Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://127.0.0.1:27060 |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/account/cookiepreferences/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/privacy_agreement/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/subscriber_agreement/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://www.valvesoftware.com/legal.htm |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://api.steampowered.com/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://avatars.akamai.steamstatic |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://avatars.akamai.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb |
Source: file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://avatars.akamai.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://broadcast.st.dl.eccdnx.com |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://checkout.steampowered.com/ |
Source: file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akam |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akam=S |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akama0Q |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/pu |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/puQ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/applications/community/main.css?v=2Ih2WOq7ErXY&a |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/globalv2.css?v=PAcV2zMBzzSV&l=english |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/p |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/promo/summer2017/stickers.css?v=HA2Yr5oy3FFG& |
Source: file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/skin_1/header.css?v=NFoCa4OkAxRb&l=english |
Source: file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/skin_1/modalContent.css?v=.VpiwkLAYt9r1 |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/skin_1/profilev2.css?v=M_qL4gO2sKII&l=engli |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/skin_1/profilev2.css?v=M_qL4gO2sKII&l=englis |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/images/skin_1/arrowDn9x5.gif |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1 |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascri |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6 |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/applications/community/main.js?v=Gu9gs5hf |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/applications/community/manifest.js?v=M7aU |
Source: file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/global.js?v=9OzcxMXbaV84&l=english |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isF |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/modalContent.js?v=f2hMA1v9Zkc8&l=engl |
Source: file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/profile.js?v=f3vWO7swdDq |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/profile.js?v=f3vWO7swdDqp&l=english |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/promo/stickers.js?v=upl9NJ5D2xkP&l=en |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/reportedcontent.js?v=dAtjbcZMWhSe&l=e |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/scriptaculous/_com |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL |
Source: file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/webui/clientcom.js?v=IZH_ONwLX4kw&l=e |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/buttons.css?v=PUJIfhtcQn7W&l=english |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/motiva_s |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/motiva_sans.css?v= |
Source: file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/motiva_sans.css?v=-DH0xTYpnVe2&l=engl |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/shared_global.css?v=ezWS9te9Zwm9&l=en |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/shared_responsive.css?v=sHIIcMzCffX6& |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016 |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/responsive/header_logo.png |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1& |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/shared |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/shared_global.js?v=REEGJU1hwkYl&am |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=pSv |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0 |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://help.steampowered.com/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://help.steampowered.com/en/ |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://login.steampowered.com/ |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lv.queniujq.cn |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://medal.tv |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://player.vimeo.com |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://recaptcha.net |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://recaptcha.net/recaptcha/; |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://s.ytimg.com; |
Source: file.exe, 00000000.00000003.2081999136.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081775776.0000000001343000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sergei-esenin.com/ |
Source: file.exe, 00000000.00000003.2081775776.000000000132E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100358321.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081999136.0000000001383000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sergei-esenin.com/api |
Source: file.exe, 00000000.00000002.2100236403.000000000132E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sergei-esenin.com/api3 |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100358321.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081999136.0000000001383000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sergei-esenin.com/api; |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sketchfab.com |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steam.tv/ |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcast-test.akamaized.net |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcast.akamaized.net |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcastchat.akamaized.net |
Source: file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/?subsection=broadcasts |
Source: file.exe, 00000000.00000002.2100236403.0000000001343000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081775776.0000000001343000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/Q |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/discussions/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/login/h |
Source: file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900 |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/market/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/my/wish |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/my/wishlist/ |
Source: file.exe, 00000000.00000002.2100236403.0000000001343000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081775776.0000000001343000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900 |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900/badges |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900/inventory/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/workshop/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steam |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowe |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampower |
Source: file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/ |
Source: file.exe, 00000000.00000003.2081775776.0000000001361000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072046452.0000000001362000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100332469.0000000001365000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/; |
Source: file.exe, 00000000.00000003.2081775776.0000000001361000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072046452.0000000001362000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100332469.0000000001365000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7Cd7fb65801182a5f |
Source: file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/about/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/explore/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/legal/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/mobile |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/ne |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/news/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/points/shop/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/privacy_agreement/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/stats/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/steam_refunds/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013B6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100399719.00000000013BA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/subscriber_agreement/ |
Source: file.exe, 00000000.00000003.2081775776.0000000001361000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072046452.0000000001362000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2100332469.0000000001365000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://studennotediw.store/apiS |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com/recaptcha/ |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.gstatic.cn/recaptcha/ |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.gstatic.com/recaptcha/ |
Source: file.exe, 00000000.00000003.2072046452.0000000001383000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2081357113.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2082091302.00000000013C1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2072114175.00000000013BF000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.youtube.com |
Source: file.exe, 00000000.00000003.2081942146.0000000001364000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.youtube.com/ |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8ED9D2 second address: 8ED9E6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 ja 00007F71106F0266h 0x0000000a jmp 00007F71106F026Ah 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8DE34A second address: 8DE358 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push edi 0x00000004 pop edi 0x00000005 pop esi 0x00000006 push eax 0x00000007 push edx 0x00000008 jp 00007F711103FB36h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8F0132 second address: 8F01B9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 popad 0x00000006 pop eax 0x00000007 jmp 00007F71106F0275h 0x0000000c push 00000003h 0x0000000e mov cx, E9E7h 0x00000012 push 00000000h 0x00000014 sub dword ptr [ebp+122D2E85h], esi 0x0000001a push 00000003h 0x0000001c sub dword ptr [ebp+122D1857h], eax 0x00000022 push 9F6D0F20h 0x00000027 jp 00007F71106F0276h 0x0000002d jmp 00007F71106F0270h 0x00000032 xor dword ptr [esp], 5F6D0F20h 0x00000039 sub dword ptr [ebp+122D1E71h], eax 0x0000003f lea ebx, dword ptr [ebp+1245FF90h] 0x00000045 push 00000000h 0x00000047 push esi 0x00000048 call 00007F71106F0268h 0x0000004d pop esi 0x0000004e mov dword ptr [esp+04h], esi 0x00000052 add dword ptr [esp+04h], 00000014h 0x0000005a inc esi 0x0000005b push esi 0x0000005c ret 0x0000005d pop esi 0x0000005e ret 0x0000005f xchg eax, ebx 0x00000060 push eax 0x00000061 push edx 0x00000062 push eax 0x00000063 push edx 0x00000064 jnp 00007F71106F0266h 0x0000006a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8F01B9 second address: 8F01C3 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F711103FB36h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8F022D second address: 8F0247 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F71106F0276h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8F0247 second address: 8F0251 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F711103FB3Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8F0251 second address: 8F02ED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 xor dword ptr [esp], 3A50ED44h 0x0000000d push 00000000h 0x0000000f push ebp 0x00000010 call 00007F71106F0268h 0x00000015 pop ebp 0x00000016 mov dword ptr [esp+04h], ebp 0x0000001a add dword ptr [esp+04h], 0000001Ah 0x00000022 inc ebp 0x00000023 push ebp 0x00000024 ret 0x00000025 pop ebp 0x00000026 ret 0x00000027 mov edx, 6EC451EDh 0x0000002c push 00000003h 0x0000002e mov cl, 3Bh 0x00000030 push 00000000h 0x00000032 and edx, dword ptr [ebp+122D2AECh] 0x00000038 push 00000003h 0x0000003a mov dword ptr [ebp+122D1BD4h], edi 0x00000040 push C79E2E80h 0x00000045 pushad 0x00000046 pushad 0x00000047 push esi 0x00000048 pop esi 0x00000049 push eax 0x0000004a pop eax 0x0000004b popad 0x0000004c push esi 0x0000004d push ecx 0x0000004e pop ecx 0x0000004f pop esi 0x00000050 popad 0x00000051 xor dword ptr [esp], 079E2E80h 0x00000058 jl 00007F71106F026Bh 0x0000005e jc 00007F71106F0276h 0x00000064 jmp 00007F71106F0270h 0x00000069 lea ebx, dword ptr [ebp+1245FF99h] 0x0000006f mov dword ptr [ebp+122D1BD4h], esi 0x00000075 xchg eax, ebx 0x00000076 push eax 0x00000077 push edx 0x00000078 jg 00007F71106F026Ch 0x0000007e jbe 00007F71106F0266h 0x00000084 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8F03BD second address: 8F03C3 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8F03C3 second address: 8F03C9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8F03C9 second address: 8F03CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8F03CD second address: 8F047D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edi 0x0000000a push eax 0x0000000b push edx 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pop edi 0x0000000f nop 0x00000010 mov dword ptr [ebp+122D2E59h], ecx 0x00000016 push 00000000h 0x00000018 and ecx, dword ptr [ebp+122D2BC4h] 0x0000001e push 689B03D5h 0x00000023 jmp 00007F71106F0272h 0x00000028 xor dword ptr [esp], 689B0355h 0x0000002f pushad 0x00000030 jmp 00007F71106F0276h 0x00000035 mov edx, esi 0x00000037 popad 0x00000038 push 00000003h 0x0000003a mov dword ptr [ebp+122D1BD4h], edx 0x00000040 push 00000000h 0x00000042 mov dword ptr [ebp+122D22CFh], ecx 0x00000048 push 00000003h 0x0000004a mov ecx, dword ptr [ebp+122D29ECh] 0x00000050 call 00007F71106F0269h 0x00000055 jmp 00007F71106F0272h 0x0000005a push eax 0x0000005b jg 00007F71106F0278h 0x00000061 mov eax, dword ptr [esp+04h] 0x00000065 push eax 0x00000066 push edx 0x00000067 push eax 0x00000068 push edx 0x00000069 jnp 00007F71106F0266h 0x0000006f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8F047D second address: 8F0483 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8F0483 second address: 8F04A5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F71106F0272h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [eax] 0x0000000b push eax 0x0000000c push edx 0x0000000d push edi 0x0000000e jnl 00007F71106F0266h 0x00000014 pop edi 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8F04A5 second address: 8F0501 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB3Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp+04h], eax 0x0000000d jmp 00007F711103FB45h 0x00000012 pop eax 0x00000013 add esi, dword ptr [ebp+122D293Ch] 0x00000019 lea ebx, dword ptr [ebp+1245FFA4h] 0x0000001f push ecx 0x00000020 mov edi, dword ptr [ebp+122D2A58h] 0x00000026 pop edi 0x00000027 xchg eax, ebx 0x00000028 push eax 0x00000029 jmp 00007F711103FB45h 0x0000002e pop eax 0x0000002f push eax 0x00000030 push ebx 0x00000031 push ebx 0x00000032 push eax 0x00000033 push edx 0x00000034 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 902BD8 second address: 902C0E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F71106F0275h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push edi 0x0000000d jmp 00007F71106F0278h 0x00000012 pop edi 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 911970 second address: 911974 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 911974 second address: 91197A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91197A second address: 911982 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 911982 second address: 911986 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8E4F75 second address: 8E4F86 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB3Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8E4F86 second address: 8E4FA0 instructions: 0x00000000 rdtsc 0x00000002 je 00007F71106F0275h 0x00000008 jmp 00007F71106F026Fh 0x0000000d push ecx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 90F82B second address: 90F82F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 90F82F second address: 90F843 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jnp 00007F71106F0266h 0x0000000e je 00007F71106F0266h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 90F843 second address: 90F865 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F711103FB36h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F711103FB44h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 90F865 second address: 90F86B instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 90FA1D second address: 90FA46 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F711103FB49h 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F711103FB3Ch 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 90FB7F second address: 90FBA0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jo 00007F71106F0266h 0x0000000d ja 00007F71106F0266h 0x00000013 push edx 0x00000014 pop edx 0x00000015 pushad 0x00000016 popad 0x00000017 popad 0x00000018 push esi 0x00000019 ja 00007F71106F0266h 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 90FBA0 second address: 90FBC8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push esi 0x00000006 jmp 00007F711103FB44h 0x0000000b pop esi 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F711103FB3Ah 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 90FBC8 second address: 90FBD8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edx 0x00000004 pop edx 0x00000005 push ecx 0x00000006 pop ecx 0x00000007 popad 0x00000008 jbe 00007F71106F026Ch 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 90FCEE second address: 90FD06 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB3Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push edi 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 90FD06 second address: 90FD0A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 90FD0A second address: 90FD0E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 90FE7E second address: 90FE86 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 push edi 0x00000007 pop edi 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91055D second address: 9105A1 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 jmp 00007F711103FB3Fh 0x00000008 jmp 00007F711103FB3Ch 0x0000000d pop edx 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jc 00007F711103FB38h 0x00000018 pushad 0x00000019 popad 0x0000001a jmp 00007F711103FB49h 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 910719 second address: 910735 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 jmp 00007F71106F026Ch 0x0000000d je 00007F71106F0266h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 910735 second address: 91073A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91073A second address: 910744 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push edi 0x00000004 pop edi 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91089C second address: 9108A0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9109EA second address: 9109EE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9109EE second address: 9109F4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9109F4 second address: 910A02 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edi 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 pop edi 0x0000000a push eax 0x0000000b push edx 0x0000000c push esi 0x0000000d pop esi 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 911269 second address: 911282 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB41h 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 911282 second address: 911296 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F71106F0270h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9155A9 second address: 9155AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9155AD second address: 9155B3 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9155B3 second address: 9155B9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9155B9 second address: 9155BD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9155BD second address: 9155CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9155CB second address: 9155D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9155D2 second address: 9155D8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 916689 second address: 916699 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F71106F026Bh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 916699 second address: 9166C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b jnl 00007F711103FB45h 0x00000011 mov eax, dword ptr [eax] 0x00000013 push eax 0x00000014 push eax 0x00000015 push edx 0x00000016 jnc 00007F711103FB36h 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9166C4 second address: 9166DD instructions: 0x00000000 rdtsc 0x00000002 je 00007F71106F0266h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop eax 0x0000000b mov dword ptr [esp+04h], eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push edi 0x00000012 je 00007F71106F0266h 0x00000018 pop edi 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91C4CD second address: 91C4DA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jng 00007F711103FB36h 0x00000009 push eax 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91C4DA second address: 91C4F8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a jmp 00007F71106F0272h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91C4F8 second address: 91C4FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91B90D second address: 91B949 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F71106F026Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jnp 00007F71106F0266h 0x00000010 pushad 0x00000011 popad 0x00000012 pop eax 0x00000013 push ebx 0x00000014 pushad 0x00000015 popad 0x00000016 pop ebx 0x00000017 jo 00007F71106F026Eh 0x0000001d jp 00007F71106F0266h 0x00000023 pushad 0x00000024 popad 0x00000025 popad 0x00000026 push eax 0x00000027 push edx 0x00000028 push eax 0x00000029 push edx 0x0000002a push edx 0x0000002b pop edx 0x0000002c je 00007F71106F0266h 0x00000032 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91B949 second address: 91B973 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB48h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jc 00007F711103FB3Eh 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91B973 second address: 91B978 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91B978 second address: 91B980 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91BAF0 second address: 91BB04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F71106F0270h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91BB04 second address: 91BB32 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB42h 0x00000007 jmp 00007F711103FB3Dh 0x0000000c pop edx 0x0000000d pop eax 0x0000000e js 00007F711103FB55h 0x00000014 push edx 0x00000015 pushad 0x00000016 popad 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91BD9A second address: 91BDA0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91C041 second address: 91C047 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91C372 second address: 91C376 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91D7C5 second address: 91D7CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91D7CE second address: 91D7D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91D7D2 second address: 91D7D6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91D884 second address: 91D8A2 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F71106F026Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov eax, dword ptr [esp+04h] 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 jp 00007F71106F0266h 0x00000017 pop eax 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91D8A2 second address: 91D8AC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jbe 00007F711103FB36h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91D8AC second address: 91D8C9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F71106F026Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov eax, dword ptr [eax] 0x0000000d push eax 0x0000000e push edx 0x0000000f push edi 0x00000010 jnp 00007F71106F0266h 0x00000016 pop edi 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91D8C9 second address: 91D8E2 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F711103FB3Ch 0x00000008 jng 00007F711103FB36h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 mov dword ptr [esp+04h], eax 0x00000014 push ebx 0x00000015 push eax 0x00000016 push edx 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91D8E2 second address: 91D8E6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91DB67 second address: 91DB71 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jl 00007F711103FB36h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91E516 second address: 91E538 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F71106F0274h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e push edx 0x0000000f pop edx 0x00000010 push edx 0x00000011 pop edx 0x00000012 popad 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91EAC4 second address: 91EAD1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91EAD1 second address: 91EAD5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91EAD5 second address: 91EADF instructions: 0x00000000 rdtsc 0x00000002 jno 00007F711103FB36h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 91F029 second address: 91F08C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 push eax 0x00000008 jmp 00007F71106F0279h 0x0000000d nop 0x0000000e mov dword ptr [ebp+122D1BB8h], eax 0x00000014 push 00000000h 0x00000016 push 00000000h 0x00000018 push 00000000h 0x0000001a push edx 0x0000001b call 00007F71106F0268h 0x00000020 pop edx 0x00000021 mov dword ptr [esp+04h], edx 0x00000025 add dword ptr [esp+04h], 00000014h 0x0000002d inc edx 0x0000002e push edx 0x0000002f ret 0x00000030 pop edx 0x00000031 ret 0x00000032 jmp 00007F71106F0270h 0x00000037 xchg eax, ebx 0x00000038 push ebx 0x00000039 pushad 0x0000003a jbe 00007F71106F0266h 0x00000040 push eax 0x00000041 push edx 0x00000042 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9215CC second address: 9215D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 924269 second address: 92427E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F71106F026Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push ebx 0x0000000d pushad 0x0000000e popad 0x0000000f pop ebx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 927246 second address: 92724A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9277C9 second address: 927838 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F71106F0266h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ecx 0x0000000b js 00007F71106F0266h 0x00000011 pop ecx 0x00000012 popad 0x00000013 nop 0x00000014 push 00000000h 0x00000016 push edi 0x00000017 call 00007F71106F0268h 0x0000001c pop edi 0x0000001d mov dword ptr [esp+04h], edi 0x00000021 add dword ptr [esp+04h], 00000014h 0x00000029 inc edi 0x0000002a push edi 0x0000002b ret 0x0000002c pop edi 0x0000002d ret 0x0000002e mov ebx, dword ptr [ebp+122D1976h] 0x00000034 mov dword ptr [ebp+124616D0h], esi 0x0000003a push 00000000h 0x0000003c mov ebx, dword ptr [ebp+122D28F0h] 0x00000042 push 00000000h 0x00000044 je 00007F71106F0266h 0x0000004a xchg eax, esi 0x0000004b jmp 00007F71106F0278h 0x00000050 push eax 0x00000051 push esi 0x00000052 jng 00007F71106F026Ch 0x00000058 push eax 0x00000059 push edx 0x0000005a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 929734 second address: 929738 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 929738 second address: 92977D instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F71106F0266h 0x00000008 jmp 00007F71106F026Eh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push edi 0x00000010 jmp 00007F71106F0278h 0x00000015 ja 00007F71106F0266h 0x0000001b pop edi 0x0000001c popad 0x0000001d push eax 0x0000001e push edx 0x0000001f push eax 0x00000020 push edx 0x00000021 jnl 00007F71106F0266h 0x00000027 pushad 0x00000028 popad 0x00000029 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 92977D second address: 929789 instructions: 0x00000000 rdtsc 0x00000002 je 00007F711103FB36h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 929789 second address: 92978F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 92978F second address: 929795 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 929795 second address: 929799 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 929799 second address: 92979F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 92AC8E second address: 92ACC5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007F71106F026Ch 0x0000000a popad 0x0000000b nop 0x0000000c sub ebx, 44763903h 0x00000012 push 00000000h 0x00000014 mov dword ptr [ebp+122D17F2h], ecx 0x0000001a push 00000000h 0x0000001c mov bx, cx 0x0000001f xchg eax, esi 0x00000020 push ebx 0x00000021 pushad 0x00000022 jmp 00007F71106F026Dh 0x00000027 push eax 0x00000028 push edx 0x00000029 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 929F0B second address: 929F13 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 92ACC5 second address: 92ACD5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push ecx 0x00000008 push eax 0x00000009 push edx 0x0000000a ja 00007F71106F0266h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 92D2D6 second address: 92D34A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB49h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c push 00000000h 0x0000000e push edx 0x0000000f call 00007F711103FB38h 0x00000014 pop edx 0x00000015 mov dword ptr [esp+04h], edx 0x00000019 add dword ptr [esp+04h], 00000019h 0x00000021 inc edx 0x00000022 push edx 0x00000023 ret 0x00000024 pop edx 0x00000025 ret 0x00000026 and di, 4876h 0x0000002b push 00000000h 0x0000002d jmp 00007F711103FB3Ch 0x00000032 push 00000000h 0x00000034 mov bx, si 0x00000037 xchg eax, esi 0x00000038 push ecx 0x00000039 jg 00007F711103FB42h 0x0000003f pop ecx 0x00000040 push eax 0x00000041 push edi 0x00000042 push eax 0x00000043 push edx 0x00000044 push eax 0x00000045 push edx 0x00000046 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 92D34A second address: 92D34E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 92E1FF second address: 92E203 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 92E203 second address: 92E248 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 mov dword ptr [esp], eax 0x0000000a sub dword ptr [ebp+122D389Ch], ecx 0x00000010 mov bx, dx 0x00000013 push 00000000h 0x00000015 xor dword ptr [ebp+1248325Fh], ebx 0x0000001b push 00000000h 0x0000001d push 00000000h 0x0000001f push esi 0x00000020 call 00007F71106F0268h 0x00000025 pop esi 0x00000026 mov dword ptr [esp+04h], esi 0x0000002a add dword ptr [esp+04h], 00000019h 0x00000032 inc esi 0x00000033 push esi 0x00000034 ret 0x00000035 pop esi 0x00000036 ret 0x00000037 xchg eax, esi 0x00000038 push eax 0x00000039 push edx 0x0000003a push edx 0x0000003b pushad 0x0000003c popad 0x0000003d pop edx 0x0000003e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 92E248 second address: 92E252 instructions: 0x00000000 rdtsc 0x00000002 js 00007F711103FB3Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 92F481 second address: 92F487 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9311E9 second address: 931208 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 pushad 0x00000008 jmp 00007F711103FB43h 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 931208 second address: 93120C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 93120C second address: 931260 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 nop 0x00000008 mov ebx, dword ptr [ebp+122D1D17h] 0x0000000e push 00000000h 0x00000010 adc bh, 00000020h 0x00000013 push 00000000h 0x00000015 push 00000000h 0x00000017 push esi 0x00000018 call 00007F711103FB38h 0x0000001d pop esi 0x0000001e mov dword ptr [esp+04h], esi 0x00000022 add dword ptr [esp+04h], 00000015h 0x0000002a inc esi 0x0000002b push esi 0x0000002c ret 0x0000002d pop esi 0x0000002e ret 0x0000002f mov ebx, 59A44051h 0x00000034 push eax 0x00000035 pushad 0x00000036 jmp 00007F711103FB48h 0x0000003b push ebx 0x0000003c push eax 0x0000003d push edx 0x0000003e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 932343 second address: 9323DA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F71106F0279h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a push edx 0x0000000b mov edi, dword ptr [ebp+122D1A34h] 0x00000011 pop ebx 0x00000012 movzx edi, si 0x00000015 push 00000000h 0x00000017 push 00000000h 0x00000019 push edi 0x0000001a call 00007F71106F0268h 0x0000001f pop edi 0x00000020 mov dword ptr [esp+04h], edi 0x00000024 add dword ptr [esp+04h], 00000018h 0x0000002c inc edi 0x0000002d push edi 0x0000002e ret 0x0000002f pop edi 0x00000030 ret 0x00000031 mov edi, 335A3AE4h 0x00000036 sub bx, 0AE1h 0x0000003b push 00000000h 0x0000003d push 00000000h 0x0000003f push ebp 0x00000040 call 00007F71106F0268h 0x00000045 pop ebp 0x00000046 mov dword ptr [esp+04h], ebp 0x0000004a add dword ptr [esp+04h], 00000014h 0x00000052 inc ebp 0x00000053 push ebp 0x00000054 ret 0x00000055 pop ebp 0x00000056 ret 0x00000057 jno 00007F71106F026Fh 0x0000005d mov edi, dword ptr [ebp+122D1C2Ch] 0x00000063 push eax 0x00000064 push eax 0x00000065 push edx 0x00000066 jo 00007F71106F026Ch 0x0000006c jns 00007F71106F0266h 0x00000072 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9323DA second address: 9323E0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 933474 second address: 93347A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 93347A second address: 933499 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB3Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e je 00007F711103FB3Ch 0x00000014 jnl 00007F711103FB36h 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 933499 second address: 93350D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F71106F026Bh 0x00000008 pushad 0x00000009 popad 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d nop 0x0000000e or ebx, 389D8991h 0x00000014 push 00000000h 0x00000016 push 00000000h 0x00000018 push ebp 0x00000019 call 00007F71106F0268h 0x0000001e pop ebp 0x0000001f mov dword ptr [esp+04h], ebp 0x00000023 add dword ptr [esp+04h], 00000014h 0x0000002b inc ebp 0x0000002c push ebp 0x0000002d ret 0x0000002e pop ebp 0x0000002f ret 0x00000030 pushad 0x00000031 mov bx, A849h 0x00000035 mov ecx, dword ptr [ebp+122D1DE8h] 0x0000003b popad 0x0000003c push 00000000h 0x0000003e jc 00007F71106F0283h 0x00000044 call 00007F71106F0276h 0x00000049 sub ebx, 5267E321h 0x0000004f pop edi 0x00000050 xchg eax, esi 0x00000051 jnc 00007F71106F0270h 0x00000057 push eax 0x00000058 push edx 0x00000059 push esi 0x0000005a pop esi 0x0000005b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 935187 second address: 93518B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 93518B second address: 935198 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F71106F0266h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 933614 second address: 93368A instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push eax 0x0000000a jnp 00007F711103FB36h 0x00000010 pop eax 0x00000011 pop eax 0x00000012 nop 0x00000013 push 00000000h 0x00000015 push ecx 0x00000016 call 00007F711103FB38h 0x0000001b pop ecx 0x0000001c mov dword ptr [esp+04h], ecx 0x00000020 add dword ptr [esp+04h], 0000001Ah 0x00000028 inc ecx 0x00000029 push ecx 0x0000002a ret 0x0000002b pop ecx 0x0000002c ret 0x0000002d pushad 0x0000002e movsx edi, cx 0x00000031 popad 0x00000032 push dword ptr fs:[00000000h] 0x00000039 mov di, ax 0x0000003c mov dword ptr fs:[00000000h], esp 0x00000043 mov bh, ch 0x00000045 mov eax, dword ptr [ebp+122D06ADh] 0x0000004b pushad 0x0000004c sub esi, dword ptr [ebp+122D2A00h] 0x00000052 mov edi, ecx 0x00000054 popad 0x00000055 push FFFFFFFFh 0x00000057 add edi, 31B9F708h 0x0000005d push eax 0x0000005e push eax 0x0000005f push edx 0x00000060 pushad 0x00000061 jg 00007F711103FB36h 0x00000067 je 00007F711103FB36h 0x0000006d popad 0x0000006e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 93458E second address: 9345A1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F71106F026Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 93819B second address: 93819F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9372F2 second address: 937313 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F71106F0276h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push esi 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 937313 second address: 937318 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 93921A second address: 93921E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9392AE second address: 9392C2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB40h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9392C2 second address: 9392CC instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F71106F026Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 93BEA0 second address: 93BEAD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 je 00007F711103FB36h 0x0000000c popad 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8E17E6 second address: 8E17F4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F71106F0266h 0x0000000a push ebx 0x0000000b pop ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8E17F4 second address: 8E181B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push edi 0x00000006 jmp 00007F711103FB48h 0x0000000b pushad 0x0000000c popad 0x0000000d pop edi 0x0000000e pop eax 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 push ebx 0x00000013 pop ebx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8E181B second address: 8E1830 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F71106F0271h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9465BD second address: 9465C7 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F711103FB36h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 94D924 second address: 94D928 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 94D928 second address: 94D957 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB41h 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jl 00007F711103FB42h 0x00000011 ja 00007F711103FB36h 0x00000017 jbe 00007F711103FB36h 0x0000001d push eax 0x0000001e push edx 0x0000001f push eax 0x00000020 push edx 0x00000021 push ecx 0x00000022 pop ecx 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 94D957 second address: 94D95D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 94E41D second address: 94E421 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 94E55E second address: 94E582 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 js 00007F71106F0266h 0x0000000d jmp 00007F71106F0277h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 94E84F second address: 94E853 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 94E853 second address: 94E86A instructions: 0x00000000 rdtsc 0x00000002 jng 00007F71106F0266h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f jp 00007F71106F0266h 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 94E86A second address: 94E86E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 94E86E second address: 94E8A2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F71106F0278h 0x00000007 jng 00007F71106F0266h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push edx 0x00000012 pop edx 0x00000013 jmp 00007F71106F026Eh 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 94E8A2 second address: 94E8A8 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 94E8A8 second address: 94E8C6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F71106F0278h 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 94EA18 second address: 94EA33 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB47h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 94EA33 second address: 94EA47 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F71106F026Ah 0x00000008 pushad 0x00000009 popad 0x0000000a push edi 0x0000000b pop edi 0x0000000c jg 00007F71106F0272h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 94EA47 second address: 94EA4D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 94EA4D second address: 94EA70 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 pushad 0x0000000a popad 0x0000000b jmp 00007F71106F026Ch 0x00000010 pushad 0x00000011 popad 0x00000012 popad 0x00000013 pushad 0x00000014 jns 00007F71106F0266h 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 94EA70 second address: 94EA87 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 jmp 00007F711103FB40h 0x0000000b popad 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 94EA87 second address: 94EA99 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F71106F026Dh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 951F7E second address: 951FAC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F711103FB47h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f jmp 00007F711103FB3Dh 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8DAC36 second address: 8DAC46 instructions: 0x00000000 rdtsc 0x00000002 js 00007F71106F0272h 0x00000008 jo 00007F71106F0266h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 957A17 second address: 957A21 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F711103FB36h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 957A21 second address: 957A40 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 pushad 0x00000008 jmp 00007F71106F0271h 0x0000000d push eax 0x0000000e push edx 0x0000000f push esi 0x00000010 pop esi 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 957A40 second address: 957A44 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 957A44 second address: 957A4E instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 957A4E second address: 957A52 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8DFD21 second address: 8DFD2C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push esi 0x0000000a pop esi 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8DFD2C second address: 8DFD3E instructions: 0x00000000 rdtsc 0x00000002 jp 00007F711103FB36h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jng 00007F711103FB3Eh 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9564BC second address: 9564C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9564C0 second address: 9564C6 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9564C6 second address: 9564CC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9564CC second address: 9564D2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9564D2 second address: 9564D6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 95692E second address: 956932 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 956932 second address: 95694E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F71106F0271h 0x00000008 pushad 0x00000009 popad 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d push esi 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 956D1A second address: 956D36 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB48h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 956D36 second address: 956D3C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 956D3C second address: 956D46 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F711103FB42h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 956D46 second address: 956D4C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 956EAC second address: 956EB1 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 956EB1 second address: 956EB7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 956EB7 second address: 956EC4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 956EC4 second address: 956EC8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 956EC8 second address: 956EF3 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F711103FB36h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jmp 00007F711103FB43h 0x00000010 jnc 00007F711103FB36h 0x00000016 jne 00007F711103FB36h 0x0000001c popad 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9069E5 second address: 9069EF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007F71106F0266h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9069EF second address: 9069F5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9069F5 second address: 9069FB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9069FB second address: 906A01 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 906A01 second address: 906A1C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 pushad 0x0000000a jmp 00007F71106F026Fh 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 906A1C second address: 906A46 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 jmp 00007F711103FB41h 0x0000000c jmp 00007F711103FB3Ah 0x00000011 jo 00007F711103FB3Ch 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8E3386 second address: 8E338A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 8E338A second address: 8E338E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 95D747 second address: 95D74B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 95D74B second address: 95D782 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F711103FB3Dh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jp 00007F711103FB51h 0x00000011 ja 00007F711103FB36h 0x00000017 jmp 00007F711103FB45h 0x0000001c pushad 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 95D782 second address: 95D793 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F71106F0266h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 95D793 second address: 95D797 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 95C62F second address: 95C633 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 95C633 second address: 95C655 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F711103FB44h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c pushad 0x0000000d popad 0x0000000e pushad 0x0000000f popad 0x00000010 push ebx 0x00000011 pop ebx 0x00000012 popad 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 95C655 second address: 95C65F instructions: 0x00000000 rdtsc 0x00000002 jl 00007F71106F0272h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 95C65F second address: 95C686 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007F711103FB36h 0x0000000a jmp 00007F711103FB44h 0x0000000f pop edx 0x00000010 pop eax 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 push ebx 0x00000015 pop ebx 0x00000016 push eax 0x00000017 pop eax 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 95C686 second address: 95C69E instructions: 0x00000000 rdtsc 0x00000002 jc 00007F71106F0266h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push esi 0x0000000c pop esi 0x0000000d jnc 00007F71106F0266h 0x00000013 popad 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 95C69E second address: 95C6A2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 95C9B0 second address: 95C9BA instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 95C9BA second address: 95C9BE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 95CB34 second address: 95CB50 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F71106F0274h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 95BFA2 second address: 95BFB9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F711103FB41h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 95CFBE second address: 95CFC7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pushad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 95D438 second address: 95D446 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 pushad 0x00000006 popad 0x00000007 pop ecx 0x00000008 push eax 0x00000009 push edx 0x0000000a push ebx 0x0000000b pop ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 95D446 second address: 95D44A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 961924 second address: 96192E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007F711103FB36h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 925392 second address: 9253A0 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9253A0 second address: 9253B3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB3Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9253B3 second address: 9253C8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F71106F0271h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9253C8 second address: 92540B instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F711103FB36h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d push ecx 0x0000000e mov edx, dword ptr [ebp+122D3887h] 0x00000014 pop edi 0x00000015 lea eax, dword ptr [ebp+12495126h] 0x0000001b jmp 00007F711103FB3Eh 0x00000020 nop 0x00000021 push ebx 0x00000022 push eax 0x00000023 push edx 0x00000024 jmp 00007F711103FB46h 0x00000029 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9254E2 second address: 9254E8 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 92585D second address: 925863 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 925863 second address: 925869 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 92598E second address: 925994 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 925994 second address: 925998 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 925998 second address: 763A71 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 jmp 00007F711103FB3Ch 0x0000000e push dword ptr [ebp+122D0F3Dh] 0x00000014 sub ecx, dword ptr [ebp+122D2C34h] 0x0000001a call dword ptr [ebp+122D20A8h] 0x00000020 pushad 0x00000021 jmp 00007F711103FB3Ah 0x00000026 jc 00007F711103FB55h 0x0000002c jg 00007F711103FB4Fh 0x00000032 xor eax, eax 0x00000034 cmc 0x00000035 mov edx, dword ptr [esp+28h] 0x00000039 cmc 0x0000003a mov dword ptr [ebp+122D2BC8h], eax 0x00000040 jmp 00007F711103FB3Bh 0x00000045 mov esi, 0000003Ch 0x0000004a jnp 00007F711103FB44h 0x00000050 pushad 0x00000051 mov eax, dword ptr [ebp+122D2C0Ch] 0x00000057 or dword ptr [ebp+122D1A09h], edx 0x0000005d popad 0x0000005e add esi, dword ptr [esp+24h] 0x00000062 mov dword ptr [ebp+122D1BDDh], edx 0x00000068 lodsw 0x0000006a jmp 00007F711103FB41h 0x0000006f add eax, dword ptr [esp+24h] 0x00000073 mov dword ptr [ebp+122D1BDDh], esi 0x00000079 mov ebx, dword ptr [esp+24h] 0x0000007d xor dword ptr [ebp+122D1BF6h], edx 0x00000083 push eax 0x00000084 jg 00007F711103FB42h 0x0000008a jns 00007F711103FB3Ch 0x00000090 push eax 0x00000091 push edx 0x00000092 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9259E4 second address: 9259E9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 925B28 second address: 925B32 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnp 00007F711103FB36h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 925B32 second address: 925B56 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jnp 00007F71106F0270h 0x0000000f xchg eax, esi 0x00000010 nop 0x00000011 push esi 0x00000012 jo 00007F71106F026Ch 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 925B56 second address: 925B6B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push esi 0x00000009 jmp 00007F711103FB3Bh 0x0000000e pop esi 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 925E78 second address: 925EE5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 pushad 0x00000006 popad 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b push 00000000h 0x0000000d push eax 0x0000000e call 00007F71106F0268h 0x00000013 pop eax 0x00000014 mov dword ptr [esp+04h], eax 0x00000018 add dword ptr [esp+04h], 00000015h 0x00000020 inc eax 0x00000021 push eax 0x00000022 ret 0x00000023 pop eax 0x00000024 ret 0x00000025 xor dx, B6A8h 0x0000002a push 00000004h 0x0000002c push 00000000h 0x0000002e push edi 0x0000002f call 00007F71106F0268h 0x00000034 pop edi 0x00000035 mov dword ptr [esp+04h], edi 0x00000039 add dword ptr [esp+04h], 00000014h 0x00000041 inc edi 0x00000042 push edi 0x00000043 ret 0x00000044 pop edi 0x00000045 ret 0x00000046 mov edi, dword ptr [ebp+122D2A68h] 0x0000004c jg 00007F71106F0271h 0x00000052 nop 0x00000053 push eax 0x00000054 push edx 0x00000055 push esi 0x00000056 jng 00007F71106F0266h 0x0000005c pop esi 0x0000005d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 925EE5 second address: 925EEA instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9263E6 second address: 9263EC instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 961BF3 second address: 961C19 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F711103FB47h 0x0000000b pushad 0x0000000c jno 00007F711103FB36h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 925B45 second address: 925B56 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 xchg eax, esi 0x00000007 nop 0x00000008 push esi 0x00000009 jo 00007F71106F026Ch 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9621C2 second address: 9621EB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB48h 0x00000007 pushad 0x00000008 pushad 0x00000009 popad 0x0000000a jmp 00007F711103FB3Ah 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 962613 second address: 962617 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 962617 second address: 96262E instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F711103FB36h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jo 00007F711103FB36h 0x00000011 pushad 0x00000012 popad 0x00000013 pushad 0x00000014 popad 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 96587B second address: 965885 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F71106F0266h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 965885 second address: 96589F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB3Dh 0x00000007 push edi 0x00000008 pop edi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 96589F second address: 9658A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9658A5 second address: 9658AB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 96925B second address: 969272 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F71106F0272h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 969272 second address: 969299 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F711103FB3Eh 0x00000009 jmp 00007F711103FB45h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 969299 second address: 9692CE instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F71106F0266h 0x00000008 jp 00007F71106F0266h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 jmp 00007F71106F0273h 0x00000015 pop edx 0x00000016 pop eax 0x00000017 push eax 0x00000018 push eax 0x00000019 push edx 0x0000001a push esi 0x0000001b pop esi 0x0000001c jmp 00007F71106F026Bh 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9692CE second address: 9692E6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB44h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9692E6 second address: 9692F7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 jno 00007F71106F0266h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 96E924 second address: 96E950 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB3Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F711103FB48h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 96E950 second address: 96E960 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 jmp 00007F71106F026Ah 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 96E960 second address: 96E97B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F711103FB47h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 96E97B second address: 96E97F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 96E675 second address: 96E679 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 96FEE2 second address: 96FEE8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 96FEE8 second address: 96FF09 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F711103FB43h 0x0000000d jnc 00007F711103FB36h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 96FF09 second address: 96FF26 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 js 00007F71106F0272h 0x0000000c popad 0x0000000d pushad 0x0000000e push edi 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 96FF26 second address: 96FF58 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F711103FB3Ah 0x00000009 pop edi 0x0000000a jmp 00007F711103FB41h 0x0000000f push eax 0x00000010 jmp 00007F711103FB3Fh 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 97538E second address: 975392 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 975392 second address: 975398 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 975AC0 second address: 975AC6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 975AC6 second address: 975ACB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 926067 second address: 92607F instructions: 0x00000000 rdtsc 0x00000002 jl 00007F71106F0266h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f pushad 0x00000010 popad 0x00000011 jo 00007F71106F0266h 0x00000017 popad 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9262A5 second address: 9262C3 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push ecx 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F711103FB44h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 97985F second address: 979864 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 979864 second address: 979869 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 97CA32 second address: 97CA3B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 97CA3B second address: 97CA45 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F711103FB36h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 97CD11 second address: 97CD1E instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b push edx 0x0000000c pop edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 97CD1E second address: 97CD22 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 97CD22 second address: 97CD2A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 97D02E second address: 97D04E instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F711103FB48h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 97D1A9 second address: 97D1B1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 97D1B1 second address: 97D1D7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jg 00007F711103FB45h 0x0000000b popad 0x0000000c push esi 0x0000000d push eax 0x0000000e push edx 0x0000000f jc 00007F711103FB36h 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 97D1D7 second address: 97D1DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 985ABB second address: 985AC5 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push edx 0x00000009 pop edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 983C42 second address: 983C46 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 983C46 second address: 983C5A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007F711103FB36h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jg 00007F711103FB3Ch 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 984068 second address: 984079 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007F71106F0266h 0x0000000a js 00007F71106F0266h 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 984079 second address: 984096 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 jmp 00007F711103FB47h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 984096 second address: 98409A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 98409A second address: 9840A0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9848C2 second address: 984900 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 jmp 00007F71106F0273h 0x0000000b jmp 00007F71106F026Bh 0x00000010 pushad 0x00000011 jnl 00007F71106F0266h 0x00000017 jmp 00007F71106F0271h 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 984F5D second address: 984F7F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push edx 0x00000007 pop edx 0x00000008 popad 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F711103FB45h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 984F7F second address: 984F83 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 984F83 second address: 984F87 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 984F87 second address: 984F96 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 popad 0x00000009 pushad 0x0000000a pushad 0x0000000b push edx 0x0000000c pop edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 98522A second address: 98522E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 98522E second address: 985234 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 985234 second address: 985239 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 985239 second address: 98523F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 985510 second address: 98552A instructions: 0x00000000 rdtsc 0x00000002 jc 00007F711103FB36h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edi 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F711103FB3Dh 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 98552A second address: 985530 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9897E3 second address: 9897F9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F711103FB3Bh 0x00000009 jno 00007F711103FB36h 0x0000000f popad 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9897F9 second address: 989811 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F71106F0272h 0x00000008 jmp 00007F71106F026Ah 0x0000000d pushad 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 989811 second address: 98981B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007F711103FB36h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 989D64 second address: 989D8E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F71106F0266h 0x0000000a jnl 00007F71106F0266h 0x00000010 popad 0x00000011 pushad 0x00000012 pushad 0x00000013 popad 0x00000014 jmp 00007F71106F0273h 0x00000019 pushad 0x0000001a popad 0x0000001b popad 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 989D8E second address: 989D93 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 989D93 second address: 989DA0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 jnl 00007F71106F0266h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 989DA0 second address: 989DAF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB3Bh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 989F25 second address: 989F29 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 989F29 second address: 989F5B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jne 00007F711103FB3Eh 0x0000000c push edx 0x0000000d jmp 00007F711103FB44h 0x00000012 push eax 0x00000013 pop eax 0x00000014 pop edx 0x00000015 popad 0x00000016 push ebx 0x00000017 push eax 0x00000018 push edx 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 989F5B second address: 989F5F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 98A228 second address: 98A22C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 98A22C second address: 98A235 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edi 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 98A235 second address: 98A24E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 popad 0x00000006 pushad 0x00000007 push edi 0x00000008 pushad 0x00000009 popad 0x0000000a ja 00007F711103FB36h 0x00000010 pop edi 0x00000011 push edx 0x00000012 pushad 0x00000013 popad 0x00000014 pop edx 0x00000015 push eax 0x00000016 push edx 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 98A24E second address: 98A252 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 98A252 second address: 98A256 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 996AD3 second address: 996B1D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F71106F0271h 0x00000007 pushad 0x00000008 jmp 00007F71106F0275h 0x0000000d jmp 00007F71106F026Dh 0x00000012 pushad 0x00000013 popad 0x00000014 popad 0x00000015 pop edx 0x00000016 pop eax 0x00000017 push eax 0x00000018 push edx 0x00000019 jmp 00007F71106F026Dh 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 994EEE second address: 994EF3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 995166 second address: 995184 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F71106F0271h 0x00000009 pushad 0x0000000a popad 0x0000000b jng 00007F71106F0266h 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9952F2 second address: 9952F7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9954AA second address: 9954C0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jnc 00007F71106F0266h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jc 00007F71106F026Eh 0x00000012 push eax 0x00000013 pop eax 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9954C0 second address: 9954C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9954C4 second address: 9954CA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9954CA second address: 9954D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9954D0 second address: 9954D4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 995925 second address: 995929 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 995929 second address: 99592D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 99592D second address: 995933 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 995933 second address: 99593C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 push edx 0x00000006 pop edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 99593C second address: 99594D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F711103FB36h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d pushad 0x0000000e push ecx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9962C6 second address: 9962CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9962CA second address: 9962D4 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F711103FB36h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 996948 second address: 99697C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F71106F0276h 0x00000007 jmp 00007F71106F026Fh 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 push edx 0x00000012 pop edx 0x00000013 jg 00007F71106F0266h 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 99697C second address: 99699B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F711103FB44h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c pushad 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 99699B second address: 9969AC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007F71106F0266h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 99F3C3 second address: 99F3DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F711103FB44h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 99F518 second address: 99F545 instructions: 0x00000000 rdtsc 0x00000002 js 00007F71106F0266h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ebx 0x0000000b pushad 0x0000000c popad 0x0000000d jo 00007F71106F0266h 0x00000013 pop ebx 0x00000014 jmp 00007F71106F0274h 0x00000019 popad 0x0000001a push ecx 0x0000001b push ecx 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9A30AA second address: 9A30B0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9A30B0 second address: 9A30C5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F71106F026Ch 0x00000007 push edx 0x00000008 pop edx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9A30C5 second address: 9A30D7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F711103FB36h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d pushad 0x0000000e push esi 0x0000000f pop esi 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9A30D7 second address: 9A30FB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 jmp 00007F71106F026Bh 0x0000000b popad 0x0000000c push ebx 0x0000000d jl 00007F71106F0266h 0x00000013 pop ebx 0x00000014 popad 0x00000015 jc 00007F71106F028Ah 0x0000001b push edx 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9AA910 second address: 9AA948 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007F711103FB36h 0x0000000a popad 0x0000000b jno 00007F711103FB5Ah 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9AA948 second address: 9AA94E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9AA7A9 second address: 9AA7AF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9AA7AF second address: 9AA7B5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9AA7B5 second address: 9AA7C2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jng 00007F711103FB36h 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9B7C66 second address: 9B7C7E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F71106F0274h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9B7C7E second address: 9B7CAC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F711103FB47h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c pushad 0x0000000d popad 0x0000000e jmp 00007F711103FB3Ch 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9B7DF3 second address: 9B7DF9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9B7DF9 second address: 9B7DFD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9B7DFD second address: 9B7E0B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jng 00007F71106F026Ch 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9BCC02 second address: 9BCC1B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 pop eax 0x00000009 jmp 00007F711103FB40h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9C44BA second address: 9C44D4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 jp 00007F71106F0266h 0x0000000d popad 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jl 00007F71106F0268h 0x00000018 pushad 0x00000019 popad 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9C44D4 second address: 9C44DA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9C44DA second address: 9C44DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9C92A1 second address: 9C92AB instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F711103FB50h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9CEC54 second address: 9CEC5C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9CEC5C second address: 9CEC67 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push edi 0x00000008 pop edi 0x00000009 push esi 0x0000000a pop esi 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9CD7F8 second address: 9CD7FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9CDA9E second address: 9CDAC8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F711103FB40h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f jmp 00007F711103FB40h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9CDAC8 second address: 9CDAD2 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F71106F0266h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9CDC55 second address: 9CDC5A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9CDC5A second address: 9CDCA9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pushad 0x00000008 jl 00007F71106F0266h 0x0000000e jmp 00007F71106F0275h 0x00000013 push eax 0x00000014 pop eax 0x00000015 popad 0x00000016 pop edx 0x00000017 pop eax 0x00000018 push eax 0x00000019 push edx 0x0000001a pushad 0x0000001b jmp 00007F71106F026Eh 0x00000020 jmp 00007F71106F026Dh 0x00000025 jne 00007F71106F0266h 0x0000002b pushad 0x0000002c popad 0x0000002d popad 0x0000002e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9CDCA9 second address: 9CDCCD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F711103FB47h 0x00000007 pushad 0x00000008 js 00007F711103FB36h 0x0000000e pushad 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9CDFCB second address: 9CDFE8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F71106F026Ch 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F71106F026Ah 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9D1693 second address: 9D16B1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 jmp 00007F711103FB3Eh 0x0000000a jno 00007F711103FB36h 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9D16B1 second address: 9D16B5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9D13B9 second address: 9D13CD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnp 00007F711103FB3Eh 0x0000000c jnl 00007F711103FB36h 0x00000012 pushad 0x00000013 popad 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 9E4086 second address: 9E40B3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F71106F026Bh 0x00000009 pushad 0x0000000a popad 0x0000000b push ecx 0x0000000c pop ecx 0x0000000d popad 0x0000000e jmp 00007F71106F0273h 0x00000013 push eax 0x00000014 push edx 0x00000015 push ebx 0x00000016 push edx 0x00000017 pop edx 0x00000018 pop ebx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A0AA62 second address: A0AA68 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A09A24 second address: A09A28 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A09A28 second address: A09A37 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 jnc 00007F711103FB36h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A09A37 second address: A09A46 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 jg 00007F71106F0266h 0x0000000e popad 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A09B6D second address: A09B71 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A09B71 second address: A09B7D instructions: 0x00000000 rdtsc 0x00000002 jp 00007F71106F0266h 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A09B7D second address: A09B88 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jns 00007F711103FB36h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A09B88 second address: A09B8E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A09B8E second address: A09BBA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F711103FB36h 0x0000000a popad 0x0000000b jnp 00007F711103FB38h 0x00000011 pop edx 0x00000012 pop eax 0x00000013 push ebx 0x00000014 push edi 0x00000015 jmp 00007F711103FB3Bh 0x0000001a pushad 0x0000001b popad 0x0000001c pop edi 0x0000001d pushad 0x0000001e push edi 0x0000001f pop edi 0x00000020 pushad 0x00000021 popad 0x00000022 push eax 0x00000023 push edx 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A0A237 second address: A0A247 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 jmp 00007F71106F026Bh 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A0A657 second address: A0A669 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F711103FB3Ah 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b popad 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A0C025 second address: A0C029 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A10049 second address: A10053 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jno 00007F711103FB36h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A10053 second address: A10057 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A1050A second address: A1050E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A1050E second address: A10519 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A10519 second address: A1056C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 mov dword ptr [esp], eax 0x00000009 push 00000000h 0x0000000b push eax 0x0000000c call 00007F711103FB38h 0x00000011 pop eax 0x00000012 mov dword ptr [esp+04h], eax 0x00000016 add dword ptr [esp+04h], 0000001Ch 0x0000001e inc eax 0x0000001f push eax 0x00000020 ret 0x00000021 pop eax 0x00000022 ret 0x00000023 or edx, dword ptr [ebp+122D2C08h] 0x00000029 push dword ptr [ebp+122D185Dh] 0x0000002f jmp 00007F711103FB3Ch 0x00000034 call 00007F711103FB39h 0x00000039 push eax 0x0000003a push edx 0x0000003b pushad 0x0000003c push eax 0x0000003d push edx 0x0000003e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A1056C second address: A10572 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A10572 second address: A10577 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A10577 second address: A10585 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push esi 0x00000004 pop esi 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A10585 second address: A1058C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A1058C second address: A10596 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jng 00007F71106F0266h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A10596 second address: A105B1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [esp+04h] 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F711103FB3Dh 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A105B1 second address: A105BB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnc 00007F71106F0266h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A11E13 second address: A11E19 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: A11E19 second address: A11E23 instructions: 0x00000000 rdtsc 0x00000002 js 00007F71106F0266h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 52E0D57 second address: 52E0DF5 instructions: 0x00000000 rdtsc 0x00000002 movsx edx, ax 0x00000005 pop edx 0x00000006 pop eax 0x00000007 popad 0x00000008 test ecx, ecx 0x0000000a pushad 0x0000000b pushfd 0x0000000c jmp 00007F711103FB3Eh 0x00000011 add ax, 5698h 0x00000016 jmp 00007F711103FB3Bh 0x0000001b popfd 0x0000001c mov bl, ch 0x0000001e popad 0x0000001f jns 00007F711103FB69h 0x00000025 jmp 00007F711103FB3Bh 0x0000002a add eax, ecx 0x0000002c pushad 0x0000002d mov si, B05Bh 0x00000031 pushfd 0x00000032 jmp 00007F711103FB40h 0x00000037 and cl, 00000028h 0x0000003a jmp 00007F711103FB3Bh 0x0000003f popfd 0x00000040 popad 0x00000041 mov eax, dword ptr [eax+00000860h] 0x00000047 jmp 00007F711103FB46h 0x0000004c test eax, eax 0x0000004e jmp 00007F711103FB40h 0x00000053 je 00007F71817D5AA9h 0x00000059 pushad 0x0000005a push eax 0x0000005b push edx 0x0000005c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 920562 second address: 920566 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |