Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://127.0.0.1:27060 |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2180357030.0000000000E44000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158442402.0000000000DA8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/account/cookiepreferences/ |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158442402.0000000000DA8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/privacy_agreement/ |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2180357030.0000000000E44000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158442402.0000000000DA8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/subscriber_agreement/ |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://www.valvesoftware.com/legal.htm |
Source: file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://api.steampowered.com/ |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://avatars.akamai.steamstatic |
Source: file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://avatars.akamai.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://broadcast.st.dl.eccdnx.com |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://checkout.steampowered.com/ |
Source: file.exe, 00000000.00000002.2180089779.0000000000D6E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://clearancek.site/ |
Source: file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/ |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158442402.0000000000DA8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/applications/community/main.css?v=Ev2sBLgkgyWJ&a |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/globalv2.css?v=PAcV2zMBzzSV&l=english |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/promo/summer2017/stickers.css?v=HA2Yr5oy3FFG& |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/skin_1/header.css?v=NFoCa4OkAxRb&l=english |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/skin_1/modalContent.css?v=.VpiwkLAYt9r1 |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/skin_1/profilev2.css?v=M_qL4gO2sKII&l=englis |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158442402.0000000000DA8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/images/skin_1/arrowDn9x5.gif |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2180089779.0000000000DA5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167205745.0000000000DA5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1 |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158442402.0000000000DA8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6 |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158442402.0000000000DA8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/applications/community/main.js?v=10oP_O2R |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158442402.0000000000DA8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/applications/community/manifest.js?v=AeTz |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/global.js?v=9OzcxMXbaV84&l=english |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/modalContent.js?v=f2hMA1v9Zkc8&l=engl |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/profile.js?v=f3vWO7swdDqp&l=english |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/promo/stickers.js?v=upl9NJ5D2xkP&l=en |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/reportedcontent.js?v=dAtjbcZMWhSe&l=e |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/webui/clientcom.js?v=9yzMGndrVfY4&l=e |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/buttons.css?v=PUJIfhtcQn7W&l=english |
Source: file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/motiva_sans.css?v=-DH0xTYpnVe2&l=engl |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/shared_global.css?v=ezWS9te9Zwm9&l=en |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/shared_responsive.css?v=sHIIcMzCffX6& |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016 |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/responsive/header_logo.png |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1& |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/shared_global.js?v=REEGJU1hwkYl&am |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=pSv |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0 |
Source: file.exe, 00000000.00000003.2158442402.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167205745.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2180089779.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://dissapoiznw.store/ |
Source: file.exe, 00000000.00000003.2158442402.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://eaglepawnoy.store/ |
Source: file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://help.steampowered.com/ |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://help.steampowered.com/en/ |
Source: file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://login.steampowered.com/ |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lv.queniujq.cn |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://medal.tv |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://player.vimeo.com |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://recaptcha.net |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://recaptcha.net/recaptcha/; |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://s.ytimg.com; |
Source: file.exe, 00000000.00000003.2167205745.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167205745.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2180089779.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2180089779.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sergei-esenin.com/ |
Source: file.exe, 00000000.00000003.2167205745.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2180089779.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sergei-esenin.com/U |
Source: file.exe, 00000000.00000002.2180089779.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167205745.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2180089779.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167205745.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sergei-esenin.com/api |
Source: file.exe, 00000000.00000003.2167205745.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2180089779.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sergei-esenin.com/u |
Source: file.exe, 00000000.00000003.2167205745.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2180089779.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sergei-esenin.com:443/api |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sketchfab.com |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steam.tv/ |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcast-test.akamaized.net |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcast.akamaized.net |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcastchat.akamaized.net |
Source: file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/ |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/?subsection=broadcasts |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/discussions/ |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2180089779.0000000000DA5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167205745.0000000000DA5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org |
Source: file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900 |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/market/ |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/my/wishlist/ |
Source: file.exe, 00000000.00000003.2158442402.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167205745.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158681082.0000000000DD7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2180089779.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900 |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158442402.0000000000DA8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900/badges |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2180089779.0000000000DA5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167205745.0000000000DA5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900/inventory/ |
Source: file.exe, 00000000.00000003.2158442402.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167205745.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158681082.0000000000DD7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2180089779.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900Q |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/workshop/ |
Source: file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/ |
Source: file.exe, 00000000.00000003.2158729439.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/; |
Source: file.exe, 00000000.00000003.2158729439.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7Cd7fb65801182a5f |
Source: file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/about/ |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/explore/ |
Source: file.exe, 00000000.00000003.2158403203.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2180357030.0000000000E44000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158442402.0000000000DA8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/legal/ |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/mobile |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/news/ |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/points/shop/ |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/privacy_agreement/ |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/stats/ |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/steam_refunds/ |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/subscriber_agreement/ |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com |
Source: file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com/recaptcha/ |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.gstatic.cn/recaptcha/ |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.gstatic.com/recaptcha/ |
Source: file.exe, 00000000.00000003.2158403203.0000000000E30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2167183387.0000000000E3B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.youtube.com |
Source: file.exe, 00000000.00000003.2158442402.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2158622921.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.youtube.com/ |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8944D1 second address: 8944DB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jo 00007F286D1EB856h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8944DB second address: 893C07 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F286CDEE626h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov dword ptr [esp], eax 0x0000000f jmp 00007F286CDEE639h 0x00000014 mov dword ptr [ebp+122D3386h], edx 0x0000001a push dword ptr [ebp+122D16ADh] 0x00000020 jmp 00007F286CDEE62Ch 0x00000025 jmp 00007F286CDEE639h 0x0000002a call dword ptr [ebp+122D1BC1h] 0x00000030 pushad 0x00000031 jns 00007F286CDEE62Eh 0x00000037 xor eax, eax 0x00000039 clc 0x0000003a mov edx, dword ptr [esp+28h] 0x0000003e pushad 0x0000003f add dword ptr [ebp+122D3922h], edi 0x00000045 mov eax, dword ptr [ebp+122D2D7Dh] 0x0000004b popad 0x0000004c mov dword ptr [ebp+122D389Fh], ebx 0x00000052 mov dword ptr [ebp+122D2BB1h], eax 0x00000058 jmp 00007F286CDEE638h 0x0000005d mov esi, 0000003Ch 0x00000062 jc 00007F286CDEE62Ch 0x00000068 add esi, dword ptr [esp+24h] 0x0000006c or dword ptr [ebp+122D3922h], ecx 0x00000072 add dword ptr [ebp+122D389Fh], esi 0x00000078 lodsw 0x0000007a pushad 0x0000007b mov dword ptr [ebp+122D389Fh], ebx 0x00000081 popad 0x00000082 pushad 0x00000083 mov edi, dword ptr [ebp+122D2C89h] 0x00000089 mov ebx, dword ptr [ebp+122D2C91h] 0x0000008f popad 0x00000090 add eax, dword ptr [esp+24h] 0x00000094 jmp 00007F286CDEE62Bh 0x00000099 mov ebx, dword ptr [esp+24h] 0x0000009d sub dword ptr [ebp+122D3922h], edi 0x000000a3 nop 0x000000a4 push eax 0x000000a5 push edx 0x000000a6 pushad 0x000000a7 push eax 0x000000a8 push edx 0x000000a9 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 893C07 second address: 893C1C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F286D1EB860h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 893C1C second address: 893C22 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A10D9F second address: A10DA5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A10DA5 second address: A10DA9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A10DA9 second address: A10DAD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A10DAD second address: A10DB5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A0FD7F second address: A0FD83 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A0FD83 second address: A0FDB6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286CDEE637h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jmp 00007F286CDEE62Eh 0x0000000f pushad 0x00000010 popad 0x00000011 jne 00007F286CDEE626h 0x00000017 popad 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A0FDB6 second address: A0FDBF instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push esi 0x00000004 pop esi 0x00000005 pop ecx 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A0FDBF second address: A0FDF3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a pushad 0x0000000b jnc 00007F286CDEE626h 0x00000011 ja 00007F286CDEE626h 0x00000017 jnp 00007F286CDEE626h 0x0000001d jmp 00007F286CDEE633h 0x00000022 popad 0x00000023 pushad 0x00000024 push eax 0x00000025 push edx 0x00000026 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A10353 second address: A10357 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A10357 second address: A1035B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A1035B second address: A10365 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A10365 second address: A10369 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A10369 second address: A1037D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push edx 0x00000009 je 00007F286D1EB858h 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A11F6C second address: A11F81 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F286CDEE630h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A11F81 second address: A11FAC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 pushad 0x00000009 pushad 0x0000000a push edx 0x0000000b pop edx 0x0000000c pushad 0x0000000d popad 0x0000000e popad 0x0000000f push ecx 0x00000010 jmp 00007F286D1EB85Fh 0x00000015 pop ecx 0x00000016 popad 0x00000017 mov eax, dword ptr [esp+04h] 0x0000001b push eax 0x0000001c push edx 0x0000001d push ecx 0x0000001e push esi 0x0000001f pop esi 0x00000020 pop ecx 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A11FAC second address: A11FCD instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [eax] 0x0000000a pushad 0x0000000b jmp 00007F286CDEE62Eh 0x00000010 push eax 0x00000011 push edx 0x00000012 jl 00007F286CDEE626h 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A11FCD second address: A11FED instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp+04h], eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F286D1EB862h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A12073 second address: A12107 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F286CDEE626h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b call 00007F286CDEE638h 0x00000010 add dword ptr [ebp+122D1BE6h], ecx 0x00000016 pop ecx 0x00000017 push 00000000h 0x00000019 add dword ptr [ebp+122D3B0Dh], ecx 0x0000001f call 00007F286CDEE629h 0x00000024 push esi 0x00000025 jnp 00007F286CDEE628h 0x0000002b pushad 0x0000002c popad 0x0000002d pop esi 0x0000002e push eax 0x0000002f pushad 0x00000030 jmp 00007F286CDEE634h 0x00000035 ja 00007F286CDEE631h 0x0000003b popad 0x0000003c mov eax, dword ptr [esp+04h] 0x00000040 jnp 00007F286CDEE632h 0x00000046 jmp 00007F286CDEE62Ch 0x0000004b mov eax, dword ptr [eax] 0x0000004d push eax 0x0000004e push edx 0x0000004f jmp 00007F286CDEE62Dh 0x00000054 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A12107 second address: A12197 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 jnc 00007F286D1EB856h 0x00000009 pop ecx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov dword ptr [esp+04h], eax 0x00000010 jbe 00007F286D1EB862h 0x00000016 jc 00007F286D1EB85Ch 0x0000001c jc 00007F286D1EB856h 0x00000022 pop eax 0x00000023 push 00000000h 0x00000025 push ebx 0x00000026 call 00007F286D1EB858h 0x0000002b pop ebx 0x0000002c mov dword ptr [esp+04h], ebx 0x00000030 add dword ptr [esp+04h], 0000001Ah 0x00000038 inc ebx 0x00000039 push ebx 0x0000003a ret 0x0000003b pop ebx 0x0000003c ret 0x0000003d mov ecx, dword ptr [ebp+122D2BA5h] 0x00000043 mov esi, 31AA0ADDh 0x00000048 push 00000003h 0x0000004a mov esi, dword ptr [ebp+122D2AADh] 0x00000050 push 00000000h 0x00000052 mov edi, dword ptr [ebp+122D2C41h] 0x00000058 push 00000003h 0x0000005a push 00000000h 0x0000005c push ebx 0x0000005d call 00007F286D1EB858h 0x00000062 pop ebx 0x00000063 mov dword ptr [esp+04h], ebx 0x00000067 add dword ptr [esp+04h], 00000018h 0x0000006f inc ebx 0x00000070 push ebx 0x00000071 ret 0x00000072 pop ebx 0x00000073 ret 0x00000074 call 00007F286D1EB859h 0x00000079 push edx 0x0000007a push eax 0x0000007b push edx 0x0000007c push ecx 0x0000007d pop ecx 0x0000007e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A12197 second address: A1219B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A1219B second address: A121AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d pushad 0x0000000e popad 0x0000000f popad 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A121AB second address: A121B0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A121B0 second address: A121B6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A121B6 second address: A121D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b jmp 00007F286CDEE62Ch 0x00000010 mov eax, dword ptr [eax] 0x00000012 push edi 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A121D4 second address: A121D8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A12282 second address: A122B3 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F286CDEE626h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b stc 0x0000000c push 00000000h 0x0000000e call 00007F286CDEE629h 0x00000013 jmp 00007F286CDEE631h 0x00000018 push eax 0x00000019 push eax 0x0000001a push edx 0x0000001b pushad 0x0000001c pushad 0x0000001d popad 0x0000001e pushad 0x0000001f popad 0x00000020 popad 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A122B3 second address: A122B9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A122B9 second address: A122BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A122BD second address: A122C1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A122C1 second address: A122EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [esp+04h] 0x0000000c js 00007F286CDEE62Eh 0x00000012 push ecx 0x00000013 jc 00007F286CDEE626h 0x00000019 pop ecx 0x0000001a mov eax, dword ptr [eax] 0x0000001c push eax 0x0000001d push edx 0x0000001e jno 00007F286CDEE62Ch 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A09185 second address: A09189 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A31894 second address: A31898 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A31898 second address: A318B5 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ebx 0x00000007 jmp 00007F286D1EB85Eh 0x0000000c pushad 0x0000000d popad 0x0000000e pop ebx 0x0000000f popad 0x00000010 pushad 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A31E7F second address: A31E89 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F286CDEE626h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A31E89 second address: A31EA6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286D1EB864h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A31EA6 second address: A31EAC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A32743 second address: A32774 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pushad 0x00000006 jmp 00007F286D1EB869h 0x0000000b jmp 00007F286D1EB85Ch 0x00000010 push edi 0x00000011 pop edi 0x00000012 popad 0x00000013 pushad 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A32774 second address: A3277C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A28A89 second address: A28A8D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A28A8D second address: A28A91 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9F9FC6 second address: 9FA00F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286D1EB866h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F286D1EB865h 0x0000000e popad 0x0000000f push edx 0x00000010 push edi 0x00000011 jmp 00007F286D1EB85Eh 0x00000016 push edx 0x00000017 pop edx 0x00000018 pop edi 0x00000019 push eax 0x0000001a push edx 0x0000001b pushad 0x0000001c popad 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9FA00F second address: 9FA013 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9FA013 second address: 9FA019 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A329FF second address: A32A03 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A32A03 second address: A32A0E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A32A0E second address: A32A13 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A32A13 second address: A32A2C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286D1EB862h 0x00000007 pushad 0x00000008 push edx 0x00000009 pop edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A32A2C second address: A32A46 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push edx 0x0000000b jmp 00007F286CDEE62Bh 0x00000010 pop edx 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A3305D second address: A33061 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A33061 second address: A3306B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A3306B second address: A33075 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007F286D1EB856h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A33075 second address: A33096 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F286CDEE637h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A33096 second address: A330B2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F286D1EB868h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A33244 second address: A3325A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 jbe 00007F286CDEE62Ch 0x0000000b push ecx 0x0000000c push esi 0x0000000d pop esi 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A39989 second address: A3998D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A3998D second address: A39997 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9FBB9E second address: 9FBBA6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9F68A5 second address: 9F68B9 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F286CDEE628h 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c jng 00007F286CDEE626h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9F68B9 second address: 9F68BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A3F9B7 second address: A3F9D5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F286CDEE638h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A3F9D5 second address: A3F9D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9F4D62 second address: 9F4D68 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A4419B second address: A441B3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286D1EB860h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push edi 0x0000000c pop edi 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A4424D second address: A44262 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F286CDEE62Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A44262 second address: A44299 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F286D1EB856h 0x0000000a popad 0x0000000b pop edx 0x0000000c mov eax, dword ptr [esp+04h] 0x00000010 jmp 00007F286D1EB85Fh 0x00000015 mov eax, dword ptr [eax] 0x00000017 jc 00007F286D1EB85Ch 0x0000001d pushad 0x0000001e pushad 0x0000001f popad 0x00000020 pushad 0x00000021 popad 0x00000022 popad 0x00000023 mov dword ptr [esp+04h], eax 0x00000027 push eax 0x00000028 push edx 0x00000029 push ebx 0x0000002a pushad 0x0000002b popad 0x0000002c pop ebx 0x0000002d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A44615 second address: A4463C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286CDEE637h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jne 00007F286CDEE628h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A449B0 second address: A449D1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286D1EB866h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ecx 0x0000000a push eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e push ebx 0x0000000f pop ebx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A44EB5 second address: A44EF1 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F286CDEE626h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b xchg eax, ebx 0x0000000c push 00000000h 0x0000000e push edi 0x0000000f call 00007F286CDEE628h 0x00000014 pop edi 0x00000015 mov dword ptr [esp+04h], edi 0x00000019 add dword ptr [esp+04h], 00000014h 0x00000021 inc edi 0x00000022 push edi 0x00000023 ret 0x00000024 pop edi 0x00000025 ret 0x00000026 jmp 00007F286CDEE62Dh 0x0000002b nop 0x0000002c push eax 0x0000002d push edx 0x0000002e push eax 0x0000002f push edx 0x00000030 push edx 0x00000031 pop edx 0x00000032 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A44EF1 second address: A44EF7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A44EF7 second address: A44F0C instructions: 0x00000000 rdtsc 0x00000002 jc 00007F286CDEE62Ch 0x00000008 jbe 00007F286CDEE626h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push ecx 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A4523C second address: A45246 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 js 00007F286D1EB856h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A4530A second address: A4530E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A4530E second address: A45312 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A45312 second address: A45318 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A45470 second address: A454A7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 popad 0x00000006 push eax 0x00000007 pushad 0x00000008 push eax 0x00000009 push eax 0x0000000a pop eax 0x0000000b pop eax 0x0000000c pushad 0x0000000d jng 00007F286D1EB856h 0x00000013 jmp 00007F286D1EB867h 0x00000018 popad 0x00000019 popad 0x0000001a nop 0x0000001b xchg eax, ebx 0x0000001c pushad 0x0000001d jo 00007F286D1EB85Ch 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A454A7 second address: A454BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007F286CDEE628h 0x0000000a popad 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 push ebx 0x00000011 pop ebx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A454BB second address: A454C1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A454C1 second address: A454C7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A454C7 second address: A454CB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A45873 second address: A45877 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A45877 second address: A4587D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A4587D second address: A458C3 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F286CDEE62Ch 0x00000008 jl 00007F286CDEE626h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 nop 0x00000011 add edi, 0DE8292Ah 0x00000017 push 00000000h 0x00000019 push 00000000h 0x0000001b mov dword ptr [ebp+122D38C1h], eax 0x00000021 xchg eax, ebx 0x00000022 jmp 00007F286CDEE634h 0x00000027 push eax 0x00000028 pushad 0x00000029 jmp 00007F286CDEE62Ah 0x0000002e push eax 0x0000002f push edx 0x00000030 push ecx 0x00000031 pop ecx 0x00000032 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A490A2 second address: A490AF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 ja 00007F286D1EB85Ch 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A49DDD second address: A49E8A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F286CDEE638h 0x00000008 push esi 0x00000009 pop esi 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e jng 00007F286CDEE62Ah 0x00000014 push ebx 0x00000015 pushad 0x00000016 popad 0x00000017 pop ebx 0x00000018 nop 0x00000019 jns 00007F286CDEE62Ch 0x0000001f sub dword ptr [ebp+122D23B2h], edx 0x00000025 call 00007F286CDEE62Fh 0x0000002a mov edi, 61E57332h 0x0000002f pop esi 0x00000030 push 00000000h 0x00000032 push 00000000h 0x00000034 push ebx 0x00000035 call 00007F286CDEE628h 0x0000003a pop ebx 0x0000003b mov dword ptr [esp+04h], ebx 0x0000003f add dword ptr [esp+04h], 00000016h 0x00000047 inc ebx 0x00000048 push ebx 0x00000049 ret 0x0000004a pop ebx 0x0000004b ret 0x0000004c jmp 00007F286CDEE637h 0x00000051 push 00000000h 0x00000053 push edi 0x00000054 clc 0x00000055 pop edi 0x00000056 xchg eax, ebx 0x00000057 jnl 00007F286CDEE62Ah 0x0000005d push eax 0x0000005e pushad 0x0000005f push eax 0x00000060 push edx 0x00000061 jmp 00007F286CDEE635h 0x00000066 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A4B3A7 second address: A4B3AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A4BDF9 second address: A4BDFE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A4C6F7 second address: A4C719 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286D1EB85Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jne 00007F286D1EB85Ch 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A4E494 second address: A4E49F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jns 00007F286CDEE626h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A4C719 second address: A4C71F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A4C71F second address: A4C723 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A508AA second address: A508BB instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 push eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b jnc 00007F286D1EB856h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A5271C second address: A527B1 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pushad 0x00000004 popad 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push esi 0x0000000a jmp 00007F286CDEE637h 0x0000000f pop esi 0x00000010 nop 0x00000011 jc 00007F286CDEE62Ch 0x00000017 mov dword ptr [ebp+122D36F4h], eax 0x0000001d sbb edi, 64C1F413h 0x00000023 push 00000000h 0x00000025 push 00000000h 0x00000027 push edx 0x00000028 call 00007F286CDEE628h 0x0000002d pop edx 0x0000002e mov dword ptr [esp+04h], edx 0x00000032 add dword ptr [esp+04h], 0000001Bh 0x0000003a inc edx 0x0000003b push edx 0x0000003c ret 0x0000003d pop edx 0x0000003e ret 0x0000003f add di, 6580h 0x00000044 push 00000000h 0x00000046 or dword ptr [ebp+122D3479h], edi 0x0000004c xchg eax, esi 0x0000004d pushad 0x0000004e push ecx 0x0000004f jmp 00007F286CDEE634h 0x00000054 pop ecx 0x00000055 jmp 00007F286CDEE62Bh 0x0000005a popad 0x0000005b push eax 0x0000005c jo 00007F286CDEE62Eh 0x00000062 push ebx 0x00000063 push eax 0x00000064 push edx 0x00000065 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A51A43 second address: A51A49 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A50AF3 second address: A50AF8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A51A49 second address: A51A4E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A53770 second address: A53774 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A50AF8 second address: A50B16 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F286D1EB85Ch 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 jnp 00007F286D1EB856h 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A52988 second address: A5298D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A51A4E second address: A51ABB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push esi 0x00000004 pop esi 0x00000005 jmp 00007F286D1EB864h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d nop 0x0000000e mov dword ptr [ebp+122D3472h], ebx 0x00000014 push dword ptr fs:[00000000h] 0x0000001b or ebx, 2DB21100h 0x00000021 mov dword ptr fs:[00000000h], esp 0x00000028 pushad 0x00000029 mov dx, 5C99h 0x0000002d pushad 0x0000002e mov eax, dword ptr [ebp+122D3716h] 0x00000034 mov eax, dword ptr [ebp+122D2C81h] 0x0000003a popad 0x0000003b popad 0x0000003c mov eax, dword ptr [ebp+122D1711h] 0x00000042 push ebx 0x00000043 mov edi, dword ptr [ebp+1247B4D8h] 0x00000049 pop edi 0x0000004a push FFFFFFFFh 0x0000004c xor ebx, 7659E533h 0x00000052 mov dword ptr [ebp+122D1BEDh], ecx 0x00000058 nop 0x00000059 pushad 0x0000005a push eax 0x0000005b push edx 0x0000005c pushad 0x0000005d popad 0x0000005e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A53774 second address: A537E9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 mov dword ptr [esp], eax 0x0000000a mov edi, dword ptr [ebp+122D2DD1h] 0x00000010 push 00000000h 0x00000012 push 00000000h 0x00000014 push ebp 0x00000015 call 00007F286CDEE628h 0x0000001a pop ebp 0x0000001b mov dword ptr [esp+04h], ebp 0x0000001f add dword ptr [esp+04h], 00000016h 0x00000027 inc ebp 0x00000028 push ebp 0x00000029 ret 0x0000002a pop ebp 0x0000002b ret 0x0000002c jns 00007F286CDEE62Ch 0x00000032 jbe 00007F286CDEE62Bh 0x00000038 mov edi, 460BB998h 0x0000003d push 00000000h 0x0000003f push 00000000h 0x00000041 push edi 0x00000042 call 00007F286CDEE628h 0x00000047 pop edi 0x00000048 mov dword ptr [esp+04h], edi 0x0000004c add dword ptr [esp+04h], 00000014h 0x00000054 inc edi 0x00000055 push edi 0x00000056 ret 0x00000057 pop edi 0x00000058 ret 0x00000059 or dword ptr [ebp+122D3396h], eax 0x0000005f push eax 0x00000060 push edx 0x00000061 push eax 0x00000062 push edx 0x00000063 js 00007F286CDEE626h 0x00000069 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A50B16 second address: A50B1C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A51ABB second address: A51AEC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286CDEE630h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jo 00007F286CDEE628h 0x0000000f push edx 0x00000010 pop edx 0x00000011 popad 0x00000012 push eax 0x00000013 push eax 0x00000014 pushad 0x00000015 jmp 00007F286CDEE62Fh 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A50B1C second address: A50B27 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jnp 00007F286D1EB856h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A54765 second address: A5476C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push esi 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A55865 second address: A55877 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F286D1EB85Dh 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A55877 second address: A55881 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jl 00007F286CDEE626h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A55881 second address: A55885 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A55885 second address: A55897 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a jng 00007F286CDEE62Ch 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A55897 second address: A5589F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A5589F second address: A558A3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A549FA second address: A54A11 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F286D1EB85Ah 0x00000008 pushad 0x00000009 popad 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e pushad 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A54A11 second address: A54A17 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A54A17 second address: A54A24 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jne 00007F286D1EB856h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A54A24 second address: A54A28 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A58BC2 second address: A58BC6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A58BC6 second address: A58BCA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A59C6D second address: A59C71 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A5C3C4 second address: A5C3D5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F286CDEE62Dh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A5D410 second address: A5D416 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A57B60 second address: A57B65 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A57C6A second address: A57C6E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A57C6E second address: A57C85 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286CDEE633h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A57C85 second address: A57C8A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A58E5B second address: A58E61 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A5C567 second address: A5C624 instructions: 0x00000000 rdtsc 0x00000002 js 00007F286D1EB86Fh 0x00000008 jmp 00007F286D1EB869h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 ja 00007F286D1EB873h 0x00000016 nop 0x00000017 mov dword ptr [ebp+122D26BDh], ecx 0x0000001d push dword ptr fs:[00000000h] 0x00000024 mov dword ptr [ebp+122D1B29h], ebx 0x0000002a mov dword ptr fs:[00000000h], esp 0x00000031 push 00000000h 0x00000033 push ebx 0x00000034 call 00007F286D1EB858h 0x00000039 pop ebx 0x0000003a mov dword ptr [esp+04h], ebx 0x0000003e add dword ptr [esp+04h], 00000015h 0x00000046 inc ebx 0x00000047 push ebx 0x00000048 ret 0x00000049 pop ebx 0x0000004a ret 0x0000004b mov eax, dword ptr [ebp+122D12B5h] 0x00000051 push 00000000h 0x00000053 push edx 0x00000054 call 00007F286D1EB858h 0x00000059 pop edx 0x0000005a mov dword ptr [esp+04h], edx 0x0000005e add dword ptr [esp+04h], 00000017h 0x00000066 inc edx 0x00000067 push edx 0x00000068 ret 0x00000069 pop edx 0x0000006a ret 0x0000006b jnl 00007F286D1EB85Ch 0x00000071 push FFFFFFFFh 0x00000073 and ebx, dword ptr [ebp+122D38EBh] 0x00000079 nop 0x0000007a push edx 0x0000007b pushad 0x0000007c push eax 0x0000007d push edx 0x0000007e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A5C624 second address: A5C62A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A5C62A second address: A5C646 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 push eax 0x00000007 js 00007F286D1EB86Fh 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F286D1EB85Dh 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A5C646 second address: A5C64A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A5E7A7 second address: A5E7B1 instructions: 0x00000000 rdtsc 0x00000002 js 00007F286D1EB85Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A621D6 second address: A621DC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A67E1F second address: A67E47 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F286D1EB862h 0x00000009 jmp 00007F286D1EB85Bh 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 push edi 0x00000012 pop edi 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A67E47 second address: A67E4B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A67592 second address: A675A3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F286D1EB85Dh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A675A3 second address: A675A7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A675A7 second address: A675B5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jo 00007F286D1EB858h 0x0000000c push eax 0x0000000d pop eax 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A67884 second address: A67889 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A67889 second address: A678B5 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F286D1EB86Ah 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F286D1EB85Eh 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A6D909 second address: A6D90E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A6D90E second address: A6D913 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A6D913 second address: A6D928 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b push eax 0x0000000c push edx 0x0000000d push esi 0x0000000e je 00007F286CDEE626h 0x00000014 pop esi 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A6D928 second address: A6D940 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F286D1EB863h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A6D940 second address: A6D958 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov eax, dword ptr [eax] 0x00000009 push eax 0x0000000a push edx 0x0000000b push esi 0x0000000c jmp 00007F286CDEE62Bh 0x00000011 pop esi 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A6DA1C second address: A6DA3C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop eax 0x00000008 push eax 0x00000009 jmp 00007F286D1EB85Eh 0x0000000e mov eax, dword ptr [esp+04h] 0x00000012 push ecx 0x00000013 push eax 0x00000014 push edx 0x00000015 pushad 0x00000016 popad 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A71F85 second address: A71F98 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286CDEE62Dh 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7210D second address: A7211B instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jnl 00007F286D1EB856h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7228E second address: A722E1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F286CDEE636h 0x0000000b pop ebx 0x0000000c push ebx 0x0000000d pushad 0x0000000e jmp 00007F286CDEE637h 0x00000013 jg 00007F286CDEE626h 0x00000019 jmp 00007F286CDEE62Ch 0x0000001e ja 00007F286CDEE626h 0x00000024 popad 0x00000025 push eax 0x00000026 push edx 0x00000027 push eax 0x00000028 push edx 0x00000029 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A722E1 second address: A722E5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A722E5 second address: A722E9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A722E9 second address: A722EF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7271F second address: A72726 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A72726 second address: A7272C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7272C second address: A72732 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A72BBB second address: A72BBF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A72BBF second address: A72BE1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007F286CDEE637h 0x0000000c pushad 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A72BE1 second address: A72BE7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A72BE7 second address: A72BEC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A72BEC second address: A72C1A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jmp 00007F286D1EB85Eh 0x0000000a jmp 00007F286D1EB85Bh 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 popad 0x00000014 jmp 00007F286D1EB85Bh 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7727A second address: A77282 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push edi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A77282 second address: A772B4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F286D1EB869h 0x00000009 pop edi 0x0000000a push eax 0x0000000b push edx 0x0000000c jg 00007F286D1EB862h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A772B4 second address: A772BB instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push edi 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A77425 second address: A77429 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A77991 second address: A77995 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A77995 second address: A7799B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A76EDE second address: A76F13 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F286CDEE633h 0x00000009 popad 0x0000000a pushad 0x0000000b jmp 00007F286CDEE633h 0x00000010 push eax 0x00000011 pop eax 0x00000012 jbe 00007F286CDEE626h 0x00000018 popad 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A77CB3 second address: A77CD7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286D1EB862h 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push ecx 0x0000000c jl 00007F286D1EB856h 0x00000012 pop ecx 0x00000013 push eax 0x00000014 push edx 0x00000015 push ebx 0x00000016 pop ebx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A77E26 second address: A77E31 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007F286CDEE626h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7DE79 second address: A7DE87 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007F286D1EB856h 0x0000000a pop eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7DE87 second address: A7DEAF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007F286CDEE626h 0x0000000a pop edx 0x0000000b popad 0x0000000c jc 00007F286CDEE643h 0x00000012 jmp 00007F286CDEE62Dh 0x00000017 pushad 0x00000018 jno 00007F286CDEE626h 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7C8BD second address: A7C8C1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7CB6B second address: A7CB6F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7CB6F second address: A7CBA0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 pushad 0x00000008 popad 0x00000009 pop eax 0x0000000a push esi 0x0000000b jno 00007F286D1EB856h 0x00000011 pop esi 0x00000012 push eax 0x00000013 push ebx 0x00000014 pop ebx 0x00000015 jmp 00007F286D1EB85Fh 0x0000001a pop eax 0x0000001b popad 0x0000001c pushad 0x0000001d push eax 0x0000001e push edx 0x0000001f jnl 00007F286D1EB856h 0x00000025 push eax 0x00000026 pop eax 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7CD10 second address: A7CD14 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7CE60 second address: A7CE64 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7CE64 second address: A7CE68 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7CE68 second address: A7CE73 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7CE73 second address: A7CEB0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F286CDEE635h 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c push ebx 0x0000000d jmp 00007F286CDEE631h 0x00000012 pushad 0x00000013 popad 0x00000014 pop ebx 0x00000015 popad 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 jbe 00007F286CDEE626h 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7CEB0 second address: A7CECD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F286D1EB868h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7CECD second address: A7CED9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 jns 00007F286CDEE626h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7D476 second address: A7D47B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7D47B second address: A7D480 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7D480 second address: A7D488 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7D75B second address: A7D764 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7D764 second address: A7D768 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A29637 second address: A2964F instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 jmp 00007F286CDEE62Bh 0x00000008 pop ecx 0x00000009 pushad 0x0000000a jnp 00007F286CDEE626h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A00C38 second address: A00C3D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A00C3D second address: A00C55 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F286CDEE632h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7C5BE second address: A7C5C2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7C5C2 second address: A7C5C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7C5C8 second address: A7C5DF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F286D1EB85Dh 0x0000000b push eax 0x0000000c push edx 0x0000000d push ebx 0x0000000e pop ebx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A7C5DF second address: A7C5F6 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F286CDEE626h 0x00000008 push eax 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c popad 0x0000000d jc 00007F286CDEE634h 0x00000013 push eax 0x00000014 push edx 0x00000015 push ebx 0x00000016 pop ebx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9FD61A second address: 9FD626 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F286D1EB856h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9FD626 second address: 9FD62B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9FD62B second address: 9FD638 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 jo 00007F286D1EB856h 0x00000009 pop ecx 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9FD638 second address: 9FD63E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9FD63E second address: 9FD650 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 je 00007F286D1EB85Eh 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A86C09 second address: A86C0E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A85A11 second address: A85A17 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A85A17 second address: A85A2D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F286CDEE632h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A41AB5 second address: A41AB9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A41AB9 second address: A41ABF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A41BC1 second address: A41BD0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286D1EB85Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A41BD0 second address: A41BE0 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [esp+04h] 0x0000000c pushad 0x0000000d push esi 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A85D25 second address: A85D29 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A85D29 second address: A85D2F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A85D2F second address: A85D60 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pushad 0x00000004 popad 0x00000005 pop eax 0x00000006 jng 00007F286D1EB867h 0x0000000c jmp 00007F286D1EB861h 0x00000011 pop edx 0x00000012 pop eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007F286D1EB85Fh 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A85D60 second address: A85D64 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A86172 second address: A861A5 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 jmp 00007F286D1EB860h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F286D1EB869h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A861A5 second address: A861A9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A861A9 second address: A861AD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A861AD second address: A861BE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 push eax 0x00000008 pushad 0x00000009 jnl 00007F286CDEE626h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A86469 second address: A8646F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A8646F second address: A8647E instructions: 0x00000000 rdtsc 0x00000002 jno 00007F286CDEE626h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A86603 second address: A8661A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286D1EB85Dh 0x00000007 je 00007F286D1EB85Ch 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A8C4C5 second address: A8C4C9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A8C4C9 second address: A8C4E8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F286D1EB856h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push ecx 0x0000000d jmp 00007F286D1EB85Eh 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A8C4E8 second address: A8C4EC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A8F354 second address: A8F37C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F286D1EB869h 0x00000009 jmp 00007F286D1EB85Bh 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A8F37C second address: A8F382 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A8F500 second address: A8F50A instructions: 0x00000000 rdtsc 0x00000002 jo 00007F286D1EB862h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A8F687 second address: A8F696 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jc 00007F286CDEE626h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A8F696 second address: A8F69A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A8F69A second address: A8F6B0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F286CDEE630h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A8F6B0 second address: A8F6D7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F286D1EB85Fh 0x00000009 jmp 00007F286D1EB864h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A8F6D7 second address: A8F6E9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286CDEE62Eh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A971CD second address: A971ED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F286D1EB85Eh 0x00000009 jg 00007F286D1EB85Eh 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A95AF6 second address: A95B37 instructions: 0x00000000 rdtsc 0x00000002 je 00007F286CDEE626h 0x00000008 jmp 00007F286CDEE62Bh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push ecx 0x00000010 jmp 00007F286CDEE634h 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007F286CDEE633h 0x0000001c pushad 0x0000001d popad 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A95C66 second address: A95CA7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 js 00007F286D1EB858h 0x0000000c push ebx 0x0000000d pop ebx 0x0000000e jno 00007F286D1EB85Eh 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007F286D1EB85Ch 0x0000001b jmp 00007F286D1EB867h 0x00000020 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A96302 second address: A9632C instructions: 0x00000000 rdtsc 0x00000002 je 00007F286CDEE628h 0x00000008 push edi 0x00000009 pop edi 0x0000000a jns 00007F286CDEE628h 0x00000010 pop edx 0x00000011 pop eax 0x00000012 push eax 0x00000013 push edx 0x00000014 push edx 0x00000015 jne 00007F286CDEE626h 0x0000001b push edi 0x0000001c pop edi 0x0000001d pop edx 0x0000001e jbe 00007F286CDEE62Eh 0x00000024 push eax 0x00000025 pop eax 0x00000026 push eax 0x00000027 push edx 0x00000028 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9632C second address: A96330 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A96330 second address: A96348 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F286CDEE62Dh 0x00000008 ja 00007F286CDEE626h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A96490 second address: A9649A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F286D1EB856h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9649A second address: A964BA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286CDEE631h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edi 0x0000000a jng 00007F286CDEE63Ch 0x00000010 push eax 0x00000011 push edx 0x00000012 push edx 0x00000013 pop edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9FBB93 second address: 9FBB9E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push esi 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9B136 second address: A9B13A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9B13A second address: A9B13E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9B13E second address: A9B146 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9B146 second address: A9B14E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9B14E second address: A9B173 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286CDEE638h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push edi 0x0000000a jc 00007F286CDEE626h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9B173 second address: A9B197 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push edi 0x00000008 jg 00007F286D1EB870h 0x0000000e jmp 00007F286D1EB864h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9A39A second address: A9A3A4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007F286CDEE626h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9A3A4 second address: A9A3BF instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F286D1EB856h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push edx 0x0000000d pop edx 0x0000000e jmp 00007F286D1EB85Dh 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9A4FE second address: A9A515 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 jmp 00007F286CDEE62Ch 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9A515 second address: A9A51B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9A51B second address: A9A543 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286CDEE637h 0x00000007 jnl 00007F286CDEE626h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9A543 second address: A9A547 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9A547 second address: A9A565 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F286CDEE634h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push ebx 0x0000000c push ecx 0x0000000d pop ecx 0x0000000e pop ebx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9A565 second address: A9A574 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 jmp 00007F286D1EB85Ah 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9A6B9 second address: A9A6C6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 je 00007F286CDEE62Ch 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9A82F second address: A9A834 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9A834 second address: A9A851 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F286CDEE634h 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c push ebx 0x0000000d pop ebx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9A9B3 second address: A9A9D0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jmp 00007F286D1EB85Eh 0x0000000a jnp 00007F286D1EB856h 0x00000010 popad 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9A9D0 second address: A9A9D6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9A9D6 second address: A9A9DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9AB3F second address: A9AB4A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F286CDEE626h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9D9D3 second address: A9D9DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9D9DC second address: A9D9E2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9D9E2 second address: A9D9FE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286D1EB866h 0x00000007 push edx 0x00000008 pop edx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9DCF4 second address: A9DD03 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007F286CDEE626h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9DD03 second address: A9DD09 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A9DD09 second address: A9DD0D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AA66B1 second address: AA66BB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ecx 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 pop ecx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AA485A second address: AA487D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286CDEE635h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jc 00007F286CDEE62Ch 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AA4E64 second address: AA4E6A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AA4E6A second address: AA4E74 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AA4E74 second address: AA4E78 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AA5186 second address: AA51A9 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F286CDEE626h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jo 00007F286CDEE639h 0x00000010 jmp 00007F286CDEE633h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AA5B07 second address: AA5B23 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286D1EB868h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AA5B23 second address: AA5B34 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 je 00007F286CDEE626h 0x00000009 pushad 0x0000000a popad 0x0000000b push ebx 0x0000000c pop ebx 0x0000000d popad 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AA611A second address: AA6120 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AA6120 second address: AA6126 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AA6126 second address: AA6137 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 pushad 0x00000008 popad 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push edi 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AA6137 second address: AA613B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AAE9A7 second address: AAE9AB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AAEAFA second address: AAEB22 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286CDEE631h 0x00000007 jmp 00007F286CDEE62Dh 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push ebx 0x0000000f pushad 0x00000010 popad 0x00000011 push edi 0x00000012 pop edi 0x00000013 pop ebx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AB7963 second address: AB798C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 jmp 00007F286D1EB868h 0x0000000c push eax 0x0000000d push edx 0x0000000e push ebx 0x0000000f jns 00007F286D1EB856h 0x00000015 pop ebx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AB798C second address: AB79A9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F286CDEE637h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AB79A9 second address: AB79AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9FF181 second address: 9FF198 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jnl 00007F286CDEE626h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c popad 0x0000000d jbe 00007F286CDEE65Ch 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9FF198 second address: 9FF19C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9FF19C second address: 9FF1B6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286CDEE636h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9FF1B6 second address: 9FF1C3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push edi 0x00000008 pop edi 0x00000009 push edx 0x0000000a pop edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AB5921 second address: AB593C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286CDEE62Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push edx 0x0000000a je 00007F286CDEE62Eh 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AB593C second address: AB5945 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AB5945 second address: AB594B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AB594B second address: AB5951 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AB5AE1 second address: AB5AE5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AB6428 second address: AB6453 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pushad 0x00000006 jmp 00007F286D1EB85Dh 0x0000000b push eax 0x0000000c pop eax 0x0000000d jmp 00007F286D1EB861h 0x00000012 popad 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AB6453 second address: AB6457 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AB6457 second address: AB645B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AB65A1 second address: AB65C7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F286CDEE62Dh 0x0000000b pop ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F286CDEE630h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AB673D second address: AB6772 instructions: 0x00000000 rdtsc 0x00000002 js 00007F286D1EB86Bh 0x00000008 jmp 00007F286D1EB865h 0x0000000d push eax 0x0000000e push edx 0x0000000f jbe 00007F286D1EB856h 0x00000015 jmp 00007F286D1EB860h 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AB6772 second address: AB6784 instructions: 0x00000000 rdtsc 0x00000002 js 00007F286CDEE626h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push edi 0x0000000d pushad 0x0000000e push eax 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AB68D0 second address: AB68E3 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F286D1EB85Bh 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AB68E3 second address: AB68EB instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AB68EB second address: AB68F1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: ABB9AD second address: ABB9B3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: ABB9B3 second address: ABB9BD instructions: 0x00000000 rdtsc 0x00000002 jne 00007F286D1EB856h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: ABDBC0 second address: ABDBC4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: ABDBC4 second address: ABDBCA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A0AB7D second address: A0AB9D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 jne 00007F286CDEE628h 0x0000000b jo 00007F286CDEE62Eh 0x00000011 pushad 0x00000012 popad 0x00000013 jc 00007F286CDEE626h 0x00000019 popad 0x0000001a push edi 0x0000001b pushad 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A0AB9D second address: A0ABA3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AC0F09 second address: AC0F24 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 jmp 00007F286CDEE633h 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AC0F24 second address: AC0F28 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AC0F28 second address: AC0F2E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AC0AEE second address: AC0B11 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push esi 0x0000000a pop esi 0x0000000b jmp 00007F286D1EB868h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AC0B11 second address: AC0B15 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AC0B15 second address: AC0B1B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: ACE8EB second address: ACE913 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F286CDEE626h 0x0000000a jmp 00007F286CDEE633h 0x0000000f popad 0x00000010 pushad 0x00000011 push eax 0x00000012 pop eax 0x00000013 jnc 00007F286CDEE626h 0x00000019 popad 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: ACE913 second address: ACE918 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: ACE4A8 second address: ACE4D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007F286CDEE632h 0x0000000a pushad 0x0000000b push eax 0x0000000c pop eax 0x0000000d jnl 00007F286CDEE626h 0x00000013 popad 0x00000014 popad 0x00000015 push edx 0x00000016 push esi 0x00000017 pushad 0x00000018 popad 0x00000019 push ecx 0x0000001a pop ecx 0x0000001b pop esi 0x0000001c push eax 0x0000001d push edx 0x0000001e jns 00007F286CDEE626h 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: ACE4D9 second address: ACE4DF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AD2434 second address: AD2438 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AD2438 second address: AD2444 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push esi 0x00000009 pop esi 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AD2444 second address: AD2448 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AD8B22 second address: AD8B2C instructions: 0x00000000 rdtsc 0x00000002 jno 00007F286D1EB856h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AE1803 second address: AE1807 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AE1807 second address: AE1825 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F286D1EB864h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AE1825 second address: AE183D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286CDEE630h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AE183D second address: AE1841 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AEA62C second address: AEA639 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jp 00007F286CDEE62Ch 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AE90AD second address: AE90C5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 jmp 00007F286D1EB862h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AE9394 second address: AE93A4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 js 00007F286CDEE62Eh 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AE94D5 second address: AE94E9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007F286D1EB856h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d pop edx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AE94E9 second address: AE94ED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AE94ED second address: AE950C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286D1EB865h 0x00000007 jl 00007F286D1EB856h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AE9797 second address: AE979D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AE979D second address: AE97B9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push edi 0x00000009 jo 00007F286D1EB856h 0x0000000f push edx 0x00000010 pop edx 0x00000011 pop edi 0x00000012 push eax 0x00000013 push edx 0x00000014 je 00007F286D1EB856h 0x0000001a pushad 0x0000001b popad 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AE97B9 second address: AE97C5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jnl 00007F286CDEE626h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AE97C5 second address: AE97CE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AEA34B second address: AEA34F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AFB4FA second address: AFB500 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AFB500 second address: AFB50B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007F286CDEE626h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: AFB50B second address: AFB521 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F286D1EB85Eh 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b popad 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B0D0A1 second address: B0D0A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B25012 second address: B25021 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F286D1EB85Bh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B25021 second address: B2506E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286CDEE62Eh 0x00000007 push eax 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jnc 00007F286CDEE62Eh 0x00000011 jbe 00007F286CDEE636h 0x00000017 jmp 00007F286CDEE630h 0x0000001c push eax 0x0000001d push edx 0x0000001e jmp 00007F286CDEE633h 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B2506E second address: B25072 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B252CB second address: B252CF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B256D4 second address: B256D9 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B28BA1 second address: B28BA6 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B28BA6 second address: B28BF0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pop edx 0x00000006 pop eax 0x00000007 nop 0x00000008 jl 00007F286D1EB85Eh 0x0000000e pushad 0x0000000f mov esi, dword ptr [ebp+12451F2Bh] 0x00000015 popad 0x00000016 push 00000004h 0x00000018 push ecx 0x00000019 mov dword ptr [ebp+122D197Ah], ebx 0x0000001f pop edx 0x00000020 mov edx, ebx 0x00000022 call 00007F286D1EB859h 0x00000027 jmp 00007F286D1EB868h 0x0000002c push eax 0x0000002d push eax 0x0000002e push edx 0x0000002f push edx 0x00000030 pushad 0x00000031 popad 0x00000032 pop edx 0x00000033 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B28BF0 second address: B28C38 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286CDEE630h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [esp+04h] 0x0000000d jmp 00007F286CDEE635h 0x00000012 mov eax, dword ptr [eax] 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007F286CDEE637h 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B28C38 second address: B28C5D instructions: 0x00000000 rdtsc 0x00000002 jc 00007F286D1EB85Ch 0x00000008 jbe 00007F286D1EB856h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 mov dword ptr [esp+04h], eax 0x00000014 pushad 0x00000015 jmp 00007F286D1EB85Dh 0x0000001a push esi 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B28EBB second address: B28EBF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B2BDF2 second address: B2BDF6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B2BDF6 second address: B2BE01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B2BE01 second address: B2BE07 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B2BE07 second address: B2BE13 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F286CDEE626h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 4C10D7A second address: 4C10D92 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F286D1EB864h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 4C10D92 second address: 4C10DAC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ecx, dword ptr [eax+00000FDCh] 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007F286CDEE62Ah 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 4C10DAC second address: 4C10E07 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286D1EB85Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 test ecx, ecx 0x0000000b pushad 0x0000000c call 00007F286D1EB864h 0x00000011 call 00007F286D1EB862h 0x00000016 pop ecx 0x00000017 pop edx 0x00000018 mov bh, ch 0x0000001a popad 0x0000001b jns 00007F286D1EB893h 0x00000021 push eax 0x00000022 push edx 0x00000023 jmp 00007F286D1EB866h 0x00000028 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 4C10E07 second address: 4C10EAF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop eax 0x00000005 pushad 0x00000006 popad 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a add eax, ecx 0x0000000c jmp 00007F286CDEE639h 0x00000011 mov eax, dword ptr [eax+00000860h] 0x00000017 pushad 0x00000018 pushad 0x00000019 jmp 00007F286CDEE62Ah 0x0000001e call 00007F286CDEE632h 0x00000023 pop eax 0x00000024 popad 0x00000025 pushad 0x00000026 pushfd 0x00000027 jmp 00007F286CDEE631h 0x0000002c sub ecx, 05E8DF86h 0x00000032 jmp 00007F286CDEE631h 0x00000037 popfd 0x00000038 mov si, B937h 0x0000003c popad 0x0000003d popad 0x0000003e test eax, eax 0x00000040 jmp 00007F286CDEE62Ah 0x00000045 je 00007F28DEB144F6h 0x0000004b jmp 00007F286CDEE630h 0x00000050 test byte ptr [eax+04h], 00000005h 0x00000054 push eax 0x00000055 push edx 0x00000056 push eax 0x00000057 push edx 0x00000058 push eax 0x00000059 push edx 0x0000005a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 4C10EAF second address: 4C10EB3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 4C10EB3 second address: 4C10ED0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F286CDEE639h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A4706A second address: A47071 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A47071 second address: A47077 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A47077 second address: A4707B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A4707B second address: A4707F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |