| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 11420F8 second address: 11420FC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12A8117 second address: 12A811B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12A811B second address: 12A812A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007FF8E8F833B6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push ecx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12A812A second address: 12A8139 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop ecx 0x00000007 push eax 0x00000008 push edx 0x00000009 je 00007FF8E8F8DBB6h 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BAA11 second address: 12BAA1C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 push edx 0x0000000a pop edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BABA3 second address: 12BABAC instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BAD7D second address: 12BAD9B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FF8E8F833BFh 0x00000008 pushad 0x00000009 popad 0x0000000a jnc 00007FF8E8F833B6h 0x00000010 popad 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BAD9B second address: 12BADA1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BAED5 second address: 12BAEDF instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BAEDF second address: 12BAEF9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F8DBC4h 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BAEF9 second address: 12BAF11 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF8E8F833BAh 0x00000009 jmp 00007FF8E8F833BAh 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BAF11 second address: 12BAF15 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BB19E second address: 12BB1A7 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BB2FC second address: 12BB329 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 jmp 00007FF8E8F8DBBEh 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FF8E8F8DBC4h 0x00000013 push esi 0x00000014 pop esi 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BCD6B second address: 12BCDCC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F833C7h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007FF8E8F833BCh 0x0000000f mov eax, dword ptr [esp+04h] 0x00000013 pushad 0x00000014 jc 00007FF8E8F833CEh 0x0000001a jmp 00007FF8E8F833C8h 0x0000001f push eax 0x00000020 push edx 0x00000021 jmp 00007FF8E8F833C4h 0x00000026 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BCDCC second address: 12BCDE3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov eax, dword ptr [eax] 0x00000009 push eax 0x0000000a push edx 0x0000000b jno 00007FF8E8F8DBBCh 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BCDE3 second address: 12BCDED instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jl 00007FF8E8F833B6h 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BCEF4 second address: 12BCF01 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BCF01 second address: 12BCF0C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007FF8E8F833B6h 0x0000000a popad 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BCF0C second address: 12BCF11 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BCF11 second address: 12BCF8E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 nop 0x00000008 push 00000000h 0x0000000a push edi 0x0000000b call 00007FF8E8F833B8h 0x00000010 pop edi 0x00000011 mov dword ptr [esp+04h], edi 0x00000015 add dword ptr [esp+04h], 0000001Ah 0x0000001d inc edi 0x0000001e push edi 0x0000001f ret 0x00000020 pop edi 0x00000021 ret 0x00000022 push 00000000h 0x00000024 cld 0x00000025 call 00007FF8E8F833B9h 0x0000002a pushad 0x0000002b push ebx 0x0000002c push ebx 0x0000002d pop ebx 0x0000002e pop ebx 0x0000002f jmp 00007FF8E8F833BCh 0x00000034 popad 0x00000035 push eax 0x00000036 push edi 0x00000037 push eax 0x00000038 push eax 0x00000039 pop eax 0x0000003a pop eax 0x0000003b pop edi 0x0000003c mov eax, dword ptr [esp+04h] 0x00000040 push eax 0x00000041 jno 00007FF8E8F833BCh 0x00000047 pop eax 0x00000048 mov eax, dword ptr [eax] 0x0000004a push eax 0x0000004b push edx 0x0000004c jg 00007FF8E8F833C8h 0x00000052 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BCF8E second address: 12BCFA9 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pushad 0x00000004 popad 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp+04h], eax 0x0000000c jo 00007FF8E8F8DBC4h 0x00000012 pushad 0x00000013 jc 00007FF8E8F8DBB6h 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BD0DD second address: 12BD0E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BD0E3 second address: 12BD188 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jg 00007FF8E8F8DBC1h 0x0000000b jmp 00007FF8E8F8DBBBh 0x00000010 popad 0x00000011 mov dword ptr [esp+04h], eax 0x00000015 jmp 00007FF8E8F8DBC3h 0x0000001a pop eax 0x0000001b adc ecx, 2BEFA599h 0x00000021 push 00000003h 0x00000023 js 00007FF8E8F8DBBCh 0x00000029 add dword ptr [ebp+122D2CEFh], edi 0x0000002f push 00000000h 0x00000031 push 00000000h 0x00000033 push ecx 0x00000034 call 00007FF8E8F8DBB8h 0x00000039 pop ecx 0x0000003a mov dword ptr [esp+04h], ecx 0x0000003e add dword ptr [esp+04h], 00000017h 0x00000046 inc ecx 0x00000047 push ecx 0x00000048 ret 0x00000049 pop ecx 0x0000004a ret 0x0000004b sub dword ptr [ebp+122D2D07h], ebx 0x00000051 jo 00007FF8E8F8DBC8h 0x00000057 jmp 00007FF8E8F8DBC2h 0x0000005c push 00000003h 0x0000005e mov esi, dword ptr [ebp+122D37C2h] 0x00000064 pushad 0x00000065 jl 00007FF8E8F8DBBBh 0x0000006b mov ecx, 0FF148B7h 0x00000070 popad 0x00000071 push 7CFEE0B3h 0x00000076 pushad 0x00000077 jng 00007FF8E8F8DBBCh 0x0000007d push eax 0x0000007e push edx 0x0000007f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BD188 second address: 12BD1CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push edx 0x00000006 pop edx 0x00000007 pushad 0x00000008 popad 0x00000009 popad 0x0000000a popad 0x0000000b add dword ptr [esp], 43011F4Dh 0x00000012 jmp 00007FF8E8F833C6h 0x00000017 lea ebx, dword ptr [ebp+1244EBF0h] 0x0000001d push ebx 0x0000001e jbe 00007FF8E8F833BCh 0x00000024 or dword ptr [ebp+122D316Ch], esi 0x0000002a pop edi 0x0000002b xchg eax, ebx 0x0000002c push edx 0x0000002d push eax 0x0000002e push edx 0x0000002f jg 00007FF8E8F833B6h 0x00000035 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BD1CE second address: 12BD1E0 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jnp 00007FF8E8F8DBB8h 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12BD1E0 second address: 12BD1E5 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12B5A50 second address: 12B5A54 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12DC607 second address: 12DC60C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12DC60C second address: 12DC62F instructions: 0x00000000 rdtsc 0x00000002 ja 00007FF8E8F8DBC5h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ebx 0x0000000b pushad 0x0000000c jno 00007FF8E8F8DBB6h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12DCFB4 second address: 12DCFCF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F833C7h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12DCFCF second address: 12DCFD8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12DD128 second address: 12DD132 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007FF8E8F833B6h 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12DD132 second address: 12DD13C instructions: 0x00000000 rdtsc 0x00000002 je 00007FF8E8F8DBB6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12DD13C second address: 12DD155 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jmp 00007FF8E8F833BAh 0x0000000a jbe 00007FF8E8F833B6h 0x00000010 popad 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12DD71C second address: 12DD742 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007FF8E8F8DBC8h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 push edx 0x00000012 pop edx 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12DD742 second address: 12DD763 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F833C7h 0x00000007 jc 00007FF8E8F833B6h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12DD763 second address: 12DD773 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 js 00007FF8E8F8DBB6h 0x00000009 pop ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c push esi 0x0000000d pop esi 0x0000000e push edx 0x0000000f pop edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12D16E9 second address: 12D16EF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12DE2A0 second address: 12DE2A6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12AD2AE second address: 12AD2B4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12AD2B4 second address: 12AD2BE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12AD2BE second address: 12AD2C2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12AD2C2 second address: 12AD2C6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12AD2C6 second address: 12AD2D5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jo 00007FF8E8F833B6h 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12AD2D5 second address: 12AD2EA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FF8E8F8DBBDh 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12AD2EA second address: 12AD2EE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12E8CE6 second address: 12E8CEC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12E8CEC second address: 12E8CF0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12E8CF0 second address: 12E8D00 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jnp 00007FF8E8F8DBC2h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12E8D00 second address: 12E8D06 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12E8D06 second address: 12E8D13 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 jne 00007FF8E8F8DBB6h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12E8D13 second address: 12E8D48 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007FF8E8F833C5h 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FF8E8F833C5h 0x00000013 push ecx 0x00000014 pop ecx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12E8EF2 second address: 12E8F0F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF8E8F8DBC8h 0x00000009 pop ecx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12E8F0F second address: 12E8F25 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 ja 00007FF8E8F833B6h 0x00000009 jmp 00007FF8E8F833BBh 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12E907B second address: 12E9097 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edi 0x00000007 jmp 00007FF8E8F8DBC0h 0x0000000c pop edi 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12E9097 second address: 12E909D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12E9377 second address: 12E9393 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF8E8F8DBC8h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12E9681 second address: 12E968B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12E968B second address: 12E96A9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F8DBC4h 0x00000007 jo 00007FF8E8F8DBB6h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12E96A9 second address: 12E96BF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF8E8F833BCh 0x00000009 jng 00007FF8E8F833B6h 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EA646 second address: 12EA64B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EA64B second address: 12EA651 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EABDD second address: 12EABEB instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FF8E8F8DBB6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EABEB second address: 12EABEF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EAD81 second address: 12EAD86 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EAD86 second address: 12EAD90 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FF8E8F833BCh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EAD90 second address: 12EAD9C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push esi 0x00000008 push eax 0x00000009 push edx 0x0000000a push esi 0x0000000b pop esi 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EAD9C second address: 12EADA0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EAE7A second address: 12EAE7E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EAE7E second address: 12EAEA7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 ja 00007FF8E8F833B8h 0x0000000c popad 0x0000000d push eax 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FF8E8F833C6h 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EB64B second address: 12EB650 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EB712 second address: 12EB716 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EB716 second address: 12EB71C instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EC6F2 second address: 12EC6F7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EC6F7 second address: 12EC6FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EDEBF second address: 12EDEC3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EE9ED second address: 12EE9F2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EEC60 second address: 12EEC64 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EEC64 second address: 12EECCE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FF8E8F8DBBCh 0x0000000b popad 0x0000000c nop 0x0000000d push 00000000h 0x0000000f push ebx 0x00000010 call 00007FF8E8F8DBB8h 0x00000015 pop ebx 0x00000016 mov dword ptr [esp+04h], ebx 0x0000001a add dword ptr [esp+04h], 00000017h 0x00000022 inc ebx 0x00000023 push ebx 0x00000024 ret 0x00000025 pop ebx 0x00000026 ret 0x00000027 push 00000000h 0x00000029 push 00000000h 0x0000002b push 00000000h 0x0000002d push edx 0x0000002e call 00007FF8E8F8DBB8h 0x00000033 pop edx 0x00000034 mov dword ptr [esp+04h], edx 0x00000038 add dword ptr [esp+04h], 00000016h 0x00000040 inc edx 0x00000041 push edx 0x00000042 ret 0x00000043 pop edx 0x00000044 ret 0x00000045 push eax 0x00000046 push eax 0x00000047 push edx 0x00000048 jmp 00007FF8E8F8DBC2h 0x0000004d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EECCE second address: 12EECD4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EF4C4 second address: 12EF4C8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12EFFD2 second address: 12EFFDC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnc 00007FF8E8F833B6h 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F2781 second address: 12F2785 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F14B1 second address: 12F14B5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F8C35 second address: 12F8C39 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F8C39 second address: 12F8C5D instructions: 0x00000000 rdtsc 0x00000002 jns 00007FF8E8F833B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FF8E8F833C6h 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F8C5D second address: 12F8C62 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F8C62 second address: 12F8C68 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F8C68 second address: 12F8CC8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 nop 0x00000008 jo 00007FF8E8F8DBBCh 0x0000000e add ebx, dword ptr [ebp+1245D9F1h] 0x00000014 push 00000000h 0x00000016 call 00007FF8E8F8DBBFh 0x0000001b mov ebx, dword ptr [ebp+12450916h] 0x00000021 pop edi 0x00000022 push 00000000h 0x00000024 push 00000000h 0x00000026 push edi 0x00000027 call 00007FF8E8F8DBB8h 0x0000002c pop edi 0x0000002d mov dword ptr [esp+04h], edi 0x00000031 add dword ptr [esp+04h], 0000001Ch 0x00000039 inc edi 0x0000003a push edi 0x0000003b ret 0x0000003c pop edi 0x0000003d ret 0x0000003e push eax 0x0000003f pushad 0x00000040 jns 00007FF8E8F8DBB8h 0x00000046 push eax 0x00000047 push edx 0x00000048 pushad 0x00000049 popad 0x0000004a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12FAB86 second address: 12FAB8A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12FAB8A second address: 12FABA9 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FF8E8F8DBB6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jmp 00007FF8E8F8DBBCh 0x00000010 jp 00007FF8E8F8DBB6h 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12FABA9 second address: 12FABAE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12FABAE second address: 12FABB9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jne 00007FF8E8F8DBB6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12FABB9 second address: 12FABC5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007FF8E8F833B6h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12FABC5 second address: 12FABE9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007FF8E8F8DBC3h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push esi 0x0000000d push edx 0x0000000e jno 00007FF8E8F8DBB6h 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12AEDA9 second address: 12AEDAE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12AEDAE second address: 12AEDB4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12FC11B second address: 12FC11F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12FB3A7 second address: 12FB3AD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12FC11F second address: 12FC125 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12FB3AD second address: 12FB406 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], eax 0x0000000b push 00000000h 0x0000000d push eax 0x0000000e call 00007FF8E8F8DBB8h 0x00000013 pop eax 0x00000014 mov dword ptr [esp+04h], eax 0x00000018 add dword ptr [esp+04h], 00000015h 0x00000020 inc eax 0x00000021 push eax 0x00000022 ret 0x00000023 pop eax 0x00000024 ret 0x00000025 push dword ptr fs:[00000000h] 0x0000002c or dword ptr [ebp+12470E4Dh], ebx 0x00000032 mov dword ptr fs:[00000000h], esp 0x00000039 jmp 00007FF8E8F8DBBAh 0x0000003e mov eax, dword ptr [ebp+122D1425h] 0x00000044 push FFFFFFFFh 0x00000046 add dword ptr [ebp+122D2D15h], edx 0x0000004c nop 0x0000004d push eax 0x0000004e pushad 0x0000004f push eax 0x00000050 push edx 0x00000051 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12FB406 second address: 12FB40C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12FC2B4 second address: 12FC2C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop edx 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FF8E8F8DBBCh 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12FD414 second address: 12FD418 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12FD418 second address: 12FD439 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FF8E8F8DBC9h 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12FD439 second address: 12FD43D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12FE25C second address: 12FE313 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F8DBC0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c push 00000000h 0x0000000e push ebx 0x0000000f call 00007FF8E8F8DBB8h 0x00000014 pop ebx 0x00000015 mov dword ptr [esp+04h], ebx 0x00000019 add dword ptr [esp+04h], 00000019h 0x00000021 inc ebx 0x00000022 push ebx 0x00000023 ret 0x00000024 pop ebx 0x00000025 ret 0x00000026 push dword ptr fs:[00000000h] 0x0000002d mov bx, ED96h 0x00000031 mov dword ptr fs:[00000000h], esp 0x00000038 push 00000000h 0x0000003a push eax 0x0000003b call 00007FF8E8F8DBB8h 0x00000040 pop eax 0x00000041 mov dword ptr [esp+04h], eax 0x00000045 add dword ptr [esp+04h], 0000001Ah 0x0000004d inc eax 0x0000004e push eax 0x0000004f ret 0x00000050 pop eax 0x00000051 ret 0x00000052 pushad 0x00000053 mov ch, dh 0x00000055 popad 0x00000056 jmp 00007FF8E8F8DBC0h 0x0000005b mov dword ptr [ebp+122D5996h], eax 0x00000061 mov eax, dword ptr [ebp+122D0A8Dh] 0x00000067 mov edi, 10412EEEh 0x0000006c push FFFFFFFFh 0x0000006e clc 0x0000006f nop 0x00000070 jmp 00007FF8E8F8DBC5h 0x00000075 push eax 0x00000076 push eax 0x00000077 push edx 0x00000078 jmp 00007FF8E8F8DBBAh 0x0000007d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12FE313 second address: 12FE318 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12FF213 second address: 12FF218 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 130048D second address: 1300492 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13041FA second address: 1304204 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1302243 second address: 130229F instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 mov dword ptr [esp], eax 0x0000000a mov ebx, dword ptr [ebp+122D3622h] 0x00000010 mov ebx, dword ptr [ebp+12459559h] 0x00000016 push dword ptr fs:[00000000h] 0x0000001d jns 00007FF8E8F833BCh 0x00000023 mov dword ptr fs:[00000000h], esp 0x0000002a mov ebx, dword ptr [ebp+122D35A6h] 0x00000030 mov eax, dword ptr [ebp+122D1419h] 0x00000036 mov bl, 42h 0x00000038 push FFFFFFFFh 0x0000003a jmp 00007FF8E8F833C6h 0x0000003f push eax 0x00000040 push eax 0x00000041 push edx 0x00000042 push edx 0x00000043 push eax 0x00000044 push edx 0x00000045 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 130229F second address: 13022A4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13022A4 second address: 13022AA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1305314 second address: 130539C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F8DBBEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a pushad 0x0000000b mov dword ptr [ebp+122D31BCh], eax 0x00000011 mov dword ptr [ebp+122D2AD9h], eax 0x00000017 popad 0x00000018 push 00000000h 0x0000001a push 00000000h 0x0000001c push ebp 0x0000001d call 00007FF8E8F8DBB8h 0x00000022 pop ebp 0x00000023 mov dword ptr [esp+04h], ebp 0x00000027 add dword ptr [esp+04h], 00000017h 0x0000002f inc ebp 0x00000030 push ebp 0x00000031 ret 0x00000032 pop ebp 0x00000033 ret 0x00000034 push 00000000h 0x00000036 push 00000000h 0x00000038 push ebx 0x00000039 call 00007FF8E8F8DBB8h 0x0000003e pop ebx 0x0000003f mov dword ptr [esp+04h], ebx 0x00000043 add dword ptr [esp+04h], 00000018h 0x0000004b inc ebx 0x0000004c push ebx 0x0000004d ret 0x0000004e pop ebx 0x0000004f ret 0x00000050 call 00007FF8E8F8DBC0h 0x00000055 mov dword ptr [ebp+122D254Ch], edx 0x0000005b pop edi 0x0000005c xchg eax, esi 0x0000005d push eax 0x0000005e push edx 0x0000005f pushad 0x00000060 push edi 0x00000061 pop edi 0x00000062 jng 00007FF8E8F8DBB6h 0x00000068 popad 0x00000069 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 130138B second address: 1301390 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 130821A second address: 130821E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 130821E second address: 1308230 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jp 00007FF8E8F833B8h 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1308230 second address: 130823B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 ja 00007FF8E8F8DBB6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1307393 second address: 1307399 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 130823B second address: 1308292 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 nop 0x00000008 push 00000000h 0x0000000a push ebp 0x0000000b call 00007FF8E8F8DBB8h 0x00000010 pop ebp 0x00000011 mov dword ptr [esp+04h], ebp 0x00000015 add dword ptr [esp+04h], 0000001Bh 0x0000001d inc ebp 0x0000001e push ebp 0x0000001f ret 0x00000020 pop ebp 0x00000021 ret 0x00000022 or ebx, dword ptr [ebp+122D2852h] 0x00000028 push 00000000h 0x0000002a mov ebx, 02C2918Dh 0x0000002f push 00000000h 0x00000031 jmp 00007FF8E8F8DBC7h 0x00000036 xchg eax, esi 0x00000037 push eax 0x00000038 push eax 0x00000039 push edx 0x0000003a pushad 0x0000003b popad 0x0000003c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13083D2 second address: 13083FF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F833C9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FF8E8F833BCh 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13083FF second address: 130840D instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FF8E8F8DBB6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push ecx 0x0000000d pop ecx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 130840D second address: 1308411 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13084AC second address: 13084C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF8E8F8DBBBh 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13084C0 second address: 13084D9 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FF8E8F833B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FF8E8F833BBh 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 130B191 second address: 130B197 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 130B197 second address: 130B19B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 130B19B second address: 130B1AA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a pushad 0x0000000b push edx 0x0000000c pop edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 130B1AA second address: 130B1B3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 130B1B3 second address: 130B1B7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 130D0E1 second address: 130D0F3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F833BCh 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 130D0F3 second address: 130D0F7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 130D0F7 second address: 130D0FB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 130D0FB second address: 130D115 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b pushad 0x0000000c jbe 00007FF8E8F8DBB6h 0x00000012 js 00007FF8E8F8DBB6h 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13108DF second address: 13108FB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop eax 0x00000007 jmp 00007FF8E8F833C5h 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13108FB second address: 1310905 instructions: 0x00000000 rdtsc 0x00000002 jp 00007FF8E8F8DBD0h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 130FFC3 second address: 130FFC7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 130FFC7 second address: 130FFE3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F8DBC2h 0x00000007 jns 00007FF8E8F8DBB6h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1310191 second address: 1310196 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13104C0 second address: 13104C4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13104C4 second address: 13104F2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FF8E8F833C3h 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FF8E8F833C1h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13104F2 second address: 13104F6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1312E6B second address: 1312E71 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1312E71 second address: 1312E7A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 push esi 0x00000008 pop esi 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1312E7A second address: 1312E7E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1318098 second address: 131809F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13182F4 second address: 13182FA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13182FA second address: 1318318 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop ecx 0x00000006 mov eax, dword ptr [esp+04h] 0x0000000a pushad 0x0000000b push ebx 0x0000000c push ecx 0x0000000d pop ecx 0x0000000e pop ebx 0x0000000f jno 00007FF8E8F8DBB8h 0x00000015 popad 0x00000016 mov eax, dword ptr [eax] 0x00000018 push ecx 0x00000019 push edi 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 131BAE0 second address: 131BAEA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 131BAEA second address: 131BAEE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 131C0D6 second address: 131C0DA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 131C3C0 second address: 131C3CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007FF8E8F8DBB6h 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 131C3CA second address: 131C3E3 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FF8E8F833B6h 0x00000008 jbe 00007FF8E8F833B6h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push edx 0x00000011 js 00007FF8E8F833B6h 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 131C6C2 second address: 131C6CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 131C6CA second address: 131C6DF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 jne 00007FF8E8F833D2h 0x0000000b push eax 0x0000000c push edx 0x0000000d je 00007FF8E8F833B6h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 131C6DF second address: 131C6E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 131CC7D second address: 131CC89 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007FF8E8F833B6h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 131CC89 second address: 131CC9B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FF8E8F8DBBBh 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 131F992 second address: 131F998 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 131F998 second address: 131F9AC instructions: 0x00000000 rdtsc 0x00000002 jl 00007FF8E8F8DBB6h 0x00000008 jnp 00007FF8E8F8DBB6h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 131F9AC second address: 131F9B0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 131F9B0 second address: 131F9B4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1323E75 second address: 1323E95 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FF8E8F833C6h 0x00000008 jmp 00007FF8E8F833BAh 0x0000000d jc 00007FF8E8F833B6h 0x00000013 jbe 00007FF8E8F833BEh 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1322D09 second address: 1322D0F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1322D0F second address: 1322D20 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF8E8F833BDh 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1322D20 second address: 1322D24 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1322D24 second address: 1322D31 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 pop eax 0x00000009 push eax 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F3317 second address: 12F331B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F331B second address: 12F336E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F833BCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a mov edx, 799E171Bh 0x0000000f lea eax, dword ptr [ebp+1248506Bh] 0x00000015 push 00000000h 0x00000017 push ecx 0x00000018 call 00007FF8E8F833B8h 0x0000001d pop ecx 0x0000001e mov dword ptr [esp+04h], ecx 0x00000022 add dword ptr [esp+04h], 0000001Dh 0x0000002a inc ecx 0x0000002b push ecx 0x0000002c ret 0x0000002d pop ecx 0x0000002e ret 0x0000002f mov di, bx 0x00000032 push eax 0x00000033 push eax 0x00000034 push edx 0x00000035 push eax 0x00000036 jmp 00007FF8E8F833BAh 0x0000003b pop eax 0x0000003c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F336E second address: 12D16E9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F8DBC1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c push 00000000h 0x0000000e push eax 0x0000000f call 00007FF8E8F8DBB8h 0x00000014 pop eax 0x00000015 mov dword ptr [esp+04h], eax 0x00000019 add dword ptr [esp+04h], 00000016h 0x00000021 inc eax 0x00000022 push eax 0x00000023 ret 0x00000024 pop eax 0x00000025 ret 0x00000026 mov edx, 0C1F72FEh 0x0000002b call dword ptr [ebp+122D2AF3h] 0x00000031 jc 00007FF8E8F8DBDAh 0x00000037 pushad 0x00000038 js 00007FF8E8F8DBB6h 0x0000003e jc 00007FF8E8F8DBB6h 0x00000044 popad 0x00000045 push eax 0x00000046 push edx 0x00000047 push eax 0x00000048 push edx 0x00000049 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F3545 second address: 12F354B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F354B second address: 12F354F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F354F second address: 12F3553 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F383D second address: 12F3841 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F3916 second address: 12F391A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F391A second address: 12F393A instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 xor dword ptr [esp], 255A6750h 0x0000000d sub dx, 0FD8h 0x00000012 call 00007FF8E8F8DBB9h 0x00000017 push eax 0x00000018 push edx 0x00000019 push eax 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F393A second address: 12F393F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F393F second address: 12F3944 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F3944 second address: 12F395E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edi 0x0000000b push ebx 0x0000000c push edx 0x0000000d pop edx 0x0000000e pop ebx 0x0000000f pop edi 0x00000010 mov eax, dword ptr [esp+04h] 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 push edx 0x00000019 pop edx 0x0000001a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F395E second address: 12F3964 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F3964 second address: 12F396A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F396A second address: 12F3992 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [eax] 0x0000000a je 00007FF8E8F8DBBCh 0x00000010 pushad 0x00000011 push ebx 0x00000012 pop ebx 0x00000013 push esi 0x00000014 pop esi 0x00000015 popad 0x00000016 mov dword ptr [esp+04h], eax 0x0000001a push eax 0x0000001b push edx 0x0000001c je 00007FF8E8F8DBBCh 0x00000022 jng 00007FF8E8F8DBB6h 0x00000028 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F3992 second address: 12F39A3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FF8E8F833BCh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F3D5D second address: 12F3D61 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F3D61 second address: 12F3D70 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F833BBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F3D70 second address: 12F3D76 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F3D76 second address: 12F3D86 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c pushad 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F3D86 second address: 12F3D8B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F3D8B second address: 12F3D91 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F456D second address: 12F45CC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F8DBBDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c push 00000000h 0x0000000e push edx 0x0000000f call 00007FF8E8F8DBB8h 0x00000014 pop edx 0x00000015 mov dword ptr [esp+04h], edx 0x00000019 add dword ptr [esp+04h], 0000001Ah 0x00000021 inc edx 0x00000022 push edx 0x00000023 ret 0x00000024 pop edx 0x00000025 ret 0x00000026 cld 0x00000027 mov cx, 3151h 0x0000002b xor dx, EF7Eh 0x00000030 lea eax, dword ptr [ebp+124850AFh] 0x00000036 mov edi, 4F40D58Dh 0x0000003b nop 0x0000003c pushad 0x0000003d pushad 0x0000003e push ebx 0x0000003f pop ebx 0x00000040 pushad 0x00000041 popad 0x00000042 popad 0x00000043 push eax 0x00000044 push edx 0x00000045 jmp 00007FF8E8F8DBBAh 0x0000004a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F45CC second address: 12F45E9 instructions: 0x00000000 rdtsc 0x00000002 ja 00007FF8E8F833B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FF8E8F833BFh 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F45E9 second address: 12F45F3 instructions: 0x00000000 rdtsc 0x00000002 je 00007FF8E8F8DBBCh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12F45F3 second address: 12F464E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 nop 0x00000007 push 00000000h 0x00000009 push ebp 0x0000000a call 00007FF8E8F833B8h 0x0000000f pop ebp 0x00000010 mov dword ptr [esp+04h], ebp 0x00000014 add dword ptr [esp+04h], 0000001Dh 0x0000001c inc ebp 0x0000001d push ebp 0x0000001e ret 0x0000001f pop ebp 0x00000020 ret 0x00000021 lea eax, dword ptr [ebp+1248506Bh] 0x00000027 movzx edi, bx 0x0000002a mov dword ptr [ebp+122D22D0h], ecx 0x00000030 push eax 0x00000031 pushad 0x00000032 jns 00007FF8E8F833CAh 0x00000038 push eax 0x00000039 push edx 0x0000003a pushad 0x0000003b popad 0x0000003c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 132317E second address: 13231B0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pop edx 0x00000006 pushad 0x00000007 push eax 0x00000008 pushad 0x00000009 popad 0x0000000a pushad 0x0000000b popad 0x0000000c pop eax 0x0000000d push ebx 0x0000000e jmp 00007FF8E8F8DBBFh 0x00000013 jmp 00007FF8E8F8DBBDh 0x00000018 pop ebx 0x00000019 pushad 0x0000001a push edi 0x0000001b pop edi 0x0000001c push ecx 0x0000001d pop ecx 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13235E1 second address: 1323609 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F833BEh 0x00000007 jmp 00007FF8E8F833C2h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push esi 0x00000011 pop esi 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1323609 second address: 1323626 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F8DBBFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c pop eax 0x0000000d jne 00007FF8E8F8DBB6h 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 12D21B7 second address: 12D21C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 jng 00007FF8E8F833B6h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1323A1E second address: 1323A30 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007FF8E8F8DBB6h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d pushad 0x0000000e pushad 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1323A30 second address: 1323A4A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007FF8E8F833B6h 0x0000000a jnc 00007FF8E8F833B6h 0x00000010 popad 0x00000011 jc 00007FF8E8F833C6h 0x00000017 pushad 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 132D491 second address: 132D4CF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF8E8F8DBC4h 0x00000009 pop ecx 0x0000000a pushad 0x0000000b jmp 00007FF8E8F8DBC7h 0x00000010 jmp 00007FF8E8F8DBBCh 0x00000015 popad 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 132D4CF second address: 132D4D5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 132C36E second address: 132C374 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 132C374 second address: 132C37C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 132C37C second address: 132C3A3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop eax 0x00000006 push eax 0x00000007 pushad 0x00000008 jmp 00007FF8E8F8DBC4h 0x0000000d jg 00007FF8E8F8DBB6h 0x00000013 popad 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 132C3A3 second address: 132C3BA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF8E8F833C3h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 132C3BA second address: 132C3BE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 132C4FF second address: 132C503 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 132C67D second address: 132C69B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FF8E8F8DBC1h 0x0000000c jns 00007FF8E8F8DBB6h 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 132C69B second address: 132C69F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 132C69F second address: 132C6BE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FF8E8F8DBC7h 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 132C6BE second address: 132C6C2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 132CD71 second address: 132CD9E instructions: 0x00000000 rdtsc 0x00000002 jno 00007FF8E8F8DBB6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c ja 00007FF8E8F8DBD5h 0x00000012 jmp 00007FF8E8F8DBC9h 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 133310C second address: 1333115 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 popad 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1333115 second address: 1333121 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FF8E8F8DBBEh 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1332096 second address: 13320A2 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push esi 0x0000000b pop esi 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13320A2 second address: 13320B1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F8DBBBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1336692 second address: 13366BD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jne 00007FF8E8F833B6h 0x00000009 push eax 0x0000000a pop eax 0x0000000b jmp 00007FF8E8F833C5h 0x00000010 pushad 0x00000011 popad 0x00000012 popad 0x00000013 pop edx 0x00000014 pop eax 0x00000015 push eax 0x00000016 push edx 0x00000017 push eax 0x00000018 push edx 0x00000019 pop edx 0x0000001a pop eax 0x0000001b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13366BD second address: 13366C7 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FF8E8F8DBBEh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1336825 second address: 133682A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 133907C second address: 1339094 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 jnl 00007FF8E8F8DBB6h 0x00000009 push edi 0x0000000a pop edi 0x0000000b pop esi 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 js 00007FF8E8F8DBBCh 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1339094 second address: 1339098 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1338C09 second address: 1338C4C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F8DBC7h 0x00000007 jmp 00007FF8E8F8DBC4h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e jmp 00007FF8E8F8DBC4h 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1338D97 second address: 1338D9B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1338D9B second address: 1338DCD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F8DBC7h 0x00000007 jmp 00007FF8E8F8DBC7h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1338DCD second address: 1338DDD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pushad 0x00000004 popad 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jno 00007FF8E8F833B6h 0x0000000e push eax 0x0000000f pop eax 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 133CC7F second address: 133CCB7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F8DBC2h 0x00000007 jne 00007FF8E8F8DBB8h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FF8E8F8DBC8h 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 133C448 second address: 133C452 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FF8E8F833B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 133C9C0 second address: 133C9CE instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FF8E8F8DBB6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push esi 0x0000000d pop esi 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 133C9CE second address: 133C9D2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1340A97 second address: 1340AB5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F8DBC4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1340AB5 second address: 1340AB9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1340AB9 second address: 1340ABD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1340ABD second address: 1340ADE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 pushad 0x0000000a popad 0x0000000b jmp 00007FF8E8F833C4h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 133FD55 second address: 133FD65 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ecx 0x00000007 push esi 0x00000008 pop esi 0x00000009 je 00007FF8E8F8DBB6h 0x0000000f pop ecx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 133FD65 second address: 133FD6B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 133FD6B second address: 133FD71 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 133FED7 second address: 133FF09 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FF8E8F833B6h 0x0000000a jc 00007FF8E8F833C8h 0x00000010 jo 00007FF8E8F833BAh 0x00000016 popad 0x00000017 push esi 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 133FF09 second address: 133FF0D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 133FF0D second address: 133FF11 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 133FF11 second address: 133FF17 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13401A8 second address: 13401AC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13401AC second address: 13401C1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007FF8E8F8DBB6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d je 00007FF8E8F8DBB6h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13401C1 second address: 13401E1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF8E8F833BCh 0x00000009 push eax 0x0000000a pop eax 0x0000000b popad 0x0000000c push esi 0x0000000d jno 00007FF8E8F833B6h 0x00000013 pop esi 0x00000014 popad 0x00000015 push ecx 0x00000016 push eax 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13401E1 second address: 13401F0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 je 00007FF8E8F8DBB6h 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1344C87 second address: 1344C8D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1344C8D second address: 1344C93 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1344DB9 second address: 1344DDE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF8E8F833C8h 0x00000009 popad 0x0000000a jne 00007FF8E8F833C2h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1344DDE second address: 1344DE4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1344DE4 second address: 1344DEB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13450D4 second address: 13450D8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13450D8 second address: 13450E6 instructions: 0x00000000 rdtsc 0x00000002 jg 00007FF8E8F833B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push edx 0x0000000d pop edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13450E6 second address: 13450EC instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1345260 second address: 1345280 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F833C4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 js 00007FF8E8F833BEh 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 134554A second address: 134555A instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push edx 0x00000004 pop edx 0x00000005 pop esi 0x00000006 push eax 0x00000007 push edx 0x00000008 ja 00007FF8E8F8DBB6h 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1346061 second address: 134607A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF8E8F833C4h 0x00000009 popad 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 134607A second address: 134608E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FF8E8F8DBBFh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 134C07B second address: 134C07F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 134C07F second address: 134C085 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 134C364 second address: 134C36C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 134C36C second address: 134C380 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF8E8F8DBBFh 0x00000009 popad 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 134CC1A second address: 134CC20 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 134CF22 second address: 134CF26 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 134CF26 second address: 134CF2C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 134CF2C second address: 134CF70 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 push ecx 0x00000008 pushad 0x00000009 jmp 00007FF8E8F8DBC7h 0x0000000e pushad 0x0000000f popad 0x00000010 jo 00007FF8E8F8DBB6h 0x00000016 jmp 00007FF8E8F8DBC8h 0x0000001b popad 0x0000001c pushad 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 134D532 second address: 134D53E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop edx 0x00000006 pushad 0x00000007 pushad 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 134D53E second address: 134D544 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 134D544 second address: 134D54F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 134D54F second address: 134D553 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 134D553 second address: 134D573 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F833BCh 0x00000007 jnl 00007FF8E8F833B6h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 jnc 00007FF8E8F833B6h 0x00000017 push ecx 0x00000018 pop ecx 0x00000019 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 134DDA7 second address: 134DDAB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 134DDAB second address: 134DDB7 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FF8E8F833B6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1358471 second address: 13584A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007FF8E8F8DBC8h 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FF8E8F8DBC3h 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13584A5 second address: 13584A9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1357640 second address: 1357644 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1357900 second address: 1357906 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1357B51 second address: 1357B6B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 ja 00007FF8E8F8DBB6h 0x0000000c jmp 00007FF8E8F8DBBCh 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1357B6B second address: 1357B70 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135800D second address: 1358013 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1358013 second address: 1358021 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jc 00007FF8E8F833B8h 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135FC97 second address: 135FCA7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push edx 0x00000009 jl 00007FF8E8F8DBB6h 0x0000000f pop edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135DFEB second address: 135DFF1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135E2AB second address: 135E2B0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135E441 second address: 135E450 instructions: 0x00000000 rdtsc 0x00000002 jp 00007FF8E8F833BAh 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135E9C9 second address: 135E9FA instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FF8E8F8DBB8h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FF8E8F8DBBAh 0x00000012 jmp 00007FF8E8F8DBC8h 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135ECA6 second address: 135ECAA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135ECAA second address: 135ECB7 instructions: 0x00000000 rdtsc 0x00000002 jns 00007FF8E8F8DBB6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135F3CD second address: 135F40C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 jmp 00007FF8E8F833C9h 0x0000000c jg 00007FF8E8F833B6h 0x00000012 pushad 0x00000013 popad 0x00000014 pushad 0x00000015 popad 0x00000016 popad 0x00000017 popad 0x00000018 push eax 0x00000019 jnp 00007FF8E8F833BEh 0x0000001f jng 00007FF8E8F833B6h 0x00000025 pushad 0x00000026 popad 0x00000027 push eax 0x00000028 push edx 0x00000029 push eax 0x0000002a push edx 0x0000002b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135F40C second address: 135F412 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135F412 second address: 135F416 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135FB47 second address: 135FB4B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135D9E2 second address: 135D9EE instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135D9EE second address: 135DA0D instructions: 0x00000000 rdtsc 0x00000002 ja 00007FF8E8F8DBB6h 0x00000008 jmp 00007FF8E8F8DBC5h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135DA0D second address: 135DA19 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 pushad 0x00000006 popad 0x00000007 pop ecx 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135DA19 second address: 135DA1F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135DA1F second address: 135DA23 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135DA23 second address: 135DA34 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FF8E8F8DBB6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135DA34 second address: 135DA38 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 135DA38 second address: 135DA3C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1365556 second address: 136555E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1368170 second address: 136817F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F8DBBBh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 136817F second address: 13681BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edi 0x00000007 jp 00007FF8E8F833B6h 0x0000000d pop edi 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 jmp 00007FF8E8F833C2h 0x00000017 jng 00007FF8E8F833B6h 0x0000001d push ecx 0x0000001e pop ecx 0x0000001f popad 0x00000020 jmp 00007FF8E8F833BFh 0x00000025 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 136831D second address: 1368323 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1368323 second address: 136832C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 136832C second address: 1368332 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1368332 second address: 1368336 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1368336 second address: 1368346 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jl 00007FF8E8F8DBC2h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1368495 second address: 13684B6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jnp 00007FF8E8F833B6h 0x00000009 jbe 00007FF8E8F833B6h 0x0000000f jmp 00007FF8E8F833BEh 0x00000014 popad 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1369D1E second address: 1369D22 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 136C083 second address: 136C097 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F833BCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1378E9F second address: 1378EB5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jno 00007FF8E8F8DBB6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c popad 0x0000000d jo 00007FF8E8F8DBCFh 0x00000013 pushad 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 138AE85 second address: 138AEAB instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pushad 0x00000004 popad 0x00000005 jmp 00007FF8E8F833BEh 0x0000000a pop edi 0x0000000b pushad 0x0000000c jmp 00007FF8E8F833BDh 0x00000011 push edi 0x00000012 pop edi 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 138AEAB second address: 138AEE0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 pushad 0x00000008 pushad 0x00000009 pushad 0x0000000a popad 0x0000000b pushad 0x0000000c popad 0x0000000d jmp 00007FF8E8F8DBBFh 0x00000012 popad 0x00000013 jmp 00007FF8E8F8DBC0h 0x00000018 jl 00007FF8E8F8DBC2h 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 138AEE0 second address: 138AEE6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1390872 second address: 1390887 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 jmp 00007FF8E8F8DBBCh 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1390887 second address: 13908A5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007FF8E8F833BEh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jp 00007FF8E8F833B6h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13908A5 second address: 13908A9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1390CC1 second address: 1390CDF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 jmp 00007FF8E8F833C5h 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1390CDF second address: 1390CE3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1390CE3 second address: 1390CEF instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a push edx 0x0000000b pop edx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1390CEF second address: 1390D13 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FF8E8F8DBB6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a js 00007FF8E8F8DBBAh 0x00000010 pushad 0x00000011 popad 0x00000012 push edi 0x00000013 pop edi 0x00000014 js 00007FF8E8F8DBBCh 0x0000001a jp 00007FF8E8F8DBB6h 0x00000020 push eax 0x00000021 push edx 0x00000022 pushad 0x00000023 popad 0x00000024 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1390D13 second address: 1390D17 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1391291 second address: 13912A6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 je 00007FF8E8F8DBB6h 0x0000000b ja 00007FF8E8F8DBB6h 0x00000011 pop edx 0x00000012 push esi 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1391D0D second address: 1391D17 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push edx 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 139790A second address: 1397917 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 jno 00007FF8E8F8DBB6h 0x0000000c pop eax 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 1399315 second address: 139931B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 139931B second address: 1399328 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 jp 00007FF8E8F8DBB6h 0x0000000c popad 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13B66AF second address: 13B66C1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F833BEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13B66C1 second address: 13B66D0 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FF8E8F8DBBAh 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13C6EAD second address: 13C6ECB instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FF8E8F833C2h 0x00000008 push eax 0x00000009 push edx 0x0000000a jns 00007FF8E8F833B6h 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13C61F1 second address: 13C61F5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13C65D5 second address: 13C65DA instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13C65DA second address: 13C6615 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FF8E8F8DBB6h 0x0000000a pop edx 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FF8E8F8DBC6h 0x00000012 jmp 00007FF8E8F8DBC8h 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13C6615 second address: 13C6633 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FF8E8F833B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push edi 0x0000000f push ecx 0x00000010 pop ecx 0x00000011 pop edi 0x00000012 pushad 0x00000013 pushad 0x00000014 popad 0x00000015 jc 00007FF8E8F833B6h 0x0000001b pushad 0x0000001c popad 0x0000001d popad 0x0000001e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13C6633 second address: 13C6639 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13C984B second address: 13C984F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13C9A40 second address: 13C9A45 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13C9A45 second address: 13C9A4B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13C9A4B second address: 13C9A4F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13C9AF8 second address: 13C9B27 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jno 00007FF8E8F833B6h 0x00000009 push ecx 0x0000000a pop ecx 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e nop 0x0000000f and edx, dword ptr [ebp+122D3592h] 0x00000015 push 00000004h 0x00000017 mov dword ptr [ebp+122D254Ch], esi 0x0000001d call 00007FF8E8F833B9h 0x00000022 js 00007FF8E8F833C4h 0x00000028 pushad 0x00000029 push eax 0x0000002a push edx 0x0000002b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13C9B27 second address: 13C9B2D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13C9B2D second address: 13C9B49 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FF8E8F833C4h 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13C9B49 second address: 13C9B60 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 pop eax 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [esp+04h] 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f jnp 00007FF8E8F8DBB6h 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13C9B60 second address: 13C9B65 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13C9B65 second address: 13C9B6B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13C9DB9 second address: 13C9DDB instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop eax 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FF8E8F833C8h 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13C9DDB second address: 13C9E47 instructions: 0x00000000 rdtsc 0x00000002 ja 00007FF8E8F8DBC6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b or edx, 5B57759Ah 0x00000011 mov edx, dword ptr [ebp+1247B146h] 0x00000017 push dword ptr [ebp+122D3186h] 0x0000001d push 00000000h 0x0000001f push eax 0x00000020 call 00007FF8E8F8DBB8h 0x00000025 pop eax 0x00000026 mov dword ptr [esp+04h], eax 0x0000002a add dword ptr [esp+04h], 0000001Dh 0x00000032 inc eax 0x00000033 push eax 0x00000034 ret 0x00000035 pop eax 0x00000036 ret 0x00000037 push 34B73AD2h 0x0000003c push eax 0x0000003d push eax 0x0000003e push edx 0x0000003f jmp 00007FF8E8F8DBC2h 0x00000044 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13CCD41 second address: 13CCD45 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13CCD45 second address: 13CCD4B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 13CC8C4 second address: 13CC8C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5530356 second address: 553038B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F8DBBAh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a xchg eax, ebp 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FF8E8F8DBBEh 0x00000012 or eax, 0F1EFB78h 0x00000018 jmp 00007FF8E8F8DBBBh 0x0000001d popfd 0x0000001e pushad 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 553038B second address: 553039B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 popad 0x00000008 mov ebp, esp 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 553039B second address: 55303A1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 553040E second address: 5530414 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5530414 second address: 553041A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 553041A second address: 553041E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 553041E second address: 5530443 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF8E8F8DBC8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5530443 second address: 5530447 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5530447 second address: 553044D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet