| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 350CEF second address: 350CF3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4C5A4E second address: 4C5A60 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007F17510C2656h 0x0000000a popad 0x0000000b pushad 0x0000000c push esi 0x0000000d pop esi 0x0000000e pushad 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4C5A60 second address: 4C5A66 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CACA9 second address: 4CACB9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pushad 0x00000008 jnc 00007F17510C2656h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CAF6A second address: 4CAF70 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CB0FB second address: 4CB105 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pop esi 0x00000006 push ebx 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CB23B second address: 4CB26A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F17510BF1BDh 0x0000000e pushad 0x0000000f pushad 0x00000010 popad 0x00000011 jmp 00007F17510BF1C1h 0x00000016 pushad 0x00000017 popad 0x00000018 push ebx 0x00000019 pop ebx 0x0000001a popad 0x0000001b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CB26A second address: 4CB278 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510C265Ah 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CB278 second address: 4CB281 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push esi 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CB52C second address: 4CB542 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F17510C2656h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jbe 00007F17510C265Ch 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CB542 second address: 4CB575 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F17510BF1C9h 0x00000008 jmp 00007F17510BF1C1h 0x0000000d push eax 0x0000000e pop eax 0x0000000f popad 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CB575 second address: 4CB58C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F17510C2661h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CB58C second address: 4CB599 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CB599 second address: 4CB5B6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jmp 00007F17510C265Eh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c jnc 00007F17510C2656h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CB5B6 second address: 4CB5C1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007F17510BF1B6h 0x0000000a popad 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CB5C1 second address: 4CB5C9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CB5C9 second address: 4CB5D6 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F17510BF1B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push edi 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CDBB5 second address: 4CDBC0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push ecx 0x0000000a pop ecx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CDBC0 second address: 4CDBDB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1BCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a mov eax, dword ptr [esp+04h] 0x0000000e push eax 0x0000000f push edx 0x00000010 push edx 0x00000011 push edx 0x00000012 pop edx 0x00000013 pop edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CDBDB second address: 4CDC81 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C265Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [eax] 0x0000000b jnc 00007F17510C2662h 0x00000011 mov dword ptr [esp+04h], eax 0x00000015 ja 00007F17510C2671h 0x0000001b pop eax 0x0000001c clc 0x0000001d jmp 00007F17510C265Ch 0x00000022 push 00000003h 0x00000024 call 00007F17510C265Ch 0x00000029 ja 00007F17510C265Ah 0x0000002f pop edi 0x00000030 push 00000000h 0x00000032 push 00000000h 0x00000034 push ecx 0x00000035 call 00007F17510C2658h 0x0000003a pop ecx 0x0000003b mov dword ptr [esp+04h], ecx 0x0000003f add dword ptr [esp+04h], 00000014h 0x00000047 inc ecx 0x00000048 push ecx 0x00000049 ret 0x0000004a pop ecx 0x0000004b ret 0x0000004c push 00000003h 0x0000004e call 00007F17510C2659h 0x00000053 jc 00007F17510C2668h 0x00000059 push eax 0x0000005a push edx 0x0000005b push eax 0x0000005c push edx 0x0000005d rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CDC81 second address: 4CDC85 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CDC85 second address: 4CDCF6 instructions: 0x00000000 rdtsc 0x00000002 js 00007F17510C2656h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b jnp 00007F17510C265Ch 0x00000011 pushad 0x00000012 pushad 0x00000013 popad 0x00000014 pushad 0x00000015 popad 0x00000016 popad 0x00000017 mov eax, dword ptr [esp+04h] 0x0000001b pushad 0x0000001c pushad 0x0000001d pushad 0x0000001e popad 0x0000001f pushad 0x00000020 popad 0x00000021 popad 0x00000022 jmp 00007F17510C265Ch 0x00000027 popad 0x00000028 mov eax, dword ptr [eax] 0x0000002a jmp 00007F17510C265Bh 0x0000002f mov dword ptr [esp+04h], eax 0x00000033 jl 00007F17510C265Ah 0x00000039 push eax 0x0000003a push ebx 0x0000003b pop ebx 0x0000003c pop eax 0x0000003d pop eax 0x0000003e mov ecx, dword ptr [ebp+122D3BFDh] 0x00000044 lea ebx, dword ptr [ebp+124509DFh] 0x0000004a xor edi, 22B2457Fh 0x00000050 push eax 0x00000051 pushad 0x00000052 pushad 0x00000053 jno 00007F17510C2656h 0x00000059 jne 00007F17510C2656h 0x0000005f popad 0x00000060 push eax 0x00000061 push edx 0x00000062 push eax 0x00000063 push edx 0x00000064 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CDCF6 second address: 4CDCFA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CDD6A second address: 4CDD70 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CDEC9 second address: 4CDECD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CDECD second address: 4CDF76 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 xor dword ptr [esp], 4B1FC5EDh 0x0000000e mov edi, ebx 0x00000010 push 00000003h 0x00000012 mov dword ptr [ebp+122D196Bh], ebx 0x00000018 push 00000000h 0x0000001a jmp 00007F17510C2669h 0x0000001f push 00000003h 0x00000021 adc si, B638h 0x00000026 push D55A4F32h 0x0000002b push esi 0x0000002c jmp 00007F17510C2668h 0x00000031 pop esi 0x00000032 xor dword ptr [esp], 155A4F32h 0x00000039 mov dword ptr [ebp+122D595Ah], edi 0x0000003f lea ebx, dword ptr [ebp+124509F3h] 0x00000045 push 00000000h 0x00000047 push ecx 0x00000048 call 00007F17510C2658h 0x0000004d pop ecx 0x0000004e mov dword ptr [esp+04h], ecx 0x00000052 add dword ptr [esp+04h], 00000014h 0x0000005a inc ecx 0x0000005b push ecx 0x0000005c ret 0x0000005d pop ecx 0x0000005e ret 0x0000005f xchg eax, ebx 0x00000060 jmp 00007F17510C2665h 0x00000065 push eax 0x00000066 push eax 0x00000067 push edx 0x00000068 push ecx 0x00000069 jng 00007F17510C2656h 0x0000006f pop ecx 0x00000070 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4EEBAE second address: 4EEBB2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4EEBB2 second address: 4EEBB8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4ECBFD second address: 4ECC01 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4ECC01 second address: 4ECC5D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 js 00007F17510C2656h 0x0000000d pushad 0x0000000e popad 0x0000000f jmp 00007F17510C2666h 0x00000014 ja 00007F17510C2656h 0x0000001a popad 0x0000001b pushad 0x0000001c jbe 00007F17510C2656h 0x00000022 jmp 00007F17510C2664h 0x00000027 popad 0x00000028 jmp 00007F17510C265Ah 0x0000002d popad 0x0000002e pushad 0x0000002f jbe 00007F17510C265Eh 0x00000035 push eax 0x00000036 push edx 0x00000037 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4ECF67 second address: 4ECF6B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4ED10F second address: 4ED11F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jno 00007F17510C2656h 0x0000000a jno 00007F17510C2656h 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4ED11F second address: 4ED14B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1BCh 0x00000007 jmp 00007F17510BF1C5h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 push ebx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4ED14B second address: 4ED15E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop ebx 0x00000007 jmp 00007F17510C265Ch 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4ED483 second address: 4ED487 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4ED603 second address: 4ED614 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F17510C265Dh 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4ED77A second address: 4ED79B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F17510BF1C3h 0x00000009 pop ecx 0x0000000a pushad 0x0000000b jnp 00007F17510BF1B6h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4ED79B second address: 4ED7A2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4EDD08 second address: 4EDD0E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4EE2BF second address: 4EE2D3 instructions: 0x00000000 rdtsc 0x00000002 js 00007F17510C2656h 0x00000008 push edi 0x00000009 pop edi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jno 00007F17510C2662h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4EE2D3 second address: 4EE2DD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007F17510BF1B6h 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4EE48A second address: 4EE494 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F17510C2656h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4EE494 second address: 4EE49A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4EE49A second address: 4EE4A4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F17510C2656h 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4EE724 second address: 4EE732 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jl 00007F17510BF1BCh 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4EE9F4 second address: 4EE9FE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4EE9FE second address: 4EEA28 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a jnp 00007F17510BF1B6h 0x00000010 jmp 00007F17510BF1C9h 0x00000015 popad 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4F1B47 second address: 4F1B4C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4F44C0 second address: 4F44EA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007F17510BF1B6h 0x0000000a jmp 00007F17510BF1C8h 0x0000000f push edi 0x00000010 pop edi 0x00000011 popad 0x00000012 pop eax 0x00000013 push ecx 0x00000014 push ebx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FA121 second address: 4FA127 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FA127 second address: 4FA136 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F17510BF1B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4C3F7F second address: 4C3F8A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jo 00007F17510C2656h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4F9E39 second address: 4F9E3D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4F9FB3 second address: 4F9FBB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FC09C second address: 4FC0A2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FC120 second address: 4FC124 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FC124 second address: 4FC16D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b push edi 0x0000000c push edi 0x0000000d jng 00007F17510BF1B6h 0x00000013 pop edi 0x00000014 pop edi 0x00000015 mov eax, dword ptr [eax] 0x00000017 jmp 00007F17510BF1BAh 0x0000001c mov dword ptr [esp+04h], eax 0x00000020 push eax 0x00000021 push edx 0x00000022 pushad 0x00000023 jmp 00007F17510BF1C1h 0x00000028 jmp 00007F17510BF1BFh 0x0000002d popad 0x0000002e rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FC16D second address: 4FC1A4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C2669h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop eax 0x0000000a push 700B53F8h 0x0000000f push edi 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F17510C2661h 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FC1A4 second address: 4FC1A8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FC31C second address: 4FC322 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FC520 second address: 4FC534 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1C0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FC5F3 second address: 4FC60D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 jnc 00007F17510C265Ch 0x0000000b popad 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 pushad 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FC60D second address: 4FC612 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FC612 second address: 4FC618 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FCCD1 second address: 4FCCD6 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FCE76 second address: 4FCE7A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FD148 second address: 4FD15A instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F17510BF1B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jbe 00007F17510BF1BCh 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FE17F second address: 4FE194 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jne 00007F17510C265Ch 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FDFFD second address: 4FE007 instructions: 0x00000000 rdtsc 0x00000002 js 00007F17510BF1B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FE194 second address: 4FE200 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 js 00007F17510C2656h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e nop 0x0000000f mov si, 39FAh 0x00000013 push 00000000h 0x00000015 push 00000000h 0x00000017 push edi 0x00000018 call 00007F17510C2658h 0x0000001d pop edi 0x0000001e mov dword ptr [esp+04h], edi 0x00000022 add dword ptr [esp+04h], 0000001Ah 0x0000002a inc edi 0x0000002b push edi 0x0000002c ret 0x0000002d pop edi 0x0000002e ret 0x0000002f mov dword ptr [ebp+1245F297h], ecx 0x00000035 push 00000000h 0x00000037 jng 00007F17510C2673h 0x0000003d jnp 00007F17510C266Dh 0x00000043 call 00007F17510C2666h 0x00000048 pop esi 0x00000049 mov si, 8AB1h 0x0000004d xchg eax, ebx 0x0000004e push edi 0x0000004f push eax 0x00000050 push edx 0x00000051 push edx 0x00000052 pop edx 0x00000053 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FE007 second address: 4FE021 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1C1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b push esi 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FE200 second address: 4FE21C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C265Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edi 0x0000000a push eax 0x0000000b js 00007F17510C2664h 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FE21C second address: 4FE220 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FF2A3 second address: 4FF2AD instructions: 0x00000000 rdtsc 0x00000002 jns 00007F17510C2656h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FF2AD second address: 4FF2B3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FF2B3 second address: 4FF321 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C2668h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov dword ptr [esp], eax 0x0000000e push eax 0x0000000f jc 00007F17510C265Ch 0x00000015 jg 00007F17510C2656h 0x0000001b pop esi 0x0000001c push 00000000h 0x0000001e movzx esi, si 0x00000021 push 00000000h 0x00000023 push 00000000h 0x00000025 push edx 0x00000026 call 00007F17510C2658h 0x0000002b pop edx 0x0000002c mov dword ptr [esp+04h], edx 0x00000030 add dword ptr [esp+04h], 0000001Dh 0x00000038 inc edx 0x00000039 push edx 0x0000003a ret 0x0000003b pop edx 0x0000003c ret 0x0000003d mov si, DEC1h 0x00000041 xchg eax, ebx 0x00000042 push eax 0x00000043 push edx 0x00000044 jnp 00007F17510C265Ch 0x0000004a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FF321 second address: 4FF327 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FF327 second address: 4FF32B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FF32B second address: 4FF34B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a pushad 0x0000000b jmp 00007F17510BF1C3h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 501916 second address: 50191E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 501ED2 second address: 501ED7 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 501ED7 second address: 501F49 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 jmp 00007F17510C265Fh 0x0000000d nop 0x0000000e mov dword ptr [ebp+122D1929h], edx 0x00000014 push 00000000h 0x00000016 push 00000000h 0x00000018 push esi 0x00000019 call 00007F17510C2658h 0x0000001e pop esi 0x0000001f mov dword ptr [esp+04h], esi 0x00000023 add dword ptr [esp+04h], 00000014h 0x0000002b inc esi 0x0000002c push esi 0x0000002d ret 0x0000002e pop esi 0x0000002f ret 0x00000030 jmp 00007F17510C265Dh 0x00000035 push 00000000h 0x00000037 push 00000000h 0x00000039 push ebx 0x0000003a call 00007F17510C2658h 0x0000003f pop ebx 0x00000040 mov dword ptr [esp+04h], ebx 0x00000044 add dword ptr [esp+04h], 00000015h 0x0000004c inc ebx 0x0000004d push ebx 0x0000004e ret 0x0000004f pop ebx 0x00000050 ret 0x00000051 xchg eax, ebx 0x00000052 push ebx 0x00000053 push eax 0x00000054 push edx 0x00000055 jne 00007F17510C2656h 0x0000005b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 505368 second address: 50536E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 507943 second address: 507948 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 507948 second address: 5079A2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1C4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c add dword ptr [ebp+122D1DDAh], edi 0x00000012 mov edi, 0FF04D6Dh 0x00000017 push 00000000h 0x00000019 push 00000000h 0x0000001b push ebp 0x0000001c call 00007F17510BF1B8h 0x00000021 pop ebp 0x00000022 mov dword ptr [esp+04h], ebp 0x00000026 add dword ptr [esp+04h], 00000017h 0x0000002e inc ebp 0x0000002f push ebp 0x00000030 ret 0x00000031 pop ebp 0x00000032 ret 0x00000033 sbb ebx, 0C14193Eh 0x00000039 push 00000000h 0x0000003b xchg eax, esi 0x0000003c jg 00007F17510BF1C4h 0x00000042 push eax 0x00000043 push edx 0x00000044 push eax 0x00000045 push edx 0x00000046 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5079A2 second address: 5079A6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 505AD9 second address: 505AE3 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F17510BF1BCh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 506B52 second address: 506B56 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 508C35 second address: 508C39 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 505AE3 second address: 505AFD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 pushad 0x00000008 jmp 00007F17510C265Ah 0x0000000d jl 00007F17510C265Ch 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 509CB7 second address: 509CC9 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F17510BF1B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jo 00007F17510BF1B6h 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 507B27 second address: 507B2E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 popad 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 50BA5E second address: 50BA64 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 50BA64 second address: 50BA77 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F17510C2658h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 pop edx 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 50BA77 second address: 50BA7D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 50BA7D second address: 50BA81 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 50BA81 second address: 50BA85 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 50BDBB second address: 50BDD4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 pushad 0x00000009 jno 00007F17510C2658h 0x0000000f js 00007F17510C265Ch 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 50CD82 second address: 50CE30 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop esi 0x00000006 push eax 0x00000007 push esi 0x00000008 pushad 0x00000009 jmp 00007F17510BF1BEh 0x0000000e jns 00007F17510BF1B6h 0x00000014 popad 0x00000015 pop esi 0x00000016 nop 0x00000017 push 00000000h 0x00000019 push ebx 0x0000001a call 00007F17510BF1B8h 0x0000001f pop ebx 0x00000020 mov dword ptr [esp+04h], ebx 0x00000024 add dword ptr [esp+04h], 00000017h 0x0000002c inc ebx 0x0000002d push ebx 0x0000002e ret 0x0000002f pop ebx 0x00000030 ret 0x00000031 pushad 0x00000032 jmp 00007F17510BF1C6h 0x00000037 mov edx, dword ptr [ebp+124796ADh] 0x0000003d popad 0x0000003e push dword ptr fs:[00000000h] 0x00000045 mov ebx, dword ptr [ebp+122D394Dh] 0x0000004b mov dword ptr fs:[00000000h], esp 0x00000052 mov edi, esi 0x00000054 mov eax, dword ptr [ebp+122D1755h] 0x0000005a mov edi, edx 0x0000005c push FFFFFFFFh 0x0000005e call 00007F17510BF1BCh 0x00000063 call 00007F17510BF1BEh 0x00000068 mov dword ptr [ebp+122D323Dh], esi 0x0000006e pop edi 0x0000006f pop edi 0x00000070 nop 0x00000071 push eax 0x00000072 push edx 0x00000073 jmp 00007F17510BF1BCh 0x00000078 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 50EDA4 second address: 50EDB2 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F17510C2656h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push edx 0x0000000d pop edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 50CE30 second address: 50CE36 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 511C35 second address: 511C42 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push ecx 0x0000000a pushad 0x0000000b popad 0x0000000c pop ecx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 511C42 second address: 511C56 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510BF1C0h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 511C56 second address: 511C5A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 512CDF second address: 512CE9 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F17510BF1B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 512CE9 second address: 512D0A instructions: 0x00000000 rdtsc 0x00000002 jl 00007F17510C2658h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b jo 00007F17510C2669h 0x00000011 pushad 0x00000012 jmp 00007F17510C265Bh 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 50F027 second address: 50F040 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1C5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 50F040 second address: 50F050 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F17510C265Bh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 510DE0 second address: 510DE6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 510DE6 second address: 510E57 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C265Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c sub edi, 19D66CC4h 0x00000012 push dword ptr fs:[00000000h] 0x00000019 clc 0x0000001a mov dword ptr fs:[00000000h], esp 0x00000021 mov dword ptr [ebp+1245BB12h], esi 0x00000027 xor dword ptr [ebp+122D2F80h], edx 0x0000002d mov eax, dword ptr [ebp+122D0281h] 0x00000033 push 00000000h 0x00000035 push ecx 0x00000036 call 00007F17510C2658h 0x0000003b pop ecx 0x0000003c mov dword ptr [esp+04h], ecx 0x00000040 add dword ptr [esp+04h], 00000018h 0x00000048 inc ecx 0x00000049 push ecx 0x0000004a ret 0x0000004b pop ecx 0x0000004c ret 0x0000004d push FFFFFFFFh 0x0000004f or edi, 5A427127h 0x00000055 add dword ptr [ebp+122D26EDh], ebx 0x0000005b nop 0x0000005c push eax 0x0000005d push edx 0x0000005e pushad 0x0000005f push ebx 0x00000060 pop ebx 0x00000061 push edx 0x00000062 pop edx 0x00000063 popad 0x00000064 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 50DEB2 second address: 50DEB8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 50DEB8 second address: 50DED7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edx 0x00000004 pop edx 0x00000005 push ecx 0x00000006 pop ecx 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F17510C2661h 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 513B8E second address: 513B92 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 513B92 second address: 513BDD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C265Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a mov dword ptr [esp], eax 0x0000000d call 00007F17510C2669h 0x00000012 mov ebx, dword ptr [ebp+122D3C25h] 0x00000018 pop ebx 0x00000019 push 00000000h 0x0000001b mov bl, EEh 0x0000001d push 00000000h 0x0000001f add ebx, dword ptr [ebp+122D1869h] 0x00000025 xchg eax, esi 0x00000026 jbe 00007F17510C2660h 0x0000002c push eax 0x0000002d push edx 0x0000002e push esi 0x0000002f pop esi 0x00000030 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 511E5E second address: 511E68 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jbe 00007F17510BF1B6h 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 513E13 second address: 513E19 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 513E19 second address: 513E1D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 517E7F second address: 517EBF instructions: 0x00000000 rdtsc 0x00000002 ja 00007F17510C2682h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ecx 0x0000000b push eax 0x0000000c js 00007F17510C2656h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 51CAB6 second address: 51CABC instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 520040 second address: 52004A instructions: 0x00000000 rdtsc 0x00000002 jo 00007F17510C2656h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4B8789 second address: 4B879D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F17510BF1BEh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4B879D second address: 4B87B2 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F17510C265Eh 0x00000008 pushad 0x00000009 push esi 0x0000000a pop esi 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 51F7F9 second address: 51F811 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F17510BF1C4h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 51F811 second address: 51F846 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 jne 00007F17510C2656h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jmp 00007F17510C2667h 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007F17510C265Ah 0x00000018 je 00007F17510C2656h 0x0000001e rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 521681 second address: 5216B2 instructions: 0x00000000 rdtsc 0x00000002 js 00007F17510BF1C9h 0x00000008 jmp 00007F17510BF1C3h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 jmp 00007F17510BF1BAh 0x00000017 pushad 0x00000018 popad 0x00000019 popad 0x0000001a push eax 0x0000001b push edx 0x0000001c push ebx 0x0000001d pop ebx 0x0000001e rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5216B2 second address: 5216B8 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 52660B second address: 526615 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 526615 second address: 526619 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 526619 second address: 52661D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 52661D second address: 52666E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 jmp 00007F17510C2669h 0x0000000d mov eax, dword ptr [esp+04h] 0x00000011 jmp 00007F17510C2667h 0x00000016 mov eax, dword ptr [eax] 0x00000018 jmp 00007F17510C265Ah 0x0000001d mov dword ptr [esp+04h], eax 0x00000021 push ebx 0x00000022 push eax 0x00000023 push edx 0x00000024 push ecx 0x00000025 pop ecx 0x00000026 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 52666E second address: 526672 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 526750 second address: 526754 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 52C3EF second address: 52C3FD instructions: 0x00000000 rdtsc 0x00000002 jne 00007F17510BF1B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 52C3FD second address: 52C401 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 52C401 second address: 52C40D instructions: 0x00000000 rdtsc 0x00000002 jo 00007F17510BF1B6h 0x00000008 push edi 0x00000009 pop edi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4AFFDB second address: 4AFFE5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007F17510C2656h 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 52BF3D second address: 52BF41 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 52BF41 second address: 52BF51 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F17510C265Ah 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 52BF51 second address: 52BF6E instructions: 0x00000000 rdtsc 0x00000002 jl 00007F17510BF1B8h 0x00000008 push esi 0x00000009 pop esi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d pushad 0x0000000e push edi 0x0000000f pop edi 0x00000010 jno 00007F17510BF1B6h 0x00000016 popad 0x00000017 push eax 0x00000018 push edx 0x00000019 pushad 0x0000001a popad 0x0000001b push ebx 0x0000001c pop ebx 0x0000001d rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 52C0B5 second address: 52C0C1 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push edi 0x00000004 pop edi 0x00000005 pop ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 push esi 0x00000009 pop esi 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 52C0C1 second address: 52C0C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 531A23 second address: 531A41 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop ecx 0x00000009 pushad 0x0000000a jnc 00007F17510C265Ch 0x00000010 js 00007F17510C265Ch 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 531A41 second address: 531A49 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 531A49 second address: 531A6D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C2662h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jg 00007F17510C2656h 0x00000011 jnp 00007F17510C2656h 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 531A6D second address: 531A71 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 530723 second address: 530727 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 530A00 second address: 530A1D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F17510BF1BEh 0x00000008 jmp 00007F17510BF1BAh 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 530435 second address: 530440 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 push edi 0x0000000a pop edi 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 530440 second address: 530444 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 530444 second address: 53044C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 53044C second address: 530456 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jne 00007F17510BF1B6h 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 530456 second address: 530467 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 jnp 00007F17510C2656h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FFBA0 second address: 4FFBA4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FFBA4 second address: 4FFBA8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 531221 second address: 53122A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push esi 0x00000004 pop esi 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5313A4 second address: 5313B0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 je 00007F17510C2656h 0x0000000a push edx 0x0000000b pop edx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5313B0 second address: 5313BA instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F17510BF1B6h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5314F0 second address: 5314F4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5314F4 second address: 531511 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007F17510BF1C2h 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 535CDA second address: 535CE0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 536117 second address: 536131 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F17510BF1C6h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 536131 second address: 536135 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 53628F second address: 536298 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 536298 second address: 53629E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 53629E second address: 5362A4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5362A4 second address: 5362AA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5363DC second address: 5363E6 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5363E6 second address: 5363F9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C265Fh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5363F9 second address: 536435 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007F17510BF1C5h 0x0000000c jo 00007F17510BF1CDh 0x00000012 jmp 00007F17510BF1C5h 0x00000017 pushad 0x00000018 popad 0x00000019 pushad 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 536435 second address: 53643B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5368CD second address: 5368D6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push esi 0x00000008 pop esi 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5368D6 second address: 5368DC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 536A3D second address: 536A43 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 536A43 second address: 536A5E instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pushad 0x00000004 popad 0x00000005 pop edi 0x00000006 pushad 0x00000007 jmp 00007F17510C2662h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 536BE0 second address: 536C08 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 jnc 00007F17510BF1B6h 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f jno 00007F17510BF1B6h 0x00000015 jmp 00007F17510BF1C3h 0x0000001a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 536C08 second address: 536C23 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C2667h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 536C23 second address: 536C30 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jng 00007F17510BF1B6h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 537175 second address: 53717B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 535A3A second address: 535A47 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F17510BF1B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ecx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 53C150 second address: 53C156 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 53C156 second address: 53C15C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 53C15C second address: 53C189 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C2661h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F17510C2661h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 push ecx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 53C189 second address: 53C196 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push esi 0x00000006 jng 00007F17510BF1B6h 0x0000000c pop esi 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 53C196 second address: 53C19B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 53C19B second address: 53C1A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 53EDFD second address: 53EE01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 53EE01 second address: 53EE2D instructions: 0x00000000 rdtsc 0x00000002 jl 00007F17510BF1B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jmp 00007F17510BF1C4h 0x00000010 jmp 00007F17510BF1BBh 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 53EE2D second address: 53EE47 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop esi 0x00000006 push eax 0x00000007 push edx 0x00000008 push edi 0x00000009 pushad 0x0000000a popad 0x0000000b pop edi 0x0000000c jmp 00007F17510C265Eh 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 53EE47 second address: 53EE58 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1BBh 0x00000007 push eax 0x00000008 push edx 0x00000009 push ecx 0x0000000a pop ecx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4BF119 second address: 4BF135 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C2661h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c push ecx 0x0000000d pop ecx 0x0000000e push edi 0x0000000f pop edi 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4BF135 second address: 4BF14E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1C5h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 543003 second address: 543017 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F17510C2656h 0x00000008 jc 00007F17510C2656h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 543017 second address: 54301D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 54301D second address: 54302A instructions: 0x00000000 rdtsc 0x00000002 je 00007F17510C2656h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 54302A second address: 54304E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007F17510BF1B6h 0x0000000a popad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F17510BF1C6h 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 54304E second address: 543055 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FA9C4 second address: 4FAA03 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F17510BF1C9h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c pushad 0x0000000d je 00007F17510BF1B6h 0x00000013 jmp 00007F17510BF1C3h 0x00000018 popad 0x00000019 pushad 0x0000001a push edx 0x0000001b pop edx 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FABE7 second address: 4FABEC instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FAFFC second address: 4FB000 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FB000 second address: 4FB006 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FB16E second address: 4FB173 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FB274 second address: 4FB28D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007F17510C2656h 0x0000000a popad 0x0000000b pop eax 0x0000000c mov eax, dword ptr [esp+04h] 0x00000010 jo 00007F17510C265Eh 0x00000016 push edx 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FB28D second address: 4FB2B5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 mov eax, dword ptr [eax] 0x00000007 jmp 00007F17510BF1C9h 0x0000000c mov dword ptr [esp+04h], eax 0x00000010 pushad 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FB2B5 second address: 4FB2D7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F17510C2669h 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FB2D7 second address: 4FB2DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FB483 second address: 4FB489 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FB489 second address: 4FB4AA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 pushad 0x00000008 jmp 00007F17510BF1C6h 0x0000000d push edi 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FB960 second address: 4FB976 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 jl 00007F17510C2662h 0x0000000e jo 00007F17510C265Ch 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FBA7C second address: 4FBA81 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FBA81 second address: 4FBA9A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F17510C265Dh 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FBA9A second address: 4FBAB0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1C2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 54330B second address: 543327 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C265Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F17510C265Dh 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5434B6 second address: 5434BA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5434BA second address: 5434C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push ebx 0x0000000a pushad 0x0000000b popad 0x0000000c pushad 0x0000000d popad 0x0000000e pop ebx 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5434C9 second address: 5434CF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5434CF second address: 5434D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 54361B second address: 54361F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 54361F second address: 543623 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 543623 second address: 543653 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ebx 0x00000007 push eax 0x00000008 pop eax 0x00000009 pushad 0x0000000a popad 0x0000000b pop ebx 0x0000000c pop esi 0x0000000d push edi 0x0000000e pushad 0x0000000f jnl 00007F17510BF1B6h 0x00000015 jmp 00007F17510BF1C5h 0x0000001a push edx 0x0000001b pop edx 0x0000001c popad 0x0000001d push ecx 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 543794 second address: 5437B7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510C2669h 0x00000009 jnc 00007F17510C2656h 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 54392C second address: 543934 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 543934 second address: 543951 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F17510C2656h 0x0000000a popad 0x0000000b pushad 0x0000000c jmp 00007F17510C265Dh 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 543AD0 second address: 543AE9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 pushad 0x00000006 jnp 00007F17510BF1B6h 0x0000000c jp 00007F17510BF1B6h 0x00000012 popad 0x00000013 push eax 0x00000014 push edx 0x00000015 push edi 0x00000016 pop edi 0x00000017 push edi 0x00000018 pop edi 0x00000019 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 543AE9 second address: 543B01 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C2661h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 543B01 second address: 543B1A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F17510BF1C3h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 543C60 second address: 543C66 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 543C66 second address: 543C81 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F17510BF1BCh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jc 00007F17510BF1BEh 0x00000011 push edx 0x00000012 pop edx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 549D1D second address: 549D28 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 550CCF second address: 550CE9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F17510BF1C5h 0x00000009 popad 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 550CE9 second address: 550CEE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 550E4C second address: 550E5C instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F17510BF1C2h 0x00000008 jnc 00007F17510BF1B6h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 554217 second address: 55421F instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 55421F second address: 55423E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510BF1C9h 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 55423E second address: 554242 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4B1AE7 second address: 4B1AEB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4B1AEB second address: 4B1B07 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F17510C2662h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4B1B07 second address: 4B1B0B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 559CC7 second address: 559CCB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 559CCB second address: 559CCF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 559CCF second address: 559CDF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jbe 00007F17510C2656h 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 559E5A second address: 559E5E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 559E5E second address: 559E81 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F17510C265Ch 0x00000008 push edi 0x00000009 jo 00007F17510C2656h 0x0000000f push edi 0x00000010 pop edi 0x00000011 pop edi 0x00000012 pop edx 0x00000013 pop eax 0x00000014 push edx 0x00000015 jg 00007F17510C265Eh 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 55A250 second address: 55A27B instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F17510BF1C4h 0x0000000b pop eax 0x0000000c push ebx 0x0000000d jmp 00007F17510BF1BCh 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 560A16 second address: 560A5C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F17510C2656h 0x0000000a popad 0x0000000b jmp 00007F17510C265Ah 0x00000010 popad 0x00000011 pushad 0x00000012 jmp 00007F17510C2669h 0x00000017 push ebx 0x00000018 jmp 00007F17510C2663h 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 561059 second address: 561064 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 push ecx 0x0000000a pop ecx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 561064 second address: 56106A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 56106A second address: 561070 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 561070 second address: 561078 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 561078 second address: 56107C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 56107C second address: 5610AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnp 00007F17510C2658h 0x0000000c pushad 0x0000000d popad 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pushad 0x00000011 jmp 00007F17510C265Ch 0x00000016 push eax 0x00000017 push edx 0x00000018 jmp 00007F17510C2660h 0x0000001d rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5613C4 second address: 5613CE instructions: 0x00000000 rdtsc 0x00000002 jo 00007F17510BF1BCh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5613CE second address: 5613EA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 jmp 00007F17510C2666h 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4B35A9 second address: 4B35BC instructions: 0x00000000 rdtsc 0x00000002 jc 00007F17510BF1B6h 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f pushad 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4B35BC second address: 4B35D5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 jmp 00007F17510C2660h 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 56AF2A second address: 56AF30 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 56AF30 second address: 56AF52 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 pushad 0x00000008 pushad 0x00000009 jmp 00007F17510C2667h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 56AF52 second address: 56AF5A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 56AF5A second address: 56AF7C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 jmp 00007F17510C2668h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 56AF7C second address: 56AF9C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007F17510BF1C8h 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 56B282 second address: 56B292 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F17510C2656h 0x00000008 ja 00007F17510C2656h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 56B292 second address: 56B2A0 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 push eax 0x00000006 pop eax 0x00000007 pop ebx 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d pop eax 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 56B3F8 second address: 56B41A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F17510C265Dh 0x00000009 pop ecx 0x0000000a jg 00007F17510C265Ch 0x00000010 jl 00007F17510C2656h 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 56B41A second address: 56B42D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F17510BF1BFh 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 56B811 second address: 56B830 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pushad 0x00000006 jmp 00007F17510C2667h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 56B830 second address: 56B838 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5725D3 second address: 5725E0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F17510C2656h 0x0000000a push esi 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 572B6D second address: 572B78 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 pushad 0x00000009 popad 0x0000000a popad 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 572B78 second address: 572B88 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510C265Ch 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 572B88 second address: 572B94 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 572B94 second address: 572B9A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 572B9A second address: 572B9E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 572B9E second address: 572BA2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 572E54 second address: 572E5A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5730FE second address: 573108 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F17510C2656h 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5733FA second address: 573419 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 jmp 00007F17510BF1C9h 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 573AE8 second address: 573B00 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a jmp 00007F17510C265Eh 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 573B00 second address: 573B04 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 573B04 second address: 573B0D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edi 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 57A89D second address: 57A8C7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F17510BF1BDh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jmp 00007F17510BF1C4h 0x00000010 push esi 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 57A8C7 second address: 57A8DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop esi 0x00000007 popad 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b jnp 00007F17510C2656h 0x00000011 pushad 0x00000012 popad 0x00000013 popad 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 57A8DB second address: 57A8E1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 57A2FC second address: 57A306 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F17510C2656h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 57A306 second address: 57A30C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 57A30C second address: 57A331 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C265Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F17510C2660h 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 588026 second address: 58802A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 58802A second address: 588044 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C2666h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 58ED62 second address: 58ED66 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 58ED66 second address: 58ED72 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007F17510C2656h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 596050 second address: 59606C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push ebx 0x00000006 jmp 00007F17510BF1C1h 0x0000000b pop ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 59606C second address: 596072 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 596072 second address: 59607C instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push esi 0x00000009 pop esi 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5A77A2 second address: 5A77A6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5A7A80 second address: 5A7A88 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5A7A88 second address: 5A7A8E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5A7C23 second address: 5A7C3E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1C7h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5A7F8E second address: 5A7F92 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5A7F92 second address: 5A7FEF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1BAh 0x00000007 jnp 00007F17510BF1B6h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f jmp 00007F17510BF1C7h 0x00000014 popad 0x00000015 push eax 0x00000016 push edx 0x00000017 jbe 00007F17510BF1BEh 0x0000001d push ecx 0x0000001e jmp 00007F17510BF1BEh 0x00000023 jmp 00007F17510BF1C1h 0x00000028 pop ecx 0x00000029 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5A8173 second address: 5A8180 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 jbe 00007F17510C2656h 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5A8CFE second address: 5A8D02 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5A8D02 second address: 5A8D08 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5AC878 second address: 5AC8AA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 jnl 00007F17510BF1BCh 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F17510BF1C1h 0x00000012 jmp 00007F17510BF1BEh 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5AC8AA second address: 5AC8AE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5AC8AE second address: 5AC8DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a jmp 00007F17510BF1BAh 0x0000000f push edx 0x00000010 pop edx 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007F17510BF1C5h 0x00000019 pushad 0x0000001a popad 0x0000001b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5AC8DE second address: 5AC8E8 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F17510C2656h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5AC8E8 second address: 5AC8ED instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5AC8ED second address: 5AC90B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F17510C2668h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5AC468 second address: 5AC46C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5AC46C second address: 5AC472 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5AC472 second address: 5AC478 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5AC5A6 second address: 5AC5AC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5AE042 second address: 5AE04E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jne 00007F17510BF1B6h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5AE04E second address: 5AE052 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5C00AC second address: 5C00B0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5C00B0 second address: 5C00B6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5CE5DE second address: 5CE5E5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5D13EF second address: 5D13FF instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 jng 00007F17510C2656h 0x00000009 pop esi 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e push edi 0x0000000f pop edi 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5D13FF second address: 5D1403 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5D111F second address: 5D1123 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5F9BE8 second address: 5F9C0B instructions: 0x00000000 rdtsc 0x00000002 jne 00007F17510BF1B6h 0x00000008 jo 00007F17510BF1B6h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F17510BF1BBh 0x00000017 js 00007F17510BF1B6h 0x0000001d rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5F9C0B second address: 5F9C15 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F17510C2656h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5F9EBE second address: 5F9ED9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jmp 00007F17510BF1C5h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5F9ED9 second address: 5F9EDE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5F9EDE second address: 5F9EE4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5FA02D second address: 5FA033 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5FA033 second address: 5FA037 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5FA037 second address: 5FA042 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ecx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5FA042 second address: 5FA048 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5FA810 second address: 5FA817 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5FA995 second address: 5FA999 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5FA999 second address: 5FA9AB instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F17510C2656h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jnp 00007F17510C2658h 0x00000010 push esi 0x00000011 pop esi 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5FA9AB second address: 5FA9B7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jng 00007F17510BF1B6h 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5FD8A8 second address: 5FD8AC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5FD8AC second address: 5FD8D5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b jmp 00007F17510BF1C3h 0x00000010 jmp 00007F17510BF1BAh 0x00000015 popad 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5FD8D5 second address: 5FD950 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 jno 00007F17510C2656h 0x00000009 pop esi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d push 00000000h 0x0000000f push ebx 0x00000010 call 00007F17510C2658h 0x00000015 pop ebx 0x00000016 mov dword ptr [esp+04h], ebx 0x0000001a add dword ptr [esp+04h], 00000016h 0x00000022 inc ebx 0x00000023 push ebx 0x00000024 ret 0x00000025 pop ebx 0x00000026 ret 0x00000027 mov dx, di 0x0000002a push 00000004h 0x0000002c add edx, dword ptr [ebp+122D186Fh] 0x00000032 call 00007F17510C2659h 0x00000037 pushad 0x00000038 ja 00007F17510C266Bh 0x0000003e push edi 0x0000003f pushad 0x00000040 popad 0x00000041 pop edi 0x00000042 popad 0x00000043 push eax 0x00000044 jmp 00007F17510C2662h 0x00000049 mov eax, dword ptr [esp+04h] 0x0000004d pushad 0x0000004e push edi 0x0000004f push eax 0x00000050 push edx 0x00000051 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5FDC26 second address: 5FDC35 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510BF1BBh 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5FEF2F second address: 5FEF39 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F17510C2656h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 5FEF39 second address: 5FEF55 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1C6h 0x00000007 push eax 0x00000008 push edx 0x00000009 push ecx 0x0000000a pop ecx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D20656 second address: 4D2066E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510C2664h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D2066E second address: 4D20672 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D20672 second address: 4D2076C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ecx 0x00000009 pushad 0x0000000a push ecx 0x0000000b pushfd 0x0000000c jmp 00007F17510C2669h 0x00000011 sub cx, 8A36h 0x00000016 jmp 00007F17510C2661h 0x0000001b popfd 0x0000001c pop ecx 0x0000001d call 00007F17510C2661h 0x00000022 jmp 00007F17510C2660h 0x00000027 pop esi 0x00000028 popad 0x00000029 mov dword ptr [esp], ebp 0x0000002c pushad 0x0000002d pushfd 0x0000002e jmp 00007F17510C2667h 0x00000033 sbb ecx, 5E4714CEh 0x00000039 jmp 00007F17510C2669h 0x0000003e popfd 0x0000003f pushfd 0x00000040 jmp 00007F17510C2660h 0x00000045 adc eax, 5F7F6D48h 0x0000004b jmp 00007F17510C265Bh 0x00000050 popfd 0x00000051 popad 0x00000052 mov ebp, esp 0x00000054 pushad 0x00000055 pushfd 0x00000056 jmp 00007F17510C2664h 0x0000005b and ax, 2FA8h 0x00000060 jmp 00007F17510C265Bh 0x00000065 popfd 0x00000066 movzx eax, dx 0x00000069 popad 0x0000006a pop ebp 0x0000006b push eax 0x0000006c push edx 0x0000006d pushad 0x0000006e mov cx, 8933h 0x00000072 mov ax, 858Fh 0x00000076 popad 0x00000077 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D2076C second address: 4D20780 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510BF1C0h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF0117 second address: 4CF013C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C2661h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F17510C265Dh 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF013C second address: 4CF0144 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movsx ebx, cx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF0144 second address: 4CF0160 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F17510C2662h 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF0160 second address: 4CF01B8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop edi 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 jmp 00007F17510BF1C6h 0x0000000e mov ebp, esp 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 pushad 0x00000014 popad 0x00000015 pushfd 0x00000016 jmp 00007F17510BF1C3h 0x0000001b xor cl, FFFFFFDEh 0x0000001e jmp 00007F17510BF1C9h 0x00000023 popfd 0x00000024 popad 0x00000025 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF01B8 second address: 4CF0202 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C2661h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d mov cx, bx 0x00000010 pushfd 0x00000011 jmp 00007F17510C265Fh 0x00000016 adc ch, FFFFFF9Eh 0x00000019 jmp 00007F17510C2669h 0x0000001e popfd 0x0000001f popad 0x00000020 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D6028D second address: 4D60293 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D60293 second address: 4D602A9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov cx, 2507h 0x00000007 mov bx, si 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 mov di, si 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D602A9 second address: 4D602AE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D602AE second address: 4D602B4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D602B4 second address: 4D602B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CE0C93 second address: 4CE0C99 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CE0C99 second address: 4CE0CBD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov edx, esi 0x00000005 mov esi, 5B638D21h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d mov ebp, esp 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F17510BF1C3h 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CE0CBD second address: 4CE0CC3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CE0CC3 second address: 4CE0CC7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CE0CC7 second address: 4CE0CEF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push dword ptr [ebp+04h] 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F17510C2669h 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CE0CEF second address: 4CE0CF3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CE0CF3 second address: 4CE0CF9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CE0CF9 second address: 4CE0D5A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1BCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push dword ptr [ebp+0Ch] 0x0000000c jmp 00007F17510BF1C0h 0x00000011 push dword ptr [ebp+08h] 0x00000014 push eax 0x00000015 push edx 0x00000016 pushad 0x00000017 call 00007F17510BF1BDh 0x0000001c pop eax 0x0000001d pushfd 0x0000001e jmp 00007F17510BF1C1h 0x00000023 sub si, DAC6h 0x00000028 jmp 00007F17510BF1C1h 0x0000002d popfd 0x0000002e popad 0x0000002f rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D50E79 second address: 4D50EA0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov bx, 06EAh 0x00000007 mov cl, bh 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F17510C2668h 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D50EA0 second address: 4D50EB2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510BF1BEh 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D50EB2 second address: 4D50EB6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D50EB6 second address: 4D50EE0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 jmp 00007F17510BF1C7h 0x0000000e mov ebp, esp 0x00000010 pushad 0x00000011 mov cl, 73h 0x00000013 push eax 0x00000014 push edx 0x00000015 mov cx, di 0x00000018 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D30C4A second address: 4D30C66 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510C2668h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D30C66 second address: 4D30C7B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F17510BF1BAh 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D30C7B second address: 4D30C8D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510C265Eh 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D60E0D second address: 4D60E27 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F17510BF1C5h 0x00000009 popad 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF073F second address: 4CF0743 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF0743 second address: 4CF0749 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF0749 second address: 4CF0782 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C2662h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007F17510C2660h 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007F17510C265Dh 0x00000019 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF0782 second address: 4CF0786 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF0786 second address: 4CF078C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF078C second address: 4CF07A3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1BCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF07A3 second address: 4CF07A7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF07A7 second address: 4CF07AD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D60025 second address: 4D6002B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D6002B second address: 4D6002F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D6002F second address: 4D60033 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D60033 second address: 4D6006D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a pushfd 0x0000000b jmp 00007F17510BF1C7h 0x00000010 jmp 00007F17510BF1C3h 0x00000015 popfd 0x00000016 push eax 0x00000017 push edx 0x00000018 mov ebx, esi 0x0000001a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D604CB second address: 4D604DD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510C265Eh 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D604DD second address: 4D604F5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1BBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D604F5 second address: 4D60510 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C2667h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D60510 second address: 4D60516 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D60516 second address: 4D6051A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D6051A second address: 4D60555 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1BBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c jmp 00007F17510BF1C9h 0x00000011 xchg eax, ebp 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007F17510BF1BDh 0x00000019 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D60555 second address: 4D6055B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D6055B second address: 4D6055F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D6055F second address: 4D6057E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ebp, esp 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F17510C2661h 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D6057E second address: 4D60593 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1C1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D60593 second address: 4D605A3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510C265Ch 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D605A3 second address: 4D605A7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D605A7 second address: 4D605B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [ebp+08h] 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D605B8 second address: 4D605BC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D605BC second address: 4D605C2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D605C2 second address: 4D605C8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D605C8 second address: 4D605CC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D30B5C second address: 4D30B74 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510BF1C4h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D30B74 second address: 4D30BAD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C265Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c pushad 0x0000000d mov ecx, 2DAD004Bh 0x00000012 mov eax, 6DC95627h 0x00000017 popad 0x00000018 push eax 0x00000019 push eax 0x0000001a push edx 0x0000001b jmp 00007F17510C2668h 0x00000020 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70024 second address: 4D7006C instructions: 0x00000000 rdtsc 0x00000002 mov si, 862Fh 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov al, 56h 0x0000000a popad 0x0000000b push esi 0x0000000c jmp 00007F17510BF1BCh 0x00000011 mov dword ptr [esp], ebp 0x00000014 pushad 0x00000015 mov ax, 8AEDh 0x00000019 pushfd 0x0000001a jmp 00007F17510BF1BAh 0x0000001f sbb cx, 7A88h 0x00000024 jmp 00007F17510BF1BBh 0x00000029 popfd 0x0000002a popad 0x0000002b mov ebp, esp 0x0000002d push eax 0x0000002e push edx 0x0000002f pushad 0x00000030 mov eax, 291803CDh 0x00000035 popad 0x00000036 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D107F6 second address: 4D108B1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 call 00007F17510C2661h 0x0000000b mov esi, 56FF1A77h 0x00000010 pop esi 0x00000011 popad 0x00000012 push esi 0x00000013 pushad 0x00000014 pushfd 0x00000015 jmp 00007F17510C2666h 0x0000001a xor ax, 5998h 0x0000001f jmp 00007F17510C265Bh 0x00000024 popfd 0x00000025 push ecx 0x00000026 pushfd 0x00000027 jmp 00007F17510C265Fh 0x0000002c and ax, 6A5Eh 0x00000031 jmp 00007F17510C2669h 0x00000036 popfd 0x00000037 pop esi 0x00000038 popad 0x00000039 mov dword ptr [esp], ebp 0x0000003c pushad 0x0000003d call 00007F17510C265Dh 0x00000042 jmp 00007F17510C2660h 0x00000047 pop esi 0x00000048 mov ecx, edx 0x0000004a popad 0x0000004b mov ebp, esp 0x0000004d push eax 0x0000004e push edx 0x0000004f pushad 0x00000050 mov si, EE15h 0x00000054 jmp 00007F17510C2662h 0x00000059 popad 0x0000005a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D108B1 second address: 4D108C1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edx 0x00000004 pop esi 0x00000005 push edi 0x00000006 pop ecx 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop ebp 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e push edx 0x0000000f pop esi 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70BDF second address: 4D70BE5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70BE5 second address: 4D70BE9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70BE9 second address: 4D70BED instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70BED second address: 4D70C05 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F17510BF1BDh 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70C05 second address: 4D70C15 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510C265Ch 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70C15 second address: 4D70C19 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70C19 second address: 4D70C63 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ecx 0x00000009 pushad 0x0000000a mov cx, bx 0x0000000d pushfd 0x0000000e jmp 00007F17510C2669h 0x00000013 add cx, 1CF6h 0x00000018 jmp 00007F17510C2661h 0x0000001d popfd 0x0000001e popad 0x0000001f mov eax, dword ptr [76FB65FCh] 0x00000024 push eax 0x00000025 push edx 0x00000026 push eax 0x00000027 push edx 0x00000028 push eax 0x00000029 push edx 0x0000002a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70C63 second address: 4D70C67 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70C67 second address: 4D70C7A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C265Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70C7A second address: 4D70CA8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1C9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 test eax, eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F17510BF1BDh 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70CA8 second address: 4D70CAE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70CAE second address: 4D70CB2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70CB2 second address: 4D70CE8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 je 00007F17C3285302h 0x0000000e jmp 00007F17510C265Fh 0x00000013 mov ecx, eax 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007F17510C2665h 0x0000001c rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70CE8 second address: 4D70CEE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70CEE second address: 4D70CF2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70CF2 second address: 4D70D07 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xor eax, dword ptr [ebp+08h] 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e mov bh, 7Fh 0x00000010 mov cx, 7EB9h 0x00000014 popad 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70D07 second address: 4D70D0D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70D0D second address: 4D70D11 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70D11 second address: 4D70D2F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 and ecx, 1Fh 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F17510C265Fh 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D70D2F second address: 4D70D4C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1C9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D30007 second address: 4D3000D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D3000D second address: 4D30012 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D30012 second address: 4D3004E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movsx ebx, cx 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d pushfd 0x0000000e jmp 00007F17510C2668h 0x00000013 jmp 00007F17510C2665h 0x00000018 popfd 0x00000019 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D3004E second address: 4D30052 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D30052 second address: 4D30075 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 call 00007F17510C265Ah 0x0000000e pop esi 0x0000000f popad 0x00000010 popad 0x00000011 push eax 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 mov cx, di 0x00000018 mov ebx, 4A800EDCh 0x0000001d popad 0x0000001e rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D30075 second address: 4D300D5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1C2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007F17510BF1C0h 0x0000000f mov ebp, esp 0x00000011 jmp 00007F17510BF1C0h 0x00000016 and esp, FFFFFFF8h 0x00000019 pushad 0x0000001a push ecx 0x0000001b mov ecx, edi 0x0000001d pop edi 0x0000001e mov cx, 25A5h 0x00000022 popad 0x00000023 xchg eax, ecx 0x00000024 push eax 0x00000025 push edx 0x00000026 jmp 00007F17510BF1C7h 0x0000002b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D300D5 second address: 4D30182 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C2669h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b pushfd 0x0000000c jmp 00007F17510C2667h 0x00000011 sub si, A3DEh 0x00000016 jmp 00007F17510C2669h 0x0000001b popfd 0x0000001c pushad 0x0000001d pushfd 0x0000001e jmp 00007F17510C265Eh 0x00000023 adc ax, 8BD8h 0x00000028 jmp 00007F17510C265Bh 0x0000002d popfd 0x0000002e pushfd 0x0000002f jmp 00007F17510C2668h 0x00000034 sbb ecx, 5294D638h 0x0000003a jmp 00007F17510C265Bh 0x0000003f popfd 0x00000040 popad 0x00000041 popad 0x00000042 xchg eax, ecx 0x00000043 push eax 0x00000044 push edx 0x00000045 pushad 0x00000046 mov esi, edx 0x00000048 mov ecx, edi 0x0000004a popad 0x0000004b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D30182 second address: 4D30195 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510BF1BFh 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D30195 second address: 4D301BB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C2669h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D301BB second address: 4D301BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D301BF second address: 4D301C3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D301C3 second address: 4D301C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D301C9 second address: 4D301DE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510C2661h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D301DE second address: 4D3021F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1C1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f pushfd 0x00000010 jmp 00007F17510BF1BDh 0x00000015 and ecx, 666888F6h 0x0000001b jmp 00007F17510BF1C1h 0x00000020 popfd 0x00000021 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D3021F second address: 4D3024C instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007F17510C2660h 0x00000008 sbb cx, 9A18h 0x0000000d jmp 00007F17510C265Bh 0x00000012 popfd 0x00000013 pop edx 0x00000014 pop eax 0x00000015 push eax 0x00000016 push edx 0x00000017 mov eax, 47A96665h 0x0000001c rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D3024C second address: 4D3025C instructions: 0x00000000 rdtsc 0x00000002 mov cx, 03E1h 0x00000006 pop edx 0x00000007 pop eax 0x00000008 popad 0x00000009 xchg eax, ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D3025C second address: 4D30262 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D30262 second address: 4D3027F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1C0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebx, dword ptr [ebp+10h] 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D3027F second address: 4D30285 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D30285 second address: 4D3028B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D3028B second address: 4D302D9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C265Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, esi 0x0000000c jmp 00007F17510C2660h 0x00000011 push eax 0x00000012 pushad 0x00000013 mov cx, bx 0x00000016 mov dx, A750h 0x0000001a popad 0x0000001b xchg eax, esi 0x0000001c pushad 0x0000001d mov ecx, edi 0x0000001f jmp 00007F17510C2661h 0x00000024 popad 0x00000025 mov esi, dword ptr [ebp+08h] 0x00000028 push eax 0x00000029 push edx 0x0000002a push eax 0x0000002b push edx 0x0000002c pushad 0x0000002d popad 0x0000002e rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D302D9 second address: 4D302EC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1BFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D302EC second address: 4D30329 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007F17510C265Fh 0x00000008 pop esi 0x00000009 mov ebx, 506B713Ch 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push esp 0x00000012 jmp 00007F17510C2660h 0x00000017 mov dword ptr [esp], edi 0x0000001a push eax 0x0000001b push edx 0x0000001c push eax 0x0000001d push edx 0x0000001e jmp 00007F17510C265Ah 0x00000023 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D30329 second address: 4D3032F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D3032F second address: 4D3039C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F17510C265Ch 0x00000009 adc eax, 539DF2B8h 0x0000000f jmp 00007F17510C265Bh 0x00000014 popfd 0x00000015 jmp 00007F17510C2668h 0x0000001a popad 0x0000001b pop edx 0x0000001c pop eax 0x0000001d test esi, esi 0x0000001f push eax 0x00000020 push edx 0x00000021 pushad 0x00000022 pushad 0x00000023 popad 0x00000024 pushfd 0x00000025 jmp 00007F17510C2663h 0x0000002a jmp 00007F17510C2663h 0x0000002f popfd 0x00000030 popad 0x00000031 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D3039C second address: 4D303A2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D303A2 second address: 4D3041C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 je 00007F17C32C08C1h 0x0000000e pushad 0x0000000f mov bl, 4Ah 0x00000011 pushad 0x00000012 mov al, 18h 0x00000014 pushfd 0x00000015 jmp 00007F17510C2661h 0x0000001a sbb esi, 2C9A92C6h 0x00000020 jmp 00007F17510C2661h 0x00000025 popfd 0x00000026 popad 0x00000027 popad 0x00000028 cmp dword ptr [esi+08h], DDEEDDEEh 0x0000002f pushad 0x00000030 movzx esi, bx 0x00000033 jmp 00007F17510C2669h 0x00000038 popad 0x00000039 je 00007F17C32C087Ah 0x0000003f push eax 0x00000040 push edx 0x00000041 jmp 00007F17510C265Dh 0x00000046 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D3041C second address: 4D30491 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1C1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov edx, dword ptr [esi+44h] 0x0000000c jmp 00007F17510BF1BEh 0x00000011 or edx, dword ptr [ebp+0Ch] 0x00000014 pushad 0x00000015 pushfd 0x00000016 jmp 00007F17510BF1BEh 0x0000001b or esi, 18FEFB58h 0x00000021 jmp 00007F17510BF1BBh 0x00000026 popfd 0x00000027 push eax 0x00000028 push edx 0x00000029 pushfd 0x0000002a jmp 00007F17510BF1C6h 0x0000002f add cx, 05B8h 0x00000034 jmp 00007F17510BF1BBh 0x00000039 popfd 0x0000003a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D503D0 second address: 4D503F8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C265Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F17510C2665h 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D503F8 second address: 4D50408 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510BF1BCh 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D50408 second address: 4D50433 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C265Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b and esp, FFFFFFF8h 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007F17510C2665h 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D50433 second address: 4D50439 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D50439 second address: 4D50464 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a jmp 00007F17510C2662h 0x0000000f mov ah, 9Fh 0x00000011 popad 0x00000012 mov dword ptr [esp], ebx 0x00000015 push eax 0x00000016 push edx 0x00000017 pushad 0x00000018 mov edi, ecx 0x0000001a mov dx, si 0x0000001d popad 0x0000001e rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D50464 second address: 4D50469 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D50469 second address: 4D50515 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F17510C2663h 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c xchg eax, esi 0x0000000d pushad 0x0000000e pushfd 0x0000000f jmp 00007F17510C2664h 0x00000014 or si, F3B8h 0x00000019 jmp 00007F17510C265Bh 0x0000001e popfd 0x0000001f pushad 0x00000020 jmp 00007F17510C2666h 0x00000025 pushfd 0x00000026 jmp 00007F17510C2662h 0x0000002b sub ch, 00000048h 0x0000002e jmp 00007F17510C265Bh 0x00000033 popfd 0x00000034 popad 0x00000035 popad 0x00000036 push eax 0x00000037 jmp 00007F17510C2669h 0x0000003c xchg eax, esi 0x0000003d pushad 0x0000003e pushad 0x0000003f mov ebx, ecx 0x00000041 push esi 0x00000042 pop ebx 0x00000043 popad 0x00000044 mov ah, A6h 0x00000046 popad 0x00000047 mov esi, dword ptr [ebp+08h] 0x0000004a pushad 0x0000004b mov ecx, edx 0x0000004d push eax 0x0000004e push edx 0x0000004f pushad 0x00000050 popad 0x00000051 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D50515 second address: 4D50536 instructions: 0x00000000 rdtsc 0x00000002 mov bh, BBh 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 sub ebx, ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F17510BF1C6h 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D50536 second address: 4D5053C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D5053C second address: 4D50540 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D50540 second address: 4D505B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 test esi, esi 0x0000000a pushad 0x0000000b pushfd 0x0000000c jmp 00007F17510C265Fh 0x00000011 jmp 00007F17510C2663h 0x00000016 popfd 0x00000017 pushfd 0x00000018 jmp 00007F17510C2668h 0x0000001d add eax, 533B7928h 0x00000023 jmp 00007F17510C265Bh 0x00000028 popfd 0x00000029 popad 0x0000002a je 00007F17C3298449h 0x00000030 push eax 0x00000031 push edx 0x00000032 jmp 00007F17510C2665h 0x00000037 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D505B8 second address: 4D505C8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510BF1BCh 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D505C8 second address: 4D506A0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C265Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b cmp dword ptr [esi+08h], DDEEDDEEh 0x00000012 jmp 00007F17510C2666h 0x00000017 mov ecx, esi 0x00000019 pushad 0x0000001a push ecx 0x0000001b mov di, 1B30h 0x0000001f pop ebx 0x00000020 call 00007F17510C2666h 0x00000025 pushfd 0x00000026 jmp 00007F17510C2662h 0x0000002b xor cx, 62A8h 0x00000030 jmp 00007F17510C265Bh 0x00000035 popfd 0x00000036 pop eax 0x00000037 popad 0x00000038 je 00007F17C32983BEh 0x0000003e jmp 00007F17510C265Fh 0x00000043 test byte ptr [76FB6968h], 00000002h 0x0000004a jmp 00007F17510C2666h 0x0000004f jne 00007F17C329839Fh 0x00000055 push eax 0x00000056 push edx 0x00000057 pushad 0x00000058 pushfd 0x00000059 jmp 00007F17510C265Dh 0x0000005e and esi, 43DE2026h 0x00000064 jmp 00007F17510C2661h 0x00000069 popfd 0x0000006a mov dx, cx 0x0000006d popad 0x0000006e rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D506A0 second address: 4D506BC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510BF1C8h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D506BC second address: 4D506C0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D506C0 second address: 4D5073A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov edx, dword ptr [ebp+0Ch] 0x0000000b pushad 0x0000000c mov eax, edx 0x0000000e pushfd 0x0000000f jmp 00007F17510BF1C9h 0x00000014 add cx, 5196h 0x00000019 jmp 00007F17510BF1C1h 0x0000001e popfd 0x0000001f popad 0x00000020 xchg eax, ebx 0x00000021 pushad 0x00000022 pushad 0x00000023 pushfd 0x00000024 jmp 00007F17510BF1BAh 0x00000029 sub si, 19B8h 0x0000002e jmp 00007F17510BF1BBh 0x00000033 popfd 0x00000034 popad 0x00000035 push edi 0x00000036 pop edi 0x00000037 popad 0x00000038 push eax 0x00000039 pushad 0x0000003a push eax 0x0000003b push edx 0x0000003c jmp 00007F17510BF1C3h 0x00000041 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D5073A second address: 4D5077A instructions: 0x00000000 rdtsc 0x00000002 mov cx, 6FCFh 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ecx, 105839EBh 0x0000000d popad 0x0000000e xchg eax, ebx 0x0000000f jmp 00007F17510C265Eh 0x00000014 xchg eax, ebx 0x00000015 jmp 00007F17510C2660h 0x0000001a push eax 0x0000001b jmp 00007F17510C265Bh 0x00000020 xchg eax, ebx 0x00000021 pushad 0x00000022 push eax 0x00000023 push edx 0x00000024 push esi 0x00000025 pop edx 0x00000026 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D5077A second address: 4D5079D instructions: 0x00000000 rdtsc 0x00000002 mov ecx, 68A7826Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 call 00007F17510BF1BAh 0x0000000e mov edx, eax 0x00000010 pop ecx 0x00000011 popad 0x00000012 push dword ptr [ebp+14h] 0x00000015 push eax 0x00000016 push edx 0x00000017 pushad 0x00000018 mov bx, ax 0x0000001b push eax 0x0000001c pop edi 0x0000001d popad 0x0000001e rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D5079D second address: 4D507A2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D507A2 second address: 4D507C1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov dh, E0h 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push dword ptr [ebp+10h] 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F17510BF1C1h 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D507C1 second address: 4D507D1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510C265Ch 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D507EC second address: 4D50857 instructions: 0x00000000 rdtsc 0x00000002 mov eax, 2362FD0Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushfd 0x0000000a jmp 00007F17510BF1BAh 0x0000000f and eax, 3EC11F28h 0x00000015 jmp 00007F17510BF1BBh 0x0000001a popfd 0x0000001b popad 0x0000001c pop esi 0x0000001d jmp 00007F17510BF1C6h 0x00000022 pop ebx 0x00000023 push eax 0x00000024 push edx 0x00000025 pushad 0x00000026 pushfd 0x00000027 jmp 00007F17510BF1BDh 0x0000002c and si, 1DF6h 0x00000031 jmp 00007F17510BF1C1h 0x00000036 popfd 0x00000037 mov bx, si 0x0000003a popad 0x0000003b rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D50857 second address: 4D508A4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F17510C2663h 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov esp, ebp 0x0000000d jmp 00007F17510C2665h 0x00000012 pop ebp 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007F17510C2668h 0x0000001c rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D508A4 second address: 4D508B3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1BBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D401F7 second address: 4D401FB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D401FB second address: 4D40218 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1C9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D919A8 second address: 4D919AE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D919AE second address: 4D919B2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D919B2 second address: 4D919D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F17510C2661h 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D919D0 second address: 4D919E5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1C1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4FEBB9 second address: 4FEBBE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF03BD second address: 4CF03C2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF03C2 second address: 4CF03EE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F17510C2665h 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c xchg eax, ebp 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F17510C265Dh 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF03EE second address: 4CF0464 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007F17510BF1C7h 0x00000008 pop esi 0x00000009 call 00007F17510BF1C9h 0x0000000e pop esi 0x0000000f popad 0x00000010 pop edx 0x00000011 pop eax 0x00000012 push eax 0x00000013 pushad 0x00000014 pushfd 0x00000015 jmp 00007F17510BF1BCh 0x0000001a xor cl, FFFFFFD8h 0x0000001d jmp 00007F17510BF1BBh 0x00000022 popfd 0x00000023 jmp 00007F17510BF1C8h 0x00000028 popad 0x00000029 xchg eax, ebp 0x0000002a push eax 0x0000002b push edx 0x0000002c push eax 0x0000002d push edx 0x0000002e pushad 0x0000002f popad 0x00000030 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF0464 second address: 4CF046A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF046A second address: 4CF0470 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF0470 second address: 4CF0474 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF0474 second address: 4CF0478 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF0478 second address: 4CF04D5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ebp, esp 0x0000000a pushad 0x0000000b mov edx, ecx 0x0000000d pushfd 0x0000000e jmp 00007F17510C2664h 0x00000013 or ax, DCC8h 0x00000018 jmp 00007F17510C265Bh 0x0000001d popfd 0x0000001e popad 0x0000001f xchg eax, ecx 0x00000020 jmp 00007F17510C2666h 0x00000025 push eax 0x00000026 push eax 0x00000027 push edx 0x00000028 push eax 0x00000029 push edx 0x0000002a jmp 00007F17510C265Dh 0x0000002f rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF04D5 second address: 4CF04D9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF04D9 second address: 4CF04DF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF04DF second address: 4CF0554 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov bx, ax 0x00000006 pushfd 0x00000007 jmp 00007F17510BF1C6h 0x0000000c sbb ch, FFFFFFB8h 0x0000000f jmp 00007F17510BF1BBh 0x00000014 popfd 0x00000015 popad 0x00000016 pop edx 0x00000017 pop eax 0x00000018 xchg eax, ecx 0x00000019 jmp 00007F17510BF1C6h 0x0000001e and dword ptr [ebp-04h], 00000000h 0x00000022 pushad 0x00000023 mov esi, 4E0A27ADh 0x00000028 pushfd 0x00000029 jmp 00007F17510BF1BAh 0x0000002e and si, 0648h 0x00000033 jmp 00007F17510BF1BBh 0x00000038 popfd 0x00000039 popad 0x0000003a lea eax, dword ptr [ebp-04h] 0x0000003d pushad 0x0000003e push eax 0x0000003f push edx 0x00000040 push eax 0x00000041 pop edx 0x00000042 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF0614 second address: 4CF0618 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CF0618 second address: 4CF061E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CD0AE7 second address: 4CD0AEB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CD0AEB second address: 4CD0AF1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CD0AF1 second address: 4CD0B05 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510C265Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CD0B05 second address: 4CD0B14 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F17510BF1BAh 0x00000009 popad 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CD0B14 second address: 4CD0B26 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F17510C265Eh 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4CD0B26 second address: 4CD0B79 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F17510BF1BBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c pushad 0x0000000d pushfd 0x0000000e jmp 00007F17510BF1C4h 0x00000013 adc cx, 2038h 0x00000018 jmp 00007F17510BF1BBh 0x0000001d popfd 0x0000001e call 00007F17510BF1C8h 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc |
| Source: C:\Users\user\Desktop\dcmaM16D71.exe |
RDTSC instruction interceptor: First address: 4D8019B second address: 4D80214 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007F17510C265Ah 0x00000008 sbb al, 00000018h 0x0000000b jmp 00007F17510C265Bh 0x00000010 popfd 0x00000011 pop edx 0x00000012 pop eax 0x00000013 call 00007F17510C2668h 0x00000018 jmp 00007F17510C2662h 0x0000001d pop eax 0x0000001e popad 0x0000001f mov dword ptr [esp], ebp 0x00000022 jmp 00007F17510C2661h 0x00000027 mov ebp, esp 0x00000029 push eax 0x0000002a push edx 0x0000002b pushad 0x0000002c jmp 00007F17510C2663h 0x00000031 mov edi, eax 0x00000033 popad 0x00000034 rdtsc |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet