Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://127.0.0.1:27060 |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2303667116.00000000013D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/account/cookiepreferences/ |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2303667116.00000000013D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/privacy_agreement/ |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2303667116.00000000013D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/subscriber_agreement/ |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://www.valvesoftware.com/legal.htm |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://api.steampowered.com/ |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://broadcast.st.dl.eccdnx.com |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://checkout.steampowered.com/ |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/ |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300513851.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2303759710.00000000013DA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/applications/community/main.css?v=Ev2sBLgkgyWJ&a |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/globalv2.css?v=PAcV2zMBzzSV&l=english |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/skin_1/fatalerror.css?v=wctRWaBvNt2z&l=engli |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/skin_1/header.css?v=NFoCa4OkAxRb&l=english |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2303667116.00000000013D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1 |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2303667116.00000000013D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6 |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2303667116.00000000013D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/applications/community/main.js?v=10oP_O2R |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2303667116.00000000013D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/applications/community/manifest.js?v=AeTz |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/global.js?v=9OzcxMXbaV84&l=english |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/buttons.css?v=PUJIfhtcQn7W&l=english |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/motiva_sans.css?v=-DH0xTYpnVe2&l=engl |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/shared_global.css?v=ezWS9te9Zwm9&l=en |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/shared_responsive.css?v=sHIIcMzCffX6& |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016 |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/responsive/header_logo.png |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1& |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/shared_global.js?v=REEGJU1hwkYl&am |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=pSv |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0 |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://help.steampowered.com/ |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://help.steampowered.com/en/ |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://login.steampowered.com/ |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lv.queniujq.cn |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://medal.tv |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://player.vimeo.com |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://recaptcha.net |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://recaptcha.net/recaptcha/; |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://s.ytimg.com; |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sketchfab.com |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steam.tv/ |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcast-test.akamaized.net |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcast.akamaized.net |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcastchat.akamaized.net |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2303667116.00000000013D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com |
Source: file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/ |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/?subsection=broadcasts |
Source: file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/I |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/discussions/ |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2303667116.00000000013D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org |
Source: file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900 |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/market/ |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/my/wishlist/ |
Source: file.exe, 00000001.00000003.2300513851.00000000013F4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2303759710.00000000013F4000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900 |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/workshop/ |
Source: file.exe, 00000001.00000003.2300513851.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2303759710.00000000013DA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com:443/profiles/76561199724331900 |
Source: file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/ |
Source: file.exe, 00000001.00000002.2303862012.0000000001425000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/; |
Source: file.exe, 00000001.00000002.2303862012.0000000001425000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7Cd7fb65801182a5f |
Source: file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/about/ |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/explore/ |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2303667116.00000000013D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/legal/ |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/mobile |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/news/ |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/points/shop/ |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/privacy_agreement/ |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/stats/ |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/steam_refunds/ |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/subscriber_agreement/ |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com/recaptcha/ |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.gstatic.cn/recaptcha/ |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.gstatic.com/recaptcha/ |
Source: file.exe, 00000001.00000002.2303959573.000000000146E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300513851.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2300442402.0000000001464000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.youtube.com |
Source: file.exe, 00000001.00000003.2301468956.0000000001425000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.youtube.com/ |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D8426B second address: D83A9D instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 jng 00007F310118DD76h 0x00000009 pop esi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d jmp 00007F310118DD85h 0x00000012 nop 0x00000013 cld 0x00000014 push dword ptr [ebp+122D0AD5h] 0x0000001a mov dword ptr [ebp+122D1B63h], eax 0x00000020 call dword ptr [ebp+122D1E03h] 0x00000026 pushad 0x00000027 stc 0x00000028 xor eax, eax 0x0000002a mov dword ptr [ebp+122D2A26h], eax 0x00000030 mov edx, dword ptr [esp+28h] 0x00000034 mov dword ptr [ebp+122D2D9Dh], esi 0x0000003a mov dword ptr [ebp+122D3928h], eax 0x00000040 or dword ptr [ebp+122D2D9Dh], edx 0x00000046 mov esi, 0000003Ch 0x0000004b clc 0x0000004c add esi, dword ptr [esp+24h] 0x00000050 pushad 0x00000051 or dword ptr [ebp+122D2B97h], edi 0x00000057 pushad 0x00000058 mov eax, dword ptr [ebp+122D38ACh] 0x0000005e push ebx 0x0000005f pop esi 0x00000060 popad 0x00000061 popad 0x00000062 lodsw 0x00000064 stc 0x00000065 add eax, dword ptr [esp+24h] 0x00000069 mov dword ptr [ebp+122D2A26h], ecx 0x0000006f mov ebx, dword ptr [esp+24h] 0x00000073 jc 00007F310118DD7Ch 0x00000079 mov dword ptr [ebp+122D2D9Dh], edx 0x0000007f nop 0x00000080 push eax 0x00000081 push eax 0x00000082 push eax 0x00000083 push edx 0x00000084 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F05E54 second address: F05E58 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F05E58 second address: F05E6C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007F310118DD76h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jbe 00007F310118DD82h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EFE797 second address: EFE7AE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F31011E0E4Dh 0x00000007 ja 00007F31011E0E46h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F05074 second address: F050B3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jo 00007F310118DD76h 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F310118DD87h 0x00000017 jmp 00007F310118DD86h 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F0520D second address: F05211 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F05211 second address: F05215 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F0536F second address: F05373 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F05373 second address: F05379 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F054EA second address: F054F8 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edi 0x00000007 jno 00007F31011E0E46h 0x0000000d pop edi 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F0579C second address: F057BC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F310118DD89h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F07388 second address: F0738C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F0738C second address: F073E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b jmp 00007F310118DD85h 0x00000010 mov eax, dword ptr [eax] 0x00000012 push edx 0x00000013 jns 00007F310118DD78h 0x00000019 push eax 0x0000001a pop eax 0x0000001b pop edx 0x0000001c mov dword ptr [esp+04h], eax 0x00000020 js 00007F310118DD80h 0x00000026 pop eax 0x00000027 jg 00007F310118DD77h 0x0000002d cmc 0x0000002e lea ebx, dword ptr [ebp+12456FF2h] 0x00000034 movzx esi, si 0x00000037 push eax 0x00000038 push eax 0x00000039 push edx 0x0000003a push ebx 0x0000003b push eax 0x0000003c push edx 0x0000003d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F073E3 second address: F073E8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F07476 second address: F0747D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F0747D second address: F07483 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F07483 second address: F07487 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F07487 second address: F0748B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F0748B second address: F074FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xor dword ptr [esp], 043A0E06h 0x0000000f push 00000003h 0x00000011 call 00007F310118DD88h 0x00000016 jo 00007F310118DD7Bh 0x0000001c adc si, EC8Ah 0x00000021 pop edi 0x00000022 push 00000000h 0x00000024 push 00000000h 0x00000026 push esi 0x00000027 call 00007F310118DD78h 0x0000002c pop esi 0x0000002d mov dword ptr [esp+04h], esi 0x00000031 add dword ptr [esp+04h], 00000016h 0x00000039 inc esi 0x0000003a push esi 0x0000003b ret 0x0000003c pop esi 0x0000003d ret 0x0000003e push 00000003h 0x00000040 jc 00007F310118DD82h 0x00000046 ja 00007F310118DD7Ch 0x0000004c push E806B644h 0x00000051 push eax 0x00000052 push edx 0x00000053 push eax 0x00000054 push edx 0x00000055 push edi 0x00000056 pop edi 0x00000057 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F074FF second address: F07505 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F28B17 second address: F28B33 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jg 00007F310118DD90h 0x0000000e js 00007F310118DD78h 0x00000014 pushad 0x00000015 popad 0x00000016 push eax 0x00000017 push edx 0x00000018 push ebx 0x00000019 pop ebx 0x0000001a pushad 0x0000001b popad 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EF490A second address: EF490E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EF490E second address: EF4918 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F310118DD76h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EF4918 second address: EF4924 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push edx 0x00000009 pop edx 0x0000000a push ebx 0x0000000b pop ebx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F269E6 second address: F269FB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F310118DD81h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F269FB second address: F26A00 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F26A00 second address: F26A17 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F310118DD7Fh 0x00000009 pop eax 0x0000000a push ecx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F26A17 second address: F26A1D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F26B67 second address: F26B6D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F26B6D second address: F26B7D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F31011E0E4Bh 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F26B7D second address: F26BA1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 jmp 00007F310118DD86h 0x0000000a push ecx 0x0000000b pop ecx 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 pop eax 0x00000011 push edi 0x00000012 pop edi 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F26BA1 second address: F26BBC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F31011E0E57h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F26BBC second address: F26BCA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b pushad 0x0000000c popad 0x0000000d pop eax 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F26D38 second address: F26D48 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F31011E0E48h 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F27403 second address: F27416 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d jne 00007F310118DD76h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F27416 second address: F2742B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F31011E0E51h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F2742B second address: F27431 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F27431 second address: F2744D instructions: 0x00000000 rdtsc 0x00000002 jl 00007F31011E0E4Ch 0x00000008 ja 00007F31011E0E52h 0x0000000e ja 00007F31011E0E46h 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F2758A second address: F27590 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F2784C second address: F27860 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F31011E0E50h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EEDD83 second address: EEDD87 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F285F8 second address: F285FE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F285FE second address: F28602 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F28602 second address: F28623 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007F31011E0E59h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F2B548 second address: F2B573 instructions: 0x00000000 rdtsc 0x00000002 je 00007F310118DD88h 0x00000008 jmp 00007F310118DD82h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jnc 00007F310118DD7Ch 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F2B573 second address: F2B579 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F2B579 second address: F2B57D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F2BDE0 second address: F2BDEA instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F31011E0E46h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F2CFA4 second address: F2CFB2 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F310118DD76h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push ecx 0x0000000d pop ecx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F2DFA5 second address: F2DFE1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F31011E0E4Eh 0x00000007 pushad 0x00000008 pushad 0x00000009 popad 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pushad 0x00000010 jnc 00007F31011E0E4Eh 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 popad 0x0000001a jmp 00007F31011E0E51h 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F2F5B7 second address: F2F5D3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F310118DD88h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F2F5D3 second address: F2F5DD instructions: 0x00000000 rdtsc 0x00000002 je 00007F31011E0E46h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EF1379 second address: EF1383 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F310118DD76h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F30BBE second address: F30BC9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007F31011E0E46h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F30BC9 second address: F30BD3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 je 00007F310118DD76h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F30BD3 second address: F30BD7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EF98FD second address: EF9906 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EF9906 second address: EF990A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3512F second address: F35135 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F35135 second address: F35139 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F35139 second address: F3513D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3513D second address: F3515F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 jmp 00007F31011E0E51h 0x0000000e jbe 00007F31011E0E46h 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F352AB second address: F352C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F310118DD7Ah 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c push edx 0x0000000d push edi 0x0000000e pop edi 0x0000000f pop edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F352C0 second address: F352CC instructions: 0x00000000 rdtsc 0x00000002 jl 00007F31011E0E4Eh 0x00000008 push eax 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3874B second address: F38755 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F310118DD76h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F38755 second address: F3875B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F38BEC second address: F38BF0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F38BF0 second address: F38C29 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F31011E0E59h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jmp 00007F31011E0E59h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F393B4 second address: F393BA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3985B second address: F39861 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F39861 second address: F39872 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F310118DD7Ah 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F39872 second address: F39876 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F39F86 second address: F39F8C instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F39F8C second address: F39F92 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3A9C7 second address: F3A9D9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c js 00007F310118DD76h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3A9D9 second address: F3A9DF instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3A9DF second address: F3A9E6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3BB88 second address: F3BBDD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F31011E0E4Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c push 00000000h 0x0000000e push ebp 0x0000000f call 00007F31011E0E48h 0x00000014 pop ebp 0x00000015 mov dword ptr [esp+04h], ebp 0x00000019 add dword ptr [esp+04h], 00000014h 0x00000021 inc ebp 0x00000022 push ebp 0x00000023 ret 0x00000024 pop ebp 0x00000025 ret 0x00000026 push 00000000h 0x00000028 push 00000000h 0x0000002a jmp 00007F31011E0E59h 0x0000002f push eax 0x00000030 pushad 0x00000031 push eax 0x00000032 push edx 0x00000033 push eax 0x00000034 push edx 0x00000035 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3BBDD second address: F3BBE1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3C589 second address: F3C60E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop ebx 0x00000006 push eax 0x00000007 jmp 00007F31011E0E4Bh 0x0000000c nop 0x0000000d jno 00007F31011E0E4Ch 0x00000013 push 00000000h 0x00000015 push 00000000h 0x00000017 push edx 0x00000018 call 00007F31011E0E48h 0x0000001d pop edx 0x0000001e mov dword ptr [esp+04h], edx 0x00000022 add dword ptr [esp+04h], 00000014h 0x0000002a inc edx 0x0000002b push edx 0x0000002c ret 0x0000002d pop edx 0x0000002e ret 0x0000002f or edi, dword ptr [ebp+122D39E4h] 0x00000035 xor dword ptr [ebp+124790A5h], esi 0x0000003b push 00000000h 0x0000003d push 00000000h 0x0000003f push edi 0x00000040 call 00007F31011E0E48h 0x00000045 pop edi 0x00000046 mov dword ptr [esp+04h], edi 0x0000004a add dword ptr [esp+04h], 0000001Ah 0x00000052 inc edi 0x00000053 push edi 0x00000054 ret 0x00000055 pop edi 0x00000056 ret 0x00000057 mov dword ptr [ebp+122D1D24h], ebx 0x0000005d jo 00007F31011E0E4Ch 0x00000063 or esi, dword ptr [ebp+122D2A3Eh] 0x00000069 push eax 0x0000006a pushad 0x0000006b push eax 0x0000006c push edx 0x0000006d push esi 0x0000006e pop esi 0x0000006f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3C60E second address: F3C626 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F310118DD76h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F310118DD7Ch 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3D13F second address: F3D155 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F31011E0E52h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3E5E3 second address: F3E659 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F310118DD7Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a mov dword ptr [esp], eax 0x0000000d jmp 00007F310118DD89h 0x00000012 push 00000000h 0x00000014 call 00007F310118DD85h 0x00000019 mov esi, edi 0x0000001b pop esi 0x0000001c push 00000000h 0x0000001e push 00000000h 0x00000020 push ebp 0x00000021 call 00007F310118DD78h 0x00000026 pop ebp 0x00000027 mov dword ptr [esp+04h], ebp 0x0000002b add dword ptr [esp+04h], 00000014h 0x00000033 inc ebp 0x00000034 push ebp 0x00000035 ret 0x00000036 pop ebp 0x00000037 ret 0x00000038 push eax 0x00000039 push eax 0x0000003a push edx 0x0000003b jmp 00007F310118DD7Ch 0x00000040 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3E659 second address: F3E65F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3FA77 second address: F3FA86 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F310118DD7Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3FA86 second address: F3FA8C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3FA8C second address: F3FA90 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F42DC5 second address: F42E25 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F31011E0E4Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a nop 0x0000000b mov bx, di 0x0000000e push 00000000h 0x00000010 push 00000000h 0x00000012 push ecx 0x00000013 call 00007F31011E0E48h 0x00000018 pop ecx 0x00000019 mov dword ptr [esp+04h], ecx 0x0000001d add dword ptr [esp+04h], 00000018h 0x00000025 inc ecx 0x00000026 push ecx 0x00000027 ret 0x00000028 pop ecx 0x00000029 ret 0x0000002a cmc 0x0000002b mov edi, 55389E7Bh 0x00000030 push 00000000h 0x00000032 mov dword ptr [ebp+122D20FDh], ebx 0x00000038 xchg eax, esi 0x00000039 push eax 0x0000003a push edx 0x0000003b jmp 00007F31011E0E57h 0x00000040 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F42178 second address: F42191 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F310118DD76h 0x0000000a popad 0x0000000b popad 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 pushad 0x00000011 popad 0x00000012 jl 00007F310118DD76h 0x00000018 popad 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F4306E second address: F43078 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jne 00007F31011E0E46h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F48F8F second address: F48F93 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F4802C second address: F48045 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ecx 0x00000007 jnp 00007F31011E0E46h 0x0000000d pop ecx 0x0000000e popad 0x0000000f push eax 0x00000010 pushad 0x00000011 jng 00007F31011E0E4Ch 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F491AF second address: F491B4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F491B4 second address: F491C4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F31011E0E4Ch 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F491C4 second address: F491C8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F4DD45 second address: F4DD49 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F4AF51 second address: F4AF57 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F4DF26 second address: F4DF2C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F4AF57 second address: F4AF5C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F4DF2C second address: F4DF30 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F4FF4F second address: F4FF54 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F4AF5C second address: F4AF62 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F51015 second address: F51019 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F4AF62 second address: F4AF66 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F4AF66 second address: F4AF86 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F310118DD81h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f pushad 0x00000010 popad 0x00000011 pushad 0x00000012 popad 0x00000013 popad 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EFCCDB second address: EFCCE4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push esi 0x00000008 pop esi 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EFCCE4 second address: EFCCE8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EFCCE8 second address: EFCCEE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EFCCEE second address: EFCCF4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EFCCF4 second address: EFCCF9 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EFCCF9 second address: EFCD1A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F310118DD7Ah 0x00000009 pop edx 0x0000000a push edi 0x0000000b jmp 00007F310118DD7Fh 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F588AA second address: F588B0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F58A97 second address: F58A9D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F58D4B second address: F58D63 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007F31011E0E4Bh 0x0000000a push eax 0x0000000b push edx 0x0000000c jns 00007F31011E0E46h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F5E53A second address: F5E570 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push esi 0x00000004 pop esi 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a je 00007F310118DD78h 0x00000010 pushad 0x00000011 popad 0x00000012 pop edx 0x00000013 mov eax, dword ptr [esp+04h] 0x00000017 je 00007F310118DD95h 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007F310118DD87h 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F5E570 second address: F5E597 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov eax, dword ptr [eax] 0x00000008 jmp 00007F31011E0E56h 0x0000000d mov dword ptr [esp+04h], eax 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F5E597 second address: F5E5A2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F310118DD76h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F5E71C second address: F5E720 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EF2EA4 second address: EF2EDA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jno 00007F310118DD8Bh 0x0000000b jmp 00007F310118DD82h 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EF2EDA second address: EF2EDE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F62EB3 second address: F62ED4 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F310118DD88h 0x00000008 pushad 0x00000009 popad 0x0000000a jmp 00007F310118DD80h 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push esi 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 popad 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F62ED4 second address: F62ED8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F62ED8 second address: F62EDE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F63417 second address: F6341B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6341B second address: F6343B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F310118DD82h 0x00000007 jns 00007F310118DD76h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6343B second address: F63445 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F31011E0E46h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F63445 second address: F6344F instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6344F second address: F63472 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F31011E0E52h 0x00000007 push edx 0x00000008 pop edx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b popad 0x0000000c js 00007F31011E0E62h 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 pop eax 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F63472 second address: F63476 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F63A38 second address: F63A7C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F31011E0E52h 0x00000009 je 00007F31011E0E46h 0x0000000f popad 0x00000010 jmp 00007F31011E0E52h 0x00000015 pop eax 0x00000016 push eax 0x00000017 push edx 0x00000018 jmp 00007F31011E0E52h 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F65C76 second address: F65C7C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F65C7C second address: F65C80 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EF6493 second address: EF6497 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EF6497 second address: EF64A5 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jng 00007F31011E0E52h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EF64A5 second address: EF64AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F69E09 second address: F69E34 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 pop eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b jng 00007F31011E0E46h 0x00000011 jmp 00007F31011E0E58h 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F69E34 second address: F69E39 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6A121 second address: F6A127 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6A426 second address: F6A42C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6A58E second address: F6A5B7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 jmp 00007F31011E0E56h 0x0000000d popad 0x0000000e je 00007F31011E0E4Eh 0x00000014 pushad 0x00000015 popad 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6A71A second address: F6A738 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pushad 0x00000008 jmp 00007F310118DD82h 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6A738 second address: F6A73C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6AB6A second address: F6AB7B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jc 00007F310118DD76h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push ecx 0x0000000d pushad 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6ACAE second address: F6ACC4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edi 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F31011E0E4Dh 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6ACC4 second address: F6ACEF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 push esi 0x00000008 push edi 0x00000009 jmp 00007F310118DD87h 0x0000000e pushad 0x0000000f popad 0x00000010 pop edi 0x00000011 push eax 0x00000012 push edx 0x00000013 jc 00007F310118DD76h 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F1E493 second address: F1E497 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F1E497 second address: F1E4C2 instructions: 0x00000000 rdtsc 0x00000002 je 00007F310118DD76h 0x00000008 je 00007F310118DD76h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 jmp 00007F310118DD82h 0x00000015 push ebx 0x00000016 ja 00007F310118DD76h 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EEF863 second address: EEF888 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 jmp 00007F31011E0E57h 0x0000000e push edi 0x0000000f pop edi 0x00000010 push eax 0x00000011 pop eax 0x00000012 popad 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: EEF888 second address: EEF88D instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3716E second address: F37174 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3770A second address: D83A9D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 nop 0x00000008 mov dword ptr [ebp+1245214Ch], ebx 0x0000000e push dword ptr [ebp+122D0AD5h] 0x00000014 mov dword ptr [ebp+122D5981h], edx 0x0000001a call dword ptr [ebp+122D1E03h] 0x00000020 pushad 0x00000021 stc 0x00000022 xor eax, eax 0x00000024 mov dword ptr [ebp+122D2A26h], eax 0x0000002a mov edx, dword ptr [esp+28h] 0x0000002e mov dword ptr [ebp+122D2D9Dh], esi 0x00000034 mov dword ptr [ebp+122D3928h], eax 0x0000003a or dword ptr [ebp+122D2D9Dh], edx 0x00000040 mov esi, 0000003Ch 0x00000045 clc 0x00000046 add esi, dword ptr [esp+24h] 0x0000004a pushad 0x0000004b or dword ptr [ebp+122D2B97h], edi 0x00000051 pushad 0x00000052 mov eax, dword ptr [ebp+122D38ACh] 0x00000058 push ebx 0x00000059 pop esi 0x0000005a popad 0x0000005b popad 0x0000005c lodsw 0x0000005e stc 0x0000005f add eax, dword ptr [esp+24h] 0x00000063 mov dword ptr [ebp+122D2A26h], ecx 0x00000069 mov ebx, dword ptr [esp+24h] 0x0000006d jc 00007F310118DD7Ch 0x00000073 mov dword ptr [ebp+122D2D9Dh], edx 0x00000079 nop 0x0000007a push eax 0x0000007b push eax 0x0000007c push eax 0x0000007d push edx 0x0000007e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F37860 second address: F3786A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3786A second address: F3786E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F37961 second address: F37965 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F37965 second address: F3796B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3796B second address: F37970 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F37BEB second address: F37BF0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F37BF0 second address: F37C45 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pushad 0x00000004 popad 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a jmp 00007F31011E0E53h 0x0000000f push ecx 0x00000010 jnl 00007F31011E0E46h 0x00000016 pop ecx 0x00000017 popad 0x00000018 nop 0x00000019 mov dh, cl 0x0000001b push 00000004h 0x0000001d push 00000000h 0x0000001f push edi 0x00000020 call 00007F31011E0E48h 0x00000025 pop edi 0x00000026 mov dword ptr [esp+04h], edi 0x0000002a add dword ptr [esp+04h], 00000017h 0x00000032 inc edi 0x00000033 push edi 0x00000034 ret 0x00000035 pop edi 0x00000036 ret 0x00000037 mov edx, dword ptr [ebp+122D38A4h] 0x0000003d push eax 0x0000003e pushad 0x0000003f pushad 0x00000040 push eax 0x00000041 push edx 0x00000042 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F37C45 second address: F37C4B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F3842D second address: F38437 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F31011E0E4Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F38437 second address: F384E2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov dword ptr [esp], eax 0x00000009 mov ecx, 20BB5D96h 0x0000000e lea eax, dword ptr [ebp+1248703Ah] 0x00000014 or edi, 3769B924h 0x0000001a nop 0x0000001b jno 00007F310118DD80h 0x00000021 push eax 0x00000022 pushad 0x00000023 js 00007F310118DD78h 0x00000029 push edx 0x0000002a pop edx 0x0000002b jo 00007F310118DD83h 0x00000031 jmp 00007F310118DD7Dh 0x00000036 popad 0x00000037 nop 0x00000038 sub di, D2A3h 0x0000003d lea eax, dword ptr [ebp+12486FF6h] 0x00000043 push 00000000h 0x00000045 push ebp 0x00000046 call 00007F310118DD78h 0x0000004b pop ebp 0x0000004c mov dword ptr [esp+04h], ebp 0x00000050 add dword ptr [esp+04h], 00000018h 0x00000058 inc ebp 0x00000059 push ebp 0x0000005a ret 0x0000005b pop ebp 0x0000005c ret 0x0000005d nop 0x0000005e pushad 0x0000005f pushad 0x00000060 pushad 0x00000061 popad 0x00000062 jg 00007F310118DD76h 0x00000068 popad 0x00000069 jmp 00007F310118DD87h 0x0000006e popad 0x0000006f push eax 0x00000070 push eax 0x00000071 push edx 0x00000072 push eax 0x00000073 push edx 0x00000074 jmp 00007F310118DD7Dh 0x00000079 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F384E2 second address: F384E8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F384E8 second address: F384ED instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F384ED second address: F1E493 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F31011E0E57h 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d mov di, 7A27h 0x00000011 call dword ptr [ebp+122D2D3Ch] 0x00000017 pushad 0x00000018 push eax 0x00000019 push edx 0x0000001a jg 00007F31011E0E46h 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6EA20 second address: F6EA2A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnp 00007F310118DD76h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6EB71 second address: F6EB7E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007F31011E0E46h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6EB7E second address: F6EB94 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F310118DD7Dh 0x00000007 pushad 0x00000008 pushad 0x00000009 popad 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6EB94 second address: F6EB9A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6EE44 second address: F6EE48 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6F129 second address: F6F12E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6F3F1 second address: F6F40B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jmp 00007F310118DD7Ah 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c push esi 0x0000000d pop esi 0x0000000e jno 00007F310118DD76h 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F6F40B second address: F6F428 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F31011E0E50h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jg 00007F31011E0E62h 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F78785 second address: F7878A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F7878A second address: F78790 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F775B1 second address: F775B7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F775B7 second address: F775C3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F31011E0E46h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F775C3 second address: F775D6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jg 00007F310118DD7Eh 0x0000000b jne 00007F310118DD76h 0x00000011 push edx 0x00000012 pop edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F775D6 second address: F775F9 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F31011E0E4Ah 0x00000008 pushad 0x00000009 popad 0x0000000a push ecx 0x0000000b pop ecx 0x0000000c push eax 0x0000000d push edx 0x0000000e js 00007F31011E0E46h 0x00000014 jmp 00007F31011E0E4Fh 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F77779 second address: F777A8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 jmp 00007F310118DD81h 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F310118DD7Dh 0x00000011 push edx 0x00000012 push ecx 0x00000013 pop ecx 0x00000014 jl 00007F310118DD76h 0x0000001a pop edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F77ABE second address: F77AC2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F77AC2 second address: F77ADB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F310118DD83h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F77ADB second address: F77AED instructions: 0x00000000 rdtsc 0x00000002 je 00007F31011E0E48h 0x00000008 jo 00007F31011E0E4Eh 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F771F3 second address: F771F7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F781A8 second address: F781AC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F781AC second address: F781B6 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F310118DD76h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F7847A second address: F78482 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F78482 second address: F78499 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F310118DD7Ah 0x00000008 push ecx 0x00000009 push esi 0x0000000a pop esi 0x0000000b pop ecx 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F78499 second address: F784AA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop eax 0x00000007 push ebx 0x00000008 jp 00007F31011E0E46h 0x0000000e pushad 0x0000000f popad 0x00000010 pop ebx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F784AA second address: F784B7 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F310118DD78h 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F7D335 second address: F7D33B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F7D47C second address: F7D4A9 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F310118DD7Ch 0x00000008 jmp 00007F310118DD86h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 push edx 0x00000013 pop edx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F7D4A9 second address: F7D4AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F80424 second address: F80428 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F80428 second address: F80468 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007F31011E0E59h 0x0000000c pushad 0x0000000d popad 0x0000000e jmp 00007F31011E0E56h 0x00000013 popad 0x00000014 pop edx 0x00000015 pushad 0x00000016 pushad 0x00000017 pushad 0x00000018 popad 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F80468 second address: F8046E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F7FD48 second address: F7FD4C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F7FD4C second address: F7FD50 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F7FEAA second address: F7FEAE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F7FEAE second address: F7FEB6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F80025 second address: F8004A instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007F31011E0E57h 0x0000000c pushad 0x0000000d popad 0x0000000e push ebx 0x0000000f pop ebx 0x00000010 pushad 0x00000011 popad 0x00000012 popad 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F8004A second address: F80052 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F80052 second address: F80056 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F844F9 second address: F84515 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F310118DD87h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F84515 second address: F8451B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F8499B second address: F8499F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F8A446 second address: F8A44A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F8A44A second address: F8A44E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F8A44E second address: F8A458 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F88D56 second address: F88D5C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F88EF6 second address: F88EFE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F88EFE second address: F88F02 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F89350 second address: F89354 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F37E12 second address: F37E24 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F310118DD7Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F37EEF second address: F37EFC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jg 00007F31011E0E4Ch 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F8A0F7 second address: F8A118 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007F310118DD88h 0x0000000b pushad 0x0000000c popad 0x0000000d popad 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F8A118 second address: F8A130 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push esi 0x00000004 pop esi 0x00000005 pushad 0x00000006 popad 0x00000007 popad 0x00000008 jo 00007F31011E0E48h 0x0000000e pushad 0x0000000f popad 0x00000010 pop edx 0x00000011 pop eax 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F8A130 second address: F8A134 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F8A134 second address: F8A15E instructions: 0x00000000 rdtsc 0x00000002 jl 00007F31011E0E46h 0x00000008 jmp 00007F31011E0E58h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 jbe 00007F31011E0E46h 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F8A15E second address: F8A17F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F310118DD7Dh 0x00000007 jmp 00007F310118DD80h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F8DF9F second address: F8DFD1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F31011E0E4Ah 0x00000009 jmp 00007F31011E0E54h 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F31011E0E4Dh 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F8E2B5 second address: F8E2BE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F8E2BE second address: F8E2C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F31011E0E46h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F8E2C9 second address: F8E2DB instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F310118DD78h 0x00000008 push eax 0x00000009 push edx 0x0000000a jbe 00007F310118DD76h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F8E2DB second address: F8E33E instructions: 0x00000000 rdtsc 0x00000002 jns 00007F31011E0E46h 0x00000008 jmp 00007F31011E0E53h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pop edx 0x00000010 pop eax 0x00000011 pushad 0x00000012 push edx 0x00000013 jmp 00007F31011E0E55h 0x00000018 pop edx 0x00000019 jns 00007F31011E0E61h 0x0000001f jp 00007F31011E0E48h 0x00000025 push esi 0x00000026 pop esi 0x00000027 pushad 0x00000028 push eax 0x00000029 push edx 0x0000002a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F96F4E second address: F96F65 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 jmp 00007F310118DD7Dh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e pop eax 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F9511F second address: F95144 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 jns 00007F31011E0E46h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pop ebx 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F31011E0E56h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F95D22 second address: F95D2E instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F310118DD76h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F96024 second address: F9603C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F31011E0E54h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F9603C second address: F9605C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop eax 0x00000007 jng 00007F310118DD99h 0x0000000d jmp 00007F310118DD7Dh 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 popad 0x00000016 pushad 0x00000017 popad 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F9630E second address: F96347 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F31011E0E46h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d pushad 0x0000000e push esi 0x0000000f pop esi 0x00000010 pushad 0x00000011 popad 0x00000012 jmp 00007F31011E0E56h 0x00000017 push ecx 0x00000018 pop ecx 0x00000019 popad 0x0000001a push eax 0x0000001b push edx 0x0000001c jnp 00007F31011E0E46h 0x00000022 jnl 00007F31011E0E46h 0x00000028 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F96347 second address: F9634B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F96C37 second address: F96C3B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F96C3B second address: F96C46 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F96C46 second address: F96C4C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F96C4C second address: F96C57 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F96C57 second address: F96C5B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F96C5B second address: F96C5F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F9E522 second address: F9E528 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F9E6A2 second address: F9E6C0 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F310118DD76h 0x00000008 jnp 00007F310118DD76h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pushad 0x00000011 jns 00007F310118DD76h 0x00000017 ja 00007F310118DD76h 0x0000001d popad 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: F9EC43 second address: F9EC47 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FA94DF second address: FA94E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FA94E3 second address: FA94E8 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FA94E8 second address: FA94FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F310118DD7Ch 0x00000009 pop ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d pop eax 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FA94FD second address: FA952E instructions: 0x00000000 rdtsc 0x00000002 jl 00007F31011E0E46h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f push ecx 0x00000010 pop ecx 0x00000011 jmp 00007F31011E0E51h 0x00000016 popad 0x00000017 jnp 00007F31011E0E4Eh 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FA952E second address: FA9538 instructions: 0x00000000 rdtsc 0x00000002 je 00007F310118DD7Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FA96BC second address: FA96C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FA96C0 second address: FA96C4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FA96C4 second address: FA96E2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a jmp 00007F31011E0E52h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FA96E2 second address: FA96E7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FA96E7 second address: FA96F7 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F31011E0E48h 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b popad 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FA9B29 second address: FA9B37 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F310118DD76h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FA9B37 second address: FA9B3B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FA9DE7 second address: FA9DEB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FA9DEB second address: FA9DF7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edx 0x00000007 push ebx 0x00000008 push eax 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FA9F61 second address: FA9F65 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FAADC6 second address: FAADCA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FAADCA second address: FAADE2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push edx 0x0000000a jmp 00007F310118DD7Bh 0x0000000f pushad 0x00000010 popad 0x00000011 pop edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FB0178 second address: FB018A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F31011E0E46h 0x0000000a jns 00007F31011E0E46h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FB018A second address: FB018F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FB02BC second address: FB02C6 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F31011E0E4Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FBD021 second address: FBD02D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FBFDF8 second address: FBFE03 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FC75E9 second address: FC75EF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FC75EF second address: FC7621 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 jmp 00007F31011E0E4Ch 0x0000000a jmp 00007F31011E0E50h 0x0000000f pushad 0x00000010 popad 0x00000011 jmp 00007F31011E0E4Eh 0x00000016 popad 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FC7621 second address: FC762A instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 pop edx 0x00000006 push ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FC762A second address: FC7630 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD001B second address: FD0038 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007F310118DD88h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD0038 second address: FD0044 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnl 00007F31011E0E46h 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD0044 second address: FD0048 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD39D1 second address: FD39D6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD39D6 second address: FD39DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD39DC second address: FD3A0E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jmp 00007F31011E0E4Dh 0x0000000f jmp 00007F31011E0E53h 0x00000014 push eax 0x00000015 push edx 0x00000016 jnp 00007F31011E0E46h 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD3A0E second address: FD3A18 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD3A18 second address: FD3A1E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD9098 second address: FD90AC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 jmp 00007F310118DD7Fh 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD90AC second address: FD90B6 instructions: 0x00000000 rdtsc 0x00000002 js 00007F31011E0E4Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD7912 second address: FD791C instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F310118DD82h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD791C second address: FD7922 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD7922 second address: FD7929 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD7929 second address: FD7969 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007F31011E0E46h 0x0000000a push edx 0x0000000b pop edx 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 pushad 0x00000013 popad 0x00000014 jmp 00007F31011E0E58h 0x00000019 jmp 00007F31011E0E53h 0x0000001e popad 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD7969 second address: FD7987 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jno 00007F310118DD76h 0x0000000a jmp 00007F310118DD84h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD7987 second address: FD798D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD7AC7 second address: FD7ACF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD7ACF second address: FD7AD4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD7AD4 second address: FD7AEE instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 jmp 00007F310118DD81h 0x00000008 push eax 0x00000009 pop eax 0x0000000a pop ecx 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD7AEE second address: FD7AF4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD7AF4 second address: FD7B11 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F310118DD7Dh 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push ebx 0x0000000d js 00007F310118DD7Eh 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD7DA4 second address: FD7DAA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD7DAA second address: FD7DBE instructions: 0x00000000 rdtsc 0x00000002 js 00007F310118DD76h 0x00000008 push edi 0x00000009 pop edi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jbe 00007F310118DD76h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD7DBE second address: FD7DDB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F31011E0E56h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD7F31 second address: FD7F53 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F310118DD76h 0x0000000a jmp 00007F310118DD86h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD7F53 second address: FD7F58 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD7F58 second address: FD7F5D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD80DE second address: FD80E6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD80E6 second address: FD80ED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD8264 second address: FD8268 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD8268 second address: FD8299 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007F310118DD76h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push edi 0x0000000d jmp 00007F310118DD80h 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007F310118DD80h 0x00000019 push ebx 0x0000001a pop ebx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD83E4 second address: FD83F6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push esi 0x00000008 push eax 0x00000009 push edx 0x0000000a push ebx 0x0000000b pop ebx 0x0000000c jp 00007F31011E0E46h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD83F6 second address: FD83FA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD83FA second address: FD8400 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FD8DB7 second address: FD8DBB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FDCDF4 second address: FDCE3A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F31011E0E55h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b je 00007F31011E0E5Ah 0x00000011 push edi 0x00000012 pop edi 0x00000013 jmp 00007F31011E0E52h 0x00000018 push ebx 0x00000019 pushad 0x0000001a popad 0x0000001b pop ebx 0x0000001c popad 0x0000001d push eax 0x0000001e push edx 0x0000001f push eax 0x00000020 push edx 0x00000021 jl 00007F31011E0E46h 0x00000027 push ebx 0x00000028 pop ebx 0x00000029 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FDCE3A second address: FDCE64 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 jmp 00007F310118DD82h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jl 00007F310118DD82h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FED5B7 second address: FED5BB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: FED5BB second address: FED5CF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 jl 00007F310118DD82h 0x0000000d pushad 0x0000000e pushad 0x0000000f popad 0x00000010 pushad 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 101216C second address: 101218A instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F31011E0E46h 0x00000008 push edx 0x00000009 pop edx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jnl 00007F31011E0E52h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 101243F second address: 1012443 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1012443 second address: 1012457 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007F31011E0E46h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jnp 00007F31011E0E48h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1012457 second address: 1012476 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jc 00007F310118DD76h 0x0000000a jmp 00007F310118DD85h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1012476 second address: 101247A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 101247A second address: 1012488 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1012488 second address: 101248C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 101248C second address: 101249E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnl 00007F310118DD7Ch 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 101249E second address: 10124BC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F31011E0E58h 0x00000009 push ecx 0x0000000a pop ecx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 10129F8 second address: 1012A18 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F310118DD88h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push esi 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1012B92 second address: 1012B9C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1012B9C second address: 1012BA0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1012BA0 second address: 1012BC0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007F31011E0E53h 0x0000000d popad 0x0000000e pushad 0x0000000f push ebx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1012D1B second address: 1012D38 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F310118DD89h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1012E97 second address: 1012EA3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jnc 00007F31011E0E46h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1012EA3 second address: 1012EAD instructions: 0x00000000 rdtsc 0x00000002 jne 00007F310118DD7Eh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1012EAD second address: 1012EBA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b push edx 0x0000000c pop edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1012EBA second address: 1012EC8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jnl 00007F310118DD76h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1012EC8 second address: 1012ED7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jng 00007F31011E0E46h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1015EF3 second address: 1015F04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 popad 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jc 00007F310118DD7Ch 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1015F04 second address: 1015F08 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1015F08 second address: 1015F5C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F310118DD7Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a movsx edx, cx 0x0000000d push 00000004h 0x0000000f push 00000000h 0x00000011 push ebp 0x00000012 call 00007F310118DD78h 0x00000017 pop ebp 0x00000018 mov dword ptr [esp+04h], ebp 0x0000001c add dword ptr [esp+04h], 0000001Ah 0x00000024 inc ebp 0x00000025 push ebp 0x00000026 ret 0x00000027 pop ebp 0x00000028 ret 0x00000029 push 65426583h 0x0000002e push eax 0x0000002f push edx 0x00000030 pushad 0x00000031 push edi 0x00000032 pop edi 0x00000033 jmp 00007F310118DD81h 0x00000038 popad 0x00000039 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1015F5C second address: 1015F62 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1016184 second address: 1016188 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1016188 second address: 1016193 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 1016193 second address: 10161A3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a jp 00007F310118DD76h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 10161A3 second address: 10161B0 instructions: 0x00000000 rdtsc 0x00000002 je 00007F31011E0E46h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 10161B0 second address: 10161FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007F310118DD76h 0x0000000a popad 0x0000000b popad 0x0000000c nop 0x0000000d push 00000000h 0x0000000f push edx 0x00000010 call 00007F310118DD78h 0x00000015 pop edx 0x00000016 mov dword ptr [esp+04h], edx 0x0000001a add dword ptr [esp+04h], 00000018h 0x00000022 inc edx 0x00000023 push edx 0x00000024 ret 0x00000025 pop edx 0x00000026 ret 0x00000027 mov dword ptr [ebp+122D216Fh], edx 0x0000002d mov dx, bx 0x00000030 push dword ptr [ebp+122D2C32h] 0x00000036 add edx, dword ptr [ebp+122D3688h] 0x0000003c push 60DF20B3h 0x00000041 push eax 0x00000042 push edx 0x00000043 push ebx 0x00000044 push ebx 0x00000045 pop ebx 0x00000046 pop ebx 0x00000047 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 10161FD second address: 1016203 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 101A8E5 second address: 101A947 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F310118DD7Ch 0x00000007 jmp 00007F310118DD82h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push esi 0x0000000f jmp 00007F310118DD87h 0x00000014 pushad 0x00000015 popad 0x00000016 pop esi 0x00000017 popad 0x00000018 pushad 0x00000019 jmp 00007F310118DD89h 0x0000001e push eax 0x0000001f push edx 0x00000020 pushad 0x00000021 popad 0x00000022 jp 00007F310118DD76h 0x00000028 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 101A947 second address: 101A951 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F31011E0E46h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 5040DDB second address: 5040DE1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |