Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://127.0.0.1:27060 |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.0000000001668000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://www.valvesoftware.com/legal.htm |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://api.steampowered.com/ |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://broadcast.st.dl.eccdnx.com |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://cdn.fastly.steamstatic.com/steamcommunity/public/assets/ |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://checkout.steampowered.com/ |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/ |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/css/globalv2.css?v=dQy8Omh4p9PH&l=english |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/css/skin_1/fatalerror.css?v=wctRWaBvNt2z&l=english |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/css/skin_1/header.css?v=pTvrRy1pm52p&l=english |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/javascript/global.js?v=7qlUmHSJhPRN&l=english |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL&l= |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/shared/css/buttons.css?v=-WV9f1LdxEjq&l=english |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/shared/css/motiva_sans.css?v=v7XTmVzbLV33&l=english |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/shared/css/shared_global.css?v=uF6G1wyNU-4c&l=english |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/shared/css/shared_responsive.css?v=kR9MtmbWSZEp&l=engli |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.0000000001668000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016 |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.0000000001668000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/shared/images/responsive/header_logo.png |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.0000000001668000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.0000000001668000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1&l=engl |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/shared/javascript/shared_global.js?v=7glT1n_nkVCs&l=eng |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=pSvIAKtunf |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0 |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://help.steampowered.com/ |
Source: file.exe, 00000000.00000002.2076533613.0000000001664000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.0000000001668000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://help.steampowered.com/en/ |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://login.steampowered.com/ |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lv.queniujq.cn |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://medal.tv |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://player.vimeo.com |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://recaptcha.net |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://recaptcha.net/recaptcha/; |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://s.ytimg.com; |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sketchfab.com |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steam.tv/ |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcast-test.akamaized.net |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcast.akamaized.net |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steambroadcastchat.akamaized.net |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.c |
Source: file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/ |
Source: file.exe, 00000000.00000003.2074451497.0000000001680000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076722088.0000000001680000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/: |
Source: file.exe, 00000000.00000002.2076533613.0000000001664000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.0000000001668000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/?subsection=broadcasts |
Source: file.exe, 00000000.00000002.2076533613.0000000001664000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.0000000001668000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/discussions/ |
Source: file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900 |
Source: file.exe, 00000000.00000002.2076533613.0000000001664000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.0000000001668000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/market/ |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.0000000001668000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/my/wishlist/ |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/p |
Source: file.exe, 00000000.00000003.2074451497.0000000001680000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076722088.0000000001680000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.000000000168F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076722088.000000000168F000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900 |
Source: file.exe, 00000000.00000002.2076533613.0000000001664000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.0000000001668000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/workshop/ |
Source: file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/ |
Source: file.exe, 00000000.00000003.2074619887.00000000016D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074619887.00000000016A1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/; |
Source: file.exe, 00000000.00000003.2074619887.00000000016A1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7C0e3d185a3e106e7 |
Source: file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/about/ |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.0000000001668000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/explore/ |
Source: file.exe, 00000000.00000002.2076533613.0000000001664000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/mobile |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.0000000001668000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/news/ |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.0000000001668000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/points/shop/ |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.0000000001668000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/privacy_agreement/ |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.0000000001668000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/stats/ |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.0000000001668000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/steam_refunds/ |
Source: file.exe, 00000000.00000003.2074394493.00000000016E5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074451497.0000000001668000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2074394493.00000000016EB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2076794906.00000000016EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/subscriber_agreement/ |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com/recaptcha/ |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.gstatic.cn/recaptcha/ |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.gstatic.com/recaptcha/ |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.youtube.com |
Source: file.exe, 00000000.00000002.2076722088.00000000016A1000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.youtube.com/ |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BAD75F second address: BAD763 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BAD763 second address: BAD78E instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FD6B10B63E6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b pushad 0x0000000c jg 00007FD6B10B63F7h 0x00000012 jg 00007FD6B10B63E6h 0x00000018 jmp 00007FD6B10B63EBh 0x0000001d push eax 0x0000001e push edx 0x0000001f ja 00007FD6B10B63E6h 0x00000025 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BAD78E second address: BAD79C instructions: 0x00000000 rdtsc 0x00000002 jo 00007FD6B0E698B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BAD79C second address: BAD7A2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BAD7A2 second address: BAD7A6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BAD909 second address: BAD937 instructions: 0x00000000 rdtsc 0x00000002 jg 00007FD6B10B63E6h 0x00000008 jng 00007FD6B10B63E6h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 jmp 00007FD6B10B63F0h 0x00000015 jnl 00007FD6B10B63E8h 0x0000001b popad 0x0000001c push esi 0x0000001d push eax 0x0000001e push edx 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BAD937 second address: BAD946 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD6B0E698BBh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BB0173 second address: BB0178 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BB0178 second address: BB01A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 pushad 0x00000009 pushad 0x0000000a jmp 00007FD6B0E698C4h 0x0000000f jl 00007FD6B0E698B6h 0x00000015 popad 0x00000016 jbe 00007FD6B0E698BCh 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BB01A5 second address: BB01B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 mov eax, dword ptr [esp+04h] 0x00000009 jo 00007FD6B10B6402h 0x0000000f push eax 0x00000010 push edx 0x00000011 push ecx 0x00000012 pop ecx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BB01B8 second address: BB01D7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B0E698C4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [eax] 0x0000000b push esi 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BB01D7 second address: BB01F5 instructions: 0x00000000 rdtsc 0x00000002 jg 00007FD6B10B63E6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop esi 0x0000000b mov dword ptr [esp+04h], eax 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FD6B10B63EDh 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BB0301 second address: BB0307 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BB0307 second address: BB030C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BB030C second address: BB0311 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BB03EE second address: BB04C4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63F8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007FD6B10B63F3h 0x0000000e popad 0x0000000f nop 0x00000010 xor dword ptr [ebp+122D357Eh], eax 0x00000016 push 00000000h 0x00000018 push 25B90A1Bh 0x0000001d jmp 00007FD6B10B63F5h 0x00000022 xor dword ptr [esp], 25B90A9Bh 0x00000029 mov esi, dword ptr [ebp+122D3A04h] 0x0000002f push 00000003h 0x00000031 or edx, 72FEA5A6h 0x00000037 push 00000000h 0x00000039 mov dword ptr [ebp+122D358Ch], esi 0x0000003f call 00007FD6B10B63EFh 0x00000044 sub edi, dword ptr [ebp+122D3940h] 0x0000004a pop ecx 0x0000004b push 00000003h 0x0000004d jne 00007FD6B10B63EBh 0x00000053 push EB04CD20h 0x00000058 push edi 0x00000059 jmp 00007FD6B10B63EEh 0x0000005e pop edi 0x0000005f xor dword ptr [esp], 2B04CD20h 0x00000066 jmp 00007FD6B10B63F9h 0x0000006b lea ebx, dword ptr [ebp+1245007Ch] 0x00000071 mov edx, esi 0x00000073 xchg eax, ebx 0x00000074 pushad 0x00000075 push eax 0x00000076 push edx 0x00000077 push edx 0x00000078 pop edx 0x00000079 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BB04C4 second address: BB04E0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B0E698C5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push edi 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BB04E0 second address: BB04F1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 popad 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jl 00007FD6B10B63E8h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BB04F1 second address: BB04F6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BB058B second address: BB0593 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BB0593 second address: BB05DF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 popad 0x00000006 xor dword ptr [esp], 6C39242Fh 0x0000000d push esi 0x0000000e mov dword ptr [ebp+122D2F8Fh], edi 0x00000014 pop esi 0x00000015 push 00000003h 0x00000017 push 00000000h 0x00000019 mov dx, 4177h 0x0000001d push 00000003h 0x0000001f push 00000000h 0x00000021 push ebx 0x00000022 call 00007FD6B0E698B8h 0x00000027 pop ebx 0x00000028 mov dword ptr [esp+04h], ebx 0x0000002c add dword ptr [esp+04h], 00000017h 0x00000034 inc ebx 0x00000035 push ebx 0x00000036 ret 0x00000037 pop ebx 0x00000038 ret 0x00000039 push E19425EDh 0x0000003e je 00007FD6B0E698BEh 0x00000044 push ecx 0x00000045 push eax 0x00000046 push edx 0x00000047 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BB05DF second address: BB0618 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 xor dword ptr [esp], 219425EDh 0x0000000c jmp 00007FD6B10B63EAh 0x00000011 lea ebx, dword ptr [ebp+12450087h] 0x00000017 jmp 00007FD6B10B63F2h 0x0000001c push eax 0x0000001d jc 00007FD6B10B63F8h 0x00000023 push eax 0x00000024 push edx 0x00000025 push eax 0x00000026 push edx 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BB0618 second address: BB061C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BB061C second address: BB0620 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BCF11D second address: BCF121 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BCF121 second address: BCF15D instructions: 0x00000000 rdtsc 0x00000002 jc 00007FD6B10B63E6h 0x00000008 jmp 00007FD6B10B63ECh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f jmp 00007FD6B10B63F4h 0x00000014 pushad 0x00000015 pushad 0x00000016 popad 0x00000017 jmp 00007FD6B10B63EDh 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BCF2E0 second address: BCF307 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 pop eax 0x00000009 pushad 0x0000000a popad 0x0000000b jmp 00007FD6B0E698BEh 0x00000010 popad 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007FD6B0E698BAh 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BCF307 second address: BCF30E instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BCF446 second address: BCF44E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BCF44E second address: BCF454 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BCF454 second address: BCF45D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BCF5E3 second address: BCF5FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 pushad 0x00000006 popad 0x00000007 pushad 0x00000008 popad 0x00000009 jmp 00007FD6B10B63ECh 0x0000000e jc 00007FD6B10B63E6h 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BCF5FF second address: BCF604 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BCFB78 second address: BCFB7C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BCFB7C second address: BCFB86 instructions: 0x00000000 rdtsc 0x00000002 jns 00007FD6B0E698B6h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BCFE62 second address: BCFE84 instructions: 0x00000000 rdtsc 0x00000002 jg 00007FD6B10B63E6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007FD6B10B63F8h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BD0020 second address: BD0024 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BD0024 second address: BD002A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BD02EC second address: BD0301 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FD6B0E698C0h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B94E44 second address: B94E48 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B94E48 second address: B94E4E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BD8742 second address: BD875B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 push eax 0x0000000a pop eax 0x0000000b jmp 00007FD6B10B63EDh 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BD8B06 second address: BD8B17 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FD6B0E698B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BD8B17 second address: BD8B1B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BD8B1B second address: BD8B2D instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FD6B0E698B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jp 00007FD6B0E698BCh 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BD8D4A second address: BD8D4E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BD8D4E second address: BD8D7E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FD6B0E698C9h 0x0000000e pop edx 0x0000000f mov eax, dword ptr [esp+04h] 0x00000013 pushad 0x00000014 push edi 0x00000015 push edx 0x00000016 pop edx 0x00000017 pop edi 0x00000018 push eax 0x00000019 push edx 0x0000001a pushad 0x0000001b popad 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BD8D7E second address: BD8DAE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63F7h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a mov eax, dword ptr [eax] 0x0000000c push eax 0x0000000d push edx 0x0000000e jng 00007FD6B10B63F0h 0x00000014 jmp 00007FD6B10B63EAh 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BD8DAE second address: BD8DB8 instructions: 0x00000000 rdtsc 0x00000002 jng 00007FD6B0E698BCh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BD8F09 second address: BD8F0D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDD584 second address: BDD58E instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDD58E second address: BDD5A3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63F1h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDD5A3 second address: BDD5A9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B9B998 second address: B9B9BA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63F0h 0x00000007 push eax 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jo 00007FD6B10B63ECh 0x00000011 jg 00007FD6B10B63E6h 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B9B9BA second address: B9B9C2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B9B9C2 second address: B9B9DF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63EBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FD6B10B63ECh 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDCA3F second address: BDCA60 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B0E698BCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007FD6B0E698C1h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDCA60 second address: BDCA68 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 push esi 0x00000007 pop esi 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDCA68 second address: BDCA6C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDCCE8 second address: BDCCEE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDCCEE second address: BDCD01 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FD6B0E698B6h 0x00000008 jng 00007FD6B0E698B6h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDCD01 second address: BDCD19 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007FD6B10B63E6h 0x0000000a jmp 00007FD6B10B63ECh 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDCD19 second address: BDCD1E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDCD1E second address: BDCD31 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63EDh 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDCD31 second address: BDCD35 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDCE96 second address: BDCE9A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDD13E second address: BDD15F instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 push esi 0x00000008 jmp 00007FD6B0E698C5h 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDD15F second address: BDD169 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007FD6B10B63E6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDD2E1 second address: BDD2EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007FD6B0E698B6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE0B25 second address: BE0B74 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pushad 0x00000008 jmp 00007FD6B10B63F5h 0x0000000d jmp 00007FD6B10B63F0h 0x00000012 popad 0x00000013 popad 0x00000014 push eax 0x00000015 js 00007FD6B10B63F6h 0x0000001b jmp 00007FD6B10B63F0h 0x00000020 mov eax, dword ptr [esp+04h] 0x00000024 pushad 0x00000025 push eax 0x00000026 push edx 0x00000027 push eax 0x00000028 push edx 0x00000029 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE0B74 second address: BE0B78 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE0B78 second address: BE0BF3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63F6h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007FD6B10B63F1h 0x0000000e popad 0x0000000f mov eax, dword ptr [eax] 0x00000011 pushad 0x00000012 jmp 00007FD6B10B63EEh 0x00000017 jg 00007FD6B10B63F8h 0x0000001d popad 0x0000001e mov dword ptr [esp+04h], eax 0x00000022 pushad 0x00000023 pushad 0x00000024 push edi 0x00000025 pop edi 0x00000026 jmp 00007FD6B10B63F9h 0x0000002b popad 0x0000002c pushad 0x0000002d push eax 0x0000002e push edx 0x0000002f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE0BF3 second address: BE0C78 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD6B0E698C5h 0x00000009 popad 0x0000000a popad 0x0000000b pop eax 0x0000000c call 00007FD6B0E698C1h 0x00000011 jmp 00007FD6B0E698C4h 0x00000016 pop esi 0x00000017 call 00007FD6B0E698B9h 0x0000001c jl 00007FD6B0E698BEh 0x00000022 push ebx 0x00000023 jnl 00007FD6B0E698B6h 0x00000029 pop ebx 0x0000002a push eax 0x0000002b jmp 00007FD6B0E698C6h 0x00000030 mov eax, dword ptr [esp+04h] 0x00000034 pushad 0x00000035 je 00007FD6B0E698BCh 0x0000003b jns 00007FD6B0E698B6h 0x00000041 push eax 0x00000042 push edx 0x00000043 pushad 0x00000044 popad 0x00000045 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE0C78 second address: BE0CAC instructions: 0x00000000 rdtsc 0x00000002 je 00007FD6B10B63E6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b mov eax, dword ptr [eax] 0x0000000d ja 00007FD6B10B63FDh 0x00000013 mov dword ptr [esp+04h], eax 0x00000017 push eax 0x00000018 push edx 0x00000019 push edx 0x0000001a pushad 0x0000001b popad 0x0000001c pop edx 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE0FD5 second address: BE0FE2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 popad 0x00000008 push eax 0x00000009 push ebx 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE183A second address: BE184F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD6B10B63F0h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE19D7 second address: BE19DD instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE1B86 second address: BE1B8F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE1C5D second address: BE1C61 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE1D24 second address: BE1D2A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE1D2A second address: BE1D2F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE1D2F second address: BE1D4C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD6B10B63F9h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE1EC0 second address: BE1EC4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE1EC4 second address: BE1ECE instructions: 0x00000000 rdtsc 0x00000002 jns 00007FD6B10B63E6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE1ECE second address: BE1ED3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE1ED3 second address: BE1EE8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 pushad 0x00000009 jno 00007FD6B10B63E8h 0x0000000f push eax 0x00000010 push edx 0x00000011 push ebx 0x00000012 pop ebx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE24B7 second address: BE24C1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnl 00007FD6B0E698B6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE2DD0 second address: BE2DD6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE2DD6 second address: BE2DDA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE2DDA second address: BE2DDE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE2DDE second address: BE2E39 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], eax 0x0000000b push 00000000h 0x0000000d push eax 0x0000000e call 00007FD6B0E698B8h 0x00000013 pop eax 0x00000014 mov dword ptr [esp+04h], eax 0x00000018 add dword ptr [esp+04h], 00000019h 0x00000020 inc eax 0x00000021 push eax 0x00000022 ret 0x00000023 pop eax 0x00000024 ret 0x00000025 jc 00007FD6B0E698B9h 0x0000002b mov di, si 0x0000002e mov edi, 7008025Ah 0x00000033 push 00000000h 0x00000035 sub si, 0602h 0x0000003a push 00000000h 0x0000003c push eax 0x0000003d pushad 0x0000003e pushad 0x0000003f jmp 00007FD6B0E698BDh 0x00000044 pushad 0x00000045 popad 0x00000046 popad 0x00000047 pushad 0x00000048 push eax 0x00000049 pop eax 0x0000004a push eax 0x0000004b push edx 0x0000004c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE4008 second address: BE4019 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63EDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE4019 second address: BE404C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B0E698C2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jc 00007FD6B0E698CAh 0x00000012 jmp 00007FD6B0E698C4h 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE49CD second address: BE4A46 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FD6B10B63F9h 0x00000008 jmp 00007FD6B10B63EAh 0x0000000d popad 0x0000000e pop edx 0x0000000f pop eax 0x00000010 nop 0x00000011 mov esi, dword ptr [ebp+122D3824h] 0x00000017 push 00000000h 0x00000019 adc edi, 0207F064h 0x0000001f push 00000000h 0x00000021 push 00000000h 0x00000023 push ebp 0x00000024 call 00007FD6B10B63E8h 0x00000029 pop ebp 0x0000002a mov dword ptr [esp+04h], ebp 0x0000002e add dword ptr [esp+04h], 0000001Ch 0x00000036 inc ebp 0x00000037 push ebp 0x00000038 ret 0x00000039 pop ebp 0x0000003a ret 0x0000003b call 00007FD6B10B63F3h 0x00000040 mov esi, eax 0x00000042 pop edi 0x00000043 push eax 0x00000044 push ecx 0x00000045 push ebx 0x00000046 push eax 0x00000047 push edx 0x00000048 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE5370 second address: BE5374 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE5374 second address: BE5391 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63F9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE5F0B second address: BE5F42 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B0E698C8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007FD6B0E698BDh 0x0000000e popad 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 pushad 0x00000014 popad 0x00000015 jne 00007FD6B0E698B6h 0x0000001b popad 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE5F42 second address: BE5F47 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE69EA second address: BE69F9 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FD6B0E698B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE69F9 second address: BE6A04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push ebx 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE6A04 second address: BE6A5B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop ebx 0x00000008 nop 0x00000009 cmc 0x0000000a push 00000000h 0x0000000c push 00000000h 0x0000000e push edi 0x0000000f call 00007FD6B0E698B8h 0x00000014 pop edi 0x00000015 mov dword ptr [esp+04h], edi 0x00000019 add dword ptr [esp+04h], 00000015h 0x00000021 inc edi 0x00000022 push edi 0x00000023 ret 0x00000024 pop edi 0x00000025 ret 0x00000026 push 00000000h 0x00000028 push 00000000h 0x0000002a push ecx 0x0000002b call 00007FD6B0E698B8h 0x00000030 pop ecx 0x00000031 mov dword ptr [esp+04h], ecx 0x00000035 add dword ptr [esp+04h], 0000001Ah 0x0000003d inc ecx 0x0000003e push ecx 0x0000003f ret 0x00000040 pop ecx 0x00000041 ret 0x00000042 mov di, 29FDh 0x00000046 xchg eax, ebx 0x00000047 pushad 0x00000048 push eax 0x00000049 push edx 0x0000004a push eax 0x0000004b pop eax 0x0000004c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE6A5B second address: BE6A64 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEA548 second address: BEA54C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEA54C second address: BEA550 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEA550 second address: BEA556 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEA556 second address: BEA5F9 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 jmp 00007FD6B10B63ECh 0x00000008 pop edi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov dword ptr [esp], eax 0x0000000e push 00000000h 0x00000010 push eax 0x00000011 call 00007FD6B10B63E8h 0x00000016 pop eax 0x00000017 mov dword ptr [esp+04h], eax 0x0000001b add dword ptr [esp+04h], 00000014h 0x00000023 inc eax 0x00000024 push eax 0x00000025 ret 0x00000026 pop eax 0x00000027 ret 0x00000028 mov ebx, 573F07D1h 0x0000002d push 00000000h 0x0000002f jmp 00007FD6B10B63F9h 0x00000034 push 00000000h 0x00000036 push 00000000h 0x00000038 push ecx 0x00000039 call 00007FD6B10B63E8h 0x0000003e pop ecx 0x0000003f mov dword ptr [esp+04h], ecx 0x00000043 add dword ptr [esp+04h], 0000001Bh 0x0000004b inc ecx 0x0000004c push ecx 0x0000004d ret 0x0000004e pop ecx 0x0000004f ret 0x00000050 jo 00007FD6B10B63ECh 0x00000056 mov edi, dword ptr [ebp+122D37CFh] 0x0000005c xchg eax, esi 0x0000005d push eax 0x0000005e jns 00007FD6B10B63E8h 0x00000064 pop eax 0x00000065 push eax 0x00000066 push ebx 0x00000067 push eax 0x00000068 push edx 0x00000069 jmp 00007FD6B10B63F2h 0x0000006e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEA5F9 second address: BEA5FD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEB658 second address: BEB675 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD6B10B63F9h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEB675 second address: BEB6A8 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FD6B0E698B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d pushad 0x0000000e jmp 00007FD6B0E698C7h 0x00000013 push eax 0x00000014 push edx 0x00000015 jmp 00007FD6B0E698BCh 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE729A second address: BE72A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push edi 0x0000000a pop edi 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BA8F63 second address: BA8F69 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BA8F69 second address: BA8F89 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FD6B10B63F0h 0x0000000f je 00007FD6B10B63E6h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BA8F89 second address: BA8F9B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 je 00007FD6B0E698BAh 0x0000000e push edi 0x0000000f pop edi 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEEE0B second address: BEEE15 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jg 00007FD6B10B63E6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEEE15 second address: BEEE90 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a push edx 0x0000000b jc 00007FD6B0E698B6h 0x00000011 pop edx 0x00000012 jmp 00007FD6B0E698C9h 0x00000017 popad 0x00000018 nop 0x00000019 push 00000000h 0x0000001b push esi 0x0000001c call 00007FD6B0E698B8h 0x00000021 pop esi 0x00000022 mov dword ptr [esp+04h], esi 0x00000026 add dword ptr [esp+04h], 0000001Ch 0x0000002e inc esi 0x0000002f push esi 0x00000030 ret 0x00000031 pop esi 0x00000032 ret 0x00000033 push 00000000h 0x00000035 cmc 0x00000036 call 00007FD6B0E698C4h 0x0000003b sbb bx, E5D4h 0x00000040 pop ebx 0x00000041 push 00000000h 0x00000043 mov ebx, dword ptr [ebp+122D3838h] 0x00000049 xchg eax, esi 0x0000004a pushad 0x0000004b push ebx 0x0000004c push eax 0x0000004d push edx 0x0000004e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEA773 second address: BEA777 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEB99A second address: BEB99E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEB99E second address: BEB9A2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF21FE second address: BF2202 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF2202 second address: BF222B instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 jp 00007FD6B10B63E6h 0x00000009 pop edx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 jmp 00007FD6B10B63F2h 0x00000015 jp 00007FD6B10B63E6h 0x0000001b popad 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEF023 second address: BEF02D instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FD6B0E698B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF00F9 second address: BF010F instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FD6B10B63E6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop esi 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 ja 00007FD6B10B63E6h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEF0B8 second address: BEF0BC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF54D6 second address: BF54E5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jno 00007FD6B10B63E6h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF010F second address: BF0115 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BEF0BC second address: BEF0C6 instructions: 0x00000000 rdtsc 0x00000002 ja 00007FD6B10B63E6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF54E5 second address: BF54E9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF0115 second address: BF011B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF011B second address: BF01DE instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FD6B0E698B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d mov dword ptr [ebp+122D2F96h], ebx 0x00000013 call 00007FD6B0E698BEh 0x00000018 call 00007FD6B0E698C2h 0x0000001d pushad 0x0000001e popad 0x0000001f pop edi 0x00000020 pop edi 0x00000021 push dword ptr fs:[00000000h] 0x00000028 jmp 00007FD6B0E698BEh 0x0000002d mov dword ptr fs:[00000000h], esp 0x00000034 push 00000000h 0x00000036 push ecx 0x00000037 call 00007FD6B0E698B8h 0x0000003c pop ecx 0x0000003d mov dword ptr [esp+04h], ecx 0x00000041 add dword ptr [esp+04h], 0000001Ch 0x00000049 inc ecx 0x0000004a push ecx 0x0000004b ret 0x0000004c pop ecx 0x0000004d ret 0x0000004e mov eax, dword ptr [ebp+122D08E1h] 0x00000054 push 00000000h 0x00000056 push edx 0x00000057 call 00007FD6B0E698B8h 0x0000005c pop edx 0x0000005d mov dword ptr [esp+04h], edx 0x00000061 add dword ptr [esp+04h], 00000014h 0x00000069 inc edx 0x0000006a push edx 0x0000006b ret 0x0000006c pop edx 0x0000006d ret 0x0000006e mov dword ptr [ebp+122D2085h], ebx 0x00000074 push FFFFFFFFh 0x00000076 mov edi, dword ptr [ebp+122D3BA4h] 0x0000007c xor ebx, 3877AA16h 0x00000082 nop 0x00000083 push eax 0x00000084 push edx 0x00000085 jmp 00007FD6B0E698C3h 0x0000008a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF01DE second address: BF01F5 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FD6B10B63E8h 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push esi 0x00000010 js 00007FD6B10B63E6h 0x00000016 pop esi 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF01F5 second address: BF01FB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF01FB second address: BF01FF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF2460 second address: BF2464 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF2464 second address: BF2468 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BFA52F second address: BFA533 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BFA533 second address: BFA539 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BFA539 second address: BFA55F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jmp 00007FD6B0E698BEh 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e jnp 00007FD6B0E698C4h 0x00000014 pushad 0x00000015 ja 00007FD6B0E698B6h 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B8FE91 second address: B8FEC9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jnc 00007FD6B10B63E6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FD6B10B63F5h 0x00000014 jmp 00007FD6B10B63F4h 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B8FEC9 second address: B8FECE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF6717 second address: BF671B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BFDB19 second address: BFDB27 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD6B0E698BAh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF671B second address: BF6738 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63F5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF7862 second address: BF787A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B0E698C4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BFDB27 second address: BFDB2C instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF6738 second address: BF673C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BF4688 second address: BF46A0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63EFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BFDB2C second address: BFDB32 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BFE13D second address: BFE1B0 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FD6B10B63E6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edi 0x0000000b nop 0x0000000c mov dword ptr [ebp+122D1FA5h], eax 0x00000012 mov di, 9229h 0x00000016 push 00000000h 0x00000018 cmc 0x00000019 sub dword ptr [ebp+1245D4B0h], ebx 0x0000001f push 00000000h 0x00000021 push 00000000h 0x00000023 push edi 0x00000024 call 00007FD6B10B63E8h 0x00000029 pop edi 0x0000002a mov dword ptr [esp+04h], edi 0x0000002e add dword ptr [esp+04h], 00000016h 0x00000036 inc edi 0x00000037 push edi 0x00000038 ret 0x00000039 pop edi 0x0000003a ret 0x0000003b mov ebx, dword ptr [ebp+122D3A64h] 0x00000041 jng 00007FD6B10B63ECh 0x00000047 mov dword ptr [ebp+122D300Dh], ebx 0x0000004d stc 0x0000004e xchg eax, esi 0x0000004f jnp 00007FD6B10B63F0h 0x00000055 push eax 0x00000056 push eax 0x00000057 push edx 0x00000058 push eax 0x00000059 jmp 00007FD6B10B63EBh 0x0000005e pop eax 0x0000005f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C041A6 second address: C041F6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jns 00007FD6B0E698C2h 0x0000000c pushad 0x0000000d push eax 0x0000000e jp 00007FD6B0E698B6h 0x00000014 pop eax 0x00000015 jmp 00007FD6B0E698C6h 0x0000001a jmp 00007FD6B0E698C1h 0x0000001f push eax 0x00000020 push edx 0x00000021 ja 00007FD6B0E698B6h 0x00000027 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C07167 second address: C07176 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD6B10B63EBh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C07176 second address: C07187 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jno 00007FD6B0E698B6h 0x0000000d push ebx 0x0000000e pop ebx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C0CF37 second address: C0CF40 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B984C1 second address: B984D5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD6B0E698BCh 0x00000009 popad 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C0C87D second address: C0C881 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C0C881 second address: C0C8BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FD6B0E698BEh 0x0000000b push ecx 0x0000000c push ebx 0x0000000d pop ebx 0x0000000e push ebx 0x0000000f pop ebx 0x00000010 pop ecx 0x00000011 jmp 00007FD6B0E698C5h 0x00000016 popad 0x00000017 pushad 0x00000018 pushad 0x00000019 pushad 0x0000001a popad 0x0000001b jns 00007FD6B0E698B6h 0x00000021 push eax 0x00000022 push edx 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C0C8BD second address: C0C8D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 jmp 00007FD6B10B63EDh 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C0CA7C second address: C0CA97 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FD6B0E698C5h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C10C82 second address: C10C91 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop edx 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C10C91 second address: C10C95 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C10C95 second address: C10C9B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C10C9B second address: C10CA1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C10CA1 second address: C10CA5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C10CA5 second address: C10D09 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B0E698C4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov eax, dword ptr [esp+04h] 0x0000000f push edx 0x00000010 push eax 0x00000011 jmp 00007FD6B0E698C7h 0x00000016 pop eax 0x00000017 pop edx 0x00000018 mov eax, dword ptr [eax] 0x0000001a jmp 00007FD6B0E698BFh 0x0000001f mov dword ptr [esp+04h], eax 0x00000023 pushad 0x00000024 push eax 0x00000025 push edx 0x00000026 jmp 00007FD6B0E698C3h 0x0000002b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C10D09 second address: C10D13 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push esi 0x00000009 pop esi 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C10DDE second address: C10DE4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C10DE4 second address: C10DE8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C10DE8 second address: C10E1B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jmp 00007FD6B0E698BCh 0x0000000e mov eax, dword ptr [esp+04h] 0x00000012 jns 00007FD6B0E698BAh 0x00000018 mov eax, dword ptr [eax] 0x0000001a push eax 0x0000001b push edx 0x0000001c jg 00007FD6B0E698BCh 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C15B94 second address: C15B9A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C15B9A second address: C15BA2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push edi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C15BA2 second address: C15BC9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD6B10B63F5h 0x00000009 pop edi 0x0000000a pop ecx 0x0000000b push eax 0x0000000c push edx 0x0000000d push edi 0x0000000e jg 00007FD6B10B63E6h 0x00000014 push edi 0x00000015 pop edi 0x00000016 pop edi 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C15BC9 second address: C15BD0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C16197 second address: C1619D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1619D second address: C161A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C169F3 second address: C16A27 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push ecx 0x00000008 jmp 00007FD6B10B63F1h 0x0000000d pushad 0x0000000e popad 0x0000000f pop ecx 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007FD6B10B63F5h 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1C03F second address: C1C043 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1C448 second address: C1C44C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1C5AF second address: C1C5C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 push edx 0x00000009 pop edx 0x0000000a popad 0x0000000b push edx 0x0000000c je 00007FD6B0E698B6h 0x00000012 je 00007FD6B0E698B6h 0x00000018 pop edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1C9BA second address: C1C9C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1C9C0 second address: C1C9C4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1C9C4 second address: C1C9CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1C9CA second address: C1C9D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1CCD6 second address: C1CCDA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1CCDA second address: C1CCE0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BC52E8 second address: BC5303 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FD6B10B63F2h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BC5303 second address: BC5307 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BC5307 second address: BC5319 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FD6B10B63E6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a ja 00007FD6B10B63ECh 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C1D151 second address: C1D155 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C22BE5 second address: C22BF6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pushad 0x00000004 popad 0x00000005 je 00007FD6B10B63E6h 0x0000000b pop eax 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C22BF6 second address: C22BFE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C21AC2 second address: C21AEA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 jnl 00007FD6B10B63ECh 0x0000000b popad 0x0000000c pushad 0x0000000d jng 00007FD6B10B63F2h 0x00000013 push edi 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C21C53 second address: C21C59 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C216AD second address: C216B3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C216B3 second address: C216E9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 pushad 0x00000007 popad 0x00000008 pop eax 0x00000009 pop ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d jmp 00007FD6B0E698BAh 0x00000012 ja 00007FD6B0E698B6h 0x00000018 pop eax 0x00000019 jmp 00007FD6B0E698C8h 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C22635 second address: C2267A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63EBh 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jmp 00007FD6B10B63F4h 0x00000010 pop edx 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007FD6B10B63EBh 0x00000018 jng 00007FD6B10B63F2h 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C22921 second address: C22927 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C22927 second address: C22975 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edi 0x00000006 push eax 0x00000007 push edx 0x00000008 jne 00007FD6B10B63FFh 0x0000000e pushad 0x0000000f popad 0x00000010 jmp 00007FD6B10B63F7h 0x00000015 pushad 0x00000016 jmp 00007FD6B10B63F8h 0x0000001b jmp 00007FD6B10B63EBh 0x00000020 push eax 0x00000021 pop eax 0x00000022 popad 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDF413 second address: BDF424 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jng 00007FD6B0E698B8h 0x0000000f push edi 0x00000010 pop edi 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDF499 second address: BDF49F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDF49F second address: BDF52A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push esi 0x00000006 pop esi 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b jne 00007FD6B0E698BEh 0x00000011 xchg eax, ebx 0x00000012 mov dl, 4Dh 0x00000014 push dword ptr fs:[00000000h] 0x0000001b sub edx, dword ptr [ebp+122D3ABCh] 0x00000021 mov dword ptr fs:[00000000h], esp 0x00000028 cmc 0x00000029 mov dword ptr [ebp+1247F240h], esp 0x0000002f push 00000000h 0x00000031 push ecx 0x00000032 call 00007FD6B0E698B8h 0x00000037 pop ecx 0x00000038 mov dword ptr [esp+04h], ecx 0x0000003c add dword ptr [esp+04h], 00000017h 0x00000044 inc ecx 0x00000045 push ecx 0x00000046 ret 0x00000047 pop ecx 0x00000048 ret 0x00000049 movzx ecx, cx 0x0000004c jnp 00007FD6B0E698BCh 0x00000052 cmp dword ptr [ebp+122D3940h], 00000000h 0x00000059 jne 00007FD6B0E69983h 0x0000005f mov byte ptr [ebp+122D3206h], 00000047h 0x00000066 mov edi, 575EB42Fh 0x0000006b mov eax, D49AA7D2h 0x00000070 push eax 0x00000071 push eax 0x00000072 push edx 0x00000073 pushad 0x00000074 pushad 0x00000075 popad 0x00000076 push eax 0x00000077 push edx 0x00000078 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDF52A second address: BDF52F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDF52F second address: BDF534 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDF9FA second address: BDFA54 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63F1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp+04h], eax 0x0000000d pushad 0x0000000e push esi 0x0000000f pushad 0x00000010 popad 0x00000011 pop esi 0x00000012 pushad 0x00000013 pushad 0x00000014 popad 0x00000015 jmp 00007FD6B10B63EAh 0x0000001a popad 0x0000001b popad 0x0000001c pop eax 0x0000001d movzx edi, cx 0x00000020 sub dx, 7ED7h 0x00000025 push C016C1CBh 0x0000002a push eax 0x0000002b push edx 0x0000002c jc 00007FD6B10B63FDh 0x00000032 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDFD1D second address: BDFD22 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDFD22 second address: BDFD49 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63F8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [eax] 0x0000000b pushad 0x0000000c jnp 00007FD6B10B63ECh 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDFD49 second address: BDFD50 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDFFC4 second address: BDFFC8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BDFFC8 second address: BE0007 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp], eax 0x0000000a push 00000000h 0x0000000c push ecx 0x0000000d call 00007FD6B0E698B8h 0x00000012 pop ecx 0x00000013 mov dword ptr [esp+04h], ecx 0x00000017 add dword ptr [esp+04h], 0000001Dh 0x0000001f inc ecx 0x00000020 push ecx 0x00000021 ret 0x00000022 pop ecx 0x00000023 ret 0x00000024 mov ch, C5h 0x00000026 push 00000004h 0x00000028 adc dx, A9D4h 0x0000002d nop 0x0000002e push eax 0x0000002f push edx 0x00000030 push eax 0x00000031 push eax 0x00000032 pop eax 0x00000033 pop eax 0x00000034 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE0007 second address: BE002B instructions: 0x00000000 rdtsc 0x00000002 jl 00007FD6B10B63F7h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c push ecx 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f pop ecx 0x00000010 push ecx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE0791 second address: BE0797 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE0797 second address: BE0844 instructions: 0x00000000 rdtsc 0x00000002 js 00007FD6B10B63E6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d jne 00007FD6B10B63F8h 0x00000013 nop 0x00000014 mov edx, dword ptr [ebp+122D383Ch] 0x0000001a lea eax, dword ptr [ebp+1247F22Ch] 0x00000020 movzx edx, dx 0x00000023 nop 0x00000024 je 00007FD6B10B63EEh 0x0000002a jns 00007FD6B10B63E8h 0x00000030 push eax 0x00000031 pushad 0x00000032 pushad 0x00000033 jmp 00007FD6B10B63ECh 0x00000038 jmp 00007FD6B10B63EEh 0x0000003d popad 0x0000003e jnc 00007FD6B10B63E8h 0x00000044 popad 0x00000045 nop 0x00000046 pushad 0x00000047 mov bx, 00E8h 0x0000004b push ebx 0x0000004c jnp 00007FD6B10B63E6h 0x00000052 pop eax 0x00000053 popad 0x00000054 lea eax, dword ptr [ebp+1247F1E8h] 0x0000005a mov dword ptr [ebp+1244F1A6h], ebx 0x00000060 nop 0x00000061 push esi 0x00000062 js 00007FD6B10B63FFh 0x00000068 jmp 00007FD6B10B63F9h 0x0000006d pop esi 0x0000006e push eax 0x0000006f pushad 0x00000070 pushad 0x00000071 push eax 0x00000072 push edx 0x00000073 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE0844 second address: BE085A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD6B0E698BDh 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE085A second address: BE085E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE085E second address: BC52E8 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 nop 0x00000008 push 00000000h 0x0000000a push ebx 0x0000000b call 00007FD6B0E698B8h 0x00000010 pop ebx 0x00000011 mov dword ptr [esp+04h], ebx 0x00000015 add dword ptr [esp+04h], 0000001Ch 0x0000001d inc ebx 0x0000001e push ebx 0x0000001f ret 0x00000020 pop ebx 0x00000021 ret 0x00000022 mov ecx, eax 0x00000024 call dword ptr [ebp+122D2FCEh] 0x0000002a jmp 00007FD6B0E698C8h 0x0000002f pushad 0x00000030 push ebx 0x00000031 push eax 0x00000032 push edx 0x00000033 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C262FD second address: C26321 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FD6B10B63E8h 0x00000008 pushad 0x00000009 popad 0x0000000a jns 00007FD6B10B63F2h 0x00000010 pop edx 0x00000011 pop eax 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 push edx 0x00000017 pop edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C26321 second address: C26345 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B0E698C4h 0x00000007 jmp 00007FD6B0E698BCh 0x0000000c pop edx 0x0000000d pop eax 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C26345 second address: C2635A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 jp 00007FD6B10B63E6h 0x0000000b popad 0x0000000c push edi 0x0000000d jc 00007FD6B10B63E6h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C268D7 second address: C268ED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD6B0E698C2h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C268ED second address: C26906 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63F5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C29C8D second address: C29CA2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pushad 0x00000006 jc 00007FD6B0E698B6h 0x0000000c pushad 0x0000000d popad 0x0000000e ja 00007FD6B0E698B6h 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2D02D second address: C2D033 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2D033 second address: C2D03C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2D03C second address: C2D063 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop ebx 0x00000007 js 00007FD6B10B63FCh 0x0000000d jmp 00007FD6B10B63F4h 0x00000012 push edx 0x00000013 pop edx 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C2D063 second address: C2D067 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C316A2 second address: C316A8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C311FE second address: C31202 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C31202 second address: C31208 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C31208 second address: C3122A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 jno 00007FD6B0E698E9h 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FD6B0E698C1h 0x00000014 pushad 0x00000015 popad 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3122A second address: C3122E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3122E second address: C31234 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C31234 second address: C31242 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnl 00007FD6B10B63EEh 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C31371 second address: C313BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD6B0E698C9h 0x00000009 jmp 00007FD6B0E698C4h 0x0000000e popad 0x0000000f js 00007FD6B0E698C8h 0x00000015 jmp 00007FD6B0E698C2h 0x0000001a push eax 0x0000001b push edx 0x0000001c pushad 0x0000001d popad 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B9D474 second address: B9D493 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FD6B10B63F3h 0x0000000f push edx 0x00000010 pop edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B9D493 second address: B9D49D instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FD6B0E698B6h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B9D49D second address: B9D4A3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: B9D4A3 second address: B9D4B7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD6B0E698C0h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C33FFE second address: C3400D instructions: 0x00000000 rdtsc 0x00000002 jo 00007FD6B10B63EAh 0x00000008 pushad 0x00000009 popad 0x0000000a pushad 0x0000000b popad 0x0000000c push ecx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C38E73 second address: C38E8F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B0E698BEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push edi 0x0000000a jng 00007FD6B0E698B6h 0x00000010 pushad 0x00000011 popad 0x00000012 pop edi 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C38E8F second address: C38EC5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FD6B10B63F5h 0x00000008 jnl 00007FD6B10B63E6h 0x0000000e jmp 00007FD6B10B63F6h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C38EC5 second address: C38EEB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007FD6B0E698C9h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d pushad 0x0000000e pushad 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C38EEB second address: C38EF1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C38371 second address: C38375 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C38375 second address: C38385 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 jc 00007FD6B10B6412h 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C38385 second address: C383A9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD6B0E698C0h 0x00000009 jnc 00007FD6B0E698B6h 0x0000000f jbe 00007FD6B0E698B6h 0x00000015 popad 0x00000016 push edx 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C384DD second address: C384E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C384E3 second address: C38502 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD6B0E698C4h 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C38502 second address: C3851B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD6B10B63F5h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3851B second address: C3851F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C38645 second address: C38654 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jne 00007FD6B10B63E6h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C387A6 second address: C387B2 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ebx 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C38902 second address: C3890E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007FD6B10B63ECh 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3CC64 second address: C3CC6A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3CC6A second address: C3CC6E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3CC6E second address: C3CC7A instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FD6B0E698B6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3CC7A second address: C3CC84 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 ja 00007FD6B10B63E6h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3C55A second address: C3C5AF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD6B0E698BAh 0x00000009 jmp 00007FD6B0E698BDh 0x0000000e popad 0x0000000f pushad 0x00000010 jmp 00007FD6B0E698BEh 0x00000015 pushad 0x00000016 push eax 0x00000017 pop eax 0x00000018 jns 00007FD6B0E698B6h 0x0000001e jmp 00007FD6B0E698C6h 0x00000023 push edx 0x00000024 pop edx 0x00000025 popad 0x00000026 jp 00007FD6B0E698BEh 0x0000002c push eax 0x0000002d push edx 0x0000002e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C3C9A1 second address: C3C9BE instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push esi 0x00000007 jmp 00007FD6B10B63F5h 0x0000000c pop esi 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C42569 second address: C4256F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C4256F second address: C4257E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push ebx 0x00000006 pushad 0x00000007 popad 0x00000008 pop ebx 0x00000009 popad 0x0000000a push edi 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C4257E second address: C42584 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C41206 second address: C41232 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63F6h 0x00000007 pushad 0x00000008 js 00007FD6B10B63E6h 0x0000000e push edx 0x0000000f pop edx 0x00000010 popad 0x00000011 pop edx 0x00000012 pop eax 0x00000013 push eax 0x00000014 push edx 0x00000015 push esi 0x00000016 pushad 0x00000017 popad 0x00000018 push ebx 0x00000019 pop ebx 0x0000001a pop esi 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C41380 second address: C41386 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C41386 second address: C41392 instructions: 0x00000000 rdtsc 0x00000002 ja 00007FD6B10B63E6h 0x00000008 push edx 0x00000009 pop edx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE0174 second address: BE0178 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: BE0178 second address: BE0194 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63F5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C4167D second address: C41688 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C4182A second address: C41830 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C42290 second address: C4229F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 popad 0x00000006 jg 00007FD6B0E698C2h 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C47BF1 second address: C47BFB instructions: 0x00000000 rdtsc 0x00000002 jns 00007FD6B10B63E6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C47BFB second address: C47C27 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FD6B0E698CEh 0x00000008 jmp 00007FD6B0E698C8h 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FD6B0E698BAh 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C484F1 second address: C484F5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C48A96 second address: C48AA4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007FD6B0E698B6h 0x0000000a pop ebx 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C48DC5 second address: C48DE1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63EEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jp 00007FD6B10B63FAh 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 popad 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C48DE1 second address: C48DE5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C49076 second address: C4908B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD6B10B63F1h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C495C6 second address: C495CA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C495CA second address: C495D5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C4D495 second address: C4D4AE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD6B0E698C5h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C4D4AE second address: C4D4D3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63F3h 0x00000007 jo 00007FD6B10B63E6h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f jng 00007FD6B10B63EEh 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C4D774 second address: C4D778 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C4D778 second address: C4D77C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C4DDEF second address: C4DDF3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C4DDF3 second address: C4DDF8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C4DDF8 second address: C4DE26 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007FD6B0E698C2h 0x0000000b popad 0x0000000c pushad 0x0000000d ja 00007FD6B0E698B6h 0x00000013 jg 00007FD6B0E698B6h 0x00000019 popad 0x0000001a pop edx 0x0000001b pop eax 0x0000001c pushad 0x0000001d push eax 0x0000001e push edx 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C4DE26 second address: C4DE2A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C4DE2A second address: C4DE36 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push esi 0x00000009 pop esi 0x0000000a push eax 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5A0ED second address: C5A0F1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5A0F1 second address: C5A120 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD6B0E698BFh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c jmp 00007FD6B0E698C5h 0x00000011 pushad 0x00000012 popad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5A120 second address: C5A129 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5A129 second address: C5A12F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5A12F second address: C5A133 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5A133 second address: C5A137 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5852F second address: C58533 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C58533 second address: C5853D instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push edi 0x00000009 pop edi 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5853D second address: C5854E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 jl 00007FD6B10B63E6h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5854E second address: C5857F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push esi 0x00000007 jmp 00007FD6B0E698C1h 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FD6B0E698C1h 0x00000013 jnp 00007FD6B0E698B6h 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5881A second address: C58845 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007FD6B10B63F4h 0x0000000b popad 0x0000000c jmp 00007FD6B10B63F0h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C58845 second address: C5884C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C589C2 second address: C589C8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C589C8 second address: C589CC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C589CC second address: C589D2 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C59102 second address: C5910A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5910A second address: C59120 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007FD6B10B63E6h 0x0000000a popad 0x0000000b pop edi 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 jnc 00007FD6B10B63E6h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C59120 second address: C59148 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B0E698BBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007FD6B0E698C9h 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C57F90 second address: C57F96 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C57F96 second address: C57F9A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C5E232 second address: C5E245 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63EFh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C6314C second address: C63150 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C63150 second address: C63159 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C63159 second address: C63181 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD6B0E698C3h 0x00000009 jl 00007FD6B0E698B6h 0x0000000f jns 00007FD6B0E698B6h 0x00000015 popad 0x00000016 push eax 0x00000017 push edx 0x00000018 push edx 0x00000019 pop edx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C62CEA second address: C62CF0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C62CF0 second address: C62CF6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C62CF6 second address: C62CFB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C70FAC second address: C70FC3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jmp 00007FD6B0E698BBh 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b je 00007FD6B0E698B6h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C70FC3 second address: C70FCD instructions: 0x00000000 rdtsc 0x00000002 je 00007FD6B10B63E6h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C728A2 second address: C728A8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C75EB5 second address: C75EB9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C75EB9 second address: C75EC9 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 pop eax 0x0000000a jnp 00007FD6B0E698B6h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C7A6F5 second address: C7A6F9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C7A6F9 second address: C7A705 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C7A705 second address: C7A70B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C83611 second address: C8362E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jg 00007FD6B0E698B6h 0x0000000c jnc 00007FD6B0E698B6h 0x00000012 popad 0x00000013 push eax 0x00000014 push edx 0x00000015 ja 00007FD6B0E698B6h 0x0000001b pushad 0x0000001c popad 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8B686 second address: C8B68B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8BA93 second address: C8BA99 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8BA99 second address: C8BAB1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 popad 0x00000006 push ecx 0x00000007 pushad 0x00000008 jng 00007FD6B10B63E6h 0x0000000e push edi 0x0000000f pop edi 0x00000010 pushad 0x00000011 popad 0x00000012 push eax 0x00000013 pop eax 0x00000014 popad 0x00000015 pushad 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8BAB1 second address: C8BAB9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8BC31 second address: C8BC35 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8BC35 second address: C8BC3B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8BC3B second address: C8BC45 instructions: 0x00000000 rdtsc 0x00000002 js 00007FD6B10B63F6h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8BC45 second address: C8BC5B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD6B0E698BAh 0x00000009 jne 00007FD6B0E698C2h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8BC5B second address: C8BC61 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C8C01A second address: C8C021 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C903CF second address: C903FC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 jmp 00007FD6B10B63F3h 0x0000000b jl 00007FD6B10B63E6h 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007FD6B10B63EBh 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C9FEC3 second address: C9FEDF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007FD6B0E698B6h 0x0000000a popad 0x0000000b pushad 0x0000000c js 00007FD6B0E698B6h 0x00000012 jp 00007FD6B0E698B6h 0x00000018 pushad 0x00000019 popad 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: C9FEDF second address: C9FEE4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA182B second address: CA182F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CA182F second address: CA183A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CAE6B6 second address: CAE6E2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B0E698C7h 0x00000007 jmp 00007FD6B0E698C1h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB145F second address: CB1465 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB0FB1 second address: CB0FB9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB0FB9 second address: CB0FDE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jl 00007FD6B10B63E6h 0x0000000c popad 0x0000000d jns 00007FD6B10B63F5h 0x00000013 pushad 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB0FDE second address: CB1023 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD6B0E698BCh 0x00000009 popad 0x0000000a popad 0x0000000b pushad 0x0000000c push ecx 0x0000000d jmp 00007FD6B0E698C9h 0x00000012 pop ecx 0x00000013 push eax 0x00000014 push edx 0x00000015 jmp 00007FD6B0E698C3h 0x0000001a pushad 0x0000001b popad 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CB1023 second address: CB102C instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCA03E second address: CCA043 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC8F0B second address: CC8F1C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007FD6B10B63E6h 0x0000000a jng 00007FD6B10B63E6h 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC8F1C second address: CC8F3A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FD6B0E698BFh 0x00000008 pushad 0x00000009 popad 0x0000000a popad 0x0000000b pushad 0x0000000c jne 00007FD6B0E698B6h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC91EA second address: CC9202 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63F3h 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC9379 second address: CC9394 instructions: 0x00000000 rdtsc 0x00000002 jns 00007FD6B0E698BAh 0x00000008 jnc 00007FD6B0E698B8h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 push esi 0x00000014 pop esi 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC94F7 second address: CC94FB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC94FB second address: CC951C instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 jmp 00007FD6B0E698C7h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC951C second address: CC9520 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC996C second address: CC9971 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC9BE3 second address: CC9BF4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 jmp 00007FD6B10B63EBh 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CC9BF4 second address: CC9BFF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push edi 0x00000008 pop edi 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCCCCD second address: CCCCDB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jc 00007FD6B10B63ECh 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCCCDB second address: CCCCF6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FD6B0E698C1h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCCCF6 second address: CCCCFC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCCCFC second address: CCCD01 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCCD01 second address: CCCD07 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCE1D3 second address: CCE1D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCE1D9 second address: CCE1E2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCE1E2 second address: CCE1E8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCF8FA second address: CCF8FE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCF8FE second address: CCF902 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: CCF902 second address: CCF91C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007FD6B10B63E6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jnl 00007FD6B10B63EEh 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 5460B3F second address: 5460BB1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B0E698C8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 call 00007FD6B0E698C2h 0x0000000e pop ebx 0x0000000f popad 0x00000010 mov ecx, dword ptr [eax+00000FDCh] 0x00000016 jmp 00007FD6B0E698BCh 0x0000001b test ecx, ecx 0x0000001d push eax 0x0000001e push edx 0x0000001f pushad 0x00000020 pushfd 0x00000021 jmp 00007FD6B0E698BDh 0x00000026 sub si, E896h 0x0000002b jmp 00007FD6B0E698C1h 0x00000030 popfd 0x00000031 mov ecx, 79BC0907h 0x00000036 popad 0x00000037 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 5460BB1 second address: 5460BCE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63EDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jns 00007FD6B10B6445h 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 5460BCE second address: 5460BE1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B0E698BFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 5460BE1 second address: 5460C06 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B10B63F9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 add eax, ecx 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 5460C06 second address: 5460C19 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD6B0E698BFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 5460C19 second address: 5460C1F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 5460C1F second address: 5460C32 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [eax+00000860h] 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 popad 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 5460C32 second address: 5460CB7 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007FD6B10B63F9h 0x00000008 adc al, FFFFFFC6h 0x0000000b jmp 00007FD6B10B63F1h 0x00000010 popfd 0x00000011 pop edx 0x00000012 pop eax 0x00000013 movzx ecx, bx 0x00000016 popad 0x00000017 test eax, eax 0x00000019 jmp 00007FD6B10B63F3h 0x0000001e je 00007FD7216CC4C7h 0x00000024 jmp 00007FD6B10B63F6h 0x00000029 test byte ptr [eax+04h], 00000005h 0x0000002d push eax 0x0000002e push edx 0x0000002f jmp 00007FD6B10B63F7h 0x00000034 rdtsc |
Source: C:\Users\user\Desktop\file.exe | RDTSC instruction interceptor: First address: 5460CB7 second address: 5460CBD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |