Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://127.0.0.1:27060 |
Source: file.exe, 00000002.00000003.1355031029.0000000001444000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354940209.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/account/cookiepreferences/ |
Source: file.exe, 00000002.00000003.1355031029.0000000001444000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354940209.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/privacy_agreement/ |
Source: file.exe, 00000002.00000003.1355031029.0000000001444000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354940209.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/subscriber_agreement/ |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://www.valvesoftware.com/legal.htm |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://api.steampowered.com/ |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://broadcast.st.dl.eccdnx.com |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://checkout.steampowered.com/ |
Source: file.exe, 00000002.00000003.1355031029.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.1355931266.0000000001450000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://clearancek.site:443/api |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/ |
Source: file.exe, 00000002.00000003.1355031029.0000000001444000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354940209.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/applications/community/main.css?v=Ev2sBLgkgyWJ&a |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/globalv2.css?v=PAcV2zMBzzSV&l=english |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/skin_1/fatalerror.css?v=wctRWaBvNt2z&l=engli |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/skin_1/header.css?v=NFoCa4OkAxRb&l=english |
Source: file.exe, 00000002.00000003.1355031029.0000000001444000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354940209.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1 |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.1355890375.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354940209.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6 |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.1355890375.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354940209.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/applications/community/main.js?v=10oP_O2R |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.1355890375.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354940209.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/applications/community/manifest.js?v=cdfm |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/global.js?v=9OzcxMXbaV84&l=english |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/buttons.css?v=PUJIfhtcQn7W&l=english |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/motiva_sans.css?v=-DH0xTYpnVe2&l=engl |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/shared_global.css?v=ezWS9te9Zwm9&l=en |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/shared_responsive.css?v=sHIIcMzCffX6& |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016 |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/responsive/header_logo.png |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1& |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/shared_global.js?v=REEGJU1hwkYl&am |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=pSv |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0 |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://help.steampowered.com/ |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://help.steampowered.com/en/ |
Source: file.exe, 00000002.00000003.1355031029.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.1355931266.0000000001450000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://licendfilteo.site:443/api |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://login.steampowered.com/ |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lv.queniujq.cn |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://medal.tv |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://player.vimeo.com |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://recaptcha.net |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://recaptcha.net/recaptcha/; |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://s.ytimg.com; |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sketchfab.com |
Source: file.exe, 00000002.00000003.1355031029.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.1355931266.0000000001450000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://spirittunek.store:443/api |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steam.tv/ |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcast-test.akamaized.net |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcast.akamaized.net |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcastchat.akamaized.net |
Source: file.exe, 00000002.00000003.1355031029.0000000001444000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354940209.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com |
Source: file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/ |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/?subsection=broadcasts |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/discussions/ |
Source: file.exe, 00000002.00000003.1355031029.0000000001444000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354940209.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org |
Source: file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900 |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/market/ |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/my/wishlist/ |
Source: file.exe, 00000002.00000002.1355931266.0000000001446000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1355031029.0000000001444000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354940209.0000000001442000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900 |
Source: file.exe, 00000002.00000002.1355812204.00000000013EE000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900$ |
Source: file.exe, 00000002.00000002.1355931266.0000000001446000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1355031029.0000000001444000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354940209.0000000001442000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900n%w |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/workshop/ |
Source: file.exe, 00000002.00000003.1355031029.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.1355931266.0000000001450000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com:443/profiles/765611997243319007nP |
Source: file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/ |
Source: file.exe, 00000002.00000003.1355090621.000000000146B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354940209.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.000000000146A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.1355992457.0000000001472000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1355118670.0000000001471000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/; |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7Cd7fb65801182a5f |
Source: file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/about/ |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/explore/ |
Source: file.exe, 00000002.00000003.1355031029.0000000001444000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354940209.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/legal/ |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/mobile |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/news/ |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/points/shop/ |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/privacy_agreement/ |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/stats/ |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/steam_refunds/ |
Source: file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/subscriber_agreement/ |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com/recaptcha/ |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.gstatic.cn/recaptcha/ |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.gstatic.com/recaptcha/ |
Source: file.exe, 00000002.00000003.1355031029.0000000001444000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354924396.00000000014B5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354824103.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354940209.0000000001442000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.1354786582.00000000014B5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.youtube.com |
Source: file.exe, 00000002.00000003.1354786582.00000000014AB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.youtube.com/ |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A73B2A second address: A73B38 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 pushad 0x0000000a popad 0x0000000b push ebx 0x0000000c pop ebx 0x0000000d popad 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A73B38 second address: A73B4A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F900CB7E41Eh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A73B4A second address: A73B4E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEDAAA second address: BEDAAE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEDC17 second address: BEDC29 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pushad 0x00000008 jl 00007F900CFF60D6h 0x0000000e pushad 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEDC29 second address: BEDC2F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEE0B6 second address: BEE0BC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEE0BC second address: BEE0C6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push edx 0x00000009 pop edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF16CA second address: BF1732 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jl 00007F900CFF60D6h 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov dword ptr [esp], eax 0x0000000f push 00000000h 0x00000011 push ebp 0x00000012 call 00007F900CFF60D8h 0x00000017 pop ebp 0x00000018 mov dword ptr [esp+04h], ebp 0x0000001c add dword ptr [esp+04h], 00000017h 0x00000024 inc ebp 0x00000025 push ebp 0x00000026 ret 0x00000027 pop ebp 0x00000028 ret 0x00000029 mov edx, dword ptr [ebp+122D2AC4h] 0x0000002f xor ecx, dword ptr [ebp+122D28E8h] 0x00000035 push 00000000h 0x00000037 cmc 0x00000038 call 00007F900CFF60D9h 0x0000003d push eax 0x0000003e push edx 0x0000003f pushad 0x00000040 jmp 00007F900CFF60DCh 0x00000045 jmp 00007F900CFF60E2h 0x0000004a popad 0x0000004b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF1732 second address: BF1740 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF1740 second address: BF1744 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF185D second address: BF1884 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E428h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e jbe 00007F900CB7E416h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF1884 second address: BF188A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF188A second address: BF188F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF1924 second address: BF1968 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CFF60E8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a nop 0x0000000b push 00000000h 0x0000000d jmp 00007F900CFF60E4h 0x00000012 add edx, 347F3904h 0x00000018 push 8E15FEC3h 0x0000001d pushad 0x0000001e push eax 0x0000001f push edx 0x00000020 push ebx 0x00000021 pop ebx 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF1968 second address: BF1986 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E422h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jng 00007F900CB7E41Ch 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF1986 second address: BF19F7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 add dword ptr [esp], 71EA01BDh 0x0000000c and dx, 4369h 0x00000011 push 00000003h 0x00000013 jmp 00007F900CFF60E5h 0x00000018 push 00000000h 0x0000001a mov edx, esi 0x0000001c push 00000003h 0x0000001e cmc 0x0000001f push 4962AD9Eh 0x00000024 jmp 00007F900CFF60DFh 0x00000029 add dword ptr [esp], 769D5262h 0x00000030 lea ebx, dword ptr [ebp+12451575h] 0x00000036 mov edx, 6C51ED54h 0x0000003b xchg eax, ebx 0x0000003c pushad 0x0000003d jmp 00007F900CFF60E2h 0x00000042 push eax 0x00000043 push edx 0x00000044 jno 00007F900CFF60D6h 0x0000004a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF1A70 second address: BF1A74 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF1A74 second address: BF1B10 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F900CFF60D6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov dword ptr [esp], eax 0x0000000d mov dl, bl 0x0000000f mov edx, dword ptr [ebp+122D2B78h] 0x00000015 push 00000000h 0x00000017 push 00000000h 0x00000019 push ebx 0x0000001a call 00007F900CFF60D8h 0x0000001f pop ebx 0x00000020 mov dword ptr [esp+04h], ebx 0x00000024 add dword ptr [esp+04h], 00000015h 0x0000002c inc ebx 0x0000002d push ebx 0x0000002e ret 0x0000002f pop ebx 0x00000030 ret 0x00000031 push 70AE5633h 0x00000036 push edx 0x00000037 jmp 00007F900CFF60E7h 0x0000003c pop edx 0x0000003d xor dword ptr [esp], 70AE56B3h 0x00000044 jg 00007F900CFF60DCh 0x0000004a push 00000003h 0x0000004c jmp 00007F900CFF60DBh 0x00000051 mov di, 5413h 0x00000055 push 00000000h 0x00000057 call 00007F900CFF60DAh 0x0000005c movzx ecx, si 0x0000005f pop edx 0x00000060 push 00000003h 0x00000062 mov si, 7731h 0x00000066 mov esi, dword ptr [ebp+122D2AF4h] 0x0000006c push 6B34A954h 0x00000071 pushad 0x00000072 push eax 0x00000073 push edx 0x00000074 push esi 0x00000075 pop esi 0x00000076 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF1B10 second address: BF1B41 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F900CB7E41Bh 0x0000000b popad 0x0000000c add dword ptr [esp], 54CB56ACh 0x00000013 mov edx, dword ptr [ebp+122D31E5h] 0x00000019 lea ebx, dword ptr [ebp+12451580h] 0x0000001f mov dword ptr [ebp+122D3161h], esi 0x00000025 push eax 0x00000026 pushad 0x00000027 push eax 0x00000028 push edx 0x00000029 push eax 0x0000002a push edx 0x0000002b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF1B41 second address: BF1B45 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1307F second address: C13083 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C11286 second address: C1128C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1128C second address: C11290 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C11290 second address: C112AE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F900CFF60E6h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C112AE second address: C112C9 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F900CB7E416h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop ebx 0x0000000b jnp 00007F900CB7E43Dh 0x00000011 push eax 0x00000012 push edx 0x00000013 jbe 00007F900CB7E416h 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C112C9 second address: C112CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C112CD second address: C112D6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C11431 second address: C11450 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F900CFF60E3h 0x00000009 popad 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d pushad 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C11450 second address: C11455 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C11716 second address: C11723 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 jl 00007F900CFF60D6h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C11B3B second address: C11B5E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E427h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d push esi 0x0000000e pop esi 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C11B5E second address: C11B62 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C11B62 second address: C11B75 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F900CB7E416h 0x00000008 jnc 00007F900CB7E416h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C11B75 second address: C11B7A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C11F97 second address: C11F9B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C11F9B second address: C11FA1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C05333 second address: C0534C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E41Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ecx 0x0000000a push esi 0x0000000b pushad 0x0000000c pushad 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C0534C second address: C05352 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C12121 second address: C12139 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E420h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b popad 0x0000000c pop eax 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C12139 second address: C12154 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CFF60E2h 0x00000007 pushad 0x00000008 push esi 0x00000009 pop esi 0x0000000a push eax 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1277E second address: C12784 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C12784 second address: C12788 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C12788 second address: C1278C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1278C second address: C12798 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C12798 second address: C1279E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C12AAD second address: C12ACC instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 jmp 00007F900CFF60DFh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jc 00007F900CFF60D6h 0x00000013 push esi 0x00000014 pop esi 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C12ACC second address: C12AD0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C12AD0 second address: C12AF6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edx 0x00000007 jng 00007F900CFF60D6h 0x0000000d je 00007F900CFF60D6h 0x00000013 pop edx 0x00000014 popad 0x00000015 pushad 0x00000016 jmp 00007F900CFF60DCh 0x0000001b push eax 0x0000001c push edx 0x0000001d push eax 0x0000001e pop eax 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C12AF6 second address: C12AFA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C12AFA second address: C12B06 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C12B06 second address: C12B0A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C18E78 second address: C18E82 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jg 00007F900CFF60D6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C18E82 second address: C18E96 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [eax] 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e jnc 00007F900CB7E416h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C18E96 second address: C18E9A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C18E9A second address: C18EA0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C19066 second address: C1906B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1B46C second address: C1B49B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E429h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F900CB7E41Ch 0x0000000e push eax 0x0000000f push edx 0x00000010 push esi 0x00000011 pop esi 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1B49B second address: C1B49F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1B49F second address: C1B4A3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1B4A3 second address: C1B4B3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007F900CFF60D6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push edi 0x0000000f pop edi 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1EAE0 second address: C1EAE5 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BD1B71 second address: BD1BA5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F900CFF60E5h 0x00000009 jmp 00007F900CFF60E7h 0x0000000e popad 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1DF95 second address: C1DF99 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1DF99 second address: C1DFA5 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F900CFF60D6h 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1DFA5 second address: C1DFBD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 push eax 0x00000006 pop eax 0x00000007 jmp 00007F900CB7E41Ch 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1DFBD second address: C1DFC1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1DFC1 second address: C1DFC5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1E282 second address: C1E286 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1E286 second address: C1E28A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1E28A second address: C1E2B7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F900CFF60D6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c je 00007F900CFF60F1h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1E2B7 second address: C1E2C1 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push edx 0x00000004 pop edx 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1E6F1 second address: C1E718 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 jmp 00007F900CFF60DDh 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 pushad 0x00000011 popad 0x00000012 jng 00007F900CFF60D6h 0x00000018 jg 00007F900CFF60D6h 0x0000001e popad 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2075C second address: C20772 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F900CB7E416h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 je 00007F900CB7E416h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C20772 second address: C20776 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C20776 second address: C2077C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2077C second address: C20786 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 ja 00007F900CFF60D6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2081C second address: C20839 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007F900CB7E416h 0x0000000a popad 0x0000000b pop ecx 0x0000000c push eax 0x0000000d pushad 0x0000000e js 00007F900CB7E41Ch 0x00000014 jnl 00007F900CB7E416h 0x0000001a pushad 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C20A05 second address: C20A09 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C20A09 second address: C20A0F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C20FE8 second address: C2100D instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 mov dword ptr [esp], ebx 0x0000000a mov esi, dword ptr [ebp+122D2984h] 0x00000010 nop 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007F900CFF60E2h 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C210BE second address: C210C2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C210C2 second address: C210CF instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C210CF second address: C210DA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007F900CB7E416h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C214EB second address: C21503 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push edx 0x0000000b jmp 00007F900CFF60DCh 0x00000010 pop edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C21A66 second address: C21A8D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d js 00007F900CB7E42Ah 0x00000013 jmp 00007F900CB7E424h 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2240F second address: C2241A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push edx 0x0000000a pop edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C222ED second address: C22304 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F900CB7E41Ch 0x0000000a jns 00007F900CB7E416h 0x00000010 popad 0x00000011 push eax 0x00000012 push eax 0x00000013 push edx 0x00000014 push ebx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C22304 second address: C22309 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C233EC second address: C2340A instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F900CB7E418h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d pushad 0x0000000e jno 00007F900CB7E41Ch 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2340A second address: C2340E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2340E second address: C23466 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E41Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a nop 0x0000000b push 00000000h 0x0000000d push ebx 0x0000000e call 00007F900CB7E418h 0x00000013 pop ebx 0x00000014 mov dword ptr [esp+04h], ebx 0x00000018 add dword ptr [esp+04h], 00000019h 0x00000020 inc ebx 0x00000021 push ebx 0x00000022 ret 0x00000023 pop ebx 0x00000024 ret 0x00000025 push ecx 0x00000026 cmc 0x00000027 pop esi 0x00000028 mov esi, dword ptr [ebp+122D2A48h] 0x0000002e push 00000000h 0x00000030 mov edi, dword ptr [ebp+122D3320h] 0x00000036 push 00000000h 0x00000038 mov di, dx 0x0000003b push eax 0x0000003c js 00007F900CB7E422h 0x00000042 je 00007F900CB7E41Ch 0x00000048 push eax 0x00000049 push edx 0x0000004a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C23EC3 second address: C23EC9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C249B1 second address: C249B6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C25FF1 second address: C26084 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 nop 0x00000008 or edi, 6B4C0DE1h 0x0000000e push 00000000h 0x00000010 mov esi, dword ptr [ebp+1244DC89h] 0x00000016 push 00000000h 0x00000018 push 00000000h 0x0000001a push edi 0x0000001b call 00007F900CFF60D8h 0x00000020 pop edi 0x00000021 mov dword ptr [esp+04h], edi 0x00000025 add dword ptr [esp+04h], 0000001Dh 0x0000002d inc edi 0x0000002e push edi 0x0000002f ret 0x00000030 pop edi 0x00000031 ret 0x00000032 jo 00007F900CFF60DAh 0x00000038 mov si, 9EF3h 0x0000003c xchg eax, ebx 0x0000003d pushad 0x0000003e jng 00007F900CFF60EFh 0x00000044 jmp 00007F900CFF60E9h 0x00000049 jno 00007F900CFF60D8h 0x0000004f popad 0x00000050 push eax 0x00000051 pushad 0x00000052 jne 00007F900CFF60ECh 0x00000058 push eax 0x00000059 push edx 0x0000005a pushad 0x0000005b popad 0x0000005c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2682C second address: C26830 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C26830 second address: C26836 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2B2AC second address: C2B2C3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E423h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2C27E second address: C2C282 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2D342 second address: C2D35F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E429h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2E39A second address: C2E3B6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CFF60E8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2F406 second address: C2F42E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E41Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push esi 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F900CB7E425h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2E554 second address: C2E558 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2E558 second address: C2E597 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F900CB7E423h 0x0000000b popad 0x0000000c push eax 0x0000000d pushad 0x0000000e jmp 00007F900CB7E424h 0x00000013 push eax 0x00000014 push edx 0x00000015 jmp 00007F900CB7E41Dh 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2F64E second address: C2F654 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2F654 second address: C2F658 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2F702 second address: C2F719 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 popad 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jl 00007F900CFF60DCh 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C304A6 second address: C304B5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push esi 0x00000007 push eax 0x00000008 push edx 0x00000009 jbe 00007F900CB7E416h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C304B5 second address: C304B9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C304B9 second address: C3050D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 nop 0x00000008 jg 00007F900CB7E421h 0x0000000e jmp 00007F900CB7E41Bh 0x00000013 push dword ptr fs:[00000000h] 0x0000001a movsx ebx, dx 0x0000001d mov dword ptr fs:[00000000h], esp 0x00000024 xor dword ptr [ebp+1244E929h], eax 0x0000002a sub dword ptr [ebp+1245252Fh], edx 0x00000030 mov eax, dword ptr [ebp+122D123Dh] 0x00000036 xor ebx, dword ptr [ebp+122D3153h] 0x0000003c push FFFFFFFFh 0x0000003e mov dword ptr [ebp+122D2F7Bh], edx 0x00000044 nop 0x00000045 push esi 0x00000046 push eax 0x00000047 push edx 0x00000048 je 00007F900CB7E416h 0x0000004e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3256A second address: C3257A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CFF60DCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3257A second address: C3257F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3262E second address: C32640 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pushad 0x00000004 popad 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c jns 00007F900CFF60D6h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3050D second address: C30531 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E429h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop esi 0x0000000a push eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C335F8 second address: C335FE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3479C second address: C347A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C32752 second address: C32758 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C32758 second address: C3275C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C39F15 second address: C39F1F instructions: 0x00000000 rdtsc 0x00000002 jl 00007F900CFF60D6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3AEB7 second address: C3AEC1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jc 00007F900CB7E416h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3AEC1 second address: C3AF0A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], eax 0x0000000b sub bx, 9BB8h 0x00000010 push 00000000h 0x00000012 push 00000000h 0x00000014 push esi 0x00000015 call 00007F900CFF60D8h 0x0000001a pop esi 0x0000001b mov dword ptr [esp+04h], esi 0x0000001f add dword ptr [esp+04h], 0000001Dh 0x00000027 inc esi 0x00000028 push esi 0x00000029 ret 0x0000002a pop esi 0x0000002b ret 0x0000002c push 00000000h 0x0000002e add dword ptr [ebp+1247B237h], edi 0x00000034 push eax 0x00000035 pushad 0x00000036 push eax 0x00000037 push edx 0x00000038 jl 00007F900CFF60D6h 0x0000003e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3AF0A second address: C3AF0E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3BF1A second address: C3BF50 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jp 00007F900CFF60D6h 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov dword ptr [esp], eax 0x0000000f push 00000000h 0x00000011 jmp 00007F900CFF60DCh 0x00000016 push 00000000h 0x00000018 jc 00007F900CFF60DCh 0x0000001e sub dword ptr [ebp+12452A82h], esi 0x00000024 xchg eax, esi 0x00000025 push eax 0x00000026 push edx 0x00000027 push eax 0x00000028 push edx 0x00000029 jnc 00007F900CFF60D6h 0x0000002f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3BF50 second address: C3BF56 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3BF56 second address: C3BF5C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3BF5C second address: C3BF60 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C359B2 second address: C359D5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CFF60E8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edi 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C359D5 second address: C359DA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C359DA second address: C359E4 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F900CFF60DCh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C37FD3 second address: C37FD7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C37FD7 second address: C37FDD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C37FDD second address: C38007 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jmp 00007F900CB7E427h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push ebx 0x00000011 jne 00007F900CB7E416h 0x00000017 pop ebx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C38FA2 second address: C38FB8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CFF60DDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C38FB8 second address: C39050 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 mov dword ptr [esp], eax 0x00000009 movsx edi, bx 0x0000000c push dword ptr fs:[00000000h] 0x00000013 push 00000000h 0x00000015 push ebx 0x00000016 call 00007F900CB7E418h 0x0000001b pop ebx 0x0000001c mov dword ptr [esp+04h], ebx 0x00000020 add dword ptr [esp+04h], 00000014h 0x00000028 inc ebx 0x00000029 push ebx 0x0000002a ret 0x0000002b pop ebx 0x0000002c ret 0x0000002d mov dword ptr fs:[00000000h], esp 0x00000034 push 00000000h 0x00000036 push ecx 0x00000037 call 00007F900CB7E418h 0x0000003c pop ecx 0x0000003d mov dword ptr [esp+04h], ecx 0x00000041 add dword ptr [esp+04h], 00000017h 0x00000049 inc ecx 0x0000004a push ecx 0x0000004b ret 0x0000004c pop ecx 0x0000004d ret 0x0000004e xor ebx, dword ptr [ebp+1246AE88h] 0x00000054 mov eax, dword ptr [ebp+122D15E5h] 0x0000005a jnc 00007F900CB7E429h 0x00000060 push FFFFFFFFh 0x00000062 mov ebx, dword ptr [ebp+122D3A13h] 0x00000068 nop 0x00000069 js 00007F900CB7E420h 0x0000006f pushad 0x00000070 jbe 00007F900CB7E416h 0x00000076 pushad 0x00000077 popad 0x00000078 popad 0x00000079 push eax 0x0000007a pushad 0x0000007b pushad 0x0000007c push eax 0x0000007d push edx 0x0000007e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3DF72 second address: C3DF8A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F900CFF60E0h 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3DF8A second address: C3DF8E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3DF8E second address: C3DFB4 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F900CFF60D6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F900CFF60E5h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3DFB4 second address: C3DFBC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3DFBC second address: C3DFC6 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F900CFF60E2h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3DFC6 second address: C3DFD4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007F900CB7E416h 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3DFD4 second address: C3DFD8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3A0CA second address: C3A0DF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F900CB7E420h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3C0EF second address: C3C0F4 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3C0F4 second address: C3C169 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov dword ptr [esp], eax 0x0000000a mov dword ptr [ebp+122D338Bh], edi 0x00000010 push dword ptr fs:[00000000h] 0x00000017 push 00000000h 0x00000019 push eax 0x0000001a call 00007F900CB7E418h 0x0000001f pop eax 0x00000020 mov dword ptr [esp+04h], eax 0x00000024 add dword ptr [esp+04h], 00000017h 0x0000002c inc eax 0x0000002d push eax 0x0000002e ret 0x0000002f pop eax 0x00000030 ret 0x00000031 mov ebx, dword ptr [ebp+122D37D2h] 0x00000037 mov dword ptr fs:[00000000h], esp 0x0000003e mov bx, cx 0x00000041 mov eax, dword ptr [ebp+122D14A1h] 0x00000047 mov dword ptr [ebp+122D385Dh], edi 0x0000004d push FFFFFFFFh 0x0000004f clc 0x00000050 movsx ebx, si 0x00000053 push eax 0x00000054 jnp 00007F900CB7E432h 0x0000005a push eax 0x0000005b push edx 0x0000005c jmp 00007F900CB7E424h 0x00000061 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C48915 second address: C48951 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 jnc 00007F900CFF60D6h 0x00000009 pop edi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d jp 00007F900CFF60E2h 0x00000013 jnp 00007F900CFF60DCh 0x00000019 mov eax, dword ptr [esp+04h] 0x0000001d pushad 0x0000001e jmp 00007F900CFF60E4h 0x00000023 push eax 0x00000024 push edx 0x00000025 push eax 0x00000026 push edx 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C48951 second address: C48955 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDF499 second address: BDF4BC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F900CFF60E9h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDF4BC second address: BDF4C6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007F900CB7E416h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDDA6B second address: BDDA75 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F900CFF60DEh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C58B8D second address: C58BAC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E423h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 js 00007F900CB7E41Ch 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C58BAC second address: C58BB0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C58BB0 second address: C58BC1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F900CB7E41Dh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C27C92 second address: C27C9C instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F900CFF60D6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C27C9C second address: C27CA1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C27CA1 second address: C05333 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c and dh, FFFFFFF5h 0x0000000f lea eax, dword ptr [ebp+124879E4h] 0x00000015 push 00000000h 0x00000017 push ebp 0x00000018 call 00007F900CFF60D8h 0x0000001d pop ebp 0x0000001e mov dword ptr [esp+04h], ebp 0x00000022 add dword ptr [esp+04h], 0000001Ch 0x0000002a inc ebp 0x0000002b push ebp 0x0000002c ret 0x0000002d pop ebp 0x0000002e ret 0x0000002f mov cl, 02h 0x00000031 mov ecx, dword ptr [ebp+12475CA8h] 0x00000037 push eax 0x00000038 push ebx 0x00000039 jns 00007F900CFF60E9h 0x0000003f pop ebx 0x00000040 mov dword ptr [esp], eax 0x00000043 push 00000000h 0x00000045 push eax 0x00000046 call 00007F900CFF60D8h 0x0000004b pop eax 0x0000004c mov dword ptr [esp+04h], eax 0x00000050 add dword ptr [esp+04h], 00000016h 0x00000058 inc eax 0x00000059 push eax 0x0000005a ret 0x0000005b pop eax 0x0000005c ret 0x0000005d mov edi, dword ptr [ebp+122D2BC8h] 0x00000063 call dword ptr [ebp+122D332Fh] 0x00000069 push ecx 0x0000006a push eax 0x0000006b push edx 0x0000006c push edi 0x0000006d pop edi 0x0000006e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C28372 second address: C28376 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C28376 second address: C2837A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2837A second address: C2839B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 jmp 00007F900CB7E41Ch 0x0000000c mov eax, dword ptr [esp+04h] 0x00000010 push eax 0x00000011 push edx 0x00000012 jo 00007F900CB7E41Ch 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2839B second address: C2839F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2839F second address: C283B0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 pushad 0x00000006 popad 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov eax, dword ptr [eax] 0x0000000c push esi 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C283B0 second address: C283EE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 mov dword ptr [esp+04h], eax 0x0000000b jmp 00007F900CFF60E5h 0x00000010 pop eax 0x00000011 add ecx, 3DC6BC88h 0x00000017 push 5CC32BC2h 0x0000001c push eax 0x0000001d push edx 0x0000001e jmp 00007F900CFF60E0h 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C283EE second address: C283F4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2851D second address: C28531 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop eax 0x00000006 mov dword ptr [esp], esi 0x00000009 mov dword ptr [ebp+122D37A7h], eax 0x0000000f push eax 0x00000010 pushad 0x00000011 push eax 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C28607 second address: C2860B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2860B second address: C2862A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push esi 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F900CFF60E5h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2862A second address: C2864F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E41Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop esi 0x0000000a mov eax, dword ptr [esp+04h] 0x0000000e push edi 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F900CB7E41Ah 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2864F second address: C28673 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F900CFF60D6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edi 0x0000000b mov eax, dword ptr [eax] 0x0000000d pushad 0x0000000e pushad 0x0000000f push eax 0x00000010 pop eax 0x00000011 push ebx 0x00000012 pop ebx 0x00000013 popad 0x00000014 pushad 0x00000015 push esi 0x00000016 pop esi 0x00000017 pushad 0x00000018 popad 0x00000019 popad 0x0000001a popad 0x0000001b mov dword ptr [esp+04h], eax 0x0000001f push eax 0x00000020 push edx 0x00000021 push esi 0x00000022 push eax 0x00000023 push edx 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C28673 second address: C28678 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C28F7A second address: C28F88 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jnc 00007F900CFF60D6h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C28F88 second address: C28F8C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C28F8C second address: C28FA8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b push ecx 0x0000000c push esi 0x0000000d jne 00007F900CFF60D6h 0x00000013 pop esi 0x00000014 pop ecx 0x00000015 mov eax, dword ptr [eax] 0x00000017 push edi 0x00000018 push eax 0x00000019 push edx 0x0000001a push esi 0x0000001b pop esi 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C28FA8 second address: C28FAC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C29086 second address: C290A0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 nop 0x00000007 add dword ptr [ebp+12452A95h], eax 0x0000000d lea eax, dword ptr [ebp+12487A28h] 0x00000013 stc 0x00000014 nop 0x00000015 pushad 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C290A0 second address: C290A4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C290A4 second address: C290B7 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F900CFF60D6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jp 00007F900CFF60D6h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C290B7 second address: C290FA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 jno 00007F900CB7E422h 0x0000000d nop 0x0000000e movzx edi, dx 0x00000011 lea eax, dword ptr [ebp+124879E4h] 0x00000017 movsx edi, dx 0x0000001a nop 0x0000001b push edx 0x0000001c jnl 00007F900CB7E41Ch 0x00000022 pop edx 0x00000023 push eax 0x00000024 push eax 0x00000025 push edx 0x00000026 jmp 00007F900CB7E41Bh 0x0000002b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C290FA second address: C290FF instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C290FF second address: C05EED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 nop 0x00000008 mov cx, 2EFAh 0x0000000c sub ecx, dword ptr [ebp+122D2A58h] 0x00000012 call dword ptr [ebp+122D33F8h] 0x00000018 push eax 0x00000019 push edx 0x0000001a jmp 00007F900CB7E423h 0x0000001f pushad 0x00000020 push edi 0x00000021 pop edi 0x00000022 pushad 0x00000023 popad 0x00000024 jnp 00007F900CB7E416h 0x0000002a popad 0x0000002b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE5E9B second address: BE5EA5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F900CFF60D6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE5EA5 second address: BE5EAB instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE5EAB second address: BE5EB5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE5EB5 second address: BE5EBB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE5EBB second address: BE5EBF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE5EBF second address: BE5ED0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E41Bh 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE5ED0 second address: BE5F1F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CFF60E6h 0x00000007 push ecx 0x00000008 jmp 00007F900CFF60DEh 0x0000000d jg 00007F900CFF60D6h 0x00000013 pop ecx 0x00000014 pop edx 0x00000015 pop eax 0x00000016 push eax 0x00000017 push edx 0x00000018 jmp 00007F900CFF60E1h 0x0000001d jmp 00007F900CFF60DCh 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE5F1F second address: BE5F40 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jp 00007F900CB7E416h 0x00000009 jmp 00007F900CB7E426h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C57CC7 second address: C57CD1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C57CD1 second address: C57CEB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F900CB7E41Bh 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e jbe 00007F900CB7E416h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C57FF9 second address: C5800A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F900CFF60DAh 0x00000009 push ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5800A second address: C58010 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5812F second address: C58140 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F900CFF60D6h 0x0000000a jnc 00007F900CFF60D6h 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C58140 second address: C58145 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C58145 second address: C5815F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F900CFF60E1h 0x00000009 pop edx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5815F second address: C58163 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C58163 second address: C58199 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F900CFF60DAh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop edx 0x0000000c pop eax 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007F900CFF60DBh 0x00000015 jmp 00007F900CFF60E6h 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C58199 second address: C581C3 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F900CB7E416h 0x00000008 jmp 00007F900CB7E41Dh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F900CB7E41Fh 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C581C3 second address: C581C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5D1D1 second address: C5D20C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E41Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jnl 00007F900CB7E431h 0x00000010 pushad 0x00000011 jnp 00007F900CB7E416h 0x00000017 push esi 0x00000018 pop esi 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5D393 second address: C5D3AA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jns 00007F900CFF60D6h 0x0000000a jmp 00007F900CFF60DDh 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5D3AA second address: C5D3BC instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jno 00007F900CB7E416h 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5CED3 second address: C5CEEE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push edi 0x00000009 push edx 0x0000000a pop edx 0x0000000b pop edi 0x0000000c pushad 0x0000000d ja 00007F900CFF60E2h 0x00000013 jns 00007F900CFF60D6h 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5DE9E second address: C5DEA8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pop ebx 0x00000007 push ecx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5E185 second address: C5E189 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C640CF second address: C640D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C640D3 second address: C640F9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CFF60E9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c push ecx 0x0000000d pop ecx 0x0000000e pushad 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C640F9 second address: C640FE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C640FE second address: C64104 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C64104 second address: C6411F instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F900CB7E41Ah 0x00000010 jnc 00007F900CB7E416h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C6411F second address: C6412C instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F900CFF60D6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push edi 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C6412C second address: C64132 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C62E42 second address: C62E50 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 js 00007F900CFF60D6h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C62FAA second address: C62FB1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C63293 second address: C632E6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F900CFF60D6h 0x0000000a jmp 00007F900CFF60E9h 0x0000000f popad 0x00000010 jne 00007F900CFF60E4h 0x00000016 pushad 0x00000017 jmp 00007F900CFF60E8h 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C632E6 second address: C632FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 push ebx 0x00000009 jmp 00007F900CB7E41Eh 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C632FF second address: C63304 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C63304 second address: C63310 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 js 00007F900CB7E416h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C6349D second address: C634A3 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C635AB second address: C635C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 jmp 00007F900CB7E424h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C63775 second address: C6377F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C6377F second address: C63787 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C63787 second address: C6378D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C63F0A second address: C63F19 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E41Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C63F19 second address: C63F3A instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F900CFF60D8h 0x00000008 jmp 00007F900CFF60DEh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push edx 0x00000012 push ecx 0x00000013 pop ecx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C63F3A second address: C63F43 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C63F43 second address: C63F4D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F900CFF60D6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C63F4D second address: C63F6C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E429h 0x00000007 push edx 0x00000008 pop edx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C681FE second address: C6826E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CFF60E9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jnp 00007F900CFF60D6h 0x00000010 push eax 0x00000011 pop eax 0x00000012 jmp 00007F900CFF60DEh 0x00000017 push ecx 0x00000018 pop ecx 0x00000019 popad 0x0000001a je 00007F900CFF60E8h 0x00000020 jmp 00007F900CFF60E2h 0x00000025 popad 0x00000026 pushad 0x00000027 jmp 00007F900CFF60E5h 0x0000002c push eax 0x0000002d push edx 0x0000002e jnl 00007F900CFF60D6h 0x00000034 pushad 0x00000035 popad 0x00000036 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C6826E second address: C68285 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E41Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push esi 0x0000000b pop esi 0x0000000c push eax 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C6E28C second address: C6E2BC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push eax 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 pop eax 0x00000009 jmp 00007F900CFF60DDh 0x0000000e popad 0x0000000f pushad 0x00000010 js 00007F900CFF60DAh 0x00000016 push eax 0x00000017 push edx 0x00000018 jbe 00007F900CFF60D6h 0x0000001e jne 00007F900CFF60D6h 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C6E468 second address: C6E470 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE9361 second address: BE9371 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F900CFF60D6h 0x00000008 push edi 0x00000009 pop edi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push esi 0x0000000d pushad 0x0000000e popad 0x0000000f pop esi 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE9371 second address: BE937C instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 jp 00007F900CB7E416h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE937C second address: BE93A0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 jmp 00007F900CFF60DDh 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d jnl 00007F900CFF60DCh 0x00000013 push esi 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C7378E second address: C73794 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C73941 second address: C7395A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007F900CFF60D6h 0x0000000a popad 0x0000000b jnc 00007F900CFF60DEh 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C7395A second address: C73971 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F900CB7E41Ah 0x00000008 push eax 0x00000009 pop eax 0x0000000a pushad 0x0000000b popad 0x0000000c pushad 0x0000000d jg 00007F900CB7E416h 0x00000013 pushad 0x00000014 popad 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C73C33 second address: C73C58 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push edi 0x00000006 push eax 0x00000007 pop eax 0x00000008 jmp 00007F900CFF60E7h 0x0000000d pop edi 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 push edx 0x00000012 pop edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C73C58 second address: C73C5C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C73C5C second address: C73C8B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007F900CFF60D6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jnc 00007F900CFF60EBh 0x00000012 jg 00007F900CFF60E2h 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C73DD8 second address: C73DDC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C73DDC second address: C73DE8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F900CFF60D6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C73F58 second address: C73F94 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F900CB7E41Dh 0x00000009 pushad 0x0000000a popad 0x0000000b jmp 00007F900CB7E41Ah 0x00000010 popad 0x00000011 pushad 0x00000012 jmp 00007F900CB7E428h 0x00000017 pushad 0x00000018 popad 0x00000019 push ecx 0x0000001a pop ecx 0x0000001b popad 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C73F94 second address: C73F99 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C74268 second address: C7428B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push edx 0x00000009 pop edx 0x0000000a jmp 00007F900CB7E429h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C7428B second address: C742A6 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F900CFF60D6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F900CFF60DDh 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C742A6 second address: C742AA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C742AA second address: C742B5 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ecx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C74D4E second address: C74D71 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F900CB7E422h 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F900CB7E41Dh 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C74D71 second address: C74DD5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CFF60E8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e jmp 00007F900CFF60E5h 0x00000013 pushad 0x00000014 popad 0x00000015 jmp 00007F900CFF60E7h 0x0000001a popad 0x0000001b push edi 0x0000001c jmp 00007F900CFF60DCh 0x00000021 js 00007F900CFF60D6h 0x00000027 pop edi 0x00000028 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C74DD5 second address: C74DEE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F900CB7E424h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE9399 second address: BE93A0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C77BCC second address: C77BDA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E41Ah 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C77BDA second address: C77BE4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ebx 0x00000007 pushad 0x00000008 popad 0x00000009 pop ebx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C77BE4 second address: C77C20 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jg 00007F900CB7E416h 0x00000009 pushad 0x0000000a popad 0x0000000b push eax 0x0000000c pop eax 0x0000000d popad 0x0000000e pushad 0x0000000f jbe 00007F900CB7E416h 0x00000015 pushad 0x00000016 popad 0x00000017 je 00007F900CB7E416h 0x0000001d popad 0x0000001e pop edx 0x0000001f pop eax 0x00000020 push eax 0x00000021 push edx 0x00000022 ja 00007F900CB7E418h 0x00000028 jg 00007F900CB7E422h 0x0000002e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C77C20 second address: C77C2D instructions: 0x00000000 rdtsc 0x00000002 jng 00007F900CFF60D8h 0x00000008 push edi 0x00000009 pop edi 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C7B3B1 second address: C7B3E5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E41Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F900CB7E428h 0x0000000e js 00007F900CB7E41Eh 0x00000014 push edi 0x00000015 pop edi 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C7B55C second address: C7B590 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 pushad 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a jmp 00007F900CFF60E4h 0x0000000f pushad 0x00000010 popad 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 popad 0x00000016 jmp 00007F900CFF60DFh 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C7B6EC second address: C7B71F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F900CB7E416h 0x0000000a jmp 00007F900CB7E420h 0x0000000f popad 0x00000010 jmp 00007F900CB7E428h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C7B71F second address: C7B726 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C7B8B8 second address: C7B8BC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C7B8BC second address: C7B8CD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 push ecx 0x00000008 push ebx 0x00000009 jnl 00007F900CFF60D6h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C7BA0D second address: C7BA13 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C7BA13 second address: C7BA17 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C7BA17 second address: C7BA1B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C85012 second address: C85016 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C83299 second address: C832A3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F900CB7E416h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C832A3 second address: C832A7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C84157 second address: C84165 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ebx 0x00000007 jno 00007F900CB7E416h 0x0000000d pop ebx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C28D68 second address: C28D70 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 push edx 0x00000007 pop edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C84427 second address: C84433 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 pushad 0x00000006 popad 0x00000007 popad 0x00000008 push eax 0x00000009 push edx 0x0000000a push esi 0x0000000b pop esi 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C846EA second address: C846F2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C849A7 second address: C849C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F900CB7E425h 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C849C4 second address: C849C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C84C7A second address: C84C80 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C84C80 second address: C84CA2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jng 00007F900CFF60E7h 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C84CA2 second address: C84CA8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C84CA8 second address: C84CAE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C84CAE second address: C84CB9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C84CB9 second address: C84CDD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F900CFF60E5h 0x0000000e jnl 00007F900CFF60D6h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C84CDD second address: C84CE1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C84CE1 second address: C84CE7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8CB50 second address: C8CB6D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 push eax 0x00000008 push edx 0x00000009 js 00007F900CB7E41Eh 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 popad 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8CB6D second address: C8CB71 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8CB71 second address: C8CB79 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8CB79 second address: C8CB83 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jo 00007F900CFF60D6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8CB83 second address: C8CB87 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8CB87 second address: C8CB90 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8CB90 second address: C8CB96 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8CF4B second address: C8CF83 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 push edi 0x00000008 jmp 00007F900CFF60DFh 0x0000000d push esi 0x0000000e pop esi 0x0000000f pop edi 0x00000010 jmp 00007F900CFF60E4h 0x00000015 push eax 0x00000016 push edx 0x00000017 push eax 0x00000018 pop eax 0x00000019 je 00007F900CFF60D6h 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8D337 second address: C8D340 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8D340 second address: C8D34A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnl 00007F900CFF60D6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C95232 second address: C95236 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C95236 second address: C9524D instructions: 0x00000000 rdtsc 0x00000002 js 00007F900CFF60D6h 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pop edi 0x0000000d push edx 0x0000000e pushad 0x0000000f jne 00007F900CFF60D6h 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C9524D second address: C95253 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C954D3 second address: C954D7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C954D7 second address: C954DF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C954DF second address: C9550E instructions: 0x00000000 rdtsc 0x00000002 js 00007F900CFF60D8h 0x00000008 push edx 0x00000009 pop edx 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d jo 00007F900CFF60D6h 0x00000013 jmp 00007F900CFF60DBh 0x00000018 push esi 0x00000019 pop esi 0x0000001a popad 0x0000001b pop edx 0x0000001c pop eax 0x0000001d jl 00007F900CFF60FEh 0x00000023 push eax 0x00000024 push edx 0x00000025 pushad 0x00000026 popad 0x00000027 push ecx 0x00000028 pop ecx 0x00000029 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C95921 second address: C95925 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C95925 second address: C95937 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CFF60DBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C95937 second address: C9593D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C95DE4 second address: C95E00 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CFF60E7h 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C95E00 second address: C95E06 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C95E06 second address: C95E0C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C9A9B6 second address: C9A9CF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jp 00007F900CB7E416h 0x0000000a jmp 00007F900CB7E41Fh 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAC27D second address: CAC282 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE2918 second address: BE2938 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jng 00007F900CB7E42Ah 0x0000000c push eax 0x0000000d pop eax 0x0000000e jmp 00007F900CB7E422h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE2938 second address: BE293D instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CABBDB second address: CABBF9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F900CB7E428h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CABBF9 second address: CABBFD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CABBFD second address: CABC01 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CABC01 second address: CABC30 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push edi 0x0000000a pop edi 0x0000000b jl 00007F900CFF60D6h 0x00000011 popad 0x00000012 pop edx 0x00000013 pop eax 0x00000014 push ebx 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007F900CFF60E8h 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CABD70 second address: CABDC7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pushad 0x00000006 jmp 00007F900CB7E429h 0x0000000b jns 00007F900CB7E416h 0x00000011 pushad 0x00000012 popad 0x00000013 popad 0x00000014 pushad 0x00000015 ja 00007F900CB7E416h 0x0000001b push edx 0x0000001c pop edx 0x0000001d jne 00007F900CB7E416h 0x00000023 jnl 00007F900CB7E416h 0x00000029 popad 0x0000002a popad 0x0000002b push ebx 0x0000002c push ebx 0x0000002d jmp 00007F900CB7E424h 0x00000032 push eax 0x00000033 push edx 0x00000034 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB1F06 second address: CB1F0A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB1F0A second address: CB1F15 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 pushad 0x00000008 popad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB1F15 second address: CB1F20 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC39C2 second address: CC39C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC8BA9 second address: CC8BB3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F900CFF60D6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC8CF8 second address: CC8D01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCD811 second address: CCD817 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCD817 second address: CCD83D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 push eax 0x00000007 pop eax 0x00000008 popad 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c jmp 00007F900CB7E425h 0x00000011 pushad 0x00000012 popad 0x00000013 pushad 0x00000014 popad 0x00000015 popad 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCD83D second address: CCD850 instructions: 0x00000000 rdtsc 0x00000002 js 00007F900CFF60DCh 0x00000008 pushad 0x00000009 pushad 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCD850 second address: CCD856 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCD856 second address: CCD861 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push edi 0x00000008 push edi 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CD26BF second address: CD26EA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 jno 00007F900CB7E416h 0x0000000c popad 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 jbe 00007F900CB7E42Fh 0x00000016 jmp 00007F900CB7E423h 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CD26EA second address: CD26F4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push ebx 0x00000006 pop ebx 0x00000007 pushad 0x00000008 popad 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CD26F4 second address: CD26FA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CD26FA second address: CD26FE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CD8F47 second address: CD8F61 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jne 00007F900CB7E416h 0x0000000f jmp 00007F900CB7E41Bh 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CD8F61 second address: CD8F67 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CD8F67 second address: CD8F70 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CDDED5 second address: CDDEDF instructions: 0x00000000 rdtsc 0x00000002 ja 00007F900CFF60F0h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CEDD1A second address: CEDD37 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push edx 0x00000004 pop edx 0x00000005 push edi 0x00000006 pop edi 0x00000007 pop edx 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push esi 0x0000000d jmp 00007F900CB7E41Dh 0x00000012 push edi 0x00000013 pop edi 0x00000014 pop esi 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CEDD37 second address: CEDD3E instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CEFE1C second address: CEFE20 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D09495 second address: D094BD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CFF60E4h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d je 00007F900CFF60D6h 0x00000013 jo 00007F900CFF60D6h 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D09654 second address: D09659 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D09659 second address: D09694 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 jmp 00007F900CFF60DDh 0x0000000d popad 0x0000000e pushad 0x0000000f pushad 0x00000010 popad 0x00000011 jmp 00007F900CFF60DCh 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 push eax 0x0000001a push edx 0x0000001b push eax 0x0000001c push edx 0x0000001d jmp 00007F900CFF60DDh 0x00000022 pushad 0x00000023 popad 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D09694 second address: D0969C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D097C8 second address: D097DD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 jns 00007F900CFF60DCh 0x0000000f jno 00007F900CFF60D6h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D097DD second address: D09808 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F900CB7E42Dh 0x00000008 jmp 00007F900CB7E427h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push ecx 0x00000012 push ebx 0x00000013 pop ebx 0x00000014 pop ecx 0x00000015 push edi 0x00000016 push edx 0x00000017 pop edx 0x00000018 pop edi 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D09C0C second address: D09C14 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push esi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D09D9B second address: D09DA0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D09DA0 second address: D09DC3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F900CFF60E2h 0x00000009 jns 00007F900CFF60D6h 0x0000000f pushad 0x00000010 popad 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 push edi 0x00000015 pop edi 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D09DC3 second address: D09DC7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0A0B6 second address: D0A0C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0A0C0 second address: D0A0C8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0A0C8 second address: D0A0CD instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0A0CD second address: D0A0D7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pushad 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0BA79 second address: D0BA93 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F900CFF60E3h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D10093 second address: D1009A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D1009A second address: D10126 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov dword ptr [esp], eax 0x0000000a push 00000000h 0x0000000c push esi 0x0000000d call 00007F900CFF60D8h 0x00000012 pop esi 0x00000013 mov dword ptr [esp+04h], esi 0x00000017 add dword ptr [esp+04h], 00000019h 0x0000001f inc esi 0x00000020 push esi 0x00000021 ret 0x00000022 pop esi 0x00000023 ret 0x00000024 mov dh, 39h 0x00000026 mov dword ptr [ebp+122D2FB4h], ecx 0x0000002c push dword ptr [ebp+122D36D0h] 0x00000032 call 00007F900CFF60DBh 0x00000037 push eax 0x00000038 pop edx 0x00000039 pop edx 0x0000003a call 00007F900CFF60D9h 0x0000003f jmp 00007F900CFF60DAh 0x00000044 push eax 0x00000045 pushad 0x00000046 jmp 00007F900CFF60DCh 0x0000004b pushad 0x0000004c pushad 0x0000004d popad 0x0000004e jns 00007F900CFF60D6h 0x00000054 popad 0x00000055 popad 0x00000056 mov eax, dword ptr [esp+04h] 0x0000005a push eax 0x0000005b push edx 0x0000005c pushad 0x0000005d jns 00007F900CFF60D6h 0x00000063 jmp 00007F900CFF60DBh 0x00000068 popad 0x00000069 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D10126 second address: D1012C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D1012C second address: D10161 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F900CFF60D6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov eax, dword ptr [eax] 0x0000000e jmp 00007F900CFF60DEh 0x00000013 mov dword ptr [esp+04h], eax 0x00000017 push eax 0x00000018 push edx 0x00000019 jmp 00007F900CFF60E3h 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D113BE second address: D113C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007F900CB7E416h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D113C8 second address: D113CE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D113CE second address: D113D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D113D4 second address: D113D9 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BD3656 second address: BD366C instructions: 0x00000000 rdtsc 0x00000002 jne 00007F900CB7E41Eh 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BD366C second address: BD3670 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D12C26 second address: D12C44 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 jo 00007F900CB7E423h 0x0000000b jmp 00007F900CB7E41Dh 0x00000010 push eax 0x00000011 push edx 0x00000012 push esi 0x00000013 pop esi 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D12C44 second address: D12C48 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 5180C1A second address: 5180C2D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F900CB7E41Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 5180C2D second address: 5180D28 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop esi 0x00000005 mov dx, 0F36h 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov ecx, dword ptr [eax+00000FDCh] 0x00000012 jmp 00007F900CFF60DDh 0x00000017 test ecx, ecx 0x00000019 pushad 0x0000001a mov edi, ecx 0x0000001c push ecx 0x0000001d pushfd 0x0000001e jmp 00007F900CFF60DFh 0x00000023 adc ecx, 1E9DEC6Eh 0x00000029 jmp 00007F900CFF60E9h 0x0000002e popfd 0x0000002f pop esi 0x00000030 popad 0x00000031 jns 00007F900CFF6115h 0x00000037 pushad 0x00000038 pushfd 0x00000039 jmp 00007F900CFF60DDh 0x0000003e sub si, B4A6h 0x00000043 jmp 00007F900CFF60E1h 0x00000048 popfd 0x00000049 movzx ecx, dx 0x0000004c popad 0x0000004d add eax, ecx 0x0000004f jmp 00007F900CFF60E3h 0x00000054 mov eax, dword ptr [eax+00000860h] 0x0000005a jmp 00007F900CFF60E6h 0x0000005f test eax, eax 0x00000061 pushad 0x00000062 push ecx 0x00000063 mov edi, 29F5E8C0h 0x00000068 pop edx 0x00000069 mov ecx, 57790CB5h 0x0000006e popad 0x0000006f je 00007F907D8AC140h 0x00000075 jmp 00007F900CFF60E0h 0x0000007a test byte ptr [eax+04h], 00000005h 0x0000007e push eax 0x0000007f push edx 0x00000080 jmp 00007F900CFF60E7h 0x00000085 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 5180D28 second address: 5180D2E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 5180D2E second address: 5180D32 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 5180D32 second address: 5180D36 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C22F5D second address: C22F62 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C22F62 second address: C22F68 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |