| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_3_00F7E5D5 | 0_3_00F7E5D5 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_3_00F68211 | 0_3_00F68211 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004F0460 | 0_2_004F0460 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004EC5A0 | 0_2_004EC5A0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004B8600 | 0_2_004B8600 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004BE687 | 0_2_004BE687 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004F0D20 | 0_2_004F0D20 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004E8EA0 | 0_2_004E8EA0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004C1227 | 0_2_004C1227 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004E9280 | 0_2_004E9280 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004DD34A | 0_2_004DD34A |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004D7440 | 0_2_004D7440 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004C57C0 | 0_2_004C57C0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004D1D00 | 0_2_004D1D00 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0056207A | 0_2_0056207A |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0058206F | 0_2_0058206F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005D0067 | 0_2_005D0067 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0058A012 | 0_2_0058A012 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005DC011 | 0_2_005DC011 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00588016 | 0_2_00588016 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005F000F | 0_2_005F000F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005EA001 | 0_2_005EA001 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0057E035 | 0_2_0057E035 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005C0022 | 0_2_005C0022 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005CC023 | 0_2_005CC023 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004DA0CA | 0_2_004DA0CA |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005140CB | 0_2_005140CB |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_006000C1 | 0_2_006000C1 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004C60E9 | 0_2_004C60E9 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005340F6 | 0_2_005340F6 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004DC0E6 | 0_2_004DC0E6 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005C40F2 | 0_2_005C40F2 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0052E0EC | 0_2_0052E0EC |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_006380A3 | 0_2_006380A3 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004DC09E | 0_2_004DC09E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005AA08F | 0_2_005AA08F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0054C082 | 0_2_0054C082 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0055E088 | 0_2_0055E088 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005640AC | 0_2_005640AC |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00644166 | 0_2_00644166 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0063A160 | 0_2_0063A160 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00574150 | 0_2_00574150 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004DC09E | 0_2_004DC09E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00532140 | 0_2_00532140 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005FA147 | 0_2_005FA147 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004C8169 | 0_2_004C8169 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005C2179 | 0_2_005C2179 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004B6160 | 0_2_004B6160 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0063214C | 0_2_0063214C |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0052216A | 0_2_0052216A |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00550117 | 0_2_00550117 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0061213F | 0_2_0061213F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0062213C | 0_2_0062213C |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0059A13D | 0_2_0059A13D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0067410C | 0_2_0067410C |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00614117 | 0_2_00614117 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004D81CC | 0_2_004D81CC |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005F41D8 | 0_2_005F41D8 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005BE1CE | 0_2_005BE1CE |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005F61C6 | 0_2_005F61C6 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005CC1FC | 0_2_005CC1FC |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005921F8 | 0_2_005921F8 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005A01F8 | 0_2_005A01F8 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0064A1C3 | 0_2_0064A1C3 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0062E1D7 | 0_2_0062E1D7 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005BC19B | 0_2_005BC19B |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00528198 | 0_2_00528198 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004DE180 | 0_2_004DE180 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00560180 | 0_2_00560180 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0055618F | 0_2_0055618F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0052618F | 0_2_0052618F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005B21B7 | 0_2_005B21B7 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0062818E | 0_2_0062818E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005FE1AE | 0_2_005FE1AE |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0052A1AE | 0_2_0052A1AE |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0063019D | 0_2_0063019D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005AE244 | 0_2_005AE244 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0052C277 | 0_2_0052C277 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0053E264 | 0_2_0053E264 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004B4270 | 0_2_004B4270 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0056E268 | 0_2_0056E268 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00524210 | 0_2_00524210 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0057A210 | 0_2_0057A210 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0063422E | 0_2_0063422E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00558236 | 0_2_00558236 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0058423C | 0_2_0058423C |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0056C23D | 0_2_0056C23D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004CE220 | 0_2_004CE220 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00562225 | 0_2_00562225 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0058E22C | 0_2_0058E22C |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005A2224 | 0_2_005A2224 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005A62DE | 0_2_005A62DE |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005442DC | 0_2_005442DC |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005D22D2 | 0_2_005D22D2 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0051C2C3 | 0_2_0051C2C3 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005D42CF | 0_2_005D42CF |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0053C2C4 | 0_2_0053C2C4 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005602CC | 0_2_005602CC |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004D42D0 | 0_2_004D42D0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005302F9 | 0_2_005302F9 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005862E9 | 0_2_005862E9 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0062A2D6 | 0_2_0062A2D6 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005422E8 | 0_2_005422E8 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005CE282 | 0_2_005CE282 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005702BA | 0_2_005702BA |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005782A7 | 0_2_005782A7 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005222A3 | 0_2_005222A3 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0067E295 | 0_2_0067E295 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0061C297 | 0_2_0061C297 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00546357 | 0_2_00546357 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00618371 | 0_2_00618371 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0059C37A | 0_2_0059C37A |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005E4377 | 0_2_005E4377 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00626349 | 0_2_00626349 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005F836F | 0_2_005F836F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00648350 | 0_2_00648350 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0057C301 | 0_2_0057C301 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00590332 | 0_2_00590332 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005FE331 | 0_2_005FE331 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005B0320 | 0_2_005B0320 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0060A3E1 | 0_2_0060A3E1 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004D83D8 | 0_2_004D83D8 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_006423FE | 0_2_006423FE |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005B8394 | 0_2_005B8394 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0057A38A | 0_2_0057A38A |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0053C3B9 | 0_2_0053C3B9 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0054C3BF | 0_2_0054C3BF |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0061A394 | 0_2_0061A394 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005B43A2 | 0_2_005B43A2 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005923A3 | 0_2_005923A3 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0060639D | 0_2_0060639D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00510451 | 0_2_00510451 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004EA440 | 0_2_004EA440 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005C644D | 0_2_005C644D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0059844B | 0_2_0059844B |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005A8442 | 0_2_005A8442 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0054E44A | 0_2_0054E44A |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0060047F | 0_2_0060047F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0063C45B | 0_2_0063C45B |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00582414 | 0_2_00582414 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0058A415 | 0_2_0058A415 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005A0409 | 0_2_005A0409 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0057240E | 0_2_0057240E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005CE43C | 0_2_005CE43C |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0055A434 | 0_2_0055A434 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00602402 | 0_2_00602402 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0054A437 | 0_2_0054A437 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005D0436 | 0_2_005D0436 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0064A409 | 0_2_0064A409 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005E2431 | 0_2_005E2431 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005C442C | 0_2_005C442C |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0064041C | 0_2_0064041C |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004D04C6 | 0_2_004D04C6 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_006144F2 | 0_2_006144F2 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004D24E0 | 0_2_004D24E0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_006044CE | 0_2_006044CE |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005504E1 | 0_2_005504E1 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005EA4E9 | 0_2_005EA4E9 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0060C4A0 | 0_2_0060C4A0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005C0499 | 0_2_005C0499 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0059E487 | 0_2_0059E487 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005E84BE | 0_2_005E84BE |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005B2556 | 0_2_005B2556 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0055654F | 0_2_0055654F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005BA544 | 0_2_005BA544 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00514577 | 0_2_00514577 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004D4560 | 0_2_004D4560 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005FA561 | 0_2_005FA561 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00644525 | 0_2_00644525 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005F0518 | 0_2_005F0518 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005F6514 | 0_2_005F6514 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005B650F | 0_2_005B650F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00532505 | 0_2_00532505 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00606500 | 0_2_00606500 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00630500 | 0_2_00630500 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004DC53C | 0_2_004DC53C |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0059052E | 0_2_0059052E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00594524 | 0_2_00594524 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0058E5D9 | 0_2_0058E5D9 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005525D6 | 0_2_005525D6 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_006205EA | 0_2_006205EA |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005C85CD | 0_2_005C85CD |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004EA5D4 | 0_2_004EA5D4 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0056A5CC | 0_2_0056A5CC |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005405CF | 0_2_005405CF |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005A25F4 | 0_2_005A25F4 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004B65F0 | 0_2_004B65F0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00568596 | 0_2_00568596 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_006125A1 | 0_2_006125A1 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005BC58F | 0_2_005BC58F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0057E581 | 0_2_0057E581 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0056258C | 0_2_0056258C |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005745A0 | 0_2_005745A0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005845A1 | 0_2_005845A1 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0064C66D | 0_2_0064C66D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004E8650 | 0_2_004E8650 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005D2673 | 0_2_005D2673 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00610650 | 0_2_00610650 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0058A66D | 0_2_0058A66D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00580610 | 0_2_00580610 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005D4612 | 0_2_005D4612 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0058660B | 0_2_0058660B |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00626602 | 0_2_00626602 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00608609 | 0_2_00608609 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0052A63D | 0_2_0052A63D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004CE630 | 0_2_004CE630 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005366D4 | 0_2_005366D4 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005226CB | 0_2_005226CB |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004D46D0 | 0_2_004D46D0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0058E6F7 | 0_2_0058E6F7 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005186E5 | 0_2_005186E5 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005246E8 | 0_2_005246E8 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004F06F0 | 0_2_004F06F0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005DC69C | 0_2_005DC69C |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005DE68D | 0_2_005DE68D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005F268E | 0_2_005F268E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005A668F | 0_2_005A668F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0061E6B6 | 0_2_0061E6B6 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005AE682 | 0_2_005AE682 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0055C68E | 0_2_0055C68E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005CC6AD | 0_2_005CC6AD |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00532756 | 0_2_00532756 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0061C766 | 0_2_0061C766 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005C6749 | 0_2_005C6749 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0057674F | 0_2_0057674F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004C2750 | 0_2_004C2750 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005C0768 | 0_2_005C0768 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005D2768 | 0_2_005D2768 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00530768 | 0_2_00530768 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0060E720 | 0_2_0060E720 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005FC716 | 0_2_005FC716 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005B8714 | 0_2_005B8714 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00546708 | 0_2_00546708 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005A4707 | 0_2_005A4707 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00606701 | 0_2_00606701 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0062A706 | 0_2_0062A706 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005D672B | 0_2_005D672B |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005D872B | 0_2_005D872B |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005AC72D | 0_2_005AC72D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005DA7C9 | 0_2_005DA7C9 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0064A7FD | 0_2_0064A7FD |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005E47C4 | 0_2_005E47C4 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005B27C4 | 0_2_005B27C4 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005F67FF | 0_2_005F67FF |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_006187CF | 0_2_006187CF |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005427E6 | 0_2_005427E6 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005AA7E2 | 0_2_005AA7E2 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005FE79E | 0_2_005FE79E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0053A79A | 0_2_0053A79A |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00572784 | 0_2_00572784 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005587B6 | 0_2_005587B6 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005C47B2 | 0_2_005C47B2 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0067C790 | 0_2_0067C790 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005E27A4 | 0_2_005E27A4 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00554856 | 0_2_00554856 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00642860 | 0_2_00642860 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004BC840 | 0_2_004BC840 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005CE857 | 0_2_005CE857 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00586857 | 0_2_00586857 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0057A84C | 0_2_0057A84C |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00592846 | 0_2_00592846 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0053E871 | 0_2_0053E871 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0054687F | 0_2_0054687F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0051E87D | 0_2_0051E87D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00606858 | 0_2_00606858 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0055A813 | 0_2_0055A813 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0058281F | 0_2_0058281F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00632808 | 0_2_00632808 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0059682B | 0_2_0059682B |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0051A82F | 0_2_0051A82F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005E88D7 | 0_2_005E88D7 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005D08F3 | 0_2_005D08F3 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0052A8E1 | 0_2_0052A8E1 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005608EF | 0_2_005608EF |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005628EA | 0_2_005628EA |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_006108A2 | 0_2_006108A2 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_006288B0 | 0_2_006288B0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0056E88C | 0_2_0056E88C |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_006468BB | 0_2_006468BB |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005808B9 | 0_2_005808B9 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0064488D | 0_2_0064488D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004CC8A0 | 0_2_004CC8A0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0060288E | 0_2_0060288E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004E88B0 | 0_2_004E88B0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0061A966 | 0_2_0061A966 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005B4952 | 0_2_005B4952 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00594952 | 0_2_00594952 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00508975 | 0_2_00508975 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005CE97B | 0_2_005CE97B |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00598972 | 0_2_00598972 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004CE960 | 0_2_004CE960 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0062294E | 0_2_0062294E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0054A97A | 0_2_0054A97A |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005C891B | 0_2_005C891B |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004D6910 | 0_2_004D6910 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0051E930 | 0_2_0051E930 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00532932 | 0_2_00532932 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0061290D | 0_2_0061290D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00574939 | 0_2_00574939 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005BA929 | 0_2_005BA929 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0054E92E | 0_2_0054E92E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005569D1 | 0_2_005569D1 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0059A9DF | 0_2_0059A9DF |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_006269E5 | 0_2_006269E5 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005FA9CA | 0_2_005FA9CA |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_006109F9 | 0_2_006109F9 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005129F2 | 0_2_005129F2 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004DC9EB | 0_2_004DC9EB |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_006669CC | 0_2_006669CC |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005389FF | 0_2_005389FF |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004F09E0 | 0_2_004F09E0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_006309A5 | 0_2_006309A5 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_006369AE | 0_2_006369AE |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0062E9B5 | 0_2_0062E9B5 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005349B7 | 0_2_005349B7 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005C29BA | 0_2_005C29BA |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005D49B2 | 0_2_005D49B2 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005849A8 | 0_2_005849A8 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005649A4 | 0_2_005649A4 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0060A994 | 0_2_0060A994 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005889AE | 0_2_005889AE |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005169A8 | 0_2_005169A8 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005189AF | 0_2_005189AF |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005A0A5F | 0_2_005A0A5F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0060EA66 | 0_2_0060EA66 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00640A6D | 0_2_00640A6D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004ECA40 | 0_2_004ECA40 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00550A46 | 0_2_00550A46 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005DCA7E | 0_2_005DCA7E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005A6A69 | 0_2_005A6A69 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005C6A6F | 0_2_005C6A6F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00620A20 | 0_2_00620A20 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0052EA18 | 0_2_0052EA18 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0055EA1A | 0_2_0055EA1A |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00514A03 | 0_2_00514A03 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005EEA0A | 0_2_005EEA0A |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005AEA0C | 0_2_005AEA0C |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00526A35 | 0_2_00526A35 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00648AF3 | 0_2_00648AF3 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00582AC0 | 0_2_00582AC0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00572AF5 | 0_2_00572AF5 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005B4AF4 | 0_2_005B4AF4 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0053AAE6 | 0_2_0053AAE6 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00622ADE | 0_2_00622ADE |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0054CA94 | 0_2_0054CA94 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0058AA9C | 0_2_0058AA9C |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0061EAA5 | 0_2_0061EAA5 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005DEAB9 | 0_2_005DEAB9 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00524AB4 | 0_2_00524AB4 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004D8ABC | 0_2_004D8ABC |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0063EA9B | 0_2_0063EA9B |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005CCAA5 | 0_2_005CCAA5 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004BAB40 | 0_2_004BAB40 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005E2B51 | 0_2_005E2B51 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00544B49 | 0_2_00544B49 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00556B75 | 0_2_00556B75 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00558B7A | 0_2_00558B7A |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005C4B6F | 0_2_005C4B6F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00518B6E | 0_2_00518B6E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005B0B1F | 0_2_005B0B1F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004C8B1B | 0_2_004C8B1B |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0063AB38 | 0_2_0063AB38 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00548B2F | 0_2_00548B2F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005AEBDF | 0_2_005AEBDF |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00560BC7 | 0_2_00560BC7 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0055CB91 | 0_2_0055CB91 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004CEB80 | 0_2_004CEB80 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005D6B83 | 0_2_005D6B83 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00510BB2 | 0_2_00510BB2 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00566BB2 | 0_2_00566BB2 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004B4BA0 | 0_2_004B4BA0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005E0C5F | 0_2_005E0C5F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005E6C56 | 0_2_005E6C56 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00636C72 | 0_2_00636C72 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00602C79 | 0_2_00602C79 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0053EC4D | 0_2_0053EC4D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0057AC1D | 0_2_0057AC1D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00576C05 | 0_2_00576C05 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005C0C02 | 0_2_005C0C02 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0061EC3E | 0_2_0061EC3E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00586C32 | 0_2_00586C32 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005B6C20 | 0_2_005B6C20 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005B8C27 | 0_2_005B8C27 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00542CD6 | 0_2_00542CD6 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005FCCD7 | 0_2_005FCCD7 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005FECCE | 0_2_005FECCE |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00584CCF | 0_2_00584CCF |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0061ACFA | 0_2_0061ACFA |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00510CCD | 0_2_00510CCD |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00586CF8 | 0_2_00586CF8 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0053CCF4 | 0_2_0053CCF4 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00532CE4 | 0_2_00532CE4 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00578CE0 | 0_2_00578CE0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00552C85 | 0_2_00552C85 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00646CB2 | 0_2_00646CB2 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005D0C83 | 0_2_005D0C83 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005D8CBA | 0_2_005D8CBA |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0051ACB8 | 0_2_0051ACB8 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004C4CA0 | 0_2_004C4CA0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005BCCAB | 0_2_005BCCAB |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004DCD4C | 0_2_004DCD4C |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0057CD5B | 0_2_0057CD5B |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0058ED56 | 0_2_0058ED56 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0060ED6E | 0_2_0060ED6E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004DCD5E | 0_2_004DCD5E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0059AD7B | 0_2_0059AD7B |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005EED78 | 0_2_005EED78 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005A4D7D | 0_2_005A4D7D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00644D4D | 0_2_00644D4D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005F0D73 | 0_2_005F0D73 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00518D63 | 0_2_00518D63 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00628D59 | 0_2_00628D59 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00670D20 | 0_2_00670D20 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00514D01 | 0_2_00514D01 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00570D06 | 0_2_00570D06 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00624D3D | 0_2_00624D3D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004D6D2E | 0_2_004D6D2E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005CED3B | 0_2_005CED3B |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00574D2B | 0_2_00574D2B |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0060CD1D | 0_2_0060CD1D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005E8DDE | 0_2_005E8DDE |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00610DE7 | 0_2_00610DE7 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0054EDDB | 0_2_0054EDDB |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00632DFA | 0_2_00632DFA |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00612DC3 | 0_2_00612DC3 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00604DC4 | 0_2_00604DC4 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005FCDEC | 0_2_005FCDEC |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004ECDF0 | 0_2_004ECDF0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00550DB7 | 0_2_00550DB7 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0057EDB4 | 0_2_0057EDB4 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0059CDB2 | 0_2_0059CDB2 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0052CDBE | 0_2_0052CDBE |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00512DA3 | 0_2_00512DA3 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005CCE56 | 0_2_005CCE56 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005BEE40 | 0_2_005BEE40 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00642E7A | 0_2_00642E7A |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004D2E6D | 0_2_004D2E6D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004D0E6C | 0_2_004D0E6C |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004DEE63 | 0_2_004DEE63 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00590E77 | 0_2_00590E77 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00520E6E | 0_2_00520E6E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0063EE2A | 0_2_0063EE2A |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00536E00 | 0_2_00536E00 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00562E0A | 0_2_00562E0A |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00538E3E | 0_2_00538E3E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00580E36 | 0_2_00580E36 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00620E12 | 0_2_00620E12 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005DCE29 | 0_2_005DCE29 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0056CE2D | 0_2_0056CE2D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00540E28 | 0_2_00540E28 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00630EE1 | 0_2_00630EE1 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0058AEDB | 0_2_0058AEDB |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00548EDD | 0_2_00548EDD |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0055CEC4 | 0_2_0055CEC4 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005B0EC8 | 0_2_005B0EC8 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005E0ECA | 0_2_005E0ECA |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005A6EFE | 0_2_005A6EFE |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005A0EF3 | 0_2_005A0EF3 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0052AE93 | 0_2_0052AE93 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005A8E95 | 0_2_005A8E95 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00600EB2 | 0_2_00600EB2 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00588EB9 | 0_2_00588EB9 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005F0EBB | 0_2_005F0EBB |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00526EB7 | 0_2_00526EB7 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00592EBF | 0_2_00592EBF |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00582EB2 | 0_2_00582EB2 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00598EAF | 0_2_00598EAF |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004B2EB0 | 0_2_004B2EB0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004CAEB0 | 0_2_004CAEB0 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00524EAC | 0_2_00524EAC |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0064CF75 | 0_2_0064CF75 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_004C6F52 | 0_2_004C6F52 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00516F7D | 0_2_00516F7D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00606F2A | 0_2_00606F2A |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0063AF3A | 0_2_0063AF3A |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00558F0E | 0_2_00558F0E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00552FD6 | 0_2_00552FD6 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00642FE2 | 0_2_00642FE2 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00602FEC | 0_2_00602FEC |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00546FD9 | 0_2_00546FD9 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005B8FCF | 0_2_005B8FCF |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00594FC1 | 0_2_00594FC1 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005FAFC5 | 0_2_005FAFC5 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0062AFC6 | 0_2_0062AFC6 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00572F9D | 0_2_00572F9D |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0058CF92 | 0_2_0058CF92 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0056EF98 | 0_2_0056EF98 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0054CF85 | 0_2_0054CF85 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_00618F82 | 0_2_00618F82 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005AEFB6 | 0_2_005AEFB6 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005D2FAD | 0_2_005D2FAD |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0056AFAA | 0_2_0056AFAA |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005EB05E | 0_2_005EB05E |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0054505B | 0_2_0054505B |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005CF044 | 0_2_005CF044 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005E3043 | 0_2_005E3043 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005E707F | 0_2_005E707F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_005C5077 | 0_2_005C5077 |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0057901F | 0_2_0057901F |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | Code function: 0_2_0053D01A | 0_2_0053D01A |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 5090A7 second address: 508A29 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F3331238829h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F3331238822h 0x0000000e popad 0x0000000f mov dword ptr [esp], eax 0x00000012 jmp 00007F333123881Fh 0x00000017 mov dword ptr [ebp+122D2231h], esi 0x0000001d push dword ptr [ebp+122D0D5Dh] 0x00000023 clc 0x00000024 clc 0x00000025 call dword ptr [ebp+122D1933h] 0x0000002b pushad 0x0000002c jno 00007F333123881Ch 0x00000032 xor eax, eax 0x00000034 mov dword ptr [ebp+122D2B78h], ebx 0x0000003a mov edx, dword ptr [esp+28h] 0x0000003e jmp 00007F3331238825h 0x00000043 mov dword ptr [ebp+122D37BEh], eax 0x00000049 pushad 0x0000004a mov dx, 21D2h 0x0000004e mov eax, dword ptr [ebp+122D3676h] 0x00000054 popad 0x00000055 mov esi, 0000003Ch 0x0000005a mov dword ptr [ebp+122D2B78h], ecx 0x00000060 add esi, dword ptr [esp+24h] 0x00000064 jmp 00007F3331238828h 0x00000069 lodsw 0x0000006b mov dword ptr [ebp+122D2B78h], edx 0x00000071 add eax, dword ptr [esp+24h] 0x00000075 clc 0x00000076 mov ebx, dword ptr [esp+24h] 0x0000007a mov dword ptr [ebp+122D2B78h], ebx 0x00000080 nop 0x00000081 push eax 0x00000082 push edx 0x00000083 jmp 00007F3331238824h 0x00000088 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 508A29 second address: 508A56 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jno 00007F333124C7D6h 0x00000009 jo 00007F333124C7D6h 0x0000000f popad 0x00000010 pop edx 0x00000011 pop eax 0x00000012 push eax 0x00000013 push eax 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007F333124C7E7h 0x0000001b rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6873DE second address: 6873E2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6873E2 second address: 6873F2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jl 00007F333124C7D6h 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6873F2 second address: 687406 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jbe 00007F3331238818h 0x0000000c pushad 0x0000000d popad 0x0000000e popad 0x0000000f push esi 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 687406 second address: 68740C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 68740C second address: 687410 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 68635A second address: 6863B1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 jmp 00007F333124C7E5h 0x0000000a push esi 0x0000000b jnp 00007F333124C7D6h 0x00000011 jmp 00007F333124C7E4h 0x00000016 pop esi 0x00000017 popad 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c jmp 00007F333124C7E6h 0x00000021 jno 00007F333124C7D6h 0x00000027 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6863B1 second address: 6863D0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F3331238821h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push edi 0x0000000b pop edi 0x0000000c jnc 00007F3331238816h 0x00000012 popad 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6863D0 second address: 6863D5 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 68650F second address: 686515 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 686515 second address: 686519 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 686519 second address: 68653C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jl 00007F333123882Bh 0x0000000e jmp 00007F3331238825h 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 686ACA second address: 686AD2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 686AD2 second address: 686AFE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F3331238828h 0x0000000e jmp 00007F333123881Bh 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 688D63 second address: 688D9C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7E9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [esp+04h] 0x0000000d push esi 0x0000000e jmp 00007F333124C7DEh 0x00000013 pop esi 0x00000014 mov eax, dword ptr [eax] 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a push edx 0x0000001b pop edx 0x0000001c rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 688D9C second address: 688DA2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 688DA2 second address: 688DC5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7E6h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp+04h], eax 0x0000000d push eax 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 688DC5 second address: 508A29 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop eax 0x00000007 pop eax 0x00000008 mov di, ax 0x0000000b push dword ptr [ebp+122D0D5Dh] 0x00000011 mov di, bx 0x00000014 call dword ptr [ebp+122D1933h] 0x0000001a pushad 0x0000001b jno 00007F333123881Ch 0x00000021 xor eax, eax 0x00000023 mov dword ptr [ebp+122D2B78h], ebx 0x00000029 mov edx, dword ptr [esp+28h] 0x0000002d jmp 00007F3331238825h 0x00000032 mov dword ptr [ebp+122D37BEh], eax 0x00000038 pushad 0x00000039 mov dx, 21D2h 0x0000003d mov eax, dword ptr [ebp+122D3676h] 0x00000043 popad 0x00000044 mov esi, 0000003Ch 0x00000049 mov dword ptr [ebp+122D2B78h], ecx 0x0000004f add esi, dword ptr [esp+24h] 0x00000053 jmp 00007F3331238828h 0x00000058 lodsw 0x0000005a mov dword ptr [ebp+122D2B78h], edx 0x00000060 add eax, dword ptr [esp+24h] 0x00000064 clc 0x00000065 mov ebx, dword ptr [esp+24h] 0x00000069 mov dword ptr [ebp+122D2B78h], ebx 0x0000006f nop 0x00000070 push eax 0x00000071 push edx 0x00000072 jmp 00007F3331238824h 0x00000077 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 688E4E second address: 688F15 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 popad 0x00000006 xor dword ptr [esp], 7269F0E5h 0x0000000d push ebx 0x0000000e jmp 00007F333124C7E9h 0x00000013 pop ecx 0x00000014 mov dword ptr [ebp+122D214Ch], edx 0x0000001a push 00000003h 0x0000001c jmp 00007F333124C7DEh 0x00000021 push 00000000h 0x00000023 mov dword ptr [ebp+122D2057h], edi 0x00000029 push 00000003h 0x0000002b or edi, 3F62A8B6h 0x00000031 push A106EC69h 0x00000036 pushad 0x00000037 jmp 00007F333124C7E3h 0x0000003c jmp 00007F333124C7E6h 0x00000041 popad 0x00000042 xor dword ptr [esp], 6106EC69h 0x00000049 movsx edi, di 0x0000004c lea ebx, dword ptr [ebp+12453CB7h] 0x00000052 push 00000000h 0x00000054 push ebx 0x00000055 call 00007F333124C7D8h 0x0000005a pop ebx 0x0000005b mov dword ptr [esp+04h], ebx 0x0000005f add dword ptr [esp+04h], 00000015h 0x00000067 inc ebx 0x00000068 push ebx 0x00000069 ret 0x0000006a pop ebx 0x0000006b ret 0x0000006c jmp 00007F333124C7E6h 0x00000071 push eax 0x00000072 pushad 0x00000073 push eax 0x00000074 push edx 0x00000075 pushad 0x00000076 popad 0x00000077 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 688FCF second address: 688FDD instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jng 00007F3331238816h 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 688FDD second address: 689063 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F333124C7D6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b mov dword ptr [esp], eax 0x0000000e push 00000000h 0x00000010 push edi 0x00000011 call 00007F333124C7D8h 0x00000016 pop edi 0x00000017 mov dword ptr [esp+04h], edi 0x0000001b add dword ptr [esp+04h], 0000001Ah 0x00000023 inc edi 0x00000024 push edi 0x00000025 ret 0x00000026 pop edi 0x00000027 ret 0x00000028 and ecx, dword ptr [ebp+122D287Ch] 0x0000002e push 00000000h 0x00000030 push 00000000h 0x00000032 push eax 0x00000033 call 00007F333124C7D8h 0x00000038 pop eax 0x00000039 mov dword ptr [esp+04h], eax 0x0000003d add dword ptr [esp+04h], 0000001Dh 0x00000045 inc eax 0x00000046 push eax 0x00000047 ret 0x00000048 pop eax 0x00000049 ret 0x0000004a call 00007F333124C7E7h 0x0000004f mov di, D583h 0x00000053 pop edx 0x00000054 call 00007F333124C7D9h 0x00000059 pushad 0x0000005a push ecx 0x0000005b push eax 0x0000005c push edx 0x0000005d rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 689063 second address: 6890B0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 jl 00007F333123882Bh 0x0000000b jmp 00007F3331238825h 0x00000010 popad 0x00000011 push eax 0x00000012 jmp 00007F3331238823h 0x00000017 mov eax, dword ptr [esp+04h] 0x0000001b push eax 0x0000001c push edx 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007F3331238820h 0x00000024 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6890B0 second address: 6890BA instructions: 0x00000000 rdtsc 0x00000002 jp 00007F333124C7D6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6890BA second address: 6890C0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6890C0 second address: 6890D7 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F333124C7D6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov eax, dword ptr [eax] 0x0000000e pushad 0x0000000f push esi 0x00000010 push eax 0x00000011 pop eax 0x00000012 pop esi 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6890D7 second address: 6890DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6890DB second address: 6890DF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6890DF second address: 689104 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp+04h], eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F3331238828h 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 689104 second address: 68916A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7DBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop eax 0x0000000a jmp 00007F333124C7E1h 0x0000000f push 00000003h 0x00000011 or dword ptr [ebp+122D2009h], edi 0x00000017 call 00007F333124C7DDh 0x0000001c pop edi 0x0000001d push 00000000h 0x0000001f mov edi, 2EC4925Eh 0x00000024 push 00000003h 0x00000026 movzx edi, cx 0x00000029 push A43EDC76h 0x0000002e jns 00007F333124C7F4h 0x00000034 push eax 0x00000035 push edx 0x00000036 jmp 00007F333124C7E6h 0x0000003b rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 68916A second address: 689185 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 add dword ptr [esp], 1BC1238Ah 0x0000000d lea ebx, dword ptr [ebp+12453CC0h] 0x00000013 mov esi, ecx 0x00000015 xchg eax, ebx 0x00000016 pushad 0x00000017 push eax 0x00000018 push edx 0x00000019 pushad 0x0000001a popad 0x0000001b rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 689185 second address: 6891AB instructions: 0x00000000 rdtsc 0x00000002 je 00007F333124C7D6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jmp 00007F333124C7DEh 0x00000010 push eax 0x00000011 pop eax 0x00000012 popad 0x00000013 popad 0x00000014 push eax 0x00000015 push eax 0x00000016 push edx 0x00000017 pushad 0x00000018 push eax 0x00000019 pop eax 0x0000001a pushad 0x0000001b popad 0x0000001c popad 0x0000001d rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A9A0F second address: 6A9A13 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A9A13 second address: 6A9A32 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007F333124C7E4h 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A789E second address: 6A78B2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F333123881Ah 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c pop eax 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A7FB1 second address: 6A7FED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F333124C7E8h 0x00000009 jmp 00007F333124C7E9h 0x0000000e push ecx 0x0000000f pop ecx 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A7FED second address: 6A7FF3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A7FF3 second address: 6A7FF7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A842B second address: 6A8431 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A8431 second address: 6A8437 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A85A5 second address: 6A85C1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F3331238828h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A87A8 second address: 6A87FA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7E9h 0x00000007 push edi 0x00000008 jmp 00007F333124C7DBh 0x0000000d jmp 00007F333124C7DCh 0x00000012 pop edi 0x00000013 pop edx 0x00000014 pop eax 0x00000015 push eax 0x00000016 push edx 0x00000017 push edx 0x00000018 jmp 00007F333124C7DAh 0x0000001d pushad 0x0000001e popad 0x0000001f pop edx 0x00000020 jmp 00007F333124C7DCh 0x00000025 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A87FA second address: 6A87FF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6756B9 second address: 6756DC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F333124C7E4h 0x00000009 jmp 00007F333124C7DBh 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A911A second address: 6A9130 instructions: 0x00000000 rdtsc 0x00000002 js 00007F3331238816h 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jne 00007F333123881Ah 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A9130 second address: 6A914B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F333124C7E6h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A914B second address: 6A9168 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F3331238827h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A9168 second address: 6A9175 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jne 00007F333124C7D6h 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A9175 second address: 6A917B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A917B second address: 6A9190 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push ecx 0x0000000b pop ecx 0x0000000c pop eax 0x0000000d jo 00007F333124C7E2h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A941D second address: 6A9440 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 js 00007F3331238816h 0x0000000e jmp 00007F3331238824h 0x00000013 popad 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A9440 second address: 6A9468 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7E9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jo 00007F333124C7DEh 0x00000010 push ebx 0x00000011 pop ebx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A9468 second address: 6A9471 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push eax 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A9471 second address: 6A9477 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A9477 second address: 6A9485 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push ebx 0x00000006 push edx 0x00000007 pop edx 0x00000008 pushad 0x00000009 popad 0x0000000a pop ebx 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A95BE second address: 6A95DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 ja 00007F333124C7DCh 0x0000000b jc 00007F333124C7D6h 0x00000011 pop ecx 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007F333124C7DCh 0x00000019 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6A95DE second address: 6A95E8 instructions: 0x00000000 rdtsc 0x00000002 js 00007F333123881Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6ACBDA second address: 6ACBDF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6ACBDF second address: 6ACBE4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B60EB second address: 6B6115 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F333124C7E5h 0x0000000b pushad 0x0000000c pushad 0x0000000d jmp 00007F333124C7DBh 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B6115 second address: 6B611B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B611B second address: 6B6124 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B6124 second address: 6B6144 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 jns 00007F3331238816h 0x0000000d pushad 0x0000000e popad 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F333123881Eh 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B5474 second address: 6B548C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push esi 0x00000006 jmp 00007F333124C7DBh 0x0000000b pushad 0x0000000c popad 0x0000000d pop esi 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B548C second address: 6B5490 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B561B second address: 6B563D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7DCh 0x00000007 pushad 0x00000008 jmp 00007F333124C7E1h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B563D second address: 6B5643 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B5C2B second address: 6B5C4A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jng 00007F333124C7D6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jmp 00007F333124C7DFh 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B5C4A second address: 6B5C50 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B5C50 second address: 6B5C54 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B5DAE second address: 6B5DB4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B6FE3 second address: 6B6FEC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B6FEC second address: 6B6FF0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B709A second address: 6B709E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B7408 second address: 6B740E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B74B0 second address: 6B74B5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B7E59 second address: 6B7E7B instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F3331238821h 0x00000008 jmp 00007F333123881Bh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 js 00007F3331238816h 0x00000019 pushad 0x0000001a popad 0x0000001b popad 0x0000001c rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B87D4 second address: 6B8838 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jno 00007F333124C7D6h 0x00000009 jmp 00007F333124C7E1h 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 mov dword ptr [esp], eax 0x00000014 pushad 0x00000015 stc 0x00000016 or esi, 42742111h 0x0000001c popad 0x0000001d push 00000000h 0x0000001f push 00000000h 0x00000021 push esi 0x00000022 call 00007F333124C7D8h 0x00000027 pop esi 0x00000028 mov dword ptr [esp+04h], esi 0x0000002c add dword ptr [esp+04h], 0000001Ah 0x00000034 inc esi 0x00000035 push esi 0x00000036 ret 0x00000037 pop esi 0x00000038 ret 0x00000039 jl 00007F333124C7DEh 0x0000003f push ecx 0x00000040 sbb edi, 39991334h 0x00000046 pop esi 0x00000047 push 00000000h 0x00000049 push eax 0x0000004a push eax 0x0000004b push edx 0x0000004c push edi 0x0000004d pushad 0x0000004e popad 0x0000004f pop edi 0x00000050 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6BA387 second address: 6BA38B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6BA38B second address: 6BA3D6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 mov dword ptr [esp], eax 0x0000000a mov di, 8735h 0x0000000e adc di, E880h 0x00000013 push 00000000h 0x00000015 push 00000000h 0x00000017 push esi 0x00000018 call 00007F333124C7D8h 0x0000001d pop esi 0x0000001e mov dword ptr [esp+04h], esi 0x00000022 add dword ptr [esp+04h], 0000001Ch 0x0000002a inc esi 0x0000002b push esi 0x0000002c ret 0x0000002d pop esi 0x0000002e ret 0x0000002f and edi, dword ptr [ebp+122D3776h] 0x00000035 push 00000000h 0x00000037 movsx edi, bx 0x0000003a push eax 0x0000003b push eax 0x0000003c push edx 0x0000003d push eax 0x0000003e push edx 0x0000003f push ebx 0x00000040 pop ebx 0x00000041 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6BA3D6 second address: 6BA3E5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333123881Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6BB76C second address: 6BB78B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7DEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d js 00007F333124C7D6h 0x00000013 pushad 0x00000014 popad 0x00000015 popad 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6BD5B1 second address: 6BD5BB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6BD5BB second address: 6BD5BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6BD5BF second address: 6BD5C3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6BD5C3 second address: 6BD5CC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6BDB78 second address: 6BDB8C instructions: 0x00000000 rdtsc 0x00000002 jp 00007F3331238816h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e jo 00007F3331238816h 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6BDB8C second address: 6BDB90 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6BE623 second address: 6BE627 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6BE627 second address: 6BE62B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6BE62B second address: 6BE631 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6BE631 second address: 6BE636 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6BE636 second address: 6BE679 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c jnl 00007F3331238816h 0x00000012 push ebx 0x00000013 pop ebx 0x00000014 popad 0x00000015 pop edx 0x00000016 nop 0x00000017 push 00000000h 0x00000019 add dword ptr [ebp+1244EDBCh], edx 0x0000001f mov dword ptr [ebp+122D2E2Eh], edx 0x00000025 push 00000000h 0x00000027 call 00007F333123881Ch 0x0000002c mov si, E231h 0x00000030 pop esi 0x00000031 push eax 0x00000032 push eax 0x00000033 push edx 0x00000034 jp 00007F3331238818h 0x0000003a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6BE679 second address: 6BE689 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F333124C7DCh 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6BE689 second address: 6BE68D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C2498 second address: 6C24A7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F333124C7DBh 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6BF97E second address: 6BF9A2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F3331238822h 0x00000009 popad 0x0000000a pop ebx 0x0000000b push eax 0x0000000c js 00007F3331238820h 0x00000012 pushad 0x00000013 push ecx 0x00000014 pop ecx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C34AE second address: 6C34B2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C34B2 second address: 6C34B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C34B8 second address: 6C34C2 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F333124C7DCh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C268D second address: 6C26DF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F3331238821h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c adc edi, 30DFE576h 0x00000012 push dword ptr fs:[00000000h] 0x00000019 and di, EE54h 0x0000001e mov dword ptr fs:[00000000h], esp 0x00000025 mov eax, dword ptr [ebp+122D16ADh] 0x0000002b cmc 0x0000002c jg 00007F3331238816h 0x00000032 push FFFFFFFFh 0x00000034 ja 00007F3331238817h 0x0000003a stc 0x0000003b nop 0x0000003c push eax 0x0000003d push edx 0x0000003e push eax 0x0000003f push edx 0x00000040 je 00007F3331238816h 0x00000046 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C26DF second address: 6C26E9 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F333124C7D6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C4887 second address: 6C48C4 instructions: 0x00000000 rdtsc 0x00000002 js 00007F3331238816h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop eax 0x0000000b push eax 0x0000000c pushad 0x0000000d jp 00007F3331238825h 0x00000013 push eax 0x00000014 push edx 0x00000015 jmp 00007F3331238829h 0x0000001a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C48C4 second address: 6C48C8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C596F second address: 6C5973 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C76A2 second address: 6C7742 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7E6h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c adc edi, 0FF6E342h 0x00000012 push 00000000h 0x00000014 push 00000000h 0x00000016 push esi 0x00000017 call 00007F333124C7D8h 0x0000001c pop esi 0x0000001d mov dword ptr [esp+04h], esi 0x00000021 add dword ptr [esp+04h], 0000001Bh 0x00000029 inc esi 0x0000002a push esi 0x0000002b ret 0x0000002c pop esi 0x0000002d ret 0x0000002e push 00000000h 0x00000030 mov dword ptr [ebp+122D2030h], ebx 0x00000036 movzx edi, dx 0x00000039 xchg eax, esi 0x0000003a pushad 0x0000003b jmp 00007F333124C7E7h 0x00000040 pushad 0x00000041 jno 00007F333124C7D6h 0x00000047 jmp 00007F333124C7E8h 0x0000004c popad 0x0000004d popad 0x0000004e push eax 0x0000004f pushad 0x00000050 push eax 0x00000051 push edx 0x00000052 jmp 00007F333124C7DFh 0x00000057 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C6895 second address: 6C6899 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C6899 second address: 6C689F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C689F second address: 6C68C1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333123881Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jns 00007F333123881Ch 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C68C1 second address: 6C68D6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F333124C7E1h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C864F second address: 6C8654 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C9830 second address: 6C983F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F333124C7DAh 0x00000009 popad 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6CE63F second address: 6CE645 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6CE645 second address: 6CE649 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6CE649 second address: 6CE657 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6CE657 second address: 6CE65B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6CE65B second address: 6CE6C9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 nop 0x00000008 push 00000000h 0x0000000a push edi 0x0000000b call 00007F3331238818h 0x00000010 pop edi 0x00000011 mov dword ptr [esp+04h], edi 0x00000015 add dword ptr [esp+04h], 0000001Ah 0x0000001d inc edi 0x0000001e push edi 0x0000001f ret 0x00000020 pop edi 0x00000021 ret 0x00000022 push 00000000h 0x00000024 push 00000000h 0x00000026 push ecx 0x00000027 call 00007F3331238818h 0x0000002c pop ecx 0x0000002d mov dword ptr [esp+04h], ecx 0x00000031 add dword ptr [esp+04h], 0000001Ch 0x00000039 inc ecx 0x0000003a push ecx 0x0000003b ret 0x0000003c pop ecx 0x0000003d ret 0x0000003e mov dword ptr [ebp+122D1DF9h], ebx 0x00000044 push 00000000h 0x00000046 mov edi, dword ptr [ebp+122D1EC5h] 0x0000004c push eax 0x0000004d js 00007F3331238824h 0x00000053 pushad 0x00000054 jl 00007F3331238816h 0x0000005a push eax 0x0000005b push edx 0x0000005c rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6CB853 second address: 6CB86F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7DCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ecx 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jnp 00007F333124C7D8h 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6CC79B second address: 6CC79F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6CB86F second address: 6CB875 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6CB875 second address: 6CB879 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6CC849 second address: 6CC84D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6CB932 second address: 6CB938 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6D04D5 second address: 6D04DB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6CC84D second address: 6CC853 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6D04DB second address: 6D04DF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6CB938 second address: 6CB970 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F3331238828h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edi 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F3331238828h 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6CC853 second address: 6CC861 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c push edx 0x0000000d pop edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 672290 second address: 672296 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6D0D7C second address: 6D0D8F instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 jnc 00007F333124C7D6h 0x00000009 pop ecx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6D0D8F second address: 6D0D93 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6D0D93 second address: 6D0D97 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6D0D97 second address: 6D0D9D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6D1C03 second address: 6D1C0E instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 pushad 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6DA6F4 second address: 6DA6F9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6DF389 second address: 508A29 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F333124C7E6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a xor dword ptr [esp], 6E3DAC5Eh 0x00000011 push 00000000h 0x00000013 push eax 0x00000014 call 00007F333124C7D8h 0x00000019 pop eax 0x0000001a mov dword ptr [esp+04h], eax 0x0000001e add dword ptr [esp+04h], 0000001Dh 0x00000026 inc eax 0x00000027 push eax 0x00000028 ret 0x00000029 pop eax 0x0000002a ret 0x0000002b push dword ptr [ebp+122D0D5Dh] 0x00000031 jmp 00007F333124C7E7h 0x00000036 pushad 0x00000037 cld 0x00000038 jmp 00007F333124C7E6h 0x0000003d popad 0x0000003e call dword ptr [ebp+122D1933h] 0x00000044 pushad 0x00000045 jno 00007F333124C7DCh 0x0000004b xor eax, eax 0x0000004d mov dword ptr [ebp+122D2B78h], ebx 0x00000053 mov edx, dword ptr [esp+28h] 0x00000057 jmp 00007F333124C7E5h 0x0000005c mov dword ptr [ebp+122D37BEh], eax 0x00000062 pushad 0x00000063 mov dx, 21D2h 0x00000067 mov eax, dword ptr [ebp+122D3676h] 0x0000006d popad 0x0000006e mov esi, 0000003Ch 0x00000073 mov dword ptr [ebp+122D2B78h], ecx 0x00000079 add esi, dword ptr [esp+24h] 0x0000007d jmp 00007F333124C7E8h 0x00000082 lodsw 0x00000084 mov dword ptr [ebp+122D2B78h], edx 0x0000008a add eax, dword ptr [esp+24h] 0x0000008e clc 0x0000008f mov ebx, dword ptr [esp+24h] 0x00000093 mov dword ptr [ebp+122D2B78h], ebx 0x00000099 nop 0x0000009a push eax 0x0000009b push edx 0x0000009c jmp 00007F333124C7E4h 0x000000a1 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6E54B0 second address: 6E54BE instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F3331238816h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6E54BE second address: 6E54C4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6E54C4 second address: 6E54CA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6E54CA second address: 6E54D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6E54D0 second address: 6E54D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6E56D3 second address: 6E56DC instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pushad 0x00000004 popad 0x00000005 pop ecx 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6E56DC second address: 6E56E2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6E56E2 second address: 6E56E8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6E5816 second address: 6E5835 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F3331238827h 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6E5B06 second address: 6E5B0E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6E5B0E second address: 6E5B19 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 pop eax 0x00000009 push ebx 0x0000000a pop ebx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6E5B19 second address: 6E5B42 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push esi 0x00000007 jmp 00007F333124C7E4h 0x0000000c jne 00007F333124C7D6h 0x00000012 pop esi 0x00000013 popad 0x00000014 pushad 0x00000015 pushad 0x00000016 push eax 0x00000017 pop eax 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6E5B42 second address: 6E5B4F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6E5B4F second address: 6E5B53 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6E5B53 second address: 6E5B57 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6E5DFC second address: 6E5E11 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F333124C7D6h 0x0000000a pop ebx 0x0000000b push eax 0x0000000c push edx 0x0000000d push esi 0x0000000e pop esi 0x0000000f jne 00007F333124C7D6h 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6E5E11 second address: 6E5E15 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6E5E15 second address: 6E5E29 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007F333124C7D6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jbe 00007F333124C7D6h 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6EDDB3 second address: 6EDDB9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6EDDB9 second address: 6EDDD9 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 ja 00007F333124C7D6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F333124C7E2h 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6EDDD9 second address: 6EDDE3 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F3331238816h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6ECBFA second address: 6ECC00 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6ECC00 second address: 6ECC06 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C030F second address: 6C036D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 jmp 00007F333124C7DBh 0x0000000a popad 0x0000000b mov dword ptr [esp], eax 0x0000000e push 00000000h 0x00000010 push edx 0x00000011 call 00007F333124C7D8h 0x00000016 pop edx 0x00000017 mov dword ptr [esp+04h], edx 0x0000001b add dword ptr [esp+04h], 0000001Ch 0x00000023 inc edx 0x00000024 push edx 0x00000025 ret 0x00000026 pop edx 0x00000027 ret 0x00000028 pushad 0x00000029 push edx 0x0000002a pushad 0x0000002b popad 0x0000002c pop edi 0x0000002d xor esi, 02D506FAh 0x00000033 popad 0x00000034 lea eax, dword ptr [ebp+1248B05Ch] 0x0000003a push ecx 0x0000003b jmp 00007F333124C7DDh 0x00000040 pop edx 0x00000041 push eax 0x00000042 pushad 0x00000043 pushad 0x00000044 push eax 0x00000045 push edx 0x00000046 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C0443 second address: 6C0448 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C0448 second address: 6C0475 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7E0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b jmp 00007F333124C7E3h 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 popad 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C058A second address: 6C059D instructions: 0x00000000 rdtsc 0x00000002 ja 00007F3331238818h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push esi 0x00000010 push edi 0x00000011 pop edi 0x00000012 pop esi 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C089C second address: 6C08A2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C0A79 second address: 6C0A94 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F3331238827h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C0A94 second address: 6C0AD9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 add dword ptr [esp], 2AAE8D65h 0x0000000f push 00000000h 0x00000011 push edi 0x00000012 call 00007F333124C7D8h 0x00000017 pop edi 0x00000018 mov dword ptr [esp+04h], edi 0x0000001c add dword ptr [esp+04h], 0000001Bh 0x00000024 inc edi 0x00000025 push edi 0x00000026 ret 0x00000027 pop edi 0x00000028 ret 0x00000029 call 00007F333124C7D9h 0x0000002e pushad 0x0000002f pushad 0x00000030 js 00007F333124C7D6h 0x00000036 push eax 0x00000037 push edx 0x00000038 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C0AD9 second address: 6C0AE2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C0AE2 second address: 6C0AEF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C0AEF second address: 6C0AF3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C0AF3 second address: 6C0B11 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 push esi 0x0000000a pop esi 0x0000000b popad 0x0000000c popad 0x0000000d mov eax, dword ptr [esp+04h] 0x00000011 pushad 0x00000012 je 00007F333124C7D8h 0x00000018 push edi 0x00000019 pop edi 0x0000001a push eax 0x0000001b push edx 0x0000001c pushad 0x0000001d popad 0x0000001e rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C0B11 second address: 6C0B32 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F3331238816h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b mov eax, dword ptr [eax] 0x0000000d push edx 0x0000000e push edi 0x0000000f jne 00007F3331238816h 0x00000015 pop edi 0x00000016 pop edx 0x00000017 mov dword ptr [esp+04h], eax 0x0000001b push eax 0x0000001c push edx 0x0000001d push eax 0x0000001e push edx 0x0000001f pushad 0x00000020 popad 0x00000021 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C0B32 second address: 6C0B36 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C0B36 second address: 6C0B3C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C0C00 second address: 6C0C04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C0C85 second address: 6C0C89 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C0DDC second address: 6C0DE0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C0DE0 second address: 6C0DFE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333123881Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b jo 00007F3331238824h 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C0DFE second address: 6C0E02 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C0F27 second address: 6C0F2C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C1243 second address: 6C124A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C124A second address: 6C1251 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push esi 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C1251 second address: 6C125E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C125E second address: 6C1263 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C1584 second address: 6C15AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007F333124C7E6h 0x0000000a popad 0x0000000b push eax 0x0000000c pushad 0x0000000d jns 00007F333124C7D8h 0x00000013 push esi 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C15AD second address: 6C15E9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 popad 0x00000006 mov eax, dword ptr [esp+04h] 0x0000000a jmp 00007F3331238826h 0x0000000f mov eax, dword ptr [eax] 0x00000011 jnp 00007F3331238830h 0x00000017 push eax 0x00000018 push edx 0x00000019 jmp 00007F3331238822h 0x0000001e rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 69F5E9 second address: 69F5ED instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6ECED9 second address: 6ECEEC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333123881Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6ECEEC second address: 6ECF0C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 jng 00007F333124C808h 0x0000000b pushad 0x0000000c push ecx 0x0000000d pop ecx 0x0000000e jmp 00007F333124C7E0h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6ECF0C second address: 6ECF12 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6ED79A second address: 6ED7A0 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6ED7A0 second address: 6ED7A6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6ED7A6 second address: 6ED7AA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6ED956 second address: 6ED95A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6ED95A second address: 6ED95E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6ED95E second address: 6ED964 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 66D283 second address: 66D289 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 66D289 second address: 66D28F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 66D28F second address: 66D2BE instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jmp 00007F333124C7DFh 0x00000008 jmp 00007F333124C7E6h 0x0000000d pop ebx 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 push ecx 0x00000013 pop ecx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F79AB second address: 6F79B5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F3331238816h 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F79B5 second address: 6F79BB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F79BB second address: 6F79C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jg 00007F3331238816h 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F79C9 second address: 6F79D5 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F333124C7D6h 0x00000008 push eax 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F79D5 second address: 6F79E2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jnl 00007F3331238816h 0x00000009 push esi 0x0000000a pop esi 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F641B second address: 6F641F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F6564 second address: 6F656A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F656A second address: 6F6576 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F333124C7D6h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F6576 second address: 6F6590 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F3331238823h 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F671D second address: 6F6781 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F333124C7D6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d push edi 0x0000000e pop edi 0x0000000f pushad 0x00000010 popad 0x00000011 pushad 0x00000012 popad 0x00000013 popad 0x00000014 jo 00007F333124C7DAh 0x0000001a pushad 0x0000001b popad 0x0000001c pushad 0x0000001d popad 0x0000001e popad 0x0000001f pushad 0x00000020 jmp 00007F333124C7E5h 0x00000025 pushad 0x00000026 jl 00007F333124C7D6h 0x0000002c jnp 00007F333124C7D6h 0x00000032 jmp 00007F333124C7DDh 0x00000037 popad 0x00000038 jmp 00007F333124C7DFh 0x0000003d push ecx 0x0000003e push eax 0x0000003f pop eax 0x00000040 push eax 0x00000041 push edx 0x00000042 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F68C6 second address: 6F6936 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F333123881Ch 0x00000009 pop eax 0x0000000a push edx 0x0000000b jmp 00007F3331238824h 0x00000010 jmp 00007F333123881Ch 0x00000015 pop edx 0x00000016 pop esi 0x00000017 pushad 0x00000018 jmp 00007F3331238822h 0x0000001d pushad 0x0000001e pushad 0x0000001f popad 0x00000020 jmp 00007F3331238821h 0x00000025 js 00007F3331238816h 0x0000002b popad 0x0000002c push eax 0x0000002d push edx 0x0000002e jmp 00007F333123881Ch 0x00000033 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F6936 second address: 6F6950 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jne 00007F333124C7D6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jnc 00007F333124C7D6h 0x00000014 ja 00007F333124C7D6h 0x0000001a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F6950 second address: 6F6954 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F6D48 second address: 6F6D66 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F333124C7E7h 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F7132 second address: 6F713E instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push edi 0x00000004 pop edi 0x00000005 pushad 0x00000006 popad 0x00000007 pop edi 0x00000008 push eax 0x00000009 push edx 0x0000000a push edx 0x0000000b pop edx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F73E9 second address: 6F73F3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnl 00007F333124C7D6h 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F73F3 second address: 6F73F7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F7834 second address: 6F7838 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F60F4 second address: 6F6120 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop ecx 0x00000007 jmp 00007F333123881Eh 0x0000000c popad 0x0000000d pushad 0x0000000e jmp 00007F3331238821h 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6F6120 second address: 6F6124 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6FEE4C second address: 6FEE51 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6FEE51 second address: 6FEE64 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7DAh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6FEE64 second address: 6FEE6A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6FDBB8 second address: 6FDBBE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6FDBBE second address: 6FDBC7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push edi 0x00000008 pop edi 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6FDD05 second address: 6FDD0A instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6FDD0A second address: 6FDD29 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F3331238826h 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6FE594 second address: 6FE5B2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F333124C7E2h 0x0000000a jmp 00007F333124C7DCh 0x0000000f pop esi 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 push eax 0x00000016 pop eax 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6FE897 second address: 6FE8C2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop esi 0x00000006 pushad 0x00000007 push eax 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a jmp 00007F333123881Ch 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F3331238822h 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 701420 second address: 701424 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 701424 second address: 70142A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 700F6C second address: 700F74 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 700F74 second address: 700F7A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 700F7A second address: 700F97 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F333124C7E9h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 700F97 second address: 700F9B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7040DB second address: 7040E2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7040E2 second address: 7040E8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 708BD5 second address: 708BDB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 708BDB second address: 708C01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 jnl 00007F333123882Ch 0x0000000b push ecx 0x0000000c push edi 0x0000000d pop edi 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 708C01 second address: 708C1E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pushad 0x00000006 jmp 00007F333124C7E5h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 70EBD6 second address: 70EBF2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F3331238828h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 70D726 second address: 70D72C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 70D72C second address: 70D759 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F3331238827h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c pushad 0x0000000d popad 0x0000000e jng 00007F3331238816h 0x00000014 jg 00007F3331238816h 0x0000001a popad 0x0000001b rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 70D759 second address: 70D75F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C1064 second address: 6C106A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C106A second address: 6C1093 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 jmp 00007F333124C7E8h 0x00000008 pop ecx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jbe 00007F333124C7DCh 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C1093 second address: 6C1097 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C1097 second address: 6C10CF instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 xor dword ptr [ebp+1247CEFAh], ecx 0x0000000f mov ebx, dword ptr [ebp+1248B09Bh] 0x00000015 add eax, ebx 0x00000017 stc 0x00000018 nop 0x00000019 jmp 00007F333124C7E9h 0x0000001e push eax 0x0000001f push ecx 0x00000020 push eax 0x00000021 push edx 0x00000022 push ecx 0x00000023 pop ecx 0x00000024 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6C10CF second address: 6C116A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 nop 0x00000008 or dword ptr [ebp+122D24AEh], edi 0x0000000e mov dword ptr [ebp+12465031h], ebx 0x00000014 push 00000004h 0x00000016 push 00000000h 0x00000018 push eax 0x00000019 call 00007F3331238818h 0x0000001e pop eax 0x0000001f mov dword ptr [esp+04h], eax 0x00000023 add dword ptr [esp+04h], 0000001Dh 0x0000002b inc eax 0x0000002c push eax 0x0000002d ret 0x0000002e pop eax 0x0000002f ret 0x00000030 pushad 0x00000031 je 00007F333123881Ch 0x00000037 mov dword ptr [ebp+12455FB4h], edi 0x0000003d mov esi, dword ptr [ebp+122D3682h] 0x00000043 popad 0x00000044 mov dword ptr [ebp+122D20C0h], eax 0x0000004a nop 0x0000004b pushad 0x0000004c jmp 00007F333123881Ch 0x00000051 pushad 0x00000052 jmp 00007F333123881Bh 0x00000057 jmp 00007F3331238824h 0x0000005c popad 0x0000005d popad 0x0000005e push eax 0x0000005f pushad 0x00000060 jmp 00007F3331238820h 0x00000065 push eax 0x00000066 push edx 0x00000067 push ebx 0x00000068 pop ebx 0x00000069 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 70DE91 second address: 70DEA5 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F333124C7D8h 0x00000008 push eax 0x00000009 push edx 0x0000000a jnl 00007F333124C7D6h 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 70DEA5 second address: 70DEBA instructions: 0x00000000 rdtsc 0x00000002 jc 00007F3331238816h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push ecx 0x0000000d jl 00007F3331238822h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 70DEBA second address: 70DEC7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F333124C7D6h 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 70E8B4 second address: 70E8CD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333123881Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c popad 0x0000000d jnc 00007F3331238816h 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 70E8CD second address: 70E8DC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jo 00007F333124C7D6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push esi 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7120B5 second address: 7120BB instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7120BB second address: 7120D7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7E7h 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 712263 second address: 712267 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7123C3 second address: 7123C9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 71267A second address: 71267F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 71267F second address: 71268B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 jng 00007F333124C7D6h 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 714045 second address: 714049 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 714049 second address: 71404F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 71404F second address: 714055 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 714055 second address: 714059 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 714059 second address: 71407D instructions: 0x00000000 rdtsc 0x00000002 jc 00007F3331238816h 0x00000008 jmp 00007F3331238827h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 71407D second address: 714085 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 71B78A second address: 71B7C6 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 je 00007F3331238816h 0x00000009 pop ecx 0x0000000a jo 00007F333123881Eh 0x00000010 pushad 0x00000011 popad 0x00000012 jne 00007F3331238816h 0x00000018 pop edx 0x00000019 pop eax 0x0000001a pushad 0x0000001b jmp 00007F3331238828h 0x00000020 pushad 0x00000021 jnl 00007F3331238816h 0x00000027 push eax 0x00000028 push edx 0x00000029 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 719817 second address: 719837 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007F333124C7E2h 0x0000000d popad 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 popad 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 719837 second address: 719841 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F3331238816h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7199E3 second address: 7199EC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 71A379 second address: 71A383 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F3331238816h 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 71A383 second address: 71A387 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 71ABBA second address: 71ABD7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jno 00007F3331238816h 0x0000000c popad 0x0000000d jng 00007F333123881Ch 0x00000013 jp 00007F3331238816h 0x00000019 push eax 0x0000001a push edx 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 71ABD7 second address: 71ABDB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 71ABDB second address: 71ABF6 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F3331238816h 0x00000008 jmp 00007F333123881Dh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 71ABF6 second address: 71ABFC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 71ABFC second address: 71AC00 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 71AC00 second address: 71AC0A instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F333124C7D6h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 71AC0A second address: 71AC26 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F3331238820h 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 71AC26 second address: 71AC3D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007F333124C7DEh 0x0000000b pushad 0x0000000c popad 0x0000000d popad 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 71B4A0 second address: 71B4A6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 71B4A6 second address: 71B4AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 724072 second address: 7240A0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F3331238824h 0x00000007 push ecx 0x00000008 jmp 00007F3331238825h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 724386 second address: 72438B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 72438B second address: 7243C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 jc 00007F3331238816h 0x0000000c popad 0x0000000d jg 00007F3331238826h 0x00000013 pushad 0x00000014 popad 0x00000015 jmp 00007F333123881Eh 0x0000001a pop edx 0x0000001b pop eax 0x0000001c pushad 0x0000001d jmp 00007F3331238825h 0x00000022 push edx 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 72485E second address: 72489A instructions: 0x00000000 rdtsc 0x00000002 ja 00007F333124C7F1h 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F333124C7E7h 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 72613A second address: 72613E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 72613E second address: 726189 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ebx 0x00000007 jmp 00007F333124C7E5h 0x0000000c jno 00007F333124C7D6h 0x00000012 pop ebx 0x00000013 pop esi 0x00000014 pushad 0x00000015 pushad 0x00000016 pushad 0x00000017 popad 0x00000018 pushad 0x00000019 popad 0x0000001a jne 00007F333124C7D6h 0x00000020 popad 0x00000021 pushad 0x00000022 je 00007F333124C7D6h 0x00000028 je 00007F333124C7D6h 0x0000002e jc 00007F333124C7D6h 0x00000034 popad 0x00000035 push eax 0x00000036 push edx 0x00000037 pushad 0x00000038 popad 0x00000039 push eax 0x0000003a push edx 0x0000003b rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 726189 second address: 72618D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6708D4 second address: 6708F0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F333124C7E8h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 72C33D second address: 72C341 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 72C341 second address: 72C345 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 72C345 second address: 72C368 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007F3331238816h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jmp 00007F3331238824h 0x00000011 push ecx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 72C808 second address: 72C848 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push esi 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 jng 00007F333124C7D6h 0x0000000f pop esi 0x00000010 jo 00007F333124C7DEh 0x00000016 jns 00007F333124C7D6h 0x0000001c pushad 0x0000001d popad 0x0000001e jne 00007F333124C7DEh 0x00000024 popad 0x00000025 pushad 0x00000026 jmp 00007F333124C7DEh 0x0000002b push eax 0x0000002c push edx 0x0000002d pushad 0x0000002e popad 0x0000002f rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 72C848 second address: 72C84C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 72C84C second address: 72C863 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F333124C7DFh 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 72C863 second address: 72C867 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 72C9A7 second address: 72C9C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F333124C7E8h 0x00000009 popad 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 72CDEF second address: 72CDF4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 72CDF4 second address: 72CE0B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007F333124C7DFh 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 72DF3D second address: 72DF4F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jg 00007F3331238816h 0x00000010 push eax 0x00000011 pop eax 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 72DF4F second address: 72DF53 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 72DF53 second address: 72DF67 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jo 00007F3331238822h 0x0000000c jng 00007F3331238816h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 736CC6 second address: 736CCA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 736CCA second address: 736CD3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edi 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 736CD3 second address: 736CDA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edi 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 736CDA second address: 736CE0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 736848 second address: 73685E instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 js 00007F333124C7D6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 ja 00007F333124C7D6h 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 73685E second address: 736862 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 678CE5 second address: 678CFC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007F333124C7D6h 0x0000000a pushad 0x0000000b push edx 0x0000000c pop edx 0x0000000d push ebx 0x0000000e pop ebx 0x0000000f jg 00007F333124C7D6h 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 678CFC second address: 678D01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 748FCB second address: 748FEE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7E8h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c push edx 0x0000000d pop edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 748FEE second address: 748FF5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 748FF5 second address: 748FFA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 748FFA second address: 74902A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F333123881Eh 0x00000009 jp 00007F3331238816h 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 push esi 0x00000013 pop esi 0x00000014 jmp 00007F3331238823h 0x00000019 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 752A94 second address: 752AA0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 js 00007F333124C7D6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 757950 second address: 757964 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F3331238820h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 757964 second address: 757968 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 75AAC8 second address: 75AAD8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 push edx 0x00000006 pop edx 0x00000007 popad 0x00000008 push eax 0x00000009 push edx 0x0000000a jne 00007F3331238816h 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 75D592 second address: 75D5B7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7E5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jbe 00007F333124C7DCh 0x0000000f jnl 00007F333124C7D6h 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7693B1 second address: 7693B5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7693B5 second address: 7693BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7693BB second address: 7693D9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F3331238826h 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a pop eax 0x0000000b push ebx 0x0000000c pop ebx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7693D9 second address: 7693EF instructions: 0x00000000 rdtsc 0x00000002 je 00007F333124C7D6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 push ebx 0x00000013 pop ebx 0x00000014 pushad 0x00000015 popad 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7693EF second address: 7693F7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7693F7 second address: 7693FD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 76809D second address: 7680AC instructions: 0x00000000 rdtsc 0x00000002 jo 00007F3331238818h 0x00000008 push edi 0x00000009 pop edi 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 76905D second address: 769069 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 je 00007F333124C7D6h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 769069 second address: 76906D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 76906D second address: 769082 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F333124C7D6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d jg 00007F333124C7DCh 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 769082 second address: 76909E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 jng 00007F3331238816h 0x0000000b jnp 00007F3331238816h 0x00000011 jo 00007F3331238816h 0x00000017 popad 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 76909E second address: 7690A8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F333124C7D6h 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 76B56C second address: 76B580 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 jmp 00007F333123881Ah 0x0000000a pushad 0x0000000b popad 0x0000000c pushad 0x0000000d popad 0x0000000e popad 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 76B580 second address: 76B58A instructions: 0x00000000 rdtsc 0x00000002 js 00007F333124C7DCh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 76B58A second address: 76B59C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 jmp 00007F333123881Ch 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 76B59C second address: 76B5A0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 76D20D second address: 76D213 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 76D213 second address: 76D218 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 779ECC second address: 779ED4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 779D57 second address: 779D87 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 jmp 00007F333124C7DCh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop edi 0x0000000c pushad 0x0000000d jmp 00007F333124C7DCh 0x00000012 pushad 0x00000013 jmp 00007F333124C7DDh 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 779D87 second address: 779D8F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push edi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 77DA76 second address: 77DA7C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 77DA7C second address: 77DA9F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F3331238816h 0x0000000a popad 0x0000000b jmp 00007F3331238828h 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7773A5 second address: 7773AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 78A8AC second address: 78A8BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push esi 0x00000006 push ebx 0x00000007 jl 00007F3331238816h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 78C46C second address: 78C470 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 78C470 second address: 78C486 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jc 00007F333123881Ch 0x0000000c jnc 00007F3331238816h 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 popad 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 67F89B second address: 67F8A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push esi 0x00000006 push esi 0x00000007 pop esi 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 67F8A5 second address: 67F8B3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push ecx 0x00000006 pushad 0x00000007 popad 0x00000008 pushad 0x00000009 popad 0x0000000a pop ecx 0x0000000b push esi 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 67F8B3 second address: 67F8DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007F333124C7D6h 0x0000000a pop esi 0x0000000b popad 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F333124C7E9h 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 67F8DB second address: 67F8DF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 67F8DF second address: 67F8E5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 67F8E5 second address: 67F8F6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 jns 00007F3331238816h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7A141E second address: 7A1469 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F333124C7E6h 0x0000000b pop edx 0x0000000c jnl 00007F333124C815h 0x00000012 jp 00007F333124C7DEh 0x00000018 jg 00007F333124C7D6h 0x0000001e pushad 0x0000001f popad 0x00000020 push eax 0x00000021 push edx 0x00000022 push esi 0x00000023 pop esi 0x00000024 jmp 00007F333124C7E6h 0x00000029 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7A1469 second address: 7A146D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7A19A0 second address: 7A19A9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7A19A9 second address: 7A19B1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 push edi 0x00000007 pop edi 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7A19B1 second address: 7A19C5 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F333124C7D6h 0x00000008 push eax 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 push ecx 0x00000013 pop ecx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7A19C5 second address: 7A19EA instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 jmp 00007F3331238823h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c push edx 0x0000000d pop edx 0x0000000e pushad 0x0000000f popad 0x00000010 jng 00007F3331238816h 0x00000016 popad 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7A19EA second address: 7A19F6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jns 00007F333124C7D6h 0x0000000a push ebx 0x0000000b pop ebx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7A1C7C second address: 7A1CA4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 jno 00007F3331238816h 0x0000000e popad 0x0000000f jmp 00007F3331238820h 0x00000014 pushad 0x00000015 jno 00007F3331238816h 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 7AB298 second address: 7AB2B3 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F333124C7E6h 0x00000008 jmp 00007F333124C7E0h 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 6B9F4B second address: 6B9F4F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E204C6 second address: 4E204CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E204CA second address: 4E204D0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E204D0 second address: 4E204D6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E204D6 second address: 4E204EA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ebp, esp 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f mov di, 37A8h 0x00000013 popad 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E204EA second address: 4E204FC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007F333124C7DCh 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E204FC second address: 4E20512 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov edx, dword ptr [ebp+0Ch] 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F333123881Ah 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E4085E second address: 4E40899 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov bl, cl 0x00000006 popad 0x00000007 popad 0x00000008 push ebx 0x00000009 pushad 0x0000000a mov edx, ecx 0x0000000c call 00007F333124C7DEh 0x00000011 push esi 0x00000012 pop edi 0x00000013 pop esi 0x00000014 popad 0x00000015 mov dword ptr [esp], ebp 0x00000018 push eax 0x00000019 push edx 0x0000001a jmp 00007F333124C7E8h 0x0000001f rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E40899 second address: 4E4089F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E4089F second address: 4E408A3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E408A3 second address: 4E408A7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E408A7 second address: 4E408C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ebp, esp 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F333124C7E4h 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E408C7 second address: 4E4092F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333123881Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ecx 0x0000000a jmp 00007F3331238826h 0x0000000f push eax 0x00000010 jmp 00007F333123881Bh 0x00000015 xchg eax, ecx 0x00000016 pushad 0x00000017 mov si, 8A7Bh 0x0000001b call 00007F3331238820h 0x00000020 mov dh, ah 0x00000022 pop edi 0x00000023 popad 0x00000024 xchg eax, esi 0x00000025 push eax 0x00000026 push edx 0x00000027 jmp 00007F3331238829h 0x0000002c rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E4092F second address: 4E409AB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7E1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007F333124C7E1h 0x0000000f xchg eax, esi 0x00000010 pushad 0x00000011 pushfd 0x00000012 jmp 00007F333124C7DCh 0x00000017 add si, AFB8h 0x0000001c jmp 00007F333124C7DBh 0x00000021 popfd 0x00000022 jmp 00007F333124C7E8h 0x00000027 popad 0x00000028 lea eax, dword ptr [ebp-04h] 0x0000002b push eax 0x0000002c push edx 0x0000002d jmp 00007F333124C7E7h 0x00000032 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E409AB second address: 4E409D1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F3331238829h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d push edx 0x0000000e pop esi 0x0000000f pushad 0x00000010 popad 0x00000011 popad 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E409D1 second address: 4E40A0B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7E2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007F333124C7DBh 0x0000000f nop 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F333124C7E5h 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E40A45 second address: 4E40A4B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E40A4B second address: 4E40A5C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F333124C7DDh 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E40A5C second address: 4E40A8A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 cmp dword ptr [ebp-04h], 00000000h 0x0000000c jmp 00007F333123881Dh 0x00000011 mov esi, eax 0x00000013 pushad 0x00000014 jmp 00007F333123881Ch 0x00000019 push eax 0x0000001a push edx 0x0000001b mov cx, 3B07h 0x0000001f rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E40B08 second address: 4E40B26 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop eax 0x00000005 push edi 0x00000006 pop eax 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov eax, esi 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F333124C7E0h 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E40B26 second address: 4E40B45 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F3331238821h 0x00000008 push esi 0x00000009 pop edi 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d pop esi 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E40B45 second address: 4E40B4C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov esi, edi 0x00000006 popad 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E40B4C second address: 4E40B80 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F333123881Ch 0x00000009 add ecx, 180BC698h 0x0000000f jmp 00007F333123881Bh 0x00000014 popfd 0x00000015 pushad 0x00000016 popad 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a leave 0x0000001b push eax 0x0000001c push edx 0x0000001d pushad 0x0000001e mov edx, 7E5DB674h 0x00000023 movsx ebx, si 0x00000026 popad 0x00000027 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E40B80 second address: 4E301F5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movsx edi, si 0x00000006 pushfd 0x00000007 jmp 00007F333124C7DEh 0x0000000c jmp 00007F333124C7E5h 0x00000011 popfd 0x00000012 popad 0x00000013 pop edx 0x00000014 pop eax 0x00000015 retn 0004h 0x00000018 nop 0x00000019 sub esp, 04h 0x0000001c xor ebx, ebx 0x0000001e cmp eax, 00000000h 0x00000021 je 00007F333124C93Ah 0x00000027 mov dword ptr [esp], 0000000Dh 0x0000002e call 00007F3335B98B4Bh 0x00000033 mov edi, edi 0x00000035 pushad 0x00000036 pushad 0x00000037 push eax 0x00000038 pop edx 0x00000039 popad 0x0000003a movsx ebx, cx 0x0000003d popad 0x0000003e xchg eax, ebp 0x0000003f push eax 0x00000040 push edx 0x00000041 jmp 00007F333124C7DDh 0x00000046 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E301F5 second address: 4E30236 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov si, di 0x00000006 mov dx, C37Eh 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 pushfd 0x00000012 jmp 00007F3331238821h 0x00000017 adc esi, 42F9EF06h 0x0000001d jmp 00007F3331238821h 0x00000022 popfd 0x00000023 mov eax, 5F4BB2B7h 0x00000028 popad 0x00000029 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30236 second address: 4E30287 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7DDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007F333124C7DEh 0x0000000f mov ebp, esp 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 mov dl, AAh 0x00000016 pushfd 0x00000017 jmp 00007F333124C7E6h 0x0000001c xor ecx, 3B736338h 0x00000022 jmp 00007F333124C7DBh 0x00000027 popfd 0x00000028 popad 0x00000029 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30287 second address: 4E302B5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 mov eax, ebx 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a sub esp, 2Ch 0x0000000d jmp 00007F3331238827h 0x00000012 xchg eax, ebx 0x00000013 push eax 0x00000014 push edx 0x00000015 pushad 0x00000016 movsx ebx, ax 0x00000019 mov dh, ah 0x0000001b popad 0x0000001c rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E302B5 second address: 4E30314 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7E6h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b pushfd 0x0000000c jmp 00007F333124C7E1h 0x00000011 adc ah, FFFFFF96h 0x00000014 jmp 00007F333124C7E1h 0x00000019 popfd 0x0000001a mov edi, eax 0x0000001c popad 0x0000001d xchg eax, ebx 0x0000001e push eax 0x0000001f push edx 0x00000020 push eax 0x00000021 push edx 0x00000022 jmp 00007F333124C7E4h 0x00000027 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30314 second address: 4E30323 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333123881Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30323 second address: 4E30392 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushfd 0x00000006 jmp 00007F333124C7E5h 0x0000000b xor ecx, 1E7AFA06h 0x00000011 jmp 00007F333124C7E1h 0x00000016 popfd 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a xchg eax, edi 0x0000001b pushad 0x0000001c pushad 0x0000001d mov edi, eax 0x0000001f mov dh, ah 0x00000021 popad 0x00000022 pushfd 0x00000023 jmp 00007F333124C7DBh 0x00000028 and cl, 0000003Eh 0x0000002b jmp 00007F333124C7E9h 0x00000030 popfd 0x00000031 popad 0x00000032 push eax 0x00000033 push eax 0x00000034 push edx 0x00000035 push eax 0x00000036 push edx 0x00000037 pushad 0x00000038 popad 0x00000039 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30392 second address: 4E30398 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30449 second address: 4E3047E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov cx, dx 0x00000006 mov bh, 5Eh 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b test al, al 0x0000000d pushad 0x0000000e pushad 0x0000000f mov al, 1Dh 0x00000011 mov ebx, 4CB4AEDEh 0x00000016 popad 0x00000017 movsx edx, cx 0x0000001a popad 0x0000001b je 00007F333124C9EAh 0x00000021 pushad 0x00000022 mov cx, 8153h 0x00000026 mov ecx, 040CDFAFh 0x0000002b popad 0x0000002c lea ecx, dword ptr [ebp-14h] 0x0000002f push eax 0x00000030 push edx 0x00000031 pushad 0x00000032 mov ah, bh 0x00000034 popad 0x00000035 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30588 second address: 4E3058E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E3058E second address: 4E30592 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30616 second address: 4E3062E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F3331238824h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E3062E second address: 4E30632 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30632 second address: 4E30643 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 cmp dword ptr [ebp-14h], edi 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30643 second address: 4E30647 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30647 second address: 4E3064B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E3064B second address: 4E30651 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30651 second address: 4E30657 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30657 second address: 4E3068A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7DDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jne 00007F33A180A607h 0x00000011 jmp 00007F333124C7DEh 0x00000016 mov ebx, dword ptr [ebp+08h] 0x00000019 push eax 0x0000001a push edx 0x0000001b pushad 0x0000001c mov eax, edi 0x0000001e mov si, bx 0x00000021 popad 0x00000022 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30790 second address: 4E3079F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333123881Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E3079F second address: 4E307B7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F333124C7E4h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E307B7 second address: 4E307DE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333123881Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b test esi, esi 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F3331238820h 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E307DE second address: 4E307E4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E307E4 second address: 4E307EA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E307EA second address: 4E307EE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E307EE second address: 4E307F2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E307F2 second address: 4E30014 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 je 00007F33A180A631h 0x0000000e xor eax, eax 0x00000010 jmp 00007F3331225F0Ah 0x00000015 pop esi 0x00000016 pop edi 0x00000017 pop ebx 0x00000018 leave 0x00000019 retn 0004h 0x0000001c nop 0x0000001d sub esp, 04h 0x00000020 mov esi, eax 0x00000022 xor ebx, ebx 0x00000024 cmp esi, 00000000h 0x00000027 je 00007F333124C915h 0x0000002d call 00007F3335B9881Ch 0x00000032 mov edi, edi 0x00000034 push eax 0x00000035 push edx 0x00000036 jmp 00007F333124C7E0h 0x0000003b rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30014 second address: 4E3001A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E3001A second address: 4E3001E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E3001E second address: 4E3005C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a call 00007F3331238824h 0x0000000f push esi 0x00000010 pop edi 0x00000011 pop esi 0x00000012 mov cx, bx 0x00000015 popad 0x00000016 mov dword ptr [esp], ebp 0x00000019 push eax 0x0000001a push edx 0x0000001b jmp 00007F3331238824h 0x00000020 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E3005C second address: 4E3012F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F333124C7E1h 0x00000009 adc cx, F536h 0x0000000e jmp 00007F333124C7E1h 0x00000013 popfd 0x00000014 mov eax, 30967127h 0x00000019 popad 0x0000001a pop edx 0x0000001b pop eax 0x0000001c mov ebp, esp 0x0000001e pushad 0x0000001f pushfd 0x00000020 jmp 00007F333124C7E8h 0x00000025 add cx, EB88h 0x0000002a jmp 00007F333124C7DBh 0x0000002f popfd 0x00000030 call 00007F333124C7E8h 0x00000035 pop edx 0x00000036 popad 0x00000037 xchg eax, ecx 0x00000038 pushad 0x00000039 push ecx 0x0000003a pushfd 0x0000003b jmp 00007F333124C7E9h 0x00000040 jmp 00007F333124C7DBh 0x00000045 popfd 0x00000046 pop esi 0x00000047 mov edx, 055AB28Ch 0x0000004c popad 0x0000004d push eax 0x0000004e pushad 0x0000004f call 00007F333124C7E0h 0x00000054 pop ebx 0x00000055 mov edi, eax 0x00000057 popad 0x00000058 xchg eax, ecx 0x00000059 push eax 0x0000005a push edx 0x0000005b jmp 00007F333124C7DFh 0x00000060 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30C99 second address: 4E30C9F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30C9F second address: 4E30CA3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30CA3 second address: 4E30CC0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333123881Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f mov di, 88A6h 0x00000013 mov cx, dx 0x00000016 popad 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30CC0 second address: 4E30CFF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7E8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d pushfd 0x0000000e jmp 00007F333124C7DCh 0x00000013 adc cl, 00000078h 0x00000016 jmp 00007F333124C7DBh 0x0000001b popfd 0x0000001c push esi 0x0000001d pop edx 0x0000001e popad 0x0000001f rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30CFF second address: 4E30D22 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 mov esi, edi 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a xchg eax, ebp 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F3331238826h 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30D22 second address: 4E30D34 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F333124C7DEh 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30D34 second address: 4E30D38 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30D38 second address: 4E30D72 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ebp, esp 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d pushfd 0x0000000e jmp 00007F333124C7E8h 0x00000013 add ax, 0898h 0x00000018 jmp 00007F333124C7DBh 0x0000001d popfd 0x0000001e mov ah, DEh 0x00000020 popad 0x00000021 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30D72 second address: 4E30D97 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movzx eax, bx 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 cmp dword ptr [7544459Ch], 05h 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007F3331238821h 0x00000019 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30D97 second address: 4E30D9D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30D9D second address: 4E30DA3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30DA3 second address: 4E30DA7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30DA7 second address: 4E30DAB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E30DAB second address: 4E30E04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 je 00007F33A17FA422h 0x0000000e jmp 00007F333124C7E2h 0x00000013 pop ebp 0x00000014 push eax 0x00000015 push edx 0x00000016 pushad 0x00000017 push edi 0x00000018 pop ecx 0x00000019 pushfd 0x0000001a jmp 00007F333124C7E9h 0x0000001f sub eax, 218E13A6h 0x00000025 jmp 00007F333124C7E1h 0x0000002a popfd 0x0000002b popad 0x0000002c rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E40033 second address: 4E40037 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E40037 second address: 4E4004A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7DFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E4004A second address: 4E400BB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F333123881Fh 0x00000009 sbb cl, FFFFFF9Eh 0x0000000c jmp 00007F3331238829h 0x00000011 popfd 0x00000012 mov dx, ax 0x00000015 popad 0x00000016 pop edx 0x00000017 pop eax 0x00000018 call 00007F33A17DE308h 0x0000001d push 753E2B70h 0x00000022 push dword ptr fs:[00000000h] 0x00000029 mov eax, dword ptr [esp+10h] 0x0000002d mov dword ptr [esp+10h], ebp 0x00000031 lea ebp, dword ptr [esp+10h] 0x00000035 sub esp, eax 0x00000037 push ebx 0x00000038 push esi 0x00000039 push edi 0x0000003a mov eax, dword ptr [75444538h] 0x0000003f xor dword ptr [ebp-04h], eax 0x00000042 xor eax, ebp 0x00000044 push eax 0x00000045 mov dword ptr [ebp-18h], esp 0x00000048 push dword ptr [ebp-08h] 0x0000004b mov eax, dword ptr [ebp-04h] 0x0000004e mov dword ptr [ebp-04h], FFFFFFFEh 0x00000055 mov dword ptr [ebp-08h], eax 0x00000058 lea eax, dword ptr [ebp-10h] 0x0000005b mov dword ptr fs:[00000000h], eax 0x00000061 ret 0x00000062 push eax 0x00000063 push edx 0x00000064 pushad 0x00000065 pushfd 0x00000066 jmp 00007F333123881Fh 0x0000006b adc si, 8BAEh 0x00000070 jmp 00007F3331238829h 0x00000075 popfd 0x00000076 movzx eax, dx 0x00000079 popad 0x0000007a rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E400BB second address: 4E400C1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E400C1 second address: 4E400C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E400C5 second address: 4E400D5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 sub esi, esi 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E400D5 second address: 4E400D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E400D9 second address: 4E400DD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E400DD second address: 4E400E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E40127 second address: 4E4012B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E4012B second address: 4E40148 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F3331238829h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E40BC8 second address: 4E40BCE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E40BCE second address: 4E40BD4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E40BD4 second address: 4E40BD8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E40BD8 second address: 4E40C22 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333123881Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c jmp 00007F333123881Bh 0x00000011 xchg eax, ebp 0x00000012 jmp 00007F3331238826h 0x00000017 mov ebp, esp 0x00000019 pushad 0x0000001a mov si, 1B1Dh 0x0000001e call 00007F333123881Ah 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc |
| Source: C:\Users\user\Desktop\Wvo9FU4qo9.exe | RDTSC instruction interceptor: First address: 4E40D45 second address: 4E40D54 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F333124C7DBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Edit tour
Wvo9FU4qo9.exe (PID: 6596 cmdline: 
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node