| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4FFAFD second address: 4FFB01 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4FFB01 second address: 4FFB09 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4FFB09 second address: 4FFB0F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4FFB0F second address: 4FFB13 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4FFB13 second address: 4FFB2E instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jnl 00007F2AF93CAABCh 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4FFB2E second address: 4FFB35 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4FFB35 second address: 4FFB63 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F2AF93CAAC8h 0x00000009 jmp 00007F2AF93CAAC2h 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4FFB63 second address: 4FFB67 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4FEB08 second address: 4FEB2C instructions: 0x00000000 rdtsc 0x00000002 jne 00007F2AF93CAABEh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push edi 0x0000000b jg 00007F2AF93CAABEh 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4FEC77 second address: 4FEC7B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4FEF98 second address: 4FEFB4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2AF93CAAC7h 0x00000009 pop eax 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4FF10B second address: 4FF141 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push esi 0x00000007 jmp 00007F2AF86F4E9Ah 0x0000000c pop esi 0x0000000d pushad 0x0000000e jmp 00007F2AF86F4EA4h 0x00000013 jne 00007F2AF86F4E96h 0x00000019 popad 0x0000001a js 00007F2AF86F4E9Ch 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5031F6 second address: 503293 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 js 00007F2AF93CAAB8h 0x0000000b push edi 0x0000000c pop edi 0x0000000d popad 0x0000000e mov dword ptr [esp], eax 0x00000011 jmp 00007F2AF93CAABAh 0x00000016 mov edx, dword ptr [ebp+122D2A6Eh] 0x0000001c push 00000000h 0x0000001e jo 00007F2AF93CAABAh 0x00000024 mov dx, 9873h 0x00000028 or dword ptr [ebp+122D3152h], edi 0x0000002e push 12753186h 0x00000033 push ebx 0x00000034 push eax 0x00000035 jmp 00007F2AF93CAAC9h 0x0000003a pop eax 0x0000003b pop ebx 0x0000003c xor dword ptr [esp], 12753106h 0x00000043 and edx, 2AC5CEBEh 0x00000049 push 00000003h 0x0000004b mov esi, dword ptr [ebp+122D2A42h] 0x00000051 push 00000000h 0x00000053 sub cl, FFFFFFE8h 0x00000056 push 00000003h 0x00000058 mov dword ptr [ebp+122D34DAh], edi 0x0000005e jmp 00007F2AF93CAAC8h 0x00000063 call 00007F2AF93CAAB9h 0x00000068 push esi 0x00000069 push eax 0x0000006a push edx 0x0000006b push edi 0x0000006c pop edi 0x0000006d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 503293 second address: 5032CE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF86F4EA7h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop esi 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d ja 00007F2AF86F4EACh 0x00000013 jmp 00007F2AF86F4EA6h 0x00000018 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5032CE second address: 503301 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF93CAAC3h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [esp+04h] 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 jmp 00007F2AF93CAAC3h 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 503301 second address: 503306 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 503306 second address: 503380 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 pop eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [eax] 0x0000000a pushad 0x0000000b pushad 0x0000000c jmp 00007F2AF93CAAC0h 0x00000011 pushad 0x00000012 popad 0x00000013 popad 0x00000014 jl 00007F2AF93CAAB8h 0x0000001a popad 0x0000001b mov dword ptr [esp+04h], eax 0x0000001f jmp 00007F2AF93CAAC7h 0x00000024 pop eax 0x00000025 jmp 00007F2AF93CAAC8h 0x0000002a mov si, 5B37h 0x0000002e lea ebx, dword ptr [ebp+124550C5h] 0x00000034 pushad 0x00000035 mov dword ptr [ebp+122D24F3h], esi 0x0000003b popad 0x0000003c or dword ptr [ebp+122D1832h], eax 0x00000042 xchg eax, ebx 0x00000043 push eax 0x00000044 push edx 0x00000045 push eax 0x00000046 push eax 0x00000047 push edx 0x00000048 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 503380 second address: 503385 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 503385 second address: 50338B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 503535 second address: 503539 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 503539 second address: 503594 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF93CAAC2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a mov dword ptr [esp], eax 0x0000000d mov dx, ax 0x00000010 push 00000000h 0x00000012 call 00007F2AF93CAAC4h 0x00000017 or dword ptr [ebp+122D188Dh], eax 0x0000001d pop edi 0x0000001e call 00007F2AF93CAAB9h 0x00000023 push edi 0x00000024 push eax 0x00000025 push edx 0x00000026 jmp 00007F2AF93CAAC5h 0x0000002b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 503594 second address: 5035C0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 push eax 0x00000008 pushad 0x00000009 pushad 0x0000000a jmp 00007F2AF86F4EA7h 0x0000000f je 00007F2AF86F4E96h 0x00000015 popad 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 popad 0x0000001a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5035C0 second address: 5035E3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b jo 00007F2AF93CAAC0h 0x00000011 jmp 00007F2AF93CAABAh 0x00000016 mov eax, dword ptr [eax] 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c pushad 0x0000001d popad 0x0000001e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5035E3 second address: 5035E9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4E6269 second address: 4E626F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5228DE second address: 5228E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5228E4 second address: 5228E8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5228E8 second address: 522908 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F2AF86F4EA6h 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 522EFE second address: 522F1B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jmp 00007F2AF93CAAC7h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 523077 second address: 523084 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007F2AF86F4E96h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 523227 second address: 52322D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 524249 second address: 52424D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 524550 second address: 524566 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F2AF93CAAC0h 0x00000009 push edx 0x0000000a pop edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 524566 second address: 52456A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 526FD1 second address: 527013 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pushad 0x00000004 popad 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jmp 00007F2AF93CAAC3h 0x0000000e mov eax, dword ptr [esp+04h] 0x00000012 pushad 0x00000013 pushad 0x00000014 jmp 00007F2AF93CAAC1h 0x00000019 ja 00007F2AF93CAAB6h 0x0000001f popad 0x00000020 js 00007F2AF93CAABCh 0x00000026 push eax 0x00000027 push edx 0x00000028 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 527013 second address: 527032 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 mov eax, dword ptr [eax] 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F2AF86F4EA5h 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 527032 second address: 52703B instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 52703B second address: 527066 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 popad 0x00000008 mov dword ptr [esp+04h], eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f jmp 00007F2AF86F4EA5h 0x00000014 jno 00007F2AF86F4E96h 0x0000001a popad 0x0000001b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 527066 second address: 52706C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 52706C second address: 527070 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 52AF0D second address: 52AF1E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF93CAABBh 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 52AF1E second address: 52AF22 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4E2C05 second address: 4E2C1F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 jmp 00007F2AF93CAAC2h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4E2C1F second address: 4E2C23 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4E2C23 second address: 4E2C29 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4E2C29 second address: 4E2C2F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 531BBE second address: 531BD4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 pushad 0x0000000a jl 00007F2AF93CAAB6h 0x00000010 pushad 0x00000011 popad 0x00000012 popad 0x00000013 push edi 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5311C4 second address: 5311C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5311C8 second address: 5311D8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 ja 00007F2AF93CAABCh 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 531350 second address: 531355 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 531498 second address: 53149E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53149E second address: 5314A9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53189B second address: 5318AB instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 je 00007F2AF93CAABEh 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5318AB second address: 5318B5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 pop eax 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 531A3A second address: 531A4C instructions: 0x00000000 rdtsc 0x00000002 js 00007F2AF93CAAB6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e pushad 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 531A4C second address: 531A54 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 531A54 second address: 531A5D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push esi 0x00000007 pop esi 0x00000008 popad 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 531A5D second address: 531A63 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 531A63 second address: 531A6F instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53505D second address: 535073 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F2AF86F4EA2h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 535073 second address: 535090 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF93CAABDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d js 00007F2AF93CAABCh 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 535571 second address: 535577 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 535667 second address: 53566B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53566B second address: 535675 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F2AF86F4E96h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 535675 second address: 53567A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 535C52 second address: 535C5B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 535C5B second address: 535C6D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 popad 0x00000007 popad 0x00000008 push eax 0x00000009 push ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c jc 00007F2AF93CAAB6h 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 535C6D second address: 535CB4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 xchg eax, ebx 0x00000008 push 00000000h 0x0000000a push ebp 0x0000000b call 00007F2AF86F4E98h 0x00000010 pop ebp 0x00000011 mov dword ptr [esp+04h], ebp 0x00000015 add dword ptr [esp+04h], 0000001Bh 0x0000001d inc ebp 0x0000001e push ebp 0x0000001f ret 0x00000020 pop ebp 0x00000021 ret 0x00000022 jng 00007F2AF86F4E9Ch 0x00000028 mov edi, dword ptr [ebp+122D298Ah] 0x0000002e push eax 0x0000002f push eax 0x00000030 push edx 0x00000031 jmp 00007F2AF86F4E9Dh 0x00000036 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 535D7B second address: 535D7F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53673B second address: 536745 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53703C second address: 537080 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF93CAAC0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c push 00000000h 0x0000000e mov edi, 10778B0Fh 0x00000013 push 00000000h 0x00000015 jmp 00007F2AF93CAAC6h 0x0000001a xchg eax, ebx 0x0000001b push ecx 0x0000001c pushad 0x0000001d pushad 0x0000001e popad 0x0000001f pushad 0x00000020 popad 0x00000021 popad 0x00000022 pop ecx 0x00000023 push eax 0x00000024 pushad 0x00000025 pushad 0x00000026 push eax 0x00000027 push edx 0x00000028 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 537080 second address: 537086 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 538A9D second address: 538AA3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53779E second address: 5377A3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 538AA3 second address: 538AA7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 538843 second address: 538847 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 538AA7 second address: 538B0B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF93CAABDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov dword ptr [esp], eax 0x0000000e sub si, 62EDh 0x00000013 push 00000000h 0x00000015 mov edi, dword ptr [ebp+122D29FAh] 0x0000001b push 00000000h 0x0000001d push 00000000h 0x0000001f push esi 0x00000020 call 00007F2AF93CAAB8h 0x00000025 pop esi 0x00000026 mov dword ptr [esp+04h], esi 0x0000002a add dword ptr [esp+04h], 00000015h 0x00000032 inc esi 0x00000033 push esi 0x00000034 ret 0x00000035 pop esi 0x00000036 ret 0x00000037 mov esi, dword ptr [ebp+122D34A2h] 0x0000003d push eax 0x0000003e push eax 0x0000003f push edx 0x00000040 jnc 00007F2AF93CAAC9h 0x00000046 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 538847 second address: 538852 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 538B0B second address: 538B19 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F2AF93CAABAh 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 538852 second address: 53885D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push edi 0x00000008 push ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 538B19 second address: 538B1D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53A00E second address: 53A012 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53DE36 second address: 53DE3A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53EDFB second address: 53EDFF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53EDFF second address: 53EE32 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF93CAABCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F2AF93CAABDh 0x0000000e popad 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F2AF93CAAC2h 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53EE32 second address: 53EEAE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF86F4EA6h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a push 00000000h 0x0000000c push eax 0x0000000d call 00007F2AF86F4E98h 0x00000012 pop eax 0x00000013 mov dword ptr [esp+04h], eax 0x00000017 add dword ptr [esp+04h], 00000014h 0x0000001f inc eax 0x00000020 push eax 0x00000021 ret 0x00000022 pop eax 0x00000023 ret 0x00000024 push 00000000h 0x00000026 push 00000000h 0x00000028 push esi 0x00000029 call 00007F2AF86F4E98h 0x0000002e pop esi 0x0000002f mov dword ptr [esp+04h], esi 0x00000033 add dword ptr [esp+04h], 0000001Dh 0x0000003b inc esi 0x0000003c push esi 0x0000003d ret 0x0000003e pop esi 0x0000003f ret 0x00000040 mov dword ptr [ebp+124554C7h], esi 0x00000046 mov bl, 09h 0x00000048 push 00000000h 0x0000004a mov edi, eax 0x0000004c push eax 0x0000004d pushad 0x0000004e pushad 0x0000004f jmp 00007F2AF86F4E9Dh 0x00000054 push eax 0x00000055 push edx 0x00000056 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53B442 second address: 53B446 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54258C second address: 542659 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF86F4E9Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ebx 0x0000000a push eax 0x0000000b jmp 00007F2AF86F4EA2h 0x00000010 nop 0x00000011 push 00000000h 0x00000013 push esi 0x00000014 call 00007F2AF86F4E98h 0x00000019 pop esi 0x0000001a mov dword ptr [esp+04h], esi 0x0000001e add dword ptr [esp+04h], 0000001Dh 0x00000026 inc esi 0x00000027 push esi 0x00000028 ret 0x00000029 pop esi 0x0000002a ret 0x0000002b mov ebx, dword ptr [ebp+122D2C36h] 0x00000031 push 00000000h 0x00000033 call 00007F2AF86F4EA8h 0x00000038 mov edi, dword ptr [ebp+122D358Dh] 0x0000003e pop edi 0x0000003f push 00000000h 0x00000041 push 00000000h 0x00000043 push esi 0x00000044 call 00007F2AF86F4E98h 0x00000049 pop esi 0x0000004a mov dword ptr [esp+04h], esi 0x0000004e add dword ptr [esp+04h], 00000017h 0x00000056 inc esi 0x00000057 push esi 0x00000058 ret 0x00000059 pop esi 0x0000005a ret 0x0000005b jmp 00007F2AF86F4EA4h 0x00000060 xchg eax, esi 0x00000061 push eax 0x00000062 push edx 0x00000063 pushad 0x00000064 jmp 00007F2AF86F4EA0h 0x00000069 jmp 00007F2AF86F4EA1h 0x0000006e popad 0x0000006f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 542659 second address: 54266C instructions: 0x00000000 rdtsc 0x00000002 jo 00007F2AF93CAAB8h 0x00000008 push edx 0x00000009 pop edx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54266C second address: 542670 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 542670 second address: 542676 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53F03E second address: 53F043 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5416EE second address: 54170B instructions: 0x00000000 rdtsc 0x00000002 jl 00007F2AF93CAAB6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jnc 00007F2AF93CAABCh 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 push ecx 0x00000016 pop ecx 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54370C second address: 54378D instructions: 0x00000000 rdtsc 0x00000002 jne 00007F2AF86F4E96h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jng 00007F2AF86F4E96h 0x00000011 jnc 00007F2AF86F4E96h 0x00000017 popad 0x00000018 popad 0x00000019 mov dword ptr [esp], eax 0x0000001c push 00000000h 0x0000001e push ecx 0x0000001f call 00007F2AF86F4E98h 0x00000024 pop ecx 0x00000025 mov dword ptr [esp+04h], ecx 0x00000029 add dword ptr [esp+04h], 0000001Ah 0x00000031 inc ecx 0x00000032 push ecx 0x00000033 ret 0x00000034 pop ecx 0x00000035 ret 0x00000036 mov dword ptr [ebp+12486CB3h], esi 0x0000003c or dword ptr [ebp+122D3603h], edi 0x00000042 push 00000000h 0x00000044 push 00000000h 0x00000046 push eax 0x00000047 call 00007F2AF86F4E98h 0x0000004c pop eax 0x0000004d mov dword ptr [esp+04h], eax 0x00000051 add dword ptr [esp+04h], 0000001Bh 0x00000059 inc eax 0x0000005a push eax 0x0000005b ret 0x0000005c pop eax 0x0000005d ret 0x0000005e movsx edi, si 0x00000061 push 00000000h 0x00000063 xor ebx, 15BA069Fh 0x00000069 push eax 0x0000006a push eax 0x0000006b push edx 0x0000006c push ecx 0x0000006d push edi 0x0000006e pop edi 0x0000006f pop ecx 0x00000070 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 543907 second address: 54390D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 544984 second address: 544988 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5458C3 second address: 5458C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5439C2 second address: 5439C6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54697D second address: 546981 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5458C7 second address: 5458D4 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F2AF86F4E96h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5439C6 second address: 5439D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5476B0 second address: 5476B6 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 544A46 second address: 544A4A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5458D4 second address: 5458EF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2AF86F4E9Ah 0x00000009 popad 0x0000000a popad 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jo 00007F2AF86F4E9Ch 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5439D0 second address: 5439EF instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F2AF93CAAB6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F2AF93CAAC1h 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5458EF second address: 5458F3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 549742 second address: 5497A2 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pushad 0x00000004 popad 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], eax 0x0000000b mov edi, eax 0x0000000d push 00000000h 0x0000000f mov ebx, dword ptr [ebp+122D3517h] 0x00000015 push 00000000h 0x00000017 push 00000000h 0x00000019 push eax 0x0000001a call 00007F2AF93CAAB8h 0x0000001f pop eax 0x00000020 mov dword ptr [esp+04h], eax 0x00000024 add dword ptr [esp+04h], 00000015h 0x0000002c inc eax 0x0000002d push eax 0x0000002e ret 0x0000002f pop eax 0x00000030 ret 0x00000031 mov bl, cl 0x00000033 xchg eax, esi 0x00000034 pushad 0x00000035 jns 00007F2AF93CAABCh 0x0000003b pushad 0x0000003c jmp 00007F2AF93CAABDh 0x00000041 jnc 00007F2AF93CAAB6h 0x00000047 popad 0x00000048 popad 0x00000049 push eax 0x0000004a pushad 0x0000004b push eax 0x0000004c push edx 0x0000004d push ecx 0x0000004e pop ecx 0x0000004f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54E862 second address: 54E86C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jno 00007F2AF86F4E96h 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54E86C second address: 54E8B0 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F2AF93CAAB6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov dword ptr [esp], eax 0x0000000f mov di, D985h 0x00000013 push 00000000h 0x00000015 push 00000000h 0x00000017 push eax 0x00000018 call 00007F2AF93CAAB8h 0x0000001d pop eax 0x0000001e mov dword ptr [esp+04h], eax 0x00000022 add dword ptr [esp+04h], 00000019h 0x0000002a inc eax 0x0000002b push eax 0x0000002c ret 0x0000002d pop eax 0x0000002e ret 0x0000002f add di, A16Bh 0x00000034 push 00000000h 0x00000036 push eax 0x00000037 push eax 0x00000038 push edx 0x00000039 push eax 0x0000003a push edx 0x0000003b push ecx 0x0000003c pop ecx 0x0000003d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54E8B0 second address: 54E8C3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF86F4E9Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5498E1 second address: 5498E5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5498E5 second address: 549988 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp], eax 0x0000000a mov ebx, edi 0x0000000c push dword ptr fs:[00000000h] 0x00000013 mov bx, 14A6h 0x00000017 mov dword ptr fs:[00000000h], esp 0x0000001e add bh, FFFFFFE4h 0x00000021 mov eax, dword ptr [ebp+122D02F9h] 0x00000027 push 00000000h 0x00000029 push edi 0x0000002a call 00007F2AF86F4E98h 0x0000002f pop edi 0x00000030 mov dword ptr [esp+04h], edi 0x00000034 add dword ptr [esp+04h], 0000001Ch 0x0000003c inc edi 0x0000003d push edi 0x0000003e ret 0x0000003f pop edi 0x00000040 ret 0x00000041 mov dword ptr [ebp+122D2162h], esi 0x00000047 push edi 0x00000048 jmp 00007F2AF86F4EA7h 0x0000004d pop ebx 0x0000004e mov ebx, 6B276C41h 0x00000053 push FFFFFFFFh 0x00000055 push 00000000h 0x00000057 push esi 0x00000058 call 00007F2AF86F4E98h 0x0000005d pop esi 0x0000005e mov dword ptr [esp+04h], esi 0x00000062 add dword ptr [esp+04h], 0000001Dh 0x0000006a inc esi 0x0000006b push esi 0x0000006c ret 0x0000006d pop esi 0x0000006e ret 0x0000006f or dword ptr [ebp+124803BBh], ecx 0x00000075 nop 0x00000076 push eax 0x00000077 push edx 0x00000078 push ecx 0x00000079 pushad 0x0000007a popad 0x0000007b pop ecx 0x0000007c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 550880 second address: 550885 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54C99F second address: 54C9A5 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54C9A5 second address: 54C9AB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4E98BE second address: 4E98CD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF86F4E9Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54C9AB second address: 54C9AF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 547844 second address: 5478D0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF86F4E9Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop eax 0x0000000a nop 0x0000000b push 00000000h 0x0000000d push esi 0x0000000e call 00007F2AF86F4E98h 0x00000013 pop esi 0x00000014 mov dword ptr [esp+04h], esi 0x00000018 add dword ptr [esp+04h], 00000017h 0x00000020 inc esi 0x00000021 push esi 0x00000022 ret 0x00000023 pop esi 0x00000024 ret 0x00000025 push esi 0x00000026 sub dword ptr [ebp+122D26F4h], eax 0x0000002c pop edi 0x0000002d push dword ptr fs:[00000000h] 0x00000034 adc bx, F498h 0x00000039 mov dword ptr fs:[00000000h], esp 0x00000040 xor di, 7A2Dh 0x00000045 mov eax, dword ptr [ebp+122D070Dh] 0x0000004b push 00000000h 0x0000004d push ecx 0x0000004e call 00007F2AF86F4E98h 0x00000053 pop ecx 0x00000054 mov dword ptr [esp+04h], ecx 0x00000058 add dword ptr [esp+04h], 0000001Ch 0x00000060 inc ecx 0x00000061 push ecx 0x00000062 ret 0x00000063 pop ecx 0x00000064 ret 0x00000065 mov ebx, 54666AD2h 0x0000006a push FFFFFFFFh 0x0000006c mov ebx, 517C43B7h 0x00000071 nop 0x00000072 push eax 0x00000073 push edx 0x00000074 push eax 0x00000075 push edx 0x00000076 push eax 0x00000077 push edx 0x00000078 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 551F7E second address: 551F87 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5478D0 second address: 5478D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 551F87 second address: 551F8B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5478D4 second address: 5478DA instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 551F8B second address: 551F8F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 551F8F second address: 551FC3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jbe 00007F2AF86F4EDDh 0x0000000c jng 00007F2AF86F4EB5h 0x00000012 jmp 00007F2AF86F4EA9h 0x00000017 jng 00007F2AF86F4E96h 0x0000001d pushad 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 551FC3 second address: 551FC9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54D916 second address: 54D91A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54D9E1 second address: 54D9E5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 54D9E5 second address: 54DA0A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 pushad 0x00000009 jnl 00007F2AF86F4E9Ch 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F2AF86F4E9Eh 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 559AE3 second address: 559AF4 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c pop ebx 0x0000000d push eax 0x0000000e push eax 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 55DD4F second address: 55DD67 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F2AF86F4E96h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jng 00007F2AF86F4E9Ah 0x00000010 pushad 0x00000011 popad 0x00000012 pushad 0x00000013 popad 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 55DD67 second address: 55DD6D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 55DD6D second address: 55DD71 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 55DD71 second address: 55DD75 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 55E73B second address: 55E73F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5652FD second address: 565314 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F2AF93CAAB6h 0x00000008 jnc 00007F2AF93CAAB6h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pop ecx 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 push esi 0x00000016 pop esi 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 565314 second address: 565337 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 jmp 00007F2AF86F4E9Bh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jbe 00007F2AF86F4EA2h 0x00000011 jns 00007F2AF86F4E96h 0x00000017 jnp 00007F2AF86F4E96h 0x0000001d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 565337 second address: 565342 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 jl 00007F2AF93CAAB6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 563FE0 second address: 563FF2 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F2AF86F4E96h 0x00000008 push edx 0x00000009 pop edx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push ecx 0x0000000f pop ecx 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5645A8 second address: 5645AE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5649DB second address: 564A23 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jg 00007F2AF86F4E96h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d jmp 00007F2AF86F4EA3h 0x00000012 jmp 00007F2AF86F4EA6h 0x00000017 push edx 0x00000018 pop edx 0x00000019 popad 0x0000001a push eax 0x0000001b push eax 0x0000001c pop eax 0x0000001d pop eax 0x0000001e popad 0x0000001f push eax 0x00000020 push edx 0x00000021 js 00007F2AF86F4EA2h 0x00000027 push eax 0x00000028 push edx 0x00000029 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 564A23 second address: 564A29 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 564A29 second address: 564A2D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 564EA0 second address: 564EA6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 564EA6 second address: 564EB0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 564EB0 second address: 564EB6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 565010 second address: 565016 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 565016 second address: 56502F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007F2AF93CAAC0h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 56502F second address: 565042 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F2AF86F4E96h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 565042 second address: 565048 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 565048 second address: 56506C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F2AF86F4EA7h 0x0000000c jns 00007F2AF86F4E96h 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 56506C second address: 565074 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 565074 second address: 56507A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 56B4A4 second address: 56B4BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F2AF93CAAB6h 0x0000000a pop ecx 0x0000000b push ebx 0x0000000c pushad 0x0000000d popad 0x0000000e je 00007F2AF93CAAB6h 0x00000014 pop ebx 0x00000015 push eax 0x00000016 push edx 0x00000017 push esi 0x00000018 pop esi 0x00000019 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 56B4BD second address: 56B4C1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 56A568 second address: 56A56C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 56A56C second address: 56A59A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jl 00007F2AF86F4E9Ch 0x0000000c jp 00007F2AF86F4E96h 0x00000012 jmp 00007F2AF86F4EA9h 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 56A86E second address: 56A88C instructions: 0x00000000 rdtsc 0x00000002 jne 00007F2AF93CAABEh 0x00000008 push edx 0x00000009 pop edx 0x0000000a jg 00007F2AF93CAAB6h 0x00000010 push edi 0x00000011 push eax 0x00000012 pop eax 0x00000013 pop edi 0x00000014 pop edx 0x00000015 pop eax 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a push edx 0x0000001b pop edx 0x0000001c push edx 0x0000001d pop edx 0x0000001e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 56A88C second address: 56A890 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 56A890 second address: 56A896 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 56AE18 second address: 56AE22 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push ecx 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 56AE22 second address: 56AE27 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 57148B second address: 57149F instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 jmp 00007F2AF86F4E9Fh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 57149F second address: 5714A7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5714A7 second address: 5714AF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 575BF2 second address: 575C0B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF93CAAC3h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 575C0B second address: 575C12 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 532377 second address: 5323A3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF93CAAC1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c movsx edi, si 0x0000000f lea eax, dword ptr [ebp+12484139h] 0x00000015 add di, 9BF0h 0x0000001a push eax 0x0000001b push ecx 0x0000001c push eax 0x0000001d push edx 0x0000001e push ebx 0x0000001f pop ebx 0x00000020 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5323A3 second address: 5187B4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 mov dword ptr [esp], eax 0x0000000a push 00000000h 0x0000000c push eax 0x0000000d call 00007F2AF86F4E98h 0x00000012 pop eax 0x00000013 mov dword ptr [esp+04h], eax 0x00000017 add dword ptr [esp+04h], 00000015h 0x0000001f inc eax 0x00000020 push eax 0x00000021 ret 0x00000022 pop eax 0x00000023 ret 0x00000024 mov edi, 2EE88302h 0x00000029 call dword ptr [ebp+1245116Ah] 0x0000002f push esi 0x00000030 jg 00007F2AF86F4E9Eh 0x00000036 jmp 00007F2AF86F4EA0h 0x0000003b pop esi 0x0000003c jng 00007F2AF86F4EE5h 0x00000042 push eax 0x00000043 push edx 0x00000044 jmp 00007F2AF86F4EA6h 0x00000049 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 532A51 second address: 532A55 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 532A55 second address: 532A5B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 532A5B second address: 532A9E instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F2AF93CAABCh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c pushad 0x0000000d push esi 0x0000000e pop esi 0x0000000f push ecx 0x00000010 pop ecx 0x00000011 popad 0x00000012 jl 00007F2AF93CAAC2h 0x00000018 jmp 00007F2AF93CAABCh 0x0000001d popad 0x0000001e xchg eax, esi 0x0000001f mov dword ptr [ebp+122D2162h], ecx 0x00000025 pushad 0x00000026 mov bh, A7h 0x00000028 mov esi, edi 0x0000002a popad 0x0000002b push eax 0x0000002c pushad 0x0000002d pushad 0x0000002e jp 00007F2AF93CAAB6h 0x00000034 push eax 0x00000035 push edx 0x00000036 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 532A9E second address: 532AAB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 je 00007F2AF86F4E9Ch 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5335A2 second address: 5335A6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 533699 second address: 53369D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53369D second address: 5336A3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 574D0B second address: 574D0F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 574FD7 second address: 574FDB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 574FDB second address: 574FF3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF86F4E9Fh 0x00000007 push edi 0x00000008 pop edi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 575733 second address: 575739 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 57F0AE second address: 57F0B4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 57DCD7 second address: 57DCEC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2AF93CAABFh 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 57DE7B second address: 57DE8C instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 jl 00007F2AF86F4E96h 0x00000009 pop ecx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 57DE8C second address: 57DE91 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 57DE91 second address: 57DE97 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 57DE97 second address: 57DE9D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 57DE9D second address: 57DEA1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 57E14F second address: 57E159 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F2AF93CAAB6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 57E2D9 second address: 57E312 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 jmp 00007F2AF86F4EA8h 0x0000000d jmp 00007F2AF86F4EA7h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 57E312 second address: 57E333 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 jmp 00007F2AF93CAABEh 0x0000000b jmp 00007F2AF93CAABCh 0x00000010 pop eax 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 57E5A8 second address: 57E5AE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 57E5AE second address: 57E5B3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 57E5B3 second address: 57E5BA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 57EA0A second address: 57EA14 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007F2AF93CAAB6h 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 57EB43 second address: 57EB4C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 57EB4C second address: 57EB50 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 583B36 second address: 583B41 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 583540 second address: 583546 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 583546 second address: 58356F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007F2AF86F4EA3h 0x0000000c jmp 00007F2AF86F4E9Dh 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 583850 second address: 583871 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pushad 0x00000006 jnl 00007F2AF93CAAB6h 0x0000000c jmp 00007F2AF93CAAC3h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 583871 second address: 583876 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 583876 second address: 58387B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58387B second address: 583881 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 583881 second address: 58388B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4EE8B1 second address: 4EE8CF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F2AF86F4EA4h 0x00000009 jns 00007F2AF86F4E96h 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4EE8CF second address: 4EE902 instructions: 0x00000000 rdtsc 0x00000002 js 00007F2AF93CAAB6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d jc 00007F2AF93CAAD3h 0x00000013 jl 00007F2AF93CAAB6h 0x00000019 jmp 00007F2AF93CAAC7h 0x0000001e push ecx 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4EE902 second address: 4EE90D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop ecx 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4EE90D second address: 4EE911 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4EE911 second address: 4EE915 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58B0AE second address: 58B0CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 jmp 00007F2AF93CAAC6h 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58B0CA second address: 58B0E9 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F2AF86F4E96h 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F2AF86F4E9Bh 0x00000013 jns 00007F2AF86F4E96h 0x00000019 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58B0E9 second address: 58B0F9 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F2AF93CAAB6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58B0F9 second address: 58B0FD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58B0FD second address: 58B11E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b push edx 0x0000000c pop edx 0x0000000d jmp 00007F2AF93CAAC4h 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58B11E second address: 58B134 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F2AF86F4E96h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jno 00007F2AF86F4E96h 0x00000011 push esi 0x00000012 pop esi 0x00000013 push ecx 0x00000014 pop ecx 0x00000015 popad 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58B134 second address: 58B13E instructions: 0x00000000 rdtsc 0x00000002 je 00007F2AF93CAABCh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58B454 second address: 58B45A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58B45A second address: 58B463 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58B85D second address: 58B86E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jng 00007F2AF86F4E9Ch 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58B86E second address: 58B87A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jg 00007F2AF93CAAB6h 0x0000000a push ebx 0x0000000b pop ebx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58BA29 second address: 58BA2F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58BA2F second address: 58BA33 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58BBBA second address: 58BBC0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58BBC0 second address: 58BBC6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58BBC6 second address: 58BBD9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007F2AF86F4E96h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d jno 00007F2AF86F4E96h 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58F94C second address: 58F950 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58F950 second address: 58F972 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF86F4EA5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push edx 0x0000000a push eax 0x0000000b pop eax 0x0000000c pop edx 0x0000000d pushad 0x0000000e push edi 0x0000000f pop edi 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58F972 second address: 58F985 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 popad 0x00000008 jng 00007F2AF93CAAE3h 0x0000000e pushad 0x0000000f push edx 0x00000010 pop edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58F985 second address: 58F9A8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2AF86F4E9Bh 0x00000009 push esi 0x0000000a pop esi 0x0000000b popad 0x0000000c pushad 0x0000000d push ebx 0x0000000e pop ebx 0x0000000f jo 00007F2AF86F4E96h 0x00000015 jp 00007F2AF86F4E96h 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58F1A3 second address: 58F1DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F2AF93CAAB6h 0x0000000a jmp 00007F2AF93CAAC2h 0x0000000f popad 0x00000010 pop ecx 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007F2AF93CAAC8h 0x00000018 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58F1DB second address: 58F1EB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 jmp 00007F2AF86F4E9Ah 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 58F1EB second address: 58F202 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF93CAAC3h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 594463 second address: 594468 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 593E73 second address: 593E77 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 593E77 second address: 593E8F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2AF86F4E9Fh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 593FEC second address: 594008 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2AF93CAAC8h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 594008 second address: 59400E instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59C59F second address: 59C5A5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59C5A5 second address: 59C5AB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59C5AB second address: 59C5B8 instructions: 0x00000000 rdtsc 0x00000002 je 00007F2AF93CAAB6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59A741 second address: 59A755 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F2AF86F4E9Ah 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jnc 00007F2AF86F4E96h 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59A8AA second address: 59A8CB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF93CAAC7h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c popad 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59ABA7 second address: 59ABAD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59ABAD second address: 59ABB3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59AE88 second address: 59AEA5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2AF86F4EA4h 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59AEA5 second address: 59AEB8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F2AF93CAAB6h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d popad 0x0000000e push ebx 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59AEB8 second address: 59AEBC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59B70F second address: 59B719 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F2AF93CAAB6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59BCC3 second address: 59BCCB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59BCCB second address: 59BCCF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59BCCF second address: 59BCD5 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59BFCD second address: 59BFD2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59BFD2 second address: 59BFD8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59BFD8 second address: 59C043 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 jnl 00007F2AF93CAAD3h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pushad 0x00000010 push edi 0x00000011 pushad 0x00000012 popad 0x00000013 jmp 00007F2AF93CAABEh 0x00000018 pop edi 0x00000019 push eax 0x0000001a jmp 00007F2AF93CAAC7h 0x0000001f jmp 00007F2AF93CAABBh 0x00000024 pop eax 0x00000025 push eax 0x00000026 push edx 0x00000027 jc 00007F2AF93CAAB6h 0x0000002d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59F70E second address: 59F719 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59F719 second address: 59F74A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2AF93CAABAh 0x00000009 push ecx 0x0000000a pop ecx 0x0000000b popad 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f jmp 00007F2AF93CAAC3h 0x00000014 popad 0x00000015 pushad 0x00000016 jp 00007F2AF93CAAB6h 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59F74A second address: 59F750 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59F8A2 second address: 59F8B1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2AF93CAABBh 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59F8B1 second address: 59F8CA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF86F4EA1h 0x00000007 push eax 0x00000008 push edx 0x00000009 push ebx 0x0000000a pop ebx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59F8CA second address: 59F8CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59FBDC second address: 59FC0B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF86F4EA5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F2AF86F4EA1h 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59FC0B second address: 59FC11 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 59FD87 second address: 59FD91 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F2AF86F4EADh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5AC11D second address: 5AC121 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5AC121 second address: 5AC127 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5AC127 second address: 5AC13A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 pushad 0x00000008 jc 00007F2AF93CAAB8h 0x0000000e pushad 0x0000000f popad 0x00000010 push eax 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5AC3B9 second address: 5AC3ED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 jmp 00007F2AF86F4EA3h 0x0000000b popad 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f jnc 00007F2AF86F4E96h 0x00000015 jmp 00007F2AF86F4EA0h 0x0000001a popad 0x0000001b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5AC3ED second address: 5AC3FD instructions: 0x00000000 rdtsc 0x00000002 jne 00007F2AF93CAAC2h 0x00000008 jnp 00007F2AF93CAAB6h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5AC568 second address: 5AC5F2 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F2AF86F4E96h 0x00000008 jmp 00007F2AF86F4E9Dh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f jmp 00007F2AF86F4EA8h 0x00000014 jmp 00007F2AF86F4EA9h 0x00000019 jmp 00007F2AF86F4EA3h 0x0000001e popad 0x0000001f pushad 0x00000020 push eax 0x00000021 jmp 00007F2AF86F4E9Eh 0x00000026 pushad 0x00000027 popad 0x00000028 pop eax 0x00000029 jbe 00007F2AF86F4EA7h 0x0000002f jmp 00007F2AF86F4EA1h 0x00000034 push eax 0x00000035 push edx 0x00000036 push ecx 0x00000037 pop ecx 0x00000038 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5AC743 second address: 5AC762 instructions: 0x00000000 rdtsc 0x00000002 je 00007F2AF93CAABEh 0x00000008 push ebx 0x00000009 jns 00007F2AF93CAAB6h 0x0000000f pop ebx 0x00000010 pop edx 0x00000011 pop eax 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5AC762 second address: 5AC76C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F2AF86F4E96h 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5AC76C second address: 5AC79C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jc 00007F2AF93CAAB6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jmp 00007F2AF93CAAC4h 0x00000011 pushad 0x00000012 push edi 0x00000013 pop edi 0x00000014 je 00007F2AF93CAAB6h 0x0000001a push ecx 0x0000001b pop ecx 0x0000001c popad 0x0000001d push eax 0x0000001e push edx 0x0000001f pushad 0x00000020 popad 0x00000021 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5AC92F second address: 5AC933 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5AC933 second address: 5AC937 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5AC937 second address: 5AC93D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5AC93D second address: 5AC943 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5B429A second address: 5B42A0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5B42A0 second address: 5B42A5 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5B3F83 second address: 5B3F8D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jno 00007F2AF86F4E96h 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5B3F8D second address: 5B3FA5 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F2AF93CAAB6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push esi 0x0000000d je 00007F2AF93CAAB8h 0x00000013 pushad 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5B3FA5 second address: 5B3FAD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5B6831 second address: 5B684E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F2AF93CAAB6h 0x0000000a popad 0x0000000b js 00007F2AF93CAAC2h 0x00000011 jmp 00007F2AF93CAABAh 0x00000016 push esi 0x00000017 pop esi 0x00000018 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5B684E second address: 5B6891 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F2AF86F4EA8h 0x00000008 push edi 0x00000009 pushad 0x0000000a popad 0x0000000b pushad 0x0000000c popad 0x0000000d pop edi 0x0000000e pop edx 0x0000000f pop eax 0x00000010 je 00007F2AF86F4ED2h 0x00000016 jmp 00007F2AF86F4EA3h 0x0000001b push eax 0x0000001c push edx 0x0000001d jbe 00007F2AF86F4E96h 0x00000023 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5C3285 second address: 5C3289 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5C3289 second address: 5C32B0 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F2AF86F4E96h 0x00000008 push esi 0x00000009 pop esi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d jmp 00007F2AF86F4EA7h 0x00000012 pushad 0x00000013 popad 0x00000014 pop eax 0x00000015 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5C32B0 second address: 5C32D1 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 je 00007F2AF93CAAB6h 0x00000009 jmp 00007F2AF93CAABAh 0x0000000e pop ebx 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push eax 0x00000012 push eax 0x00000013 push edx 0x00000014 jnc 00007F2AF93CAAB6h 0x0000001a pushad 0x0000001b popad 0x0000001c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5C605A second address: 5C6060 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5C6060 second address: 5C6064 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5C5C0F second address: 5C5C1B instructions: 0x00000000 rdtsc 0x00000002 jp 00007F2AF86F4E9Eh 0x00000008 push edx 0x00000009 pop edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5CDB25 second address: 5CDB4C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2AF93CAAC6h 0x00000009 popad 0x0000000a jl 00007F2AF93CAAB8h 0x00000010 push ebx 0x00000011 pop ebx 0x00000012 push eax 0x00000013 push edx 0x00000014 push edi 0x00000015 pop edi 0x00000016 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5DEBA2 second address: 5DEBD4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 jmp 00007F2AF86F4EA7h 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F2AF86F4EA4h 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5DEBD4 second address: 5DEBD8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5DEBD8 second address: 5DEBDE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5DD418 second address: 5DD41C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5DD9ED second address: 5DDA0B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 jmp 00007F2AF86F4EA5h 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5DDA0B second address: 5DDA11 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5DDCAC second address: 5DDCB0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5DDCB0 second address: 5DDCE3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF93CAABEh 0x00000007 jp 00007F2AF93CAAB6h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F2AF93CAAC3h 0x00000016 push ecx 0x00000017 push eax 0x00000018 pop eax 0x00000019 pushad 0x0000001a popad 0x0000001b pop ecx 0x0000001c rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5DDCE3 second address: 5DDCE8 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5DDCE8 second address: 5DDCF8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pushad 0x00000006 push edi 0x00000007 pop edi 0x00000008 jg 00007F2AF93CAAB6h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5DE820 second address: 5DE824 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5DE824 second address: 5DE833 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 je 00007F2AF93CAAB6h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5DE833 second address: 5DE83A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 popad 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5DE83A second address: 5DE855 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 jmp 00007F2AF93CAAC6h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5DE855 second address: 5DE85F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pushad 0x00000006 push edi 0x00000007 pop edi 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4F5545 second address: 4F5557 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF93CAABAh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4F5557 second address: 4F555D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4F555D second address: 4F5562 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5E3C7D second address: 5E3C81 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5E64C3 second address: 5E64EB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF93CAAC0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F2AF93CAAC4h 0x0000000e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5E64EB second address: 5E6513 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F2AF86F4EACh 0x00000008 jne 00007F2AF86F4E96h 0x0000000e jmp 00007F2AF86F4EA0h 0x00000013 jc 00007F2AF86F4E9Eh 0x00000019 push esi 0x0000001a pop esi 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5EC9BE second address: 5EC9E2 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnp 00007F2AF93CAACAh 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5EC9E2 second address: 5EC9E8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5EF13F second address: 5EF144 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5EF144 second address: 5EF14C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 60262A second address: 602631 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 602631 second address: 60264B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF86F4E9Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push esi 0x0000000b jo 00007F2AF86F4E96h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 603E32 second address: 603E38 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 603E38 second address: 603E47 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jnc 00007F2AF86F4E96h 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 60726F second address: 607273 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 607273 second address: 607279 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 607279 second address: 60727E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 6073BA second address: 6073BE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 6073BE second address: 6073C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 6073C4 second address: 6073DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 pushad 0x0000000a popad 0x0000000b pushad 0x0000000c popad 0x0000000d push esi 0x0000000e pop esi 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 jno 00007F2AF86F4E96h 0x00000018 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 6073DC second address: 60740A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jbe 00007F2AF93CAAB6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jmp 00007F2AF93CAAC5h 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 push ebx 0x00000015 jng 00007F2AF93CAAB6h 0x0000001b push esi 0x0000001c pop esi 0x0000001d pop ebx 0x0000001e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 616D63 second address: 616D67 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 6176C2 second address: 6176C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop esi 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 6176C9 second address: 6176E0 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F2AF86F4E98h 0x00000008 pushad 0x00000009 jmp 00007F2AF86F4E9Ah 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 617821 second address: 617855 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF93CAAC8h 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F2AF93CAAC2h 0x0000000e jbe 00007F2AF93CAAB6h 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 6179C5 second address: 6179D8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F2AF86F4E9Dh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 61AD1B second address: 61AD65 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F2AF93CAABFh 0x00000009 popad 0x0000000a jmp 00007F2AF93CAAC8h 0x0000000f popad 0x00000010 push eax 0x00000011 jmp 00007F2AF93CAABEh 0x00000016 mov eax, dword ptr [esp+04h] 0x0000001a push eax 0x0000001b push edx 0x0000001c jnc 00007F2AF93CAAB8h 0x00000022 pushad 0x00000023 popad 0x00000024 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 61C1CF second address: 61C1D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 61C1D3 second address: 61C209 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF93CAAC1h 0x00000007 push edx 0x00000008 pop edx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push edi 0x0000000c jmp 00007F2AF93CAAC5h 0x00000011 push edx 0x00000012 pop edx 0x00000013 pop edi 0x00000014 push eax 0x00000015 push edx 0x00000016 push esi 0x00000017 pop esi 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 61C209 second address: 61C20D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 61C20D second address: 61C22A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF93CAAC9h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 61C22A second address: 61C241 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a push ecx 0x0000000b pop ecx 0x0000000c jmp 00007F2AF86F4E9Bh 0x00000011 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 61C241 second address: 61C245 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 61C245 second address: 61C254 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edx 0x00000007 jne 00007F2AF86F4E96h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 61DFDD second address: 61E004 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push ebx 0x00000006 pop ebx 0x00000007 jmp 00007F2AF93CAAC3h 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F2AF93CAABAh 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 61FABE second address: 61FAC4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4D0022B second address: 4D00246 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF93CAAC7h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4D00246 second address: 4D0025E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F2AF86F4EA4h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4D0025E second address: 4D002C7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a movzx esi, dx 0x0000000d pushfd 0x0000000e jmp 00007F2AF93CAAC9h 0x00000013 sbb ax, A676h 0x00000018 jmp 00007F2AF93CAAC1h 0x0000001d popfd 0x0000001e popad 0x0000001f xchg eax, ebp 0x00000020 jmp 00007F2AF93CAABEh 0x00000025 mov ebp, esp 0x00000027 push eax 0x00000028 push edx 0x00000029 jmp 00007F2AF93CAAC7h 0x0000002e rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4D002C7 second address: 4D002DF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F2AF86F4EA4h 0x00000009 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4D00358 second address: 4D003C9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F2AF93CAAC0h 0x00000009 or ax, 8F78h 0x0000000e jmp 00007F2AF93CAABBh 0x00000013 popfd 0x00000014 jmp 00007F2AF93CAAC8h 0x00000019 popad 0x0000001a pop edx 0x0000001b pop eax 0x0000001c push eax 0x0000001d pushad 0x0000001e mov di, 0B84h 0x00000022 pushfd 0x00000023 jmp 00007F2AF93CAABDh 0x00000028 and al, FFFFFFC6h 0x0000002b jmp 00007F2AF93CAAC1h 0x00000030 popfd 0x00000031 popad 0x00000032 xchg eax, ebp 0x00000033 push eax 0x00000034 push edx 0x00000035 push eax 0x00000036 push edx 0x00000037 pushad 0x00000038 popad 0x00000039 rdtsc |
| Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 4D003C9 second address: 4D003DC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F2AF86F4E9Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet