Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321709069.0000000001208000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/account/cookiepreferences/ |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321709069.0000000001208000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/privacy_agreement/ |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321709069.0000000001208000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/subscriber_agreement/ |
Source: Amcache.hve.9.dr | String found in binary or memory: http://upx.sf.net |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://www.valvesoftware.com/legal.htm |
Source: file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://avatars.akamai.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/applications/community/main.css?v=2Ih2WOq7ErXY&a |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/globalv2.css?v=PAcV2zMBzzSV&l=english |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/promo/summer2017/stickers.css?v=HA2Yr5oy3FFG& |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/skin_1/header.css?v=NFoCa4OkAxRb&l=english |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/skin_1/modalContent.css?v=.VpiwkLAYt9r1 |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/css/skin_1/profilev2.css?v=M_qL4gO2sKII&l=englis |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/images/skin_1/arrowDn9x5.gif |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321709069.0000000001208000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1 |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6 |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/applications/community/main.js?v=bz0kMfQA |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/applications/community/manifest.js?v=hgPi |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/global.js?v=9OzcxMXbaV84&l=english |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/modalContent.js?v=f2hMA1v9Zkc8&l=engl |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/profile.js?v=f3vWO7swdDqp&l=english |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/promo/stickers.js?v=upl9NJ5D2xkP&l=en |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/reportedcontent.js?v=dAtjbcZMWhSe&l=e |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/webui/clientcom.js?v=jGtzAgjYROne&l=e |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/buttons.css?v=PUJIfhtcQn7W&l=english |
Source: file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/motiva_sans.css?v=-DH0xTYpnVe2&l=engl |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/shared_global.css?v=ezWS9te9Zwm9&l=en |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/shared_responsive.css?v=sHIIcMzCffX6& |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016 |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/responsive/header_logo.png |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1& |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/shared_global.js?v=REEGJU1hwkYl&am |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=pSv |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0 |
Source: file.exe, 00000004.00000002.1598907170.000000000117D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://eaglepawnoy.store:443/api |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://help.steampowered.com/en/ |
Source: file.exe, 00000004.00000002.1598907170.000000000117D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://licendfilteo.site:443/apid |
Source: file.exe, 00000004.00000003.1321868855.00000000011BD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321750221.00000000011BD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000002.1598907170.0000000001193000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sergei-esenin.com/ |
Source: file.exe, 00000004.00000003.1321868855.00000000011BD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321750221.00000000011BD000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sergei-esenin.com/LOu |
Source: file.exe, 00000004.00000003.1321750221.00000000011BD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000002.1598907170.0000000001193000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sergei-esenin.com/api |
Source: file.exe, 00000004.00000002.1598907170.00000000011BD000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sergei-esenin.com/apiM |
Source: file.exe, 00000004.00000002.1598907170.000000000117D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sergei-esenin.com:443/api |
Source: file.exe, 00000004.00000002.1598907170.000000000117D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sergei-esenin.com:443/apifiles/76561199724331900 |
Source: file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/ |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/?subsection=broadcasts |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/discussions/ |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321709069.0000000001208000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org |
Source: file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900 |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/market/ |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/my/wishlist/ |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900/badges |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321709069.0000000001208000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900/inventory/ |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/workshop/ |
Source: file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowU) |
Source: file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/ |
Source: file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/about/ |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/explore/ |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321709069.0000000001208000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/legal/ |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/mobile |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/news/ |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/points/shop/ |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/privacy_agreement/ |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/stats/ |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/steam_refunds/ |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/subscriber_agreement/ |
Source: file.exe, 00000004.00000002.1598907170.000000000117D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://studennotediw.store:443/api: |
Source: file.exe, 00000004.00000002.1598907170.0000000001193000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.cloudflare.com/5xx-errop |
Source: file.exe, 00000004.00000003.1321594830.0000000001209000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321750221.00000000011A5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.cloudflare.com/5xx-error-landing |
Source: file.exe, 00000004.00000003.1321750221.00000000011A5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.cloudflare.com/learning/access-man |
Source: file.exe, 00000004.00000003.1321868855.00000000011AF000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321750221.00000000011A5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.cloudflare.com/learning/access-manMV |
Source: file.exe, 00000004.00000003.1321594830.0000000001209000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321750221.00000000011A5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.cloudflare.com/learning/access-management/phishing-attack/ |
Source: file.exe, 00000004.00000003.1321636669.0000000001200000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000004.00000003.1321728397.00000000011F3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B04414 second address: B03CB1 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F72B9AA7988h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov dword ptr [esp], eax 0x0000000f sub dword ptr [ebp+122D1F93h], ecx 0x00000015 mov dword ptr [ebp+122D1F93h], eax 0x0000001b push dword ptr [ebp+122D0DF5h] 0x00000021 sub dword ptr [ebp+122D2012h], edi 0x00000027 call dword ptr [ebp+122D29ACh] 0x0000002d pushad 0x0000002e cmc 0x0000002f xor eax, eax 0x00000031 cld 0x00000032 mov edx, dword ptr [esp+28h] 0x00000036 mov dword ptr [ebp+122D29EBh], eax 0x0000003c cld 0x0000003d mov dword ptr [ebp+122D2C3Ah], eax 0x00000043 xor dword ptr [ebp+122D29EBh], esi 0x00000049 cmc 0x0000004a mov esi, 0000003Ch 0x0000004f sub dword ptr [ebp+122D2012h], edi 0x00000055 mov dword ptr [ebp+122D29EBh], ebx 0x0000005b add esi, dword ptr [esp+24h] 0x0000005f jmp 00007F72B9AA798Dh 0x00000064 lodsw 0x00000066 add dword ptr [ebp+122D29EBh], edi 0x0000006c add eax, dword ptr [esp+24h] 0x00000070 add dword ptr [ebp+122D2628h], ecx 0x00000076 mov ebx, dword ptr [esp+24h] 0x0000007a jnl 00007F72B9AA798Ch 0x00000080 mov dword ptr [ebp+122D29EBh], esi 0x00000086 nop 0x00000087 jns 00007F72B9AA79A0h 0x0000008d pushad 0x0000008e push eax 0x0000008f push edx 0x00000090 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C6D2C3 second address: C6D2C7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8209A second address: C8209E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8209E second address: C820B1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F72B8E40BFEh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C820B1 second address: C820BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c push edi 0x0000000d pop edi 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C820BF second address: C820D8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F72B8E40C05h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C820D8 second address: C820F0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov eax, dword ptr [esp+04h] 0x0000000e push eax 0x0000000f push edx 0x00000010 push esi 0x00000011 jp 00007F72B9AA7986h 0x00000017 pop esi 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C820F0 second address: C82119 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F72B8E40BFCh 0x00000008 jnc 00007F72B8E40BF6h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 mov eax, dword ptr [eax] 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 jmp 00007F72B8E40C02h 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C82119 second address: C8211E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8211E second address: C82123 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C821BE second address: C821C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F72B9AA7986h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C821C9 second address: C821CF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C821CF second address: C821D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C821D3 second address: C821D7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C821D7 second address: C82216 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xor dword ptr [esp], 588CA7E0h 0x0000000f mov si, BBCAh 0x00000013 push 00000003h 0x00000015 mov ecx, 4AF829A0h 0x0000001a push 00000000h 0x0000001c mov esi, dword ptr [ebp+122D2D1Ah] 0x00000022 push 00000003h 0x00000024 mov dword ptr [ebp+122D1F93h], eax 0x0000002a mov ecx, dword ptr [ebp+122D2E5Eh] 0x00000030 push B72E3467h 0x00000035 jc 00007F72B9AA7994h 0x0000003b push eax 0x0000003c push edx 0x0000003d push ebx 0x0000003e pop ebx 0x0000003f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C82216 second address: C8221A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8221A second address: C82253 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 xor dword ptr [esp], 772E3467h 0x0000000d mov dl, EAh 0x0000000f lea ebx, dword ptr [ebp+12451FCFh] 0x00000015 pushad 0x00000016 mov ecx, dword ptr [ebp+122D1F93h] 0x0000001c mov ax, 5065h 0x00000020 popad 0x00000021 xchg eax, ebx 0x00000022 jmp 00007F72B9AA7990h 0x00000027 push eax 0x00000028 push eax 0x00000029 push edx 0x0000002a push eax 0x0000002b pushad 0x0000002c popad 0x0000002d pop eax 0x0000002e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C822D1 second address: C822D7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C822D7 second address: C82304 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F72B9AA798Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jl 00007F72B9AA799Ah 0x00000013 jmp 00007F72B9AA7994h 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C7238F second address: C7239D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push edi 0x00000006 jnl 00007F72B8E40BF6h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA1276 second address: CA1298 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F72B9AA7990h 0x00000008 pushad 0x00000009 popad 0x0000000a jns 00007F72B9AA7986h 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 push esi 0x00000014 pop esi 0x00000015 pushad 0x00000016 popad 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA1298 second address: CA129C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA129C second address: CA12A2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA140D second address: CA1411 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA1411 second address: CA1431 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F72B9AA7986h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007F72B9AA7996h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA1431 second address: CA143B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jo 00007F72B8E40BF6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA143B second address: CA143F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA1C7A second address: CA1C84 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F72B8E40BFEh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA1C84 second address: CA1CA5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b jmp 00007F72B9AA798Eh 0x00000010 jbe 00007F72B9AA7986h 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA1CA5 second address: CA1CAA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA1CAA second address: CA1CB4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jp 00007F72B9AA7986h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA1E2F second address: CA1E44 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 jns 00007F72B8E40BF6h 0x0000000c pop eax 0x0000000d jo 00007F72B8E40BFEh 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA2120 second address: CA2126 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA2126 second address: CA2131 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA2131 second address: CA2146 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F72B9AA7986h 0x0000000a jnc 00007F72B9AA7986h 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 pop eax 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C99AF0 second address: C99B26 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F72B8E40BFDh 0x00000007 jmp 00007F72B8E40C05h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push ecx 0x00000011 jo 00007F72B8E40BF6h 0x00000017 push ecx 0x00000018 pop ecx 0x00000019 pop ecx 0x0000001a push eax 0x0000001b push edx 0x0000001c push edi 0x0000001d pop edi 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C99B26 second address: C99B30 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F72B9AA7986h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C99B30 second address: C99B36 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C99B36 second address: C99B3D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push esi 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA2B6B second address: CA2B6F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA2B6F second address: CA2B96 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007F72B9AA7992h 0x0000000c pushad 0x0000000d popad 0x0000000e push eax 0x0000000f pop eax 0x00000010 popad 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 pushad 0x00000017 popad 0x00000018 pushad 0x00000019 popad 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA2B96 second address: CA2B9A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA2B9A second address: CA2BA0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA2CF4 second address: CA2D11 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F72B8E40C09h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA2D11 second address: CA2D15 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA2D15 second address: CA2D47 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 pushad 0x00000008 jmp 00007F72B8E40C05h 0x0000000d jc 00007F72B8E40C02h 0x00000013 jmp 00007F72B8E40BFCh 0x00000018 push eax 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA2D47 second address: CA2D4D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA2FF7 second address: CA2FFB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA2FFB second address: CA300D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b popad 0x0000000c jc 00007F72B9AA7986h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA5AA3 second address: CA5AAA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA5AAA second address: CA5AB0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA5AB0 second address: CA5AC5 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F72B8E40BF6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov eax, dword ptr [esp+04h] 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA5AC5 second address: CA5ACC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA5ACC second address: CA5AD6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jp 00007F72B8E40BF6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA5AD6 second address: CA5ADA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA5ADA second address: CA5AEC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [eax] 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f pushad 0x00000010 popad 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA5AEC second address: CA5AF2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA5AF2 second address: CA5AF6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA5D51 second address: CA5D5B instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F72B9AA7986h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA8927 second address: CA8939 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F72B8E40BFDh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA8939 second address: CA8945 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA8945 second address: CA895C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 jmp 00007F72B8E40C02h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CACC7A second address: CACC80 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CACC80 second address: CACC84 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CACC84 second address: CACCA1 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F72B9AA7986h 0x00000008 jmp 00007F72B9AA7990h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CACCA1 second address: CACCAC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CACCAC second address: CACCB0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CACF9C second address: CACFA2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CACFA2 second address: CACFB8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F72B9AA798Dh 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAD609 second address: CAD60D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAD60D second address: CAD611 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAD611 second address: CAD61A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ecx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB0AD8 second address: CB0B38 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push edx 0x00000006 push eax 0x00000007 pop eax 0x00000008 pop edx 0x00000009 popad 0x0000000a add dword ptr [esp], 516EC573h 0x00000011 push 00000000h 0x00000013 push esi 0x00000014 call 00007F72B9AA7988h 0x00000019 pop esi 0x0000001a mov dword ptr [esp+04h], esi 0x0000001e add dword ptr [esp+04h], 0000001Ah 0x00000026 inc esi 0x00000027 push esi 0x00000028 ret 0x00000029 pop esi 0x0000002a ret 0x0000002b jmp 00007F72B9AA7991h 0x00000030 push C0D83F83h 0x00000035 push eax 0x00000036 push edx 0x00000037 jmp 00007F72B9AA7995h 0x0000003c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB0E44 second address: CB0E4A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB0FED second address: CB1005 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 push esi 0x00000006 pop esi 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F72B9AA798Bh 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB1005 second address: CB100F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnc 00007F72B8E40BF6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB17A4 second address: CB17A8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB17A8 second address: CB17D6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F72B8E40C03h 0x00000008 jl 00007F72B8E40BF6h 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push eax 0x00000012 push eax 0x00000013 push edx 0x00000014 jng 00007F72B8E40BFCh 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB17D6 second address: CB17ED instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F72B9AA7993h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB18C3 second address: CB18D7 instructions: 0x00000000 rdtsc 0x00000002 je 00007F72B8E40BF6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push ecx 0x0000000c push eax 0x0000000d push edx 0x0000000e jp 00007F72B8E40BF6h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB1978 second address: CB197C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C758BB second address: C758CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 ja 00007F72B8E40BF6h 0x0000000d push esi 0x0000000e pop esi 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C758CA second address: C758CE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C758CE second address: C758D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C758D4 second address: C75924 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnl 00007F72B9AA79A8h 0x0000000c popad 0x0000000d jl 00007F72B9AA79BCh 0x00000013 push ebx 0x00000014 pushad 0x00000015 popad 0x00000016 pop ebx 0x00000017 pushad 0x00000018 push edx 0x00000019 pop edx 0x0000001a jmp 00007F72B9AA7992h 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB3886 second address: CB3890 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jp 00007F72B8E40BF6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB52BE second address: CB5354 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F72B9AA798Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b mov edi, dword ptr [ebp+122D2D72h] 0x00000011 push 00000000h 0x00000013 sub esi, dword ptr [ebp+122D2DCEh] 0x00000019 call 00007F72B9AA7998h 0x0000001e jmp 00007F72B9AA798Ch 0x00000023 pop edi 0x00000024 push 00000000h 0x00000026 push 00000000h 0x00000028 push ecx 0x00000029 call 00007F72B9AA7988h 0x0000002e pop ecx 0x0000002f mov dword ptr [esp+04h], ecx 0x00000033 add dword ptr [esp+04h], 00000019h 0x0000003b inc ecx 0x0000003c push ecx 0x0000003d ret 0x0000003e pop ecx 0x0000003f ret 0x00000040 mov dword ptr [ebp+12453058h], eax 0x00000046 pushad 0x00000047 jmp 00007F72B9AA7990h 0x0000004c cld 0x0000004d popad 0x0000004e xchg eax, ebx 0x0000004f push eax 0x00000050 push edx 0x00000051 pushad 0x00000052 jmp 00007F72B9AA798Bh 0x00000057 ja 00007F72B9AA7986h 0x0000005d popad 0x0000005e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB5354 second address: CB5387 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F72B8E40C09h 0x00000008 jc 00007F72B8E40BF6h 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push eax 0x00000012 pushad 0x00000013 jne 00007F72B8E40BF8h 0x00000019 push eax 0x0000001a push edx 0x0000001b pushad 0x0000001c popad 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB5387 second address: CB538B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB5CB5 second address: CB5CBB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB5CBB second address: CB5CC4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB5CC4 second address: CB5CC8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB67EF second address: CB6806 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F72B9AA7993h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB7291 second address: CB7309 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 push 00000000h 0x0000000b push esi 0x0000000c call 00007F72B8E40BF8h 0x00000011 pop esi 0x00000012 mov dword ptr [esp+04h], esi 0x00000016 add dword ptr [esp+04h], 00000014h 0x0000001e inc esi 0x0000001f push esi 0x00000020 ret 0x00000021 pop esi 0x00000022 ret 0x00000023 push 00000000h 0x00000025 push 00000000h 0x00000027 push edi 0x00000028 call 00007F72B8E40BF8h 0x0000002d pop edi 0x0000002e mov dword ptr [esp+04h], edi 0x00000032 add dword ptr [esp+04h], 00000017h 0x0000003a inc edi 0x0000003b push edi 0x0000003c ret 0x0000003d pop edi 0x0000003e ret 0x0000003f call 00007F72B8E40C02h 0x00000044 mov di, 9FC4h 0x00000048 pop edi 0x00000049 push 00000000h 0x0000004b push ecx 0x0000004c jne 00007F72B8E40BFCh 0x00000052 pop edi 0x00000053 push eax 0x00000054 push eax 0x00000055 push edx 0x00000056 jl 00007F72B8E40BF8h 0x0000005c pushad 0x0000005d popad 0x0000005e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB7309 second address: CB7313 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jg 00007F72B9AA7986h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB7D1D second address: CB7D27 instructions: 0x00000000 rdtsc 0x00000002 js 00007F72B8E40BFCh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CBA417 second address: CBA41B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CBA41B second address: CBA41F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CBC74C second address: CBC750 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CBCCCE second address: CBCCDC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jns 00007F72B8E40BF6h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CBCE19 second address: CBCE1E instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CBDF0D second address: CBDF17 instructions: 0x00000000 rdtsc 0x00000002 je 00007F72B8E40BF6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CBDF17 second address: CBDF1C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CBFEF2 second address: CBFF5D instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], eax 0x0000000b movzx ebx, cx 0x0000000e push ebx 0x0000000f mov di, ax 0x00000012 pop ebx 0x00000013 push dword ptr fs:[00000000h] 0x0000001a mov edi, dword ptr [ebp+122D2D72h] 0x00000020 mov dword ptr fs:[00000000h], esp 0x00000027 pushad 0x00000028 mov dword ptr [ebp+12459F8Ch], ebx 0x0000002e je 00007F72B8E40BFCh 0x00000034 mov ecx, dword ptr [ebp+124782CFh] 0x0000003a popad 0x0000003b mov eax, dword ptr [ebp+122D0171h] 0x00000041 push 00000000h 0x00000043 push esi 0x00000044 call 00007F72B8E40BF8h 0x00000049 pop esi 0x0000004a mov dword ptr [esp+04h], esi 0x0000004e add dword ptr [esp+04h], 00000015h 0x00000056 inc esi 0x00000057 push esi 0x00000058 ret 0x00000059 pop esi 0x0000005a ret 0x0000005b mov ebx, dword ptr [ebp+122D29F8h] 0x00000061 push FFFFFFFFh 0x00000063 nop 0x00000064 pushad 0x00000065 pushad 0x00000066 push eax 0x00000067 push edx 0x00000068 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CBFF5D second address: CBFF6C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 jbe 00007F72B9AA798Ch 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC1B30 second address: CC1B36 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC4E0E second address: CC4E17 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC4E17 second address: CC4E1B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC5E1F second address: CC5E23 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC8DF5 second address: CC8DF9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC8DF9 second address: CC8E0A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F72B9AA798Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC8E0A second address: CC8E7C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push esi 0x00000004 pop esi 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], eax 0x0000000b push 00000000h 0x0000000d push ecx 0x0000000e call 00007F72B8E40BF8h 0x00000013 pop ecx 0x00000014 mov dword ptr [esp+04h], ecx 0x00000018 add dword ptr [esp+04h], 0000001Ah 0x00000020 inc ecx 0x00000021 push ecx 0x00000022 ret 0x00000023 pop ecx 0x00000024 ret 0x00000025 push 00000000h 0x00000027 sub dword ptr [ebp+122D206Bh], edx 0x0000002d push 00000000h 0x0000002f call 00007F72B8E40BFAh 0x00000034 pop ebx 0x00000035 xchg eax, esi 0x00000036 jng 00007F72B8E40C0Dh 0x0000003c push eax 0x0000003d push eax 0x0000003e push edx 0x0000003f pushad 0x00000040 push esi 0x00000041 pop esi 0x00000042 jmp 00007F72B8E40BFBh 0x00000047 popad 0x00000048 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC8083 second address: CC8150 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F72B9AA7986h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b mov dword ptr [esp], eax 0x0000000e xor edi, dword ptr [ebp+122D2C8Ah] 0x00000014 push dword ptr fs:[00000000h] 0x0000001b jnp 00007F72B9AA7988h 0x00000021 mov edi, esi 0x00000023 mov bl, 02h 0x00000025 mov dword ptr fs:[00000000h], esp 0x0000002c mov bx, D0C4h 0x00000030 movzx edi, si 0x00000033 mov eax, dword ptr [ebp+122D0A65h] 0x00000039 push 00000000h 0x0000003b push ebp 0x0000003c call 00007F72B9AA7988h 0x00000041 pop ebp 0x00000042 mov dword ptr [esp+04h], ebp 0x00000046 add dword ptr [esp+04h], 0000001Ah 0x0000004e inc ebp 0x0000004f push ebp 0x00000050 ret 0x00000051 pop ebp 0x00000052 ret 0x00000053 sub edi, 32439628h 0x00000059 push FFFFFFFFh 0x0000005b push 00000000h 0x0000005d push ecx 0x0000005e call 00007F72B9AA7988h 0x00000063 pop ecx 0x00000064 mov dword ptr [esp+04h], ecx 0x00000068 add dword ptr [esp+04h], 0000001Bh 0x00000070 inc ecx 0x00000071 push ecx 0x00000072 ret 0x00000073 pop ecx 0x00000074 ret 0x00000075 nop 0x00000076 pushad 0x00000077 jmp 00007F72B9AA7996h 0x0000007c jmp 00007F72B9AA7995h 0x00000081 popad 0x00000082 push eax 0x00000083 pushad 0x00000084 push eax 0x00000085 push edx 0x00000086 jmp 00007F72B9AA7995h 0x0000008b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCC288 second address: CCC2AA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F72B8E40BFBh 0x00000008 jp 00007F72B8E40BF6h 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push eax 0x00000012 push eax 0x00000013 push edx 0x00000014 push ebx 0x00000015 js 00007F72B8E40BF6h 0x0000001b pop ebx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC8150 second address: CC8159 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCD19C second address: CCD206 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 popad 0x00000006 mov dword ptr [esp], eax 0x00000009 push 00000000h 0x0000000b push edx 0x0000000c call 00007F72B8E40BF8h 0x00000011 pop edx 0x00000012 mov dword ptr [esp+04h], edx 0x00000016 add dword ptr [esp+04h], 0000001Ah 0x0000001e inc edx 0x0000001f push edx 0x00000020 ret 0x00000021 pop edx 0x00000022 ret 0x00000023 or ebx, 769E4122h 0x00000029 push 00000000h 0x0000002b sub bh, 00000035h 0x0000002e push 00000000h 0x00000030 push 00000000h 0x00000032 push ebx 0x00000033 call 00007F72B8E40BF8h 0x00000038 pop ebx 0x00000039 mov dword ptr [esp+04h], ebx 0x0000003d add dword ptr [esp+04h], 0000001Ah 0x00000045 inc ebx 0x00000046 push ebx 0x00000047 ret 0x00000048 pop ebx 0x00000049 ret 0x0000004a mov edi, dword ptr [ebp+122D1F41h] 0x00000050 xchg eax, esi 0x00000051 push eax 0x00000052 jl 00007F72B8E40BFCh 0x00000058 push eax 0x00000059 push edx 0x0000005a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCD206 second address: CCD21A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jns 00007F72B9AA798Ch 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC8FF1 second address: CC9012 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F72B8E40BFCh 0x00000008 jg 00007F72B8E40BF6h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 jbe 00007F72B8E40BF6h 0x0000001a jnp 00007F72B8E40BF6h 0x00000020 popad 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC9012 second address: CC9018 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC9018 second address: CC901C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCD44D second address: CCD451 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCD451 second address: CCD455 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCD455 second address: CCD45B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCD45B second address: CCD461 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CD3A94 second address: CD3ACB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 jmp 00007F72B9AA7992h 0x0000000a pop ecx 0x0000000b pushad 0x0000000c jmp 00007F72B9AA7990h 0x00000011 push edi 0x00000012 push ebx 0x00000013 pop ebx 0x00000014 ja 00007F72B9AA7986h 0x0000001a pop edi 0x0000001b push eax 0x0000001c push edx 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CD3ACB second address: CD3ACF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CD596A second address: CD596F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CD596F second address: CD5974 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CD5974 second address: CD597A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C6B7FD second address: C6B820 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F72B8E40C15h 0x00000008 jmp 00007F72B8E40C09h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C6B820 second address: C6B827 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CD94BD second address: CD94C8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jne 00007F72B8E40BF6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CDF3FB second address: CDF401 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CDF401 second address: CDF416 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 jmp 00007F72B8E40BFCh 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CDF416 second address: CDF441 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ecx 0x00000009 jmp 00007F72B9AA7995h 0x0000000e jbe 00007F72B9AA7986h 0x00000014 pop ecx 0x00000015 popad 0x00000016 pushad 0x00000017 push eax 0x00000018 push edx 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CDF441 second address: CDF447 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CE4051 second address: CE406F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 ja 00007F72B9AA7986h 0x0000000c popad 0x0000000d pushad 0x0000000e pushad 0x0000000f popad 0x00000010 jng 00007F72B9AA7986h 0x00000016 jnc 00007F72B9AA7986h 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CE431A second address: CE4322 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CE446A second address: CE4475 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop edx 0x00000006 push ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 push ebx 0x0000000a pop ebx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CE88A1 second address: CE88AD instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push edx 0x0000000b pop edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CE88AD second address: CE88CA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F72B9AA7999h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CE777C second address: CE7785 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CE7785 second address: CE778F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jg 00007F72B9AA7986h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAF395 second address: CAF3CB instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 jmp 00007F72B8E40C03h 0x00000008 pop edi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b nop 0x0000000c lea eax, dword ptr [ebp+1247F0A5h] 0x00000012 sbb di, AEDFh 0x00000017 xor edi, 28A23527h 0x0000001d nop 0x0000001e pushad 0x0000001f pushad 0x00000020 jno 00007F72B8E40BF6h 0x00000026 push eax 0x00000027 push edx 0x00000028 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAF3CB second address: CAF3D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAF3D3 second address: CAF3FB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F72B8E40BF6h 0x0000000a popad 0x0000000b popad 0x0000000c push eax 0x0000000d pushad 0x0000000e push esi 0x0000000f jmp 00007F72B8E40C05h 0x00000014 pop esi 0x00000015 pushad 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAF3FB second address: C99AF0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 popad 0x00000007 popad 0x00000008 nop 0x00000009 push 00000000h 0x0000000b push ebp 0x0000000c call 00007F72B9AA7988h 0x00000011 pop ebp 0x00000012 mov dword ptr [esp+04h], ebp 0x00000016 add dword ptr [esp+04h], 00000018h 0x0000001e inc ebp 0x0000001f push ebp 0x00000020 ret 0x00000021 pop ebp 0x00000022 ret 0x00000023 call dword ptr [ebp+122D2672h] 0x00000029 push eax 0x0000002a push edx 0x0000002b push eax 0x0000002c push esi 0x0000002d pop esi 0x0000002e pop eax 0x0000002f jmp 00007F72B9AA7996h 0x00000034 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAF5D4 second address: CAF5D8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAF86B second address: CAF86F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAF86F second address: CAF875 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAF875 second address: CAF87A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAFAFE second address: CAFB03 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAFB03 second address: CAFB2A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F72B9AA7999h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d jnc 00007F72B9AA7986h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAFB2A second address: CAFB2E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAFBA5 second address: CAFBAB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAFBAB second address: CAFBAF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAFC9E second address: CAFCD5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push ebx 0x00000007 push ebx 0x00000008 jmp 00007F72B9AA7998h 0x0000000d pop ebx 0x0000000e pop ebx 0x0000000f mov eax, dword ptr [esp+04h] 0x00000013 jc 00007F72B9AA798Ah 0x00000019 push esi 0x0000001a pushad 0x0000001b popad 0x0000001c pop esi 0x0000001d mov eax, dword ptr [eax] 0x0000001f push edi 0x00000020 push eax 0x00000021 push edx 0x00000022 pushad 0x00000023 popad 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAFCD5 second address: CAFCE6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 mov dword ptr [esp+04h], eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push ecx 0x0000000e push edx 0x0000000f pop edx 0x00000010 pop ecx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAFEE1 second address: CAFF01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F72B9AA7993h 0x00000009 popad 0x0000000a jc 00007F72B9AA798Ch 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB02D0 second address: CB02D4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB0463 second address: CB0467 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB06E3 second address: CB0736 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F72B8E40BF6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push esi 0x0000000c pop esi 0x0000000d push eax 0x0000000e pop eax 0x0000000f popad 0x00000010 popad 0x00000011 mov dword ptr [esp], eax 0x00000014 mov dword ptr [ebp+122D2678h], edx 0x0000001a lea eax, dword ptr [ebp+1247F0A5h] 0x00000020 push 00000000h 0x00000022 push edi 0x00000023 call 00007F72B8E40BF8h 0x00000028 pop edi 0x00000029 mov dword ptr [esp+04h], edi 0x0000002d add dword ptr [esp+04h], 0000001Ah 0x00000035 inc edi 0x00000036 push edi 0x00000037 ret 0x00000038 pop edi 0x00000039 ret 0x0000003a nop 0x0000003b push eax 0x0000003c push edx 0x0000003d pushad 0x0000003e jbe 00007F72B8E40BF6h 0x00000044 jne 00007F72B8E40BF6h 0x0000004a popad 0x0000004b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB0736 second address: C9A5F6 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F72B9AA798Ch 0x00000008 jl 00007F72B9AA7986h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push esi 0x00000012 pushad 0x00000013 jng 00007F72B9AA7986h 0x00000019 jno 00007F72B9AA7986h 0x0000001f popad 0x00000020 pop esi 0x00000021 nop 0x00000022 push 00000000h 0x00000024 push edi 0x00000025 call 00007F72B9AA7988h 0x0000002a pop edi 0x0000002b mov dword ptr [esp+04h], edi 0x0000002f add dword ptr [esp+04h], 00000014h 0x00000037 inc edi 0x00000038 push edi 0x00000039 ret 0x0000003a pop edi 0x0000003b ret 0x0000003c mov ecx, dword ptr [ebp+122D25BBh] 0x00000042 call dword ptr [ebp+122D2A95h] 0x00000048 pushad 0x00000049 push eax 0x0000004a push edx 0x0000004b push eax 0x0000004c push edx 0x0000004d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C9A5F6 second address: C9A5FA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C9A5FA second address: C9A60A instructions: 0x00000000 rdtsc 0x00000002 jp 00007F72B9AA7986h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C9A60A second address: C9A66C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F72B8E40BFCh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jmp 00007F72B8E40C04h 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 jnp 00007F72B8E40BFCh 0x00000019 pushad 0x0000001a jmp 00007F72B8E40BFFh 0x0000001f jnp 00007F72B8E40BF6h 0x00000025 jmp 00007F72B8E40C06h 0x0000002a popad 0x0000002b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C9A66C second address: C9A672 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C9A672 second address: C9A676 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C9A676 second address: C9A67A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CE7EB5 second address: CE7EBA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CE7EBA second address: CE7ECA instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push edx 0x00000004 pop edx 0x00000005 pushad 0x00000006 popad 0x00000007 pop edx 0x00000008 push eax 0x00000009 push edx 0x0000000a jns 00007F72B9AA7986h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CEFF0C second address: CEFF32 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jp 00007F72B8E40BF6h 0x00000009 pushad 0x0000000a popad 0x0000000b jnl 00007F72B8E40BF6h 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007F72B8E40C02h 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CF006B second address: CF0077 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 push edx 0x00000009 pop edx 0x0000000a push esi 0x0000000b pop esi 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CF0235 second address: CF0241 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 je 00007F72B8E40BF6h 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CF0241 second address: CF0247 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CF0247 second address: CF0255 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 je 00007F72B8E40BF6h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CF0C75 second address: CF0C79 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CF0C79 second address: CF0C7F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CF0E56 second address: CF0E65 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 jbe 00007F72B9AA7986h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CF0E65 second address: CF0E70 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F72B8E40BF6h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CF0FB1 second address: CF0FB5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CEFC19 second address: CEFC1D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CEFC1D second address: CEFC30 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F72B9AA798Fh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CFA17A second address: CFA17E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CFA17E second address: CFA182 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CFA306 second address: CFA30A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CF9E3D second address: CF9E41 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CF9E41 second address: CF9E45 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CF9E45 second address: CF9E54 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007F72B9AA7986h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CF9E54 second address: CF9E6B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F72B8E40C01h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CFADBA second address: CFADC2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CFD453 second address: CFD48A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 push eax 0x00000006 pop eax 0x00000007 jmp 00007F72B8E40C07h 0x0000000c jmp 00007F72B8E40C02h 0x00000011 popad 0x00000012 pop edx 0x00000013 pop eax 0x00000014 pushad 0x00000015 push ecx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CFD48A second address: CFD4BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F72B9AA7999h 0x00000009 pop ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e jmp 00007F72B9AA798Fh 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CFCFDF second address: CFCFE3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CFD13C second address: CFD149 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 jl 00007F72B9AA798Eh 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CFD149 second address: CFD14F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CFD14F second address: CFD171 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F72B9AA799Dh 0x00000008 jmp 00007F72B9AA7997h 0x0000000d push ecx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CFFEAB second address: CFFEAF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CFFEAF second address: CFFEB3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CFFEB3 second address: CFFEC3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jo 00007F72B8E40BFEh 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C73D33 second address: C73D39 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C73D39 second address: C73D3F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C73D3F second address: C73D43 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D09738 second address: D09741 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D09741 second address: D09747 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D09747 second address: D0974B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0974B second address: D0974F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0974F second address: D09786 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007F72B8E40BFCh 0x0000000c je 00007F72B8E40BF6h 0x00000012 popad 0x00000013 jmp 00007F72B8E40C00h 0x00000018 popad 0x00000019 push eax 0x0000001a push edx 0x0000001b push eax 0x0000001c push edx 0x0000001d jns 00007F72B8E40BF6h 0x00000023 pushad 0x00000024 popad 0x00000025 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D09786 second address: D0978C instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0978C second address: D097A1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F72B8E40BFBh 0x00000009 js 00007F72B8E40BF6h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D09A70 second address: D09A74 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D09A74 second address: D09A7D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0A020 second address: D0A02A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnp 00007F72B9AA7986h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0A02A second address: D0A039 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0A039 second address: D0A048 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pushad 0x00000007 popad 0x00000008 jo 00007F72B9AA7986h 0x0000000e popad 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0A9E2 second address: D0A9E8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0E9C0 second address: D0E9DA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push eax 0x00000006 push edx 0x00000007 jns 00007F72B9AA7986h 0x0000000d jmp 00007F72B9AA798Dh 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0E9DA second address: D0E9E7 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F72B8E40BF6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push esi 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0DCB0 second address: D0DCDA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jo 00007F72B9AA799Eh 0x0000000c push eax 0x0000000d pop eax 0x0000000e jmp 00007F72B9AA7996h 0x00000013 push eax 0x00000014 push edx 0x00000015 push edx 0x00000016 pop edx 0x00000017 pushad 0x00000018 popad 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0DCDA second address: D0DCE0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0DCE0 second address: D0DCFA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 jmp 00007F72B9AA798Dh 0x0000000e push esi 0x0000000f pop esi 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0DFBD second address: D0DFC7 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F72B8E40BF6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0E156 second address: D0E16E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 push ebx 0x00000008 pushad 0x00000009 popad 0x0000000a pop ebx 0x0000000b pushad 0x0000000c jg 00007F72B9AA7986h 0x00000012 push esi 0x00000013 pop esi 0x00000014 pushad 0x00000015 popad 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0E16E second address: D0E17E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 jnl 00007F72B8E40BF6h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0E431 second address: D0E43B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pushad 0x00000006 popad 0x00000007 push edx 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0E43B second address: D0E443 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0E443 second address: D0E453 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 jl 00007F72B9AA7986h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0E453 second address: D0E457 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D0E5A6 second address: D0E5AC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D156C4 second address: D156CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D156CA second address: D156CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D156CE second address: D156F7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F72B8E40C09h 0x00000007 push edi 0x00000008 pop edi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jmp 00007F72B8E40BFAh 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D156F7 second address: D156FC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D15A04 second address: D15A0A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D15A0A second address: D15A0E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D15A0E second address: D15A1A instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 je 00007F72B8E40BF6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D15A1A second address: D15A35 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F72B9AA7992h 0x00000007 pushad 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D15A35 second address: D15A4A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F72B8E40BFCh 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D15A4A second address: D15A4F instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D15D1D second address: D15D31 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F72B8E40BF6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jnc 00007F72B8E40BF8h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D15D31 second address: D15D37 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D15D37 second address: D15D3B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D15D3B second address: D15D45 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push edx 0x00000009 pop edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D162FD second address: D16301 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D16301 second address: D16317 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F72B9AA7990h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D16B33 second address: D16B3A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D16B3A second address: D16B5B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F72B9AA7997h 0x00000009 jnc 00007F72B9AA7986h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D16B5B second address: D16B5F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D16B5F second address: D16B72 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d jg 00007F72B9AA7986h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D16B72 second address: D16B94 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F72B8E40C05h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jnl 00007F72B8E40BF6h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D16B94 second address: D16B9A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D16B9A second address: D16BA0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D16E4C second address: D16E50 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D16E50 second address: D16E69 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F72B8E40C03h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D16E69 second address: D16E7C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F72B9AA798Dh 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D1AED1 second address: D1AED5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D1AED5 second address: D1AEDF instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F72B9AA7986h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D1AEDF second address: D1AEFE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edi 0x00000007 jng 00007F72B8E40BF6h 0x0000000d pop edi 0x0000000e jmp 00007F72B8E40BFBh 0x00000013 popad 0x00000014 pushad 0x00000015 push eax 0x00000016 push edx 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D1AEFE second address: D1AF08 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007F72B9AA7986h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D1A511 second address: D1A517 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D1A517 second address: D1A51D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D1A51D second address: D1A522 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D1A66D second address: D1A672 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D1A935 second address: D1A93D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D1AACA second address: D1AACE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D1AACE second address: D1AAD2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D1AAD2 second address: D1AADC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D1AADC second address: D1AAE0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D1AAE0 second address: D1AAE6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D1F525 second address: D1F546 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 jmp 00007F72B8E40C05h 0x0000000c pop esi 0x0000000d pushad 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D1F546 second address: D1F54E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D20C41 second address: D20C4D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 jnl 00007F72B8E40BF6h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D20C4D second address: D20C53 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D20C53 second address: D20C5D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D20C5D second address: D20C6D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F72B9AA798Ch 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D2730E second address: D27313 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D27AC3 second address: D27ADC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F72B9AA7993h 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D27ADC second address: D27AE6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007F72B8E40BF6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D27C96 second address: D27C9B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D27E01 second address: D27E2C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jmp 00007F72B8E40BFAh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F72B8E40C09h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D27E2C second address: D27E64 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F72B9AA7986h 0x00000008 jmp 00007F72B9AA7993h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f popad 0x00000010 push eax 0x00000011 jmp 00007F72B9AA7996h 0x00000016 pushad 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D27FB4 second address: D27FB8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D27FB8 second address: D27FBC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D27FBC second address: D27FD0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jl 00007F72B8E40BF6h 0x0000000e jl 00007F72B8E40BF6h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D28DC6 second address: D28DD7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F72B9AA798Dh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D32410 second address: D32414 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D32414 second address: D3241F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D31F95 second address: D31FB7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pushad 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 jno 00007F72B8E40BF6h 0x0000000e jno 00007F72B8E40BF6h 0x00000014 popad 0x00000015 push ecx 0x00000016 jng 00007F72B8E40BF6h 0x0000001c pop ecx 0x0000001d popad 0x0000001e push edi 0x0000001f pushad 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D31FB7 second address: D31FBD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D31FBD second address: D31FD6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 pop eax 0x00000009 jmp 00007F72B8E40C00h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D31FD6 second address: D31FDA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D31FDA second address: D31FE0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D49AB1 second address: D49AB5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D523A7 second address: D523BD instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F72B8E40BFEh 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D523BD second address: D523E2 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F72B9AA7986h 0x00000008 jmp 00007F72B9AA7995h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push esi 0x00000010 push esi 0x00000011 push eax 0x00000012 pop eax 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D53CAE second address: D53CBF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007F72B8E40BF6h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f push edx 0x00000010 pop edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D59F04 second address: D59F08 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D59F08 second address: D59F10 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D5A069 second address: D5A083 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 jc 00007F72B9AA7986h 0x0000000e jmp 00007F72B9AA798Ch 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D5A1ED second address: D5A1F8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push edi 0x00000008 pop edi 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D5D240 second address: D5D244 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D5D244 second address: D5D24A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D5D24A second address: D5D250 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D6124A second address: D61250 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D61250 second address: D6127C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F72B9AA7993h 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F72B9AA7990h 0x00000011 push eax 0x00000012 pop eax 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D6127C second address: D61293 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F72B8E40C03h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D61293 second address: D612A9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push esi 0x00000009 pop esi 0x0000000a jmp 00007F72B9AA798Ch 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D612A9 second address: D612B9 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F72B8E40BF6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D612B9 second address: D612BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D612BD second address: D612DF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F72B8E40BFBh 0x0000000e pushad 0x0000000f jmp 00007F72B8E40BFBh 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D612DF second address: D612E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D7DF88 second address: D7DFB2 instructions: 0x00000000 rdtsc 0x00000002 js 00007F72B8E40BF6h 0x00000008 jmp 00007F72B8E40C05h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pushad 0x00000010 ja 00007F72B8E40BF6h 0x00000016 push ecx 0x00000017 pop ecx 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D7FB37 second address: D7FB40 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D7FB40 second address: D7FB44 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D7FB44 second address: D7FBA5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F72B9AA7997h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jnp 00007F72B9AA7988h 0x00000011 pushad 0x00000012 popad 0x00000013 popad 0x00000014 pushad 0x00000015 jne 00007F72B9AA798Ah 0x0000001b pushad 0x0000001c jmp 00007F72B9AA7992h 0x00000021 jbe 00007F72B9AA7986h 0x00000027 pushad 0x00000028 popad 0x00000029 push eax 0x0000002a pop eax 0x0000002b popad 0x0000002c jmp 00007F72B9AA798Eh 0x00000031 push eax 0x00000032 push edx 0x00000033 push edi 0x00000034 pop edi 0x00000035 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D99926 second address: D9993E instructions: 0x00000000 rdtsc 0x00000002 js 00007F72B8E40C0Ah 0x00000008 jmp 00007F72B8E40BFEh 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D9993E second address: D99946 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D99946 second address: D9994A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D9994A second address: D9995E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jl 00007F72B9AA79A6h 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D9995E second address: D99962 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D98894 second address: D988AE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 jmp 00007F72B9AA7990h 0x0000000a pushad 0x0000000b push eax 0x0000000c pop eax 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D99042 second address: D99046 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D991AB second address: D991B7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 pushad 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D99470 second address: D99476 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D995B3 second address: D995D6 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F72B9AA7986h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007F72B9AA7991h 0x0000000f js 00007F72B9AA798Ch 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D995D6 second address: D995ED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push edi 0x00000008 jmp 00007F72B8E40BFDh 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D995ED second address: D99607 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 jmp 00007F72B9AA7995h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D99607 second address: D99613 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jl 00007F72B8E40BF6h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D99613 second address: D99617 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D9D737 second address: D9D761 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F72B8E40C08h 0x0000000b popad 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push edx 0x00000010 jnp 00007F72B8E40BF6h 0x00000016 pop edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D9D81F second address: D9D838 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F72B9AA7992h 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D9D838 second address: D9D83C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D9DCB2 second address: D9DCB6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D9DCB6 second address: D9DCE3 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 nop 0x00000008 or dword ptr [ebp+122D2537h], ecx 0x0000000e or dword ptr [ebp+122D25D4h], ecx 0x00000014 push dword ptr [ebp+12464262h] 0x0000001a mov dx, 1AD2h 0x0000001e push 15991B00h 0x00000023 push eax 0x00000024 push edx 0x00000025 push esi 0x00000026 jc 00007F72B8E40BF6h 0x0000002c pop esi 0x0000002d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: D9DCE3 second address: D9DCF2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F72B9AA798Ah 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: DA0F14 second address: DA0F1A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: DA0F1A second address: DA0F1E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: DA0F1E second address: DA0F38 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F72B8E40C06h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: DA0F38 second address: DA0F42 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F72B9AA798Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: DA0F42 second address: DA0F68 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007F72B8E40C07h 0x0000000c push eax 0x0000000d push edx 0x0000000e ja 00007F72B8E40BF6h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: DA0F68 second address: DA0F96 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F72B9AA798Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jmp 00007F72B9AA798Ah 0x0000000f jmp 00007F72B9AA7992h 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 2EB0D07 second address: 2EB0D0B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 2EB0D0B second address: 2EB0D1E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F72B9AA798Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 2EB0D1E second address: 2EB0D7F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F72B8E40C09h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ecx, dword ptr [eax+00000FDCh] 0x0000000f jmp 00007F72B8E40BFEh 0x00000014 test ecx, ecx 0x00000016 pushad 0x00000017 pushfd 0x00000018 jmp 00007F72B8E40BFEh 0x0000001d and si, 1A78h 0x00000022 jmp 00007F72B8E40BFBh 0x00000027 popfd 0x00000028 popad 0x00000029 jns 00007F72B8E40C4Bh 0x0000002f push eax 0x00000030 push edx 0x00000031 push eax 0x00000032 push edx 0x00000033 push eax 0x00000034 push edx 0x00000035 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 2EB0D7F second address: 2EB0D83 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 2EB0D83 second address: 2EB0D87 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 2EB0D87 second address: 2EB0D8D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 2EB0D8D second address: 2EB0DB2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F72B8E40C09h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 add eax, ecx 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 2EB0DB2 second address: 2EB0DB8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 2EB0DB8 second address: 2EB0DED instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F72B8E40C02h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [eax+00000860h] 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F72B8E40C07h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB4CD9 second address: CB4CDE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 50E0022 second address: 50E009D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F72B8E40C07h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007F72B8E40C09h 0x0000000f xchg eax, ebp 0x00000010 pushad 0x00000011 mov si, 0443h 0x00000015 pushfd 0x00000016 jmp 00007F72B8E40C08h 0x0000001b adc cx, 6108h 0x00000020 jmp 00007F72B8E40BFBh 0x00000025 popfd 0x00000026 popad 0x00000027 mov ebp, esp 0x00000029 push eax 0x0000002a push edx 0x0000002b pushad 0x0000002c call 00007F72B8E40BFBh 0x00000031 pop esi 0x00000032 movsx edx, cx 0x00000035 popad 0x00000036 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 50E009D second address: 50E00D8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov edi, 04A4EE14h 0x00000008 pushfd 0x00000009 jmp 00007F72B9AA798Dh 0x0000000e or cx, CAD6h 0x00000013 jmp 00007F72B9AA7991h 0x00000018 popfd 0x00000019 popad 0x0000001a pop edx 0x0000001b pop eax 0x0000001c mov edx, dword ptr [ebp+0Ch] 0x0000001f push eax 0x00000020 push edx 0x00000021 pushad 0x00000022 pushad 0x00000023 popad 0x00000024 pushad 0x00000025 popad 0x00000026 popad 0x00000027 rdtsc |