword ptr [esp+04h], ebp 0x00000020 add dword ptr [esp+04h], 00000018h 0x00000028 inc ebp 0x00000029 push ebp 0x0000002a ret 0x0000002b pop ebp 0x0000002c ret 0x0000002d mov edi, ebx 0x0000002f mov edi, 3A60A15Fh 0x00000034 push 00000000h 0x00000036 push 00000000h 0x00000038 push ebx 0x00000039 call 00007FA948B16F78h 0x0000003e pop ebx 0x0000003f mov dword ptr [esp+04h], ebx 0x00000043 add dword ptr [esp+04h], 0000001Ah 0x0000004b inc ebx 0x0000004c push ebx 0x0000004d ret 0x0000004e pop ebx 0x0000004f ret 0x00000050 mov edi, 62B19D89h 0x00000055 movzx ebx, dx 0x00000058 push edx 0x00000059 mov dword ptr [ebp+122D1E40h], eax 0x0000005f pop edi 0x00000060 push eax 0x00000061 push eax 0x00000062 push edx 0x00000063 pushad 0x00000064 jmp 00007FA948B16F83h 0x00000069 push eax 0x0000006a push edx 0x0000006b rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58AA1F second address: 58AA24 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58AA24 second address: 58AA29 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 589C61 second address: 589C6B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jc 00007FA948C4CB26h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 589C6B second address: 589CF3 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 push dword ptr fs:[00000000h] 0x00000010 pushad 0x00000011 push esi 0x00000012 sbb ebx, 0ECF18D6h 0x00000018 pop eax 0x00000019 popad 0x0000001a mov dword ptr fs:[00000000h], esp 0x00000021 push edx 0x00000022 mov dword ptr [ebp+12457752h], esi 0x00000028 pop ebx 0x00000029 mov eax, dword ptr [ebp+122D0C81h] 0x0000002f push 00000000h 0x00000031 push edi 0x00000032 call 00007FA948B16F78h 0x00000037 pop edi 0x00000038 mov dword ptr [esp+04h], edi 0x0000003c add dword ptr [esp+04h], 00000015h 0x00000044 inc edi 0x00000045 push edi 0x00000046 ret 0x00000047 pop edi 0x00000048 ret 0x00000049 jmp 00007FA948B16F7Dh 0x0000004e push FFFFFFFFh 0x00000050 sub dword ptr [ebp+1244DB22h], ecx 0x00000056 nop 0x00000057 push ebx 0x00000058 push ecx 0x00000059 jg 00007FA948B16F76h 0x0000005f pop ecx 0x00000060 pop ebx 0x00000061 push eax 0x00000062 pushad 0x00000063 jmp 00007FA948B16F87h 0x00000068 push eax 0x00000069 push eax 0x0000006a push edx 0x0000006b rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5877AA second address: 5877C8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB36h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push ebx 0x0000000c pop ebx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5877C8 second address: 5877DA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 jbe 00007FA948B16F8Fh 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5877DA second address: 5877DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58BDB4 second address: 58BE2D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 popad 0x00000006 mov dword ptr [esp], eax 0x00000009 js 00007FA948B16F7Ch 0x0000000f mov dword ptr [ebp+1244D71Ah], esi 0x00000015 push dword ptr fs:[00000000h] 0x0000001c jmp 00007FA948B16F88h 0x00000021 mov dword ptr fs:[00000000h], esp 0x00000028 push 00000000h 0x0000002a push edx 0x0000002b call 00007FA948B16F78h 0x00000030 pop edx 0x00000031 mov dword ptr [esp+04h], edx 0x00000035 add dword ptr [esp+04h], 0000001Dh 0x0000003d inc edx 0x0000003e push edx 0x0000003f ret 0x00000040 pop edx 0x00000041 ret 0x00000042 mov ebx, edi 0x00000044 mov eax, dword ptr [ebp+122D1241h] 0x0000004a push FFFFFFFFh 0x0000004c mov ebx, 7175E86Fh 0x00000051 nop 0x00000052 jc 00007FA948B16F80h 0x00000058 pushad 0x00000059 push eax 0x0000005a push edx 0x0000005b rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58BE2D second address: 58BE50 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FA948C4CB38h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58BE50 second address: 58BE54 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58BE54 second address: 58BE62 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jbe 00007FA948C4CB26h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58EDCA second address: 58EDCF instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58DD8E second address: 58DD92 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58F066 second address: 58F06A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58F06A second address: 58F081 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB33h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58F081 second address: 58F0A3 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 jc 00007FA948B16F76h 0x00000009 pop edx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push ecx 0x00000010 jmp 00007FA948B16F81h 0x00000015 pop ecx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 58F0A3 second address: 58F0AA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 596F5D second address: 596F67 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FA948B16F7Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5970BA second address: 5970E1 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FA948C4CB2Eh 0x00000008 pushad 0x00000009 jmp 00007FA948C4CB2Eh 0x0000000e jo 00007FA948C4CB26h 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5973D2 second address: 5973EF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F89h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 59C855 second address: 59C871 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FA948C4CB2Ah 0x00000008 jg 00007FA948C4CB26h 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 mov eax, dword ptr [eax] 0x00000013 pushad 0x00000014 push edi 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 59C871 second address: 59C87E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 jbe 00007FA948B16F7Ch 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 59C87E second address: 59C88C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 mov dword ptr [esp+04h], eax 0x00000009 push ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 59C88C second address: 59C890 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 59C890 second address: 59C894 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 59C923 second address: 59C927 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 59C927 second address: 59C92B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 59CA75 second address: 59CA79 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A1965 second address: 5A196C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A196C second address: 5A1982 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007FA948B16F76h 0x0000000a popad 0x0000000b popad 0x0000000c pushad 0x0000000d pushad 0x0000000e ja 00007FA948B16F76h 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A1982 second address: 5A19A6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FA948C4CB2Ah 0x0000000c jmp 00007FA948C4CB33h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A1C8C second address: 5A1C90 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A21E5 second address: 5A21EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A21EB second address: 5A21EF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A7B21 second address: 5A7B3C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 jmp 00007FA948C4CB2Dh 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pushad 0x00000010 push esi 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A7B3C second address: 5A7B42 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 533D77 second address: 533D7E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 533D7E second address: 533D8D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 popad 0x00000007 js 00007FA948B16F7Eh 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A67B9 second address: 5A67C9 instructions: 0x00000000 rdtsc 0x00000002 je 00007FA948C4CB26h 0x00000008 jnl 00007FA948C4CB26h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A67C9 second address: 5A67CF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A67CF second address: 5A67D3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A67D3 second address: 5A67D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A6A8A second address: 5A6A94 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop ecx 0x00000007 push edi 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A6A94 second address: 5A6A99 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A6D41 second address: 5A6D6A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FA948C4CB34h 0x00000009 pop ecx 0x0000000a jng 00007FA948C4CB2Ch 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A6D6A second address: 5A6D79 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FA948B16F7Bh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A6D79 second address: 5A6DA5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB2Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007FA948C4CB2Ah 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 popad 0x00000013 pop edx 0x00000014 pushad 0x00000015 jbe 00007FA948C4CB26h 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A64EF second address: 5A64FB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 pushad 0x00000008 push esi 0x00000009 pop esi 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A72E3 second address: 5A72E9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A72E9 second address: 5A72ED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5A72ED second address: 5A730A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jno 00007FA948C4CB26h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d jmp 00007FA948C4CB2Eh 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5ABA8D second address: 5ABA91 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5ABA91 second address: 5ABAAE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB33h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push ebx 0x0000000c pop ebx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5AFFC7 second address: 5AFFDF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 jc 00007FA948B16F76h 0x0000000b pop edx 0x0000000c popad 0x0000000d push eax 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 jnl 00007FA948B16F76h 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5AFFDF second address: 5AFFE3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5B03E4 second address: 5B03EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5B07D3 second address: 5B07EF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FA948C4CB33h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5B07EF second address: 5B07F5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5321A0 second address: 5321A8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5B5920 second address: 5B592A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007FA948B16F76h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5B592A second address: 5B592E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5B592E second address: 5B5938 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5B5938 second address: 5B593C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5B4835 second address: 5B483B instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5B483B second address: 5B484C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 jc 00007FA948C4CB26h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5B484C second address: 5B4851 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 57242E second address: 572432 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 572432 second address: 572444 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jnl 00007FA948B16F78h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 572444 second address: 572496 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jmp 00007FA948C4CB36h 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov eax, dword ptr [esp+04h] 0x0000000f pushad 0x00000010 jg 00007FA948C4CB28h 0x00000016 pushad 0x00000017 jo 00007FA948C4CB26h 0x0000001d jmp 00007FA948C4CB36h 0x00000022 popad 0x00000023 popad 0x00000024 mov eax, dword ptr [eax] 0x00000026 push eax 0x00000027 push edx 0x00000028 pushad 0x00000029 push ebx 0x0000002a pop ebx 0x0000002b pushad 0x0000002c popad 0x0000002d popad 0x0000002e rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 572496 second address: 5724B7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F7Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp+04h], eax 0x0000000d jbe 00007FA948B16F88h 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5724B7 second address: 5724BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5724BB second address: 5724F5 instructions: 0x00000000 rdtsc 0x00000002 jns 00007FA948B16F76h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop eax 0x0000000b push 00000000h 0x0000000d push ebp 0x0000000e call 00007FA948B16F78h 0x00000013 pop ebp 0x00000014 mov dword ptr [esp+04h], ebp 0x00000018 add dword ptr [esp+04h], 00000015h 0x00000020 inc ebp 0x00000021 push ebp 0x00000022 ret 0x00000023 pop ebp 0x00000024 ret 0x00000025 mov edx, dword ptr [ebp+122D2991h] 0x0000002b push D2C882CCh 0x00000030 push eax 0x00000031 push edx 0x00000032 pushad 0x00000033 push esi 0x00000034 pop esi 0x00000035 push eax 0x00000036 push edx 0x00000037 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5724F5 second address: 5724FA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 57265C second address: 572662 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 572662 second address: 5726C8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push ebx 0x00000006 pop ebx 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c jmp 00007FA948C4CB38h 0x00000011 jmp 00007FA948C4CB30h 0x00000016 popad 0x00000017 xchg eax, esi 0x00000018 push 00000000h 0x0000001a push eax 0x0000001b call 00007FA948C4CB28h 0x00000020 pop eax 0x00000021 mov dword ptr [esp+04h], eax 0x00000025 add dword ptr [esp+04h], 00000017h 0x0000002d inc eax 0x0000002e push eax 0x0000002f ret 0x00000030 pop eax 0x00000031 ret 0x00000032 mov dl, bl 0x00000034 push eax 0x00000035 jbe 00007FA948C4CB32h 0x0000003b jng 00007FA948C4CB2Ch 0x00000041 push eax 0x00000042 push edx 0x00000043 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5729D6 second address: 5729E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pop edi 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5729E3 second address: 5729E7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5729E7 second address: 572A01 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F86h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 572E24 second address: 572EA5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 popad 0x00000006 mov dword ptr [esp], eax 0x00000009 push 00000000h 0x0000000b push esi 0x0000000c call 00007FA948C4CB28h 0x00000011 pop esi 0x00000012 mov dword ptr [esp+04h], esi 0x00000016 add dword ptr [esp+04h], 00000016h 0x0000001e inc esi 0x0000001f push esi 0x00000020 ret 0x00000021 pop esi 0x00000022 ret 0x00000023 jmp 00007FA948C4CB2Fh 0x00000028 push 0000001Eh 0x0000002a push 00000000h 0x0000002c push ebx 0x0000002d call 00007FA948C4CB28h 0x00000032 pop ebx 0x00000033 mov dword ptr [esp+04h], ebx 0x00000037 add dword ptr [esp+04h], 0000001Dh 0x0000003f inc ebx 0x00000040 push ebx 0x00000041 ret 0x00000042 pop ebx 0x00000043 ret 0x00000044 push eax 0x00000045 pushad 0x00000046 add dword ptr [ebp+122D2AF4h], eax 0x0000004c jmp 00007FA948C4CB30h 0x00000051 popad 0x00000052 pop edx 0x00000053 nop 0x00000054 jng 00007FA948C4CB2Eh 0x0000005a push ebx 0x0000005b push eax 0x0000005c push edx 0x0000005d rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 572EA5 second address: 572EAF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 pushad 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 572EAF second address: 572EB5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 572EB5 second address: 572EBE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5B4C27 second address: 5B4C30 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5B4C30 second address: 5B4C36 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5B4C36 second address: 5B4C3C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 53C4D8 second address: 53C4DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C453E second address: 5C4548 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007FA948C4CB26h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C3E2A second address: 5C3E3B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FA948B16F7Ah 0x00000009 push ebx 0x0000000a pop ebx 0x0000000b popad 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C3E3B second address: 5C3E40 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C3E40 second address: 5C3E46 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C3FB2 second address: 5C3FB8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C3FB8 second address: 5C3FBC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C3FBC second address: 5C3FC0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C3FC0 second address: 5C3FD6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d jp 00007FA948B16F76h 0x00000013 push edx 0x00000014 pop edx 0x00000015 popad 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C4295 second address: 5C42B6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FA948C4CB26h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d jg 00007FA948C4CB2Ch 0x00000013 jbe 00007FA948C4CB2Ch 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5CA0E9 second address: 5CA0FA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F7Bh 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5CA0FA second address: 5CA100 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5CA100 second address: 5CA12A instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FA948B16F76h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d jmp 00007FA948B16F83h 0x00000012 push eax 0x00000013 push edx 0x00000014 jl 00007FA948B16F76h 0x0000001a pushad 0x0000001b popad 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C88ED second address: 5C88F1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C8BFF second address: 5C8C0E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop ecx 0x00000007 js 00007FA948B16F7Eh 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C8D71 second address: 5C8D76 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C9008 second address: 5C900E instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C900E second address: 5C9018 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C9018 second address: 5C9030 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FA948B16F84h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 572C0E second address: 572C12 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 572C12 second address: 572C18 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 572CF1 second address: 572CF7 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 572CF7 second address: 572D05 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FA948B16F7Ah 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C91C3 second address: 5C91CA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C91CA second address: 5C91F4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FA948B16F7Eh 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FA948B16F81h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C91F4 second address: 5C91F8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C9368 second address: 5C9373 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jp 00007FA948B16F76h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C9D50 second address: 5C9D56 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C9D56 second address: 5C9D5A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C9D5A second address: 5C9D7F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007FA948C4CB2Eh 0x0000000c jmp 00007FA948C4CB2Eh 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C9D7F second address: 5C9D90 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 pushad 0x00000009 popad 0x0000000a jbe 00007FA948B16F76h 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C9D90 second address: 5C9D95 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C9D95 second address: 5C9D9B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5C9D9B second address: 5C9DA9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007FA948C4CB26h 0x0000000a popad 0x0000000b push esi 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5CDF63 second address: 5CDF80 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F89h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5CD4F3 second address: 5CD4F9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5CD818 second address: 5CD82C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jns 00007FA948B16F76h 0x0000000a jmp 00007FA948B16F7Ah 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5CD82C second address: 5CD830 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5CF4F1 second address: 5CF4F7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5CF4F7 second address: 5CF504 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 js 00007FA948C4CB26h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5D663D second address: 5D664F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007FA948B16F76h 0x0000000a push ebx 0x0000000b pop ebx 0x0000000c popad 0x0000000d pushad 0x0000000e push edi 0x0000000f pop edi 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5D664F second address: 5D6655 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5D6655 second address: 5D665A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5D665A second address: 5D6666 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 jp 00007FA948C4CB26h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5D6666 second address: 5D666A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5D4F4E second address: 5D4F53 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5D5224 second address: 5D522D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5D522D second address: 5D5233 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5D5233 second address: 5D5237 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5D5237 second address: 5D523B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5D5D28 second address: 5D5D2E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5D5D2E second address: 5D5D3A instructions: 0x00000000 rdtsc 0x00000002 jg 00007FA948C4CB26h 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5D6303 second address: 5D632D instructions: 0x00000000 rdtsc 0x00000002 jns 00007FA948B16F82h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jng 00007FA948B16F82h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5DA44F second address: 5DA461 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB2Eh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5DA782 second address: 5DA787 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5DA787 second address: 5DA794 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 je 00007FA948C4CB26h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5DA794 second address: 5DA798 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5DAB80 second address: 5DAB89 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5DAB89 second address: 5DAB93 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnc 00007FA948B16F76h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5DAB93 second address: 5DAB97 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5DACD4 second address: 5DACE8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jmp 00007FA948B16F7Ah 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5DACE8 second address: 5DACEC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5DACEC second address: 5DACF4 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E731C second address: 5E7320 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E7320 second address: 5E732A instructions: 0x00000000 rdtsc 0x00000002 jg 00007FA948B16F76h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E732A second address: 5E732F instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E732F second address: 5E7337 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E5B2E second address: 5E5B35 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E5B35 second address: 5E5B3B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E5B3B second address: 5E5B45 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push esi 0x00000007 pop esi 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E5B45 second address: 5E5B5C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b je 00007FA948B16F8Ch 0x00000011 push eax 0x00000012 push edx 0x00000013 push ebx 0x00000014 pop ebx 0x00000015 pushad 0x00000016 popad 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E5D18 second address: 5E5D31 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FA948C4CB34h 0x00000009 pop edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E5D31 second address: 5E5D4D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F80h 0x00000007 push eax 0x00000008 push edx 0x00000009 jbe 00007FA948B16F76h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E5D4D second address: 5E5D51 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E5D51 second address: 5E5D55 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E6034 second address: 5E6040 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pushad 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E6040 second address: 5E6046 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E637E second address: 5E6384 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E6384 second address: 5E639D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 jl 00007FA948B16F82h 0x0000000d jne 00007FA948B16F76h 0x00000013 jne 00007FA948B16F76h 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E6AD3 second address: 5E6AD7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E6AD7 second address: 5E6ADD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E6ADD second address: 5E6AF4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FA948C4CB33h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E715D second address: 5E719E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F80h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jmp 00007FA948B16F89h 0x0000000f js 00007FA948B16F76h 0x00000015 jmp 00007FA948B16F7Bh 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5E5045 second address: 5E5063 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FA948C4CB38h 0x00000009 push ebx 0x0000000a pop ebx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5EE479 second address: 5EE47D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5F0BFE second address: 5F0C04 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5F0C04 second address: 5F0C47 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F85h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jmp 00007FA948B16F86h 0x0000000f pushad 0x00000010 jne 00007FA948B16F76h 0x00000016 ja 00007FA948B16F76h 0x0000001c popad 0x0000001d pushad 0x0000001e pushad 0x0000001f popad 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 52D27D second address: 52D283 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 52D283 second address: 52D28B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 52D28B second address: 52D2AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop eax 0x00000007 pushad 0x00000008 jmp 00007FA948C4CB2Ch 0x0000000d push edi 0x0000000e pop edi 0x0000000f jmp 00007FA948C4CB2Ah 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 52D2AD second address: 52D2BA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 js 00007FA948B16F7Eh 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5F0AA3 second address: 5F0AB4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FA948C4CB2Bh 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5F0AB4 second address: 5F0AB8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 5FDF76 second address: 5FDF7E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 601947 second address: 60194C instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 60194C second address: 60197F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007FA948C4CB26h 0x0000000a pop ebx 0x0000000b jmp 00007FA948C4CB2Fh 0x00000010 pop edx 0x00000011 pop eax 0x00000012 push eax 0x00000013 push eax 0x00000014 push edx 0x00000015 jmp 00007FA948C4CB34h 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 606326 second address: 606334 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007FA948B16F76h 0x0000000a push edx 0x0000000b pop edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 60EEEC second address: 60EEF5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 60ED9F second address: 60EDA3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 6129D9 second address: 6129DF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 613FDB second address: 613FFC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FA948B16F82h 0x00000009 pop esi 0x0000000a push eax 0x0000000b push edx 0x0000000c push esi 0x0000000d pop esi 0x0000000e jg 00007FA948B16F76h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 613FFC second address: 61400A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB2Ah 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 6190F2 second address: 619116 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007FA948B16F7Ch 0x0000000a pop edx 0x0000000b pushad 0x0000000c pushad 0x0000000d jmp 00007FA948B16F7Eh 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 6192AB second address: 6192C1 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 ja 00007FA948C4CB26h 0x00000009 jbe 00007FA948C4CB26h 0x0000000f pop esi 0x00000010 pop edx 0x00000011 pop eax 0x00000012 pushad 0x00000013 pushad 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 6192C1 second address: 6192E5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 pop eax 0x00000008 popad 0x00000009 push eax 0x0000000a jmp 00007FA948B16F84h 0x0000000f pop eax 0x00000010 pushad 0x00000011 push eax 0x00000012 pop eax 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 61945D second address: 619463 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 619463 second address: 619469 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 619785 second address: 619792 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007FA948C4CB26h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 619792 second address: 61979E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 jbe 00007FA948B16F76h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 61A523 second address: 61A52F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007FA948C4CB26h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 61A52F second address: 61A53C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 ja 00007FA948B16F7Ch 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 62BE61 second address: 62BE79 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 jmp 00007FA948C4CB32h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 638632 second address: 63863E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007FA948B16F76h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 63863E second address: 638647 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 638647 second address: 63864B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 63864B second address: 638672 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB2Fh 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b js 00007FA948C4CB28h 0x00000011 push eax 0x00000012 pop eax 0x00000013 push eax 0x00000014 push edx 0x00000015 jns 00007FA948C4CB26h 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 638672 second address: 638676 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 63BC53 second address: 63BC6D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jnp 00007FA948C4CB26h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push ebx 0x0000000d jnp 00007FA948C4CB26h 0x00000013 jo 00007FA948C4CB26h 0x00000019 pop ebx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 63BC6D second address: 63BC96 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jmp 00007FA948B16F87h 0x00000008 pop ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b jnp 00007FA948B16F76h 0x00000011 jns 00007FA948B16F76h 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 63BDDB second address: 63BDDF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 63BDDF second address: 63BE12 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007FA948B16F7Fh 0x0000000d jmp 00007FA948B16F88h 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 popad 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 63BE12 second address: 63BE16 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 6510FB second address: 65112F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 jno 00007FA948B16F76h 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FA948B16F83h 0x00000014 jmp 00007FA948B16F82h 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 65112F second address: 651133 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 651133 second address: 65113B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 6500B7 second address: 6500C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FA948C4CB2Ah 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 6500C5 second address: 6500C9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 6500C9 second address: 6500E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FA948C4CB34h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 6500E3 second address: 6500EE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jg 00007FA948B16F76h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 650225 second address: 650243 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push ecx 0x00000006 jmp 00007FA948C4CB35h 0x0000000b push ecx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 6503B2 second address: 6503B9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 6503B9 second address: 6503BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 6503BF second address: 6503C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 65052B second address: 650548 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FA948C4CB2Dh 0x00000009 jmp 00007FA948C4CB2Ch 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 650842 second address: 650847 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 6509DD second address: 6509E7 instructions: 0x00000000 rdtsc 0x00000002 jg 00007FA948C4CB2Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 650C89 second address: 650C9F instructions: 0x00000000 rdtsc 0x00000002 js 00007FA948B16F76h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 je 00007FA948B16F76h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 650E01 second address: 650E07 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 65281A second address: 65283A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F88h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 65283A second address: 65283E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 65283E second address: 652844 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 65514E second address: 655153 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 655309 second address: 65530D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 6556C5 second address: 6556E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop ecx 0x00000006 nop 0x00000007 mov edx, dword ptr [ebp+12473B8Bh] 0x0000000d push dword ptr [ebp+122D1D0Fh] 0x00000013 mov dh, 61h 0x00000015 push 76AAB146h 0x0000001a push eax 0x0000001b push edx 0x0000001c push ebx 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 6556E4 second address: 6556E9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 6589D1 second address: 6589D5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 6589D5 second address: 6589FC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edi 0x00000007 jmp 00007FA948B16F89h 0x0000000c jc 00007FA948B16F76h 0x00000012 pop edi 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 6589FC second address: 658A13 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jl 00007FA948C4CB26h 0x00000009 jmp 00007FA948C4CB2Ch 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 577DA4 second address: 577DB6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F7Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 577DB6 second address: 577DBB instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D404EC second address: 4D404F6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov eax, 69B3D1D9h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D404F6 second address: 4D404FC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D404FC second address: 4D40500 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D40500 second address: 4D40534 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 jmp 00007FA948C4CB2Dh 0x0000000e mov ebp, esp 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007FA948C4CB38h 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D40534 second address: 4D40543 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F7Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D40543 second address: 4D4058D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB39h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov edx, dword ptr [ebp+0Ch] 0x0000000c jmp 00007FA948C4CB2Eh 0x00000011 mov ecx, dword ptr [ebp+08h] 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007FA948C4CB37h 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D60694 second address: 4D606B9 instructions: 0x00000000 rdtsc 0x00000002 mov cl, dh 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FA948B16F89h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D606B9 second address: 4D606BF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D606BF second address: 4D6073F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F7Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007FA948B16F80h 0x0000000f mov ebp, esp 0x00000011 pushad 0x00000012 pushfd 0x00000013 jmp 00007FA948B16F7Eh 0x00000018 add eax, 4498FAD8h 0x0000001e jmp 00007FA948B16F7Bh 0x00000023 popfd 0x00000024 mov ebx, eax 0x00000026 popad 0x00000027 xchg eax, ecx 0x00000028 jmp 00007FA948B16F82h 0x0000002d push eax 0x0000002e pushad 0x0000002f call 00007FA948B16F81h 0x00000034 mov ebx, ecx 0x00000036 pop esi 0x00000037 call 00007FA948B16F7Dh 0x0000003c push eax 0x0000003d push edx 0x0000003e rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D6073F second address: 4D607BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 popad 0x00000006 xchg eax, ecx 0x00000007 jmp 00007FA948C4CB2Dh 0x0000000c xchg eax, esi 0x0000000d pushad 0x0000000e mov ecx, 5F2EF4E3h 0x00000013 pushfd 0x00000014 jmp 00007FA948C4CB38h 0x00000019 sub eax, 58224128h 0x0000001f jmp 00007FA948C4CB2Bh 0x00000024 popfd 0x00000025 popad 0x00000026 push eax 0x00000027 pushad 0x00000028 mov bx, BFCAh 0x0000002c movsx ebx, ax 0x0000002f popad 0x00000030 xchg eax, esi 0x00000031 pushad 0x00000032 pushfd 0x00000033 jmp 00007FA948C4CB38h 0x00000038 or ah, FFFFFFB8h 0x0000003b jmp 00007FA948C4CB2Bh 0x00000040 popfd 0x00000041 push ecx 0x00000042 push eax 0x00000043 push edx 0x00000044 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D607BD second address: 4D607D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 popad 0x00000006 lea eax, dword ptr [ebp-04h] 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FA948B16F7Ah 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D607D4 second address: 4D607DA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D607DA second address: 4D60806 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F7Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FA948B16F87h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D60806 second address: 4D6080C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D60902 second address: 4D60907 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D60907 second address: 4D6090D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D6090D second address: 4D50142 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 pop esi 0x00000008 jmp 00007FA948B16F89h 0x0000000d leave 0x0000000e jmp 00007FA948B16F7Eh 0x00000013 retn 0004h 0x00000016 nop 0x00000017 sub esp, 04h 0x0000001a xor ebx, ebx 0x0000001c cmp eax, 00000000h 0x0000001f je 00007FA948B170DAh 0x00000025 mov dword ptr [esp], 0000000Dh 0x0000002c call 00007FA94D4C323Ah 0x00000031 mov edi, edi 0x00000033 jmp 00007FA948B16F80h 0x00000038 xchg eax, ebp 0x00000039 push eax 0x0000003a push edx 0x0000003b push eax 0x0000003c push edx 0x0000003d pushad 0x0000003e popad 0x0000003f rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D50142 second address: 4D5015F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB39h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D5015F second address: 4D5016F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FA948B16F7Ch 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D5016F second address: 4D501BD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a pushad 0x0000000b movsx edx, ax 0x0000000e popad 0x0000000f popad 0x00000010 xchg eax, ebp 0x00000011 jmp 00007FA948C4CB37h 0x00000016 mov ebp, esp 0x00000018 push eax 0x00000019 push edx 0x0000001a pushad 0x0000001b mov dh, 2Fh 0x0000001d pushfd 0x0000001e jmp 00007FA948C4CB2Ch 0x00000023 sbb ax, 1458h 0x00000028 jmp 00007FA948C4CB2Bh 0x0000002d popfd 0x0000002e popad 0x0000002f rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D501BD second address: 4D501E6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F89h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 sub esp, 2Ch 0x0000000c pushad 0x0000000d mov si, 2493h 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D501E6 second address: 4D50265 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 xchg eax, ebx 0x00000008 pushad 0x00000009 mov ax, 5883h 0x0000000d pushad 0x0000000e pushfd 0x0000000f jmp 00007FA948C4CB36h 0x00000014 sub cx, B848h 0x00000019 jmp 00007FA948C4CB2Bh 0x0000001e popfd 0x0000001f mov cx, D3BFh 0x00000023 popad 0x00000024 popad 0x00000025 push eax 0x00000026 pushad 0x00000027 pushad 0x00000028 pushfd 0x00000029 jmp 00007FA948C4CB31h 0x0000002e and eax, 3198F566h 0x00000034 jmp 00007FA948C4CB31h 0x00000039 popfd 0x0000003a mov edx, ecx 0x0000003c popad 0x0000003d jmp 00007FA948C4CB2Ch 0x00000042 popad 0x00000043 xchg eax, ebx 0x00000044 pushad 0x00000045 push eax 0x00000046 push edx 0x00000047 mov edx, eax 0x00000049 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D50265 second address: 4D502B7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushfd 0x00000005 jmp 00007FA948B16F7Fh 0x0000000a xor esi, 04490D4Eh 0x00000010 jmp 00007FA948B16F89h 0x00000015 popfd 0x00000016 popad 0x00000017 xchg eax, edi 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c jmp 00007FA948B16F88h 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D502B7 second address: 4D502BB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D502BB second address: 4D502C1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D502C1 second address: 4D50337 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB2Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007FA948C4CB2Bh 0x0000000f xchg eax, edi 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 pushfd 0x00000014 jmp 00007FA948C4CB2Bh 0x00000019 or esi, 1CE0556Eh 0x0000001f jmp 00007FA948C4CB39h 0x00000024 popfd 0x00000025 pushfd 0x00000026 jmp 00007FA948C4CB30h 0x0000002b jmp 00007FA948C4CB35h 0x00000030 popfd 0x00000031 popad 0x00000032 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D50399 second address: 4D503AB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FA948B16F7Eh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D503AB second address: 4D503AF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D503AF second address: 4D50405 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov edi, 00000000h 0x0000000d jmp 00007FA948B16F7Ch 0x00000012 inc ebx 0x00000013 pushad 0x00000014 pushfd 0x00000015 jmp 00007FA948B16F7Eh 0x0000001a sbb ah, FFFFFF98h 0x0000001d jmp 00007FA948B16F7Bh 0x00000022 popfd 0x00000023 mov bl, ah 0x00000025 popad 0x00000026 test al, al 0x00000028 pushad 0x00000029 mov dx, D574h 0x0000002d mov edi, 298BD4E0h 0x00000032 popad 0x00000033 je 00007FA948B17153h 0x00000039 push eax 0x0000003a push edx 0x0000003b pushad 0x0000003c mov ch, 22h 0x0000003e push eax 0x0000003f push edx 0x00000040 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D50405 second address: 4D5040A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D5040A second address: 4D50410 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D50410 second address: 4D50414 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D504BF second address: 4D504EC instructions: 0x00000000 rdtsc 0x00000002 movzx esi, dx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 popad 0x00000008 jg 00007FA9B9864F3Bh 0x0000000e jmp 00007FA948B16F83h 0x00000013 js 00007FA948B1706Bh 0x00000019 pushad 0x0000001a push eax 0x0000001b push edx 0x0000001c movzx ecx, di 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D504EC second address: 4D50610 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007FA948C4CB37h 0x00000008 or ecx, 70453BFEh 0x0000000e jmp 00007FA948C4CB39h 0x00000013 popfd 0x00000014 pop edx 0x00000015 pop eax 0x00000016 mov ebx, esi 0x00000018 popad 0x00000019 cmp dword ptr [ebp-14h], edi 0x0000001c pushad 0x0000001d pushad 0x0000001e pushfd 0x0000001f jmp 00007FA948C4CB36h 0x00000024 adc si, 8A28h 0x00000029 jmp 00007FA948C4CB2Bh 0x0000002e popfd 0x0000002f pushfd 0x00000030 jmp 00007FA948C4CB38h 0x00000035 adc esi, 0C4B3C88h 0x0000003b jmp 00007FA948C4CB2Bh 0x00000040 popfd 0x00000041 popad 0x00000042 popad 0x00000043 jne 00007FA9B999AA3Ch 0x00000049 pushad 0x0000004a pushfd 0x0000004b jmp 00007FA948C4CB2Bh 0x00000050 and eax, 547D78CEh 0x00000056 jmp 00007FA948C4CB39h 0x0000005b popfd 0x0000005c pushfd 0x0000005d jmp 00007FA948C4CB30h 0x00000062 sbb ax, B148h 0x00000067 jmp 00007FA948C4CB2Bh 0x0000006c popfd 0x0000006d popad 0x0000006e mov ebx, dword ptr [ebp+08h] 0x00000071 jmp 00007FA948C4CB36h 0x00000076 lea eax, dword ptr [ebp-2Ch] 0x00000079 push eax 0x0000007a push edx 0x0000007b jmp 00007FA948C4CB37h 0x00000080 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D50610 second address: 4D506E0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F89h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, esi 0x0000000a jmp 00007FA948B16F7Eh 0x0000000f push eax 0x00000010 pushad 0x00000011 pushfd 0x00000012 jmp 00007FA948B16F81h 0x00000017 xor ch, FFFFFFD6h 0x0000001a jmp 00007FA948B16F81h 0x0000001f popfd 0x00000020 mov esi, 684CB747h 0x00000025 popad 0x00000026 xchg eax, esi 0x00000027 pushad 0x00000028 push ecx 0x00000029 pushfd 0x0000002a jmp 00007FA948B16F7Fh 0x0000002f add ecx, 611E390Eh 0x00000035 jmp 00007FA948B16F89h 0x0000003a popfd 0x0000003b pop ecx 0x0000003c pushad 0x0000003d pushfd 0x0000003e jmp 00007FA948B16F87h 0x00000043 add cx, 371Eh 0x00000048 jmp 00007FA948B16F89h 0x0000004d popfd 0x0000004e popad 0x0000004f popad 0x00000050 push esp 0x00000051 push eax 0x00000052 push edx 0x00000053 push eax 0x00000054 push edx 0x00000055 pushad 0x00000056 popad 0x00000057 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D506E0 second address: 4D506EF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB2Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D506EF second address: 4D5072F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov edi, 0D79223Ah 0x00000008 jmp 00007FA948B16F7Bh 0x0000000d popad 0x0000000e pop edx 0x0000000f pop eax 0x00000010 mov dword ptr [esp], eax 0x00000013 pushad 0x00000014 push eax 0x00000015 push edx 0x00000016 pushfd 0x00000017 jmp 00007FA948B16F82h 0x0000001c or cx, 46A8h 0x00000021 jmp 00007FA948B16F7Bh 0x00000026 popfd 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D50098 second address: 4D5009E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D5009E second address: 4D500A4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D500A4 second address: 4D500A8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D500A8 second address: 4D500AC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D500AC second address: 4D500C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ecx 0x00000009 pushad 0x0000000a popad 0x0000000b mov dword ptr [ebp-04h], 55534552h 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D500C4 second address: 4D500C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D500C8 second address: 4D500CC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D500CC second address: 4D500D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D50B96 second address: 4D50BA5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB2Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D50BA5 second address: 4D50BD1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov bx, 132Ah 0x00000007 jmp 00007FA948B16F7Bh 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FA948B16F84h 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D50BD1 second address: 4D50BFF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB2Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007FA948C4CB36h 0x0000000f mov ebp, esp 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D50BFF second address: 4D50C03 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D50C03 second address: 4D50C07 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D50C07 second address: 4D50C0D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D50CC1 second address: 4D50D15 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB31h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 call 00007FA9B99919C2h 0x0000000e push 75A92B70h 0x00000013 push dword ptr fs:[00000000h] 0x0000001a mov eax, dword ptr [esp+10h] 0x0000001e mov dword ptr [esp+10h], ebp 0x00000022 lea ebp, dword ptr [esp+10h] 0x00000026 sub esp, eax 0x00000028 push ebx 0x00000029 push esi 0x0000002a push edi 0x0000002b mov eax, dword ptr [75AF4538h] 0x00000030 xor dword ptr [ebp-04h], eax 0x00000033 xor eax, ebp 0x00000035 push eax 0x00000036 mov dword ptr [ebp-18h], esp 0x00000039 push dword ptr [ebp-08h] 0x0000003c mov eax, dword ptr [ebp-04h] 0x0000003f mov dword ptr [ebp-04h], FFFFFFFEh 0x00000046 mov dword ptr [ebp-08h], eax 0x00000049 lea eax, dword ptr [ebp-10h] 0x0000004c mov dword ptr fs:[00000000h], eax 0x00000052 ret 0x00000053 pushad 0x00000054 pushfd 0x00000055 jmp 00007FA948C4CB2Ch 0x0000005a xor esi, 67A52E88h 0x00000060 jmp 00007FA948C4CB2Bh 0x00000065 popfd 0x00000066 mov bx, ax 0x00000069 popad 0x0000006a sub esi, esi 0x0000006c jmp 00007FA948C4CB2Bh 0x00000071 mov dword ptr [ebp-1Ch], esi 0x00000074 push eax 0x00000075 push edx 0x00000076 push eax 0x00000077 push edx 0x00000078 pushad 0x00000079 popad 0x0000007a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D50D15 second address: 4D50D19 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D50D19 second address: 4D50D1F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D50D1F second address: 4D50D3C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FA948B16F89h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D60950 second address: 4D60956 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D60956 second address: 4D60999 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov dh, al 0x00000005 movsx ebx, si 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c pushad 0x0000000d mov eax, 1ADC88DDh 0x00000012 mov si, D5D9h 0x00000016 popad 0x00000017 push eax 0x00000018 push eax 0x00000019 push edx 0x0000001a pushad 0x0000001b mov ch, 96h 0x0000001d pushfd 0x0000001e jmp 00007FA948B16F7Dh 0x00000023 or ax, B326h 0x00000028 jmp 00007FA948B16F81h 0x0000002d popfd 0x0000002e popad 0x0000002f rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D60999 second address: 4D609DD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 mov bx, 4FB0h 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c xchg eax, ebp 0x0000000d pushad 0x0000000e mov dl, 64h 0x00000010 mov al, DAh 0x00000012 popad 0x00000013 mov ebp, esp 0x00000015 jmp 00007FA948C4CB39h 0x0000001a xchg eax, esi 0x0000001b jmp 00007FA948C4CB2Eh 0x00000020 push eax 0x00000021 push eax 0x00000022 push edx 0x00000023 push eax 0x00000024 push edx 0x00000025 pushad 0x00000026 popad 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D609DD second address: 4D609E1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D609E1 second address: 4D609E7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D609E7 second address: 4D60A12 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948B16F7Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, esi 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FA948B16F85h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D60A12 second address: 4D60A3D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop ecx 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov esi, dword ptr [ebp+0Ch] 0x0000000b jmp 00007FA948C4CB34h 0x00000010 test esi, esi 0x00000012 pushad 0x00000013 mov bh, cl 0x00000015 push eax 0x00000016 push edx 0x00000017 mov edi, 6F81808Ch 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D60A3D second address: 4D60A7D instructions: 0x00000000 rdtsc 0x00000002 mov dx, 1978h 0x00000006 pop edx 0x00000007 pop eax 0x00000008 popad 0x00000009 je 00007FA9B98448E7h 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 pushfd 0x00000013 jmp 00007FA948B16F88h 0x00000018 sub ecx, 3FD1B3D8h 0x0000001e jmp 00007FA948B16F7Bh 0x00000023 popfd 0x00000024 mov dh, al 0x00000026 popad 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D60A7D second address: 4D60ACE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB32h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 cmp dword ptr [75AF459Ch], 05h 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 jmp 00007FA948C4CB2Dh 0x00000018 pushfd 0x00000019 jmp 00007FA948C4CB30h 0x0000001e add eax, 6BCAF898h 0x00000024 jmp 00007FA948C4CB2Bh 0x00000029 popfd 0x0000002a popad 0x0000002b rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D60ACE second address: 4D60B58 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edx 0x00000004 pop esi 0x00000005 mov eax, edi 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a je 00007FA9B985C935h 0x00000010 pushad 0x00000011 pushfd 0x00000012 jmp 00007FA948B16F83h 0x00000017 adc eax, 18C6BE0Eh 0x0000001d jmp 00007FA948B16F89h 0x00000022 popfd 0x00000023 mov ebx, esi 0x00000025 popad 0x00000026 xchg eax, esi 0x00000027 pushad 0x00000028 mov di, ax 0x0000002b pushad 0x0000002c mov ebx, esi 0x0000002e pushfd 0x0000002f jmp 00007FA948B16F7Eh 0x00000034 xor esi, 4E3C07B8h 0x0000003a jmp 00007FA948B16F7Bh 0x0000003f popfd 0x00000040 popad 0x00000041 popad 0x00000042 push eax 0x00000043 push eax 0x00000044 push edx 0x00000045 jmp 00007FA948B16F84h 0x0000004a rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D60B58 second address: 4D60BA6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FA948C4CB2Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, esi 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d mov eax, edi 0x0000000f pushfd 0x00000010 jmp 00007FA948C4CB37h 0x00000015 add ecx, 37E2538Eh 0x0000001b jmp 00007FA948C4CB39h 0x00000020 popfd 0x00000021 popad 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\iaLId0uLUw.exe | RDTSC instruction interceptor: First address: 4D60C65 second address: 4D60C7E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FA948B16F85h 0x00000009 rdtsc |